[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-donau] branch master updated: [lib] add includes, remove "taler"
|
From: |
gnunet |
|
Subject: |
[taler-donau] branch master updated: [lib] add includes, remove "taler" prefix from some files |
|
Date: |
Mon, 06 Nov 2023 23:20:29 +0100 |
This is an automated email from the git hooks/post-receive script.
pius-loosli pushed a commit to branch master
in repository donau.
The following commit(s) were added to refs/heads/master by this push:
new 39e2d02 [lib] add includes, remove "taler" prefix from some files
39e2d02 is described below
commit 39e2d0252c1f78cbaf29891e68ee8613fd039b6c
Author: Pius Loosli <loosp2@bfh.ch>
AuthorDate: Mon Nov 6 23:18:46 2023 +0100
[lib] add includes, remove "taler" prefix from some files
---
...taler_donau_crypto_lib.h => donau_crypto_lib.h} | 14 +
.../{taler_donau_service.h => donau_service.h} | 0
src/include/donau_util.h | 32 +
src/include/{taler_donaudb_lib.h => donaudb_lib.h} | 0
.../{taler_donaudb_plugin.h => donaudb_plugin.h} | 0
src/include/gettext.h | 71 +
src/include/platform.h | 269 +
src/include/taler_amount_lib.h | 466 ++
src/include/taler_crypto_lib.h | 5885 ++++++++++++++++++++
src/include/taler_error_codes.h | 4499 +++++++++++++++
src/include/{taler_donau_util.h => taler_util.h} | 60 +-
src/util/charity_signatures.c | 264 +-
src/util/donau_signatures.c | 6 +-
13 files changed, 11328 insertions(+), 238 deletions(-)
diff --git a/src/include/taler_donau_crypto_lib.h
b/src/include/donau_crypto_lib.h
similarity index 92%
rename from src/include/taler_donau_crypto_lib.h
rename to src/include/donau_crypto_lib.h
index b6900b0..28ba454 100644
--- a/src/include/taler_donau_crypto_lib.h
+++ b/src/include/donau_crypto_lib.h
@@ -50,6 +50,20 @@ struct TALER_DONAU_EddsaPublicKeyP
};
+/**
+ * Signing key for whole batches of BUDI-key-pairs. Used by a Charity.
+ */
+struct DONAU_CharityPublicKeyP
+{
+ /**
+ * Donau uses EdDSA for BUDI-key-pair signing
+ */
+ struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub;
+
+};
+
+
+
/**
* Hash of a donation unit public key
*/
diff --git a/src/include/taler_donau_service.h b/src/include/donau_service.h
similarity index 100%
rename from src/include/taler_donau_service.h
rename to src/include/donau_service.h
diff --git a/src/include/donau_util.h b/src/include/donau_util.h
new file mode 100644
index 0000000..2419494
--- /dev/null
+++ b/src/include/donau_util.h
@@ -0,0 +1,32 @@
+/*
+ This file is part of TALER
+ Copyright (C) 2014-2023 Taler Systems SA
+
+ TALER is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of CHARITYABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+*/
+/**
+ * @file include/taler_util.h
+ * @brief Interface for common utility functions
+ * @author Sree Harsha Totakura <sreeharsha@totakura.in>
+ */
+#ifndef DONAU_UTIL_H
+#define DONAU_UTIL_H
+
+#include <gnunet/gnunet_common.h>
+#define __TALER_DONAU_UTIL_LIB_H_INSIDE__
+
+#include <gnunet/gnunet_util_lib.h>
+#include <microhttpd.h>
+#include "taler_util.h"
+#include "donau_crypto_lib.h"
+
+#endif
diff --git a/src/include/taler_donaudb_lib.h b/src/include/donaudb_lib.h
similarity index 100%
rename from src/include/taler_donaudb_lib.h
rename to src/include/donaudb_lib.h
diff --git a/src/include/taler_donaudb_plugin.h b/src/include/donaudb_plugin.h
similarity index 100%
rename from src/include/taler_donaudb_plugin.h
rename to src/include/donaudb_plugin.h
diff --git a/src/include/gettext.h b/src/include/gettext.h
new file mode 100644
index 0000000..4585126
--- /dev/null
+++ b/src/include/gettext.h
@@ -0,0 +1,71 @@
+/* Convenience header for conditional use of GNU <libintl.h>.
+ Copyright Copyright (C) 1995-1998, 2000-2002 Free Software Foundation, Inc.
+
+ This program is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Library General Public License as published
+ by the Free Software Foundation; either version 3, or (at your option)
+ any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+
+ You should have received a copy of the GNU Library General Public
+ License along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
+ USA. */
+
+#ifndef _LIBGETTEXT_H
+#define _LIBGETTEXT_H 1
+
+/* NLS can be disabled through the configure --disable-nls option. */
+#if ENABLE_NLS
+
+/* Get declarations of GNU message catalog functions. */
+#include <libintl.h>
+
+#else
+
+/* Solaris /usr/include/locale.h includes /usr/include/libintl.h, which
+ chokes if dcgettext is defined as a macro. So include it now, to make
+ later inclusions of <locale.h> a NOP. We don't include <libintl.h>
+ as well because people using "gettext.h" will not include <libintl.h>,
+ and also including <libintl.h> would fail on SunOS 4, whereas <locale.h>
+ is GNUNET_OK. */
+#if defined(__sun)
+#include <locale.h>
+#endif
+
+/* Disabled NLS.
+ The casts to 'const char *' serve the purpose of producing warnings
+ for invalid uses of the value returned from these functions.
+ On pre-ANSI systems without 'const', the config.h file is supposed to
+ contain "#define const". */
+#define gettext(Msgid) ((const char *) (Msgid))
+#define dgettext(Domainname, Msgid) ((const char *) (Msgid))
+#define dcgettext(Domainname, Msgid, Category) ((const char *) (Msgid))
+#define ngettext(Msgid1, Msgid2, N) \
+ ((N) == 1 ? (const char *) (Msgid1) : (const char *) (Msgid2))
+#define dngettext(Domainname, Msgid1, Msgid2, N) \
+ ((N) == 1 ? (const char *) (Msgid1) : (const char *) (Msgid2))
+#define dcngettext(Domainname, Msgid1, Msgid2, N, Category) \
+ ((N) == 1 ? (const char *) (Msgid1) : (const char *) (Msgid2))
+/* slight modification here to avoid warnings: generate GNUNET_NO code,
+ not even the cast... */
+#define textdomain(Domainname)
+#define bindtextdomain(Domainname, Dirname)
+#define bind_textdomain_codeset(Domainname, Codeset) ((const char *) (Codeset))
+
+#endif
+
+/* A pseudo function call that serves as a marker for the automated
+ extraction of messages, but does not call gettext(). The run-time
+ translation is done at a different place in the code.
+ The argument, String, should be a literal string. Concatenated strings
+ and other string expressions won't work.
+ The macro's expansion is not parenthesized, so that it is suitable as
+ initializer for static 'char[]' or 'const char[]' variables. */
+#define gettext_noop(String) String
+
+#endif /* _LIBGETTEXT_H */
diff --git a/src/include/platform.h b/src/include/platform.h
new file mode 100644
index 0000000..d4d2c80
--- /dev/null
+++ b/src/include/platform.h
@@ -0,0 +1,269 @@
+/*
+ This file is part of TALER
+ Copyright (C) 2014 Chrisitan Grothoff (and other contributing authors)
+
+ TALER is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+*/
+
+/**
+ * @file exchange/src/include/platform.h
+ * @brief This file contains the includes and definitions which are used by the
+ * rest of the modules
+ * @author Sree Harsha Totakura <sreeharsha@totakura.in>
+ */
+#ifndef PLATFORM_H_
+#define PLATFORM_H_
+
+/* Include our configuration header */
+#ifndef HAVE_USED_CONFIG_H
+#define HAVE_USED_CONFIG_H
+#ifdef HAVE_CONFIG_H
+#include "taler_config.h"
+#endif
+#endif
+
+/* For the exchange build, we do NOT want gettext, even
+ if it is available! */
+#undef ENABLE_NLS
+
+
+#if (GNUNET_EXTRA_LOGGING >= 1)
+#define VERBOSE(cmd) cmd
+#else
+#define VERBOSE(cmd) do { break; } while (0)
+#endif
+
+/* Include the features available for GNU source */
+#define _GNU_SOURCE
+
+/* Do not use shortcuts for gcrypt mpi */
+#define GCRYPT_NO_MPI_MACROS 1
+
+/* Do not use deprecated functions from gcrypt */
+#define GCRYPT_NO_DEPRECATED 1
+
+/* Ignore MHD deprecations for now as we want to be compatible
+ to "ancient" MHD releases. */
+#define MHD_NO_DEPRECATION 1
+
+/* Enable additional sanity checks that may result in a moderate
+ loss of performance but could be helpful to spot bugs. This
+ option should be enabled unless we are running benchmarks and/or
+ really need the last bit of performance. So even in production,
+ the default should be 'on' unless it was established that this
+ is needed for performance reasons. */
+#define ENABLE_SANITY_CHECKS 1
+
+
+#include <netdb.h>
+#include <sys/socket.h>
+#include <sys/un.h>
+#if HAVE_NETINET_IN_H
+#include <netinet/in.h>
+#endif
+#if HAVE_NETINET_IN_SYSTM_H
+#include <netinet/in_systm.h>
+#endif
+#if HAVE_NETINET_IP_H
+#include <netinet/ip.h> /* superset of previous */
+#endif
+#include <arpa/inet.h>
+#include <netinet/tcp.h>
+#include <pwd.h>
+#include <sys/ioctl.h>
+#include <sys/wait.h>
+#include <grp.h>
+
+#include <string.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdint.h>
+#include <stdarg.h>
+#include <stdbool.h>
+#include <errno.h>
+#include <signal.h>
+#include <libgen.h>
+#ifdef HAVE_MALLOC_H
+#include <malloc.h> /* for mallinfo on GNU */
+#endif
+#include <unistd.h> /* KLB_FIX */
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <dirent.h> /* KLB_FIX */
+#include <fcntl.h>
+#include <math.h>
+#if HAVE_SYS_PARAM_H
+#include <sys/param.h>
+#endif
+#if HAVE_SYS_TIME_H
+#include <sys/time.h>
+#endif
+#include <time.h>
+#ifdef BSD
+#include <net/if.h>
+#endif
+#if defined(BSD) && defined(__FreeBSD__) && defined(__FreeBSD_kernel__)
+#include <semaphore.h>
+#endif
+#ifdef DARWIN
+#include <dlfcn.h>
+#include <semaphore.h>
+#include <net/if.h>
+#endif
+#if defined(__linux__) || defined(GNU)
+#include <net/if.h>
+#endif
+#ifdef SOLARIS
+#include <sys/sockio.h>
+#include <sys/filio.h>
+#include <sys/loadavg.h>
+#include <semaphore.h>
+#endif
+#if HAVE_UCRED_H
+#include <ucred.h>
+#endif
+#if HAVE_SYS_UCRED_H
+#include <sys/ucred.h>
+#endif
+#if HAVE_IFADDRS_H
+#include <ifaddrs.h>
+#endif
+#include <errno.h>
+#include <limits.h>
+
+#if HAVE_VFORK_H
+#include <vfork.h>
+#endif
+
+#include <ctype.h>
+#if HAVE_SYS_RESOURCE_H
+#include <sys/resource.h>
+#endif
+
+#if HAVE_ENDIAN_H
+#include <endian.h>
+#endif
+#if HAVE_SYS_ENDIAN_H
+#include <sys/endian.h>
+#endif
+
+#define DIR_SEPARATOR '/'
+#define DIR_SEPARATOR_STR "/"
+#define PATH_SEPARATOR ':'
+#define PATH_SEPARATOR_STR ":"
+#define NEWLINE "\n"
+
+
+#include <locale.h>
+#include "gettext.h"
+/**
+ * GNU gettext support macro.
+ */
+#define _(String) dgettext (PACKAGE, String)
+
+
+#include <sys/mman.h>
+
+/* FreeBSD_kernel is not defined on the now discontinued kFreeBSD */
+#if defined(BSD) && defined(__FreeBSD__) && defined(__FreeBSD_kernel__)
+#define __BYTE_ORDER BYTE_ORDER
+#define __BIG_ENDIAN BIG_ENDIAN
+#endif
+
+#ifdef DARWIN
+#define __BYTE_ORDER BYTE_ORDER
+#define __BIG_ENDIAN BIG_ENDIAN
+/* not available on darwin, override configure */
+#undef HAVE_STAT64
+#undef HAVE_MREMAP
+#endif
+
+#if ! HAVE_ATOLL
+long long
+atoll (const char *nptr);
+
+#endif
+
+#if ENABLE_NLS
+#include "langinfo.h"
+#endif
+
+#ifndef SIZE_MAX
+#define SIZE_MAX ((size_t) (-1))
+#endif
+
+#ifndef O_LARGEFILE
+#define O_LARGEFILE 0
+#endif
+
+
+#if defined(__sparc__)
+#define MAKE_UNALIGNED(val) ({ __typeof__((val)) __tmp; memmove (&__tmp,
&(val), \
+
sizeof((val))); \
+ __tmp; })
+#else
+#define MAKE_UNALIGNED(val) val
+#endif
+
+
+#ifndef PATH_MAX
+/**
+ * Assumed maximum path length.
+ */
+#define PATH_MAX 4096
+#endif
+
+#if HAVE_THREAD_LOCAL_GCC
+#define TALER_THREAD_LOCAL __thread
+#else
+#define TALER_THREAD_LOCAL
+#endif
+
+
+/* LSB-style exit status codes */
+#ifndef EXIT_INVALIDARGUMENT
+#define EXIT_INVALIDARGUMENT 2
+#endif
+
+#ifndef EXIT_NOTIMPLEMENTED
+#define EXIT_NOTIMPLEMENTED 3
+#endif
+
+#ifndef EXIT_NOPERMISSION
+#define EXIT_NOPERMISSION 4
+#endif
+
+#ifndef EXIT_NOTINSTALLED
+#define EXIT_NOTINSTALLED 5
+#endif
+
+#ifndef EXIT_NOTCONFIGURED
+#define EXIT_NOTCONFIGURED 6
+#endif
+
+#ifndef EXIT_NOTRUNNING
+#define EXIT_NOTRUNNING 7
+#endif
+
+/**
+ * clang et al do not have such an attribute
+ */
+#if __has_attribute (__nonstring__)
+# define __nonstring __attribute__((__nonstring__))
+#else
+# define __nonstring
+#endif
+
+
+#endif /* PLATFORM_H_ */
+
+/* end of platform.h */
diff --git a/src/include/taler_amount_lib.h b/src/include/taler_amount_lib.h
new file mode 100644
index 0000000..937238d
--- /dev/null
+++ b/src/include/taler_amount_lib.h
@@ -0,0 +1,466 @@
+/*
+ This file is part of TALER
+ Copyright (C) 2014, 2015, 2020 Taler Systems SA
+
+ TALER is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+*/
+/**
+ * @file include/taler_amount_lib.h
+ * @brief amount-representation utility functions
+ * @author Sree Harsha Totakura <sreeharsha@totakura.in>
+ */
+#if ! defined (__TALER_UTIL_LIB_H_INSIDE__)
+#error "Only <taler_util.h> can be included directly."
+#endif
+
+#ifndef TALER_AMOUNT_LIB_H
+#define TALER_AMOUNT_LIB_H
+
+#include <stdint.h>
+#include "gnunet/gnunet_common.h"
+
+#ifdef __cplusplus
+extern "C"
+{
+#if 0 /* keep Emacsens' auto-indent happy */
+}
+#endif
+#endif
+
+
+/**
+ * @brief Number of characters (plus 1 for 0-termination) we use to
+ * represent currency names (i.e. EUR, USD, etc.). We use 8+4 for
+ * alignment in the `struct TALER_Amount`. The amount is typically an
+ * ISO 4217 currency code when an alphanumeric 3-digit code is used.
+ * For regional currencies, the first character should be a "*" followed
+ * by a region-specific name (i.e. "*BRETAGNEFR").
+ */
+#define TALER_CURRENCY_LEN 12
+
+/**
+ * Taler currency length as a string.
+ */
+#define TALER_CURRENCY_LEN_STR "12"
+
+/**
+ * @brief The "fraction" value in a `struct TALER_Amount` represents which
+ * fraction of the "main" value?
+ *
+ * Note that we need sub-cent precision here as transaction fees might
+ * be that low, and as we want to support microdonations.
+ *
+ * An actual `struct Amount a` thus represents
+ * "a.value + (a.fraction / #TALER_AMOUNT_FRAC_BASE)" units of "a.currency".
+ */
+#define TALER_AMOUNT_FRAC_BASE 100000000
+
+/**
+ * @brief How many digits behind the comma are required to represent the
+ * fractional value in human readable decimal format? Must match
+ * lg(#TALER_AMOUNT_FRAC_BASE).
+ */
+#define TALER_AMOUNT_FRAC_LEN 8
+
+/**
+ * Maximum legal 'value' for an amount, based on IEEE double (for JavaScript
compatibility).
+ */
+#define TALER_AMOUNT_MAX_VALUE (1LLU << 52)
+
+
+GNUNET_NETWORK_STRUCT_BEGIN
+
+
+/**
+ * @brief Amount, encoded for network transmission.
+ */
+struct TALER_AmountNBO
+{
+ /**
+ * Value in the main currency, in NBO.
+ */
+ uint64_t value GNUNET_PACKED;
+
+ /**
+ * Fraction (integer multiples of #TALER_AMOUNT_FRAC_BASE), in NBO.
+ */
+ uint32_t fraction GNUNET_PACKED;
+
+ /**
+ * Type of the currency being represented.
+ */
+ char currency[TALER_CURRENCY_LEN];
+};
+
+GNUNET_NETWORK_STRUCT_END
+
+
+/**
+ * @brief Representation of monetary value in a given currency.
+ */
+struct TALER_Amount
+{
+ /**
+ * Value (numerator of fraction)
+ */
+ uint64_t value;
+
+ /**
+ * Fraction (integer multiples of #TALER_AMOUNT_FRAC_BASE).
+ */
+ uint32_t fraction;
+
+ /**
+ * Currency string, left adjusted and padded with zeros. All zeros
+ * for "invalid" values.
+ */
+ char currency[TALER_CURRENCY_LEN];
+};
+
+
+/**
+ * Check that the currency code in @a str is well-formed.
+ *
+ * @param str currency code name to validate
+ * @return #GNUNET_OK if @a str is a valid currency code
+ */
+enum GNUNET_GenericReturnValue
+TALER_check_currency (const char *str);
+
+
+/**
+ * Parse monetary amount, in the format "T:V.F".
+ *
+ * @param str amount string
+ * @param[out] amount amount to write the result to
+ * @return #GNUNET_OK if the string is a valid monetary amount specification,
+ * #GNUNET_SYSERR if it is invalid.
+ */
+enum GNUNET_GenericReturnValue
+TALER_string_to_amount (const char *str,
+ struct TALER_Amount *amount);
+
+
+/**
+ * Parse monetary amount, in the format "T:V.F".
+ * The result is stored in network byte order (NBO).
+ *
+ * @param str amount string
+ * @param[out] amount_nbo amount to write the result to
+ * @return #GNUNET_OK if the string is a valid amount specification,
+ * #GNUNET_SYSERR if it is invalid.
+ */
+enum GNUNET_GenericReturnValue
+TALER_string_to_amount_nbo (const char *str,
+ struct TALER_AmountNBO *amount_nbo);
+
+
+/**
+ * Get the value of "zero" in a particular currency.
+ *
+ * @param cur currency description
+ * @param[out] amount amount to write the result to
+ * @return #GNUNET_OK if @a cur is a valid currency specification,
+ * #GNUNET_SYSERR if it is invalid.
+ */
+enum GNUNET_GenericReturnValue
+TALER_amount_set_zero (const char *cur,
+ struct TALER_Amount *amount);
+
+
+/**
+ * Test if the given @a amount is zero.
+ *
+ * @param amount amount to compare to zero
+ * @return true if the amount is zero,
+ * false if it is non-zero or invalid
+ */
+bool
+TALER_amount_is_zero (const struct TALER_Amount *amount);
+
+
+/**
+ * Test if the given amount is valid.
+ *
+ * @param amount amount to check
+ * @return #GNUNET_OK if @a amount is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_amount_is_valid (const struct TALER_Amount *amount);
+
+
+/**
+ * Test if the given amount is in the given currency
+ *
+ * @param amount amount to check
+ * @param currency currency to check for
+ * @return #GNUNET_OK if @a amount is in @a currency
+ */
+enum GNUNET_GenericReturnValue
+TALER_amount_is_currency (const struct TALER_Amount *amount,
+ const char *currency);
+
+
+/**
+ * Convert amount from host to network representation.
+ *
+ * @param[out] res where to store amount in network representation
+ * @param d amount in host representation
+ */
+void
+TALER_amount_hton (struct TALER_AmountNBO *res,
+ const struct TALER_Amount *d);
+
+
+/**
+ * Convert amount from network to host representation.
+ *
+ * @param[out] res where to store amount in host representation
+ * @param dn amount in network representation
+ */
+void
+TALER_amount_ntoh (struct TALER_Amount *res,
+ const struct TALER_AmountNBO *dn);
+
+
+/**
+ * Compare the value/fraction of two amounts. Does not compare the currency.
+ * Comparing amounts of different currencies will cause the program to abort().
+ * If unsure, check with #TALER_amount_cmp_currency() first to be sure that
+ * the currencies of the two amounts are identical.
+ *
+ * @param a1 first amount
+ * @param a2 second amount
+ * @return result of the comparison
+ * -1 if `a1 < a2`
+ * 1 if `a1 > a2`
+ * 0 if `a1 == a2`.
+ */
+int
+TALER_amount_cmp (const struct TALER_Amount *a1,
+ const struct TALER_Amount *a2);
+
+
+/**
+ * Compare the value/fraction of two amounts. Does not compare the currency.
+ * Comparing amounts of different currencies will cause the program to abort().
+ * If unsure, check with #TALER_amount_cmp_currency() first to be sure that
+ * the currencies of the two amounts are identical. NBO variant.
+ *
+ * @param a1 first amount
+ * @param a2 second amount
+ * @return result of the comparison
+ * -1 if `a1 < a2`
+ * 1 if `a1 > a2`
+ * 0 if `a1 == a2`.
+ */
+int
+TALER_amount_cmp_nbo (const struct TALER_AmountNBO *a1,
+ const struct TALER_AmountNBO *a2);
+
+
+/**
+ * Test if @a a1 and @a a2 are the same currency.
+ *
+ * @param a1 amount to test
+ * @param a2 amount to test
+ * @return #GNUNET_YES if @a a1 and @a a2 are the same currency
+ * #GNUNET_NO if the currencies are different
+ * #GNUNET_SYSERR if either amount is invalid
+ */
+enum GNUNET_GenericReturnValue
+TALER_amount_cmp_currency (const struct TALER_Amount *a1,
+ const struct TALER_Amount *a2);
+
+
+/**
+ * Test if @a a1 and @a a2 are the same currency, NBO variant.
+ *
+ * @param a1 amount to test
+ * @param a2 amount to test
+ * @return #GNUNET_YES if @a a1 and @a a2 are the same currency
+ * #GNUNET_NO if the currencies are different
+ * #GNUNET_SYSERR if either amount is invalid
+ */
+enum GNUNET_GenericReturnValue
+TALER_amount_cmp_currency_nbo (const struct TALER_AmountNBO *a1,
+ const struct TALER_AmountNBO *a2);
+
+
+/**
+ * Possible results from calling #TALER_amount_subtract() and
+ * possibly other arithmetic operations. Negative values
+ * indicate that the operation did not generate a result.
+ */
+enum TALER_AmountArithmeticResult
+{
+
+ /**
+ * Operation succeeded, result is positive.
+ */
+ TALER_AAR_RESULT_POSITIVE = 1,
+
+ /**
+ * Operation succeeded, result is exactly zero.
+ */
+ TALER_AAR_RESULT_ZERO = 0,
+
+ /**
+ * Operation failed, the result would have been negative.
+ */
+ TALER_AAR_INVALID_NEGATIVE_RESULT = -1,
+
+ /**
+ * Operation failed, result outside of the representable range.
+ */
+ TALER_AAR_INVALID_RESULT_OVERFLOW = -2,
+
+ /**
+ * Operation failed, inputs could not be normalized.
+ */
+ TALER_AAR_INVALID_NORMALIZATION_FAILED = -3,
+
+ /**
+ * Operation failed, input currencies were not identical.
+ */
+ TALER_AAR_INVALID_CURRENCIES_INCOMPATIBLE = -4
+
+};
+
+/**
+ * Perform saturating subtraction of amounts.
+ *
+ * @param[out] diff where to store (@a a1 - @a a2), or invalid if @a a2 > @a a1
+ * @param a1 amount to subtract from
+ * @param a2 amount to subtract
+ * @return operation status, negative on failures
+ */
+enum TALER_AmountArithmeticResult
+TALER_amount_subtract (struct TALER_Amount *diff,
+ const struct TALER_Amount *a1,
+ const struct TALER_Amount *a2);
+
+
+/**
+ * Perform addition of amounts.
+ *
+ * @param[out] sum where to store @a a1 + @a a2, set to "invalid" on overflow
+ * @param a1 first amount to add
+ * @param a2 second amount to add
+ * @return operation status, negative on failures
+ */
+enum TALER_AmountArithmeticResult
+TALER_amount_add (struct TALER_Amount *sum,
+ const struct TALER_Amount *a1,
+ const struct TALER_Amount *a2);
+
+
+/**
+ * Divide an amount by a @ divisor. Note that this function
+ * may introduce a rounding error!
+ *
+ * @param[out] result where to store @a dividend / @a divisor
+ * @param dividend amount to divide
+ * @param divisor by what to divide, must be positive
+ */
+void
+TALER_amount_divide (struct TALER_Amount *result,
+ const struct TALER_Amount *dividend,
+ uint32_t divisor);
+
+/**
+ * Divide one amount by another. Note that this function
+ * may introduce a rounding error. It rounds down.
+ *
+ * @param dividend amount to divide
+ * @param divisor by what to divide, must be positive
+ * @return @a dividend / @a divisor, rounded down. -1 on currency mismatch,
+ * INT_MAX for division by zero
+ */
+int
+TALER_amount_divide2 (const struct TALER_Amount *dividend,
+ const struct TALER_Amount *divisor);
+
+
+/**
+ * Multiply an @a amount by a @ factor.
+ *
+ * @param[out] result where to store @a amount * @a factor
+ * @param amount amount to multiply
+ * @param factor factor by which to multiply
+ */
+enum TALER_AmountArithmeticResult
+TALER_amount_multiply (struct TALER_Amount *result,
+ const struct TALER_Amount *amount,
+ uint32_t factor);
+
+
+/**
+ * Normalize the given amount.
+ *
+ * @param[in,out] amount amount to normalize
+ * @return #GNUNET_OK if normalization worked
+ * #GNUNET_NO if value was already normalized
+ * #GNUNET_SYSERR if value was invalid or could not be normalized
+ */
+enum GNUNET_GenericReturnValue
+TALER_amount_normalize (struct TALER_Amount *amount);
+
+
+/**
+ * Convert amount to string.
+ *
+ * @param amount amount to convert to string
+ * @return freshly allocated string representation,
+ * NULL if the @a amount was invalid
+ */
+char *
+TALER_amount_to_string (const struct TALER_Amount *amount);
+
+
+/**
+ * Convert amount to string.
+ *
+ * @param amount amount to convert to string
+ * @return statically allocated buffer with string representation,
+ * NULL if the @a amount was invalid
+ */
+const char *
+TALER_amount2s (const struct TALER_Amount *amount);
+
+
+/**
+ * Round the amount to something that can be transferred on the wire.
+ * The rounding mode is specified via the smallest transferable unit,
+ * which must only have a fractional part *or* only a value (either
+ * of the two must be zero!).
+ *
+ * @param[in,out] amount amount to round down
+ * @param[in] round_unit unit that should be rounded down to, and
+ * either value part or the faction must be zero (but not both)
+ * @return #GNUNET_OK on success, #GNUNET_NO if rounding was unnecessary,
+ * #GNUNET_SYSERR if the amount or currency or @a round_unit was
invalid
+ */
+enum GNUNET_GenericReturnValue
+TALER_amount_round_down (struct TALER_Amount *amount,
+ const struct TALER_Amount *round_unit);
+
+
+#if 0 /* keep Emacsens' auto-indent happy */
+{
+#endif
+#ifdef __cplusplus
+}
+#endif
+
+
+#endif
diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h
new file mode 100644
index 0000000..7ea4418
--- /dev/null
+++ b/src/include/taler_crypto_lib.h
@@ -0,0 +1,5885 @@
+/*
+ This file is part of TALER
+ Copyright (C) 2014-2023 Taler Systems SA
+
+ TALER is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+*/
+/**
+ * @file include/taler_crypto_lib.h
+ * @brief taler-specific crypto functions
+ * @author Sree Harsha Totakura <sreeharsha@totakura.in>
+ * @author Christian Grothoff <christian@grothoff.org>
+ * @author Özgür Kesim <oec-taler@kesim.org>
+ */
+#if ! defined (__TALER_UTIL_LIB_H_INSIDE__)
+#error "Only <taler_util.h> can be included directly."
+#endif
+
+#ifndef TALER_CRYPTO_LIB_H
+#define TALER_CRYPTO_LIB_H
+
+#include <gnunet/gnunet_util_lib.h>
+#include "taler_error_codes.h"
+#include <gcrypt.h>
+#include <jansson.h>
+
+
+/**
+ * Maximum number of coins we allow per operation.
+ */
+#define TALER_MAX_FRESH_COINS 256
+
+/**
+ * Cut-and-choose size for refreshing. Client looses the gamble (of
+ * unaccountable transfers) with probability 1/TALER_CNC_KAPPA. Refresh cost
+ * increases linearly with TALER_CNC_KAPPA, and 3 is sufficient up to a
+ * income/sales tax of 66% of total transaction value. As there is
+ * no good reason to change this security parameter, we declare it
+ * fixed and part of the protocol.
+ */
+#define TALER_CNC_KAPPA 3
+#define TALER_CNC_KAPPA_MINUS_ONE_STR "2"
+
+
+/* ****************** Coin crypto primitives ************* */
+
+GNUNET_NETWORK_STRUCT_BEGIN
+
+/**
+ * @brief Type of public keys for Taler security modules (software or
hardware).
+ * Note that there are usually at least two security modules (RSA and EdDSA),
+ * each with its own private key.
+ */
+struct TALER_SecurityModulePublicKeyP
+{
+ /**
+ * Taler uses EdDSA for security modules.
+ */
+ struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub;
+};
+
+/**
+ * @brief Set of the public keys of the security modules
+ */
+struct TALER_SecurityModulePublicKeySetP
+{
+ /**
+ * Public key of the RSA security module
+ */
+ struct TALER_SecurityModulePublicKeyP rsa;
+
+ /**
+ * Public key of the CS security module
+ */
+ struct TALER_SecurityModulePublicKeyP cs;
+
+ /**
+ * Public key of the eddsa security module
+ */
+ struct TALER_SecurityModulePublicKeyP eddsa;
+};
+
+/**
+ * @brief Type of private keys for Taler security modules (software or
hardware).
+ */
+struct TALER_SecurityModulePrivateKeyP
+{
+ /**
+ * Taler uses EdDSA for security modules.
+ */
+ struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_priv;
+};
+
+
+/**
+ * @brief Type of signatures used for Taler security modules (software or
hardware).
+ */
+struct TALER_SecurityModuleSignatureP
+{
+ /**
+ * Taler uses EdDSA for security modules.
+ */
+ struct GNUNET_CRYPTO_EddsaSignature eddsa_signature;
+};
+
+
+/**
+ * @brief Type of public keys for Taler reserves.
+ */
+struct TALER_ReservePublicKeyP
+{
+ /**
+ * Taler uses EdDSA for reserves.
+ */
+ struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub;
+};
+
+
+/**
+ * @brief Type of private keys for Taler reserves.
+ */
+struct TALER_ReservePrivateKeyP
+{
+ /**
+ * Taler uses EdDSA for reserves.
+ */
+ struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_priv;
+};
+
+
+/**
+ * @brief Type of signatures used with Taler reserves.
+ */
+struct TALER_ReserveSignatureP
+{
+ /**
+ * Taler uses EdDSA for reserves.
+ */
+ struct GNUNET_CRYPTO_EddsaSignature eddsa_signature;
+};
+
+
+/**
+ * (Symmetric) key used to encrypt KYC attribute data in the database.
+ */
+struct TALER_AttributeKeyP
+{
+ /**
+ * Actual key material.
+ */
+ struct GNUNET_HashCode key;
+};
+
+
+/**
+ * @brief Type of public keys to for merchant authorizations.
+ * Merchants can issue refunds using the corresponding
+ * private key.
+ */
+struct TALER_MerchantPublicKeyP
+{
+ /**
+ * Taler uses EdDSA for merchants.
+ */
+ struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub;
+};
+
+
+/**
+ * @brief Type of private keys for merchant authorizations.
+ * Merchants can issue refunds using the corresponding
+ * private key.
+ */
+struct TALER_MerchantPrivateKeyP
+{
+ /**
+ * Taler uses EdDSA for merchants.
+ */
+ struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_priv;
+};
+
+
+/**
+ * @brief Type of signatures made by merchants.
+ */
+struct TALER_MerchantSignatureP
+{
+ /**
+ * Taler uses EdDSA for merchants.
+ */
+ struct GNUNET_CRYPTO_EddsaSignature eddsa_sig;
+};
+
+
+/**
+ * @brief Type of transfer public keys used during refresh
+ * operations.
+ */
+struct TALER_TransferPublicKeyP
+{
+ /**
+ * Taler uses ECDHE for transfer keys.
+ */
+ struct GNUNET_CRYPTO_EcdhePublicKey ecdhe_pub;
+};
+
+
+/**
+ * @brief Type of transfer private keys used during refresh
+ * operations.
+ */
+struct TALER_TransferPrivateKeyP
+{
+ /**
+ * Taler uses ECDHE for melting session keys.
+ */
+ struct GNUNET_CRYPTO_EcdhePrivateKey ecdhe_priv;
+};
+
+
+/**
+ * @brief Type of public keys used for contract
+ * encryption.
+ */
+struct TALER_ContractDiffiePublicP
+{
+ /**
+ * Taler uses ECDHE for contract encryption.
+ */
+ struct GNUNET_CRYPTO_EcdhePublicKey ecdhe_pub;
+};
+
+
+/**
+ * @brief Type of private keys used for contract
+ * encryption.
+ */
+struct TALER_ContractDiffiePrivateP
+{
+ /**
+ * Taler uses ECDHE for contract encryption.
+ */
+ struct GNUNET_CRYPTO_EcdhePrivateKey ecdhe_priv;
+};
+
+
+/**
+ * @brief Type of online public keys used by the exchange to sign
+ * messages.
+ */
+struct TALER_ExchangePublicKeyP
+{
+ /**
+ * Taler uses EdDSA for online exchange message signing.
+ */
+ struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub;
+};
+
+
+/**
+ * @brief Type of online public keys used by the exchange to
+ * sign messages.
+ */
+struct TALER_ExchangePrivateKeyP
+{
+ /**
+ * Taler uses EdDSA for online signatures sessions.
+ */
+ struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_priv;
+};
+
+
+/**
+ * @brief Type of signatures used by the exchange to sign messages online.
+ */
+struct TALER_ExchangeSignatureP
+{
+ /**
+ * Taler uses EdDSA for online signatures sessions.
+ */
+ struct GNUNET_CRYPTO_EddsaSignature eddsa_signature;
+};
+
+
+/**
+ * @brief Type of the offline master public key used by the exchange.
+ */
+struct TALER_MasterPublicKeyP
+{
+ /**
+ * Taler uses EdDSA for the long-term offline master key.
+ */
+ struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub;
+};
+
+
+/**
+ * @brief Type of the offline master public keys used by the exchange.
+ */
+struct TALER_MasterPrivateKeyP
+{
+ /**
+ * Taler uses EdDSA for the long-term offline master key.
+ */
+ struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_priv;
+};
+
+
+/**
+ * @brief Type of signatures by the offline master public key used by the
exchange.
+ */
+struct TALER_MasterSignatureP
+{
+ /**
+ * Taler uses EdDSA for the long-term offline master key.
+ */
+ struct GNUNET_CRYPTO_EddsaSignature eddsa_signature;
+};
+
+
+/**
+ * @brief Type of the private key used by the auditor.
+ */
+struct TALER_AuditorPrivateKeyP
+{
+ /**
+ * Taler uses EdDSA for the auditor's signing key.
+ */
+ struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_priv;
+};
+
+
+/**
+ * @brief Type of the public key used by the auditor.
+ */
+struct TALER_AuditorPublicKeyP
+{
+ /**
+ * Taler uses EdDSA for the auditor's signing key.
+ */
+ struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub;
+};
+
+
+/**
+ * @brief Type of signatures used by the auditor.
+ */
+struct TALER_AuditorSignatureP
+{
+ /**
+ * Taler uses EdDSA signatures for auditors.
+ */
+ struct GNUNET_CRYPTO_EddsaSignature eddsa_sig;
+};
+
+
+/**
+ * @brief Type of public keys for Taler coins. The same key material is used
+ * for EdDSA and ECDHE operations.
+ */
+struct TALER_CoinSpendPublicKeyP
+{
+ /**
+ * Taler uses EdDSA for coins when signing deposit requests.
+ */
+ struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub;
+
+};
+
+
+/**
+ * @brief Type of private keys for Taler coins. The same key material is used
+ * for EdDSA and ECDHE operations.
+ */
+struct TALER_CoinSpendPrivateKeyP
+{
+ /**
+ * Taler uses EdDSA for coins when signing deposit requests.
+ */
+ struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_priv;
+};
+
+/**
+ * @brief Type of signatures made with Taler coins.
+ */
+struct TALER_CoinSpendSignatureP
+{
+ /**
+ * Taler uses EdDSA for coins.
+ */
+ struct GNUNET_CRYPTO_EddsaSignature eddsa_signature;
+};
+
+
+/**
+ * @brief Type of private keys for age commitment in coins.
+ */
+struct TALER_AgeCommitmentPrivateKeyP
+{
+#ifdef AGE_RESTRICTION_WITH_ECDSA
+ /**
+ * Taler uses EcDSA for coins when signing age verification attestation.
+ */
+ struct GNUNET_CRYPTO_EcdsaPrivateKey priv;
+#else
+ /**
+ * Taler uses Edx25519 for coins when signing age verification attestation.
+ */
+ struct GNUNET_CRYPTO_Edx25519PrivateKey priv;
+#endif
+};
+
+
+/**
+ * @brief Type of public keys for age commitment in coins.
+ */
+struct TALER_AgeCommitmentPublicKeyP
+{
+#ifdef AGE_RESTRICTION_WITH_ECDSA
+ /**
+ * Taler uses EcDSA for coins when signing age verification attestation.
+ */
+ struct GNUNET_CRYPTO_EcdsaPublicKey pub;
+#else
+ /**
+ * Taler uses Edx25519 for coins when signing age verification attestation.
+ */
+ struct GNUNET_CRYPTO_Edx25519PublicKey pub;
+#endif
+};
+
+
+/*
+ * @brief Hash to represent the commitment to n*kappa blinded keys during a
+ * age-withdrawal. It is the running SHA512 hash over the hashes of the blinded
+ * envelopes of n*kappa coins.
+ */
+struct TALER_AgeWithdrawCommitmentHashP
+{
+ struct GNUNET_HashCode hash;
+};
+
+
+/**
+ * @brief Type of online public keys used by the wallet to establish a purse
and the associated contract meta data.
+ */
+struct TALER_PurseContractPublicKeyP
+{
+ /**
+ * Taler uses EdDSA for purse message signing.
+ */
+ struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub;
+};
+
+
+/**
+ * @brief Type of online private keys used by the wallet to
+ * bind a purse to a particular contract (and other meta data).
+ */
+struct TALER_PurseContractPrivateKeyP
+{
+ /**
+ * Taler uses EdDSA for online signatures sessions.
+ */
+ struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_priv;
+};
+
+
+/**
+ * @brief Type of signatures used by the wallet to sign purse creation
messages online.
+ */
+struct TALER_PurseContractSignatureP
+{
+ /**
+ * Taler uses EdDSA for online signatures sessions.
+ */
+ struct GNUNET_CRYPTO_EddsaSignature eddsa_signature;
+};
+
+
+/**
+ * @brief Type of online public keys used by the wallet to
+ * sign a merge of a purse into an account.
+ */
+struct TALER_PurseMergePublicKeyP
+{
+ /**
+ * Taler uses EdDSA for purse message signing.
+ */
+ struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub;
+};
+
+
+/**
+ * @brief Type of online private keys used by the wallet to
+ * sign a merge of a purse into an account.
+ */
+struct TALER_PurseMergePrivateKeyP
+{
+ /**
+ * Taler uses EdDSA for online signatures sessions.
+ */
+ struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_priv;
+};
+
+
+/**
+ * @brief Type of signatures used by the wallet to sign purse merge requests
online.
+ */
+struct TALER_PurseMergeSignatureP
+{
+ /**
+ * Taler uses EdDSA for online signatures sessions.
+ */
+ struct GNUNET_CRYPTO_EddsaSignature eddsa_signature;
+};
+
+
+/**
+ * @brief Type of online public keys used by AML officers.
+ */
+struct TALER_AmlOfficerPublicKeyP
+{
+ /**
+ * Taler uses EdDSA for AML decision signing.
+ */
+ struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub;
+};
+
+
+/**
+ * @brief Type of online private keys used to identify
+ * AML officers.
+ */
+struct TALER_AmlOfficerPrivateKeyP
+{
+ /**
+ * Taler uses EdDSA for AML decision signing.
+ */
+ struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_priv;
+};
+
+
+/**
+ * @brief Type of signatures used by AML officers.
+ */
+struct TALER_AmlOfficerSignatureP
+{
+ /**
+ * Taler uses EdDSA for AML decision signing.
+ */
+ struct GNUNET_CRYPTO_EddsaSignature eddsa_signature;
+};
+
+
+/**
+ * Possible AML decision states.
+ */
+enum TALER_AmlDecisionState
+{
+
+ /**
+ * All AML requirements are currently satisfied.
+ */
+ TALER_AML_NORMAL = 0,
+
+ /**
+ * An AML investigation is pending.
+ */
+ TALER_AML_PENDING = 1,
+
+ /**
+ * An AML decision has concluded that the funds must be frozen.
+ */
+ TALER_AML_FROZEN = 2
+
+};
+
+
+/**
+ * Possible algorithms for confirmation code generation.
+ */
+enum TALER_MerchantConfirmationAlgorithm
+{
+
+ /**
+ * No purchase confirmation.
+ */
+ TALER_MCA_NONE = 0,
+
+ /**
+ * Purchase confirmation without payment
+ */
+ TALER_MCA_WITHOUT_PRICE = 1,
+
+ /**
+ * Purchase confirmation with payment
+ */
+ TALER_MCA_WITH_PRICE = 2
+
+};
+
+
+/**
+ * Commitment value for the refresh protocol.
+ * See #TALER_refresh_get_commitment().
+ */
+struct TALER_RefreshCommitmentP
+{
+ /**
+ * The commitment is a hash code.
+ */
+ struct GNUNET_HashCode session_hash;
+};
+
+
+/**
+ * Symmetric key we use to encrypt KYC attributes
+ * in our database.
+ */
+struct TALER_AttributeEncryptionKeyP
+{
+ /**
+ * The key is a hash code.
+ */
+ struct GNUNET_HashCode hash;
+};
+
+
+/**
+ * Token used for access control to the merchant's unclaimed
+ * orders.
+ */
+struct TALER_ClaimTokenP
+{
+ /**
+ * The token is a 128-bit UUID.
+ */
+ struct GNUNET_Uuid token;
+};
+
+
+/**
+ * Salt used to hash a merchant's payto:// URI to
+ * compute the "h_wire" (say for deposit requests).
+ */
+struct TALER_WireSaltP
+{
+ /**
+ * Actual 128-bit salt value.
+ */
+ uint32_t salt[4];
+};
+
+
+/**
+ * Hash used to represent an CS public key. Does not include age
+ * restrictions and is ONLY for CS. Used ONLY for interactions with the CS
+ * security module.
+ */
+struct TALER_CsPubHashP
+{
+ /**
+ * Actual hash value.
+ */
+ struct GNUNET_HashCode hash;
+};
+
+
+/**
+ * Hash used to represent an RSA public key. Does not include age
+ * restrictions and is ONLY for RSA. Used ONLY for interactions with the RSA
+ * security module.
+ */
+struct TALER_RsaPubHashP
+{
+ /**
+ * Actual hash value.
+ */
+ struct GNUNET_HashCode hash;
+};
+
+
+/**
+ * Master key material for the deriviation of
+ * private coins and blinding factors during
+ * withdraw or refresh.
+ */
+struct TALER_PlanchetMasterSecretP
+{
+
+ /**
+ * Key material.
+ */
+ uint32_t key_data[8];
+
+};
+
+
+/**
+ * Master key material for the deriviation of
+ * private coins and blinding factors.
+ */
+struct TALER_RefreshMasterSecretP
+{
+
+ /**
+ * Key material.
+ */
+ uint32_t key_data[8];
+
+};
+
+
+/**
+ * Hash used to represent a denomination public key
+ * and associated age restrictions (if any).
+ */
+struct TALER_DenominationHashP
+{
+ /**
+ * Actual hash value.
+ */
+ struct GNUNET_HashCode hash;
+};
+
+
+/**
+ * Hash used to represent the private part
+ * of a contract between merchant and consumer.
+ */
+struct TALER_PrivateContractHashP
+{
+ /**
+ * Actual hash value.
+ */
+ struct GNUNET_HashCode hash;
+};
+
+
+/**
+ * Hash used to represent the policy extension to a deposit
+ */
+struct TALER_ExtensionPolicyHashP
+{
+ /**
+ * Actual hash value.
+ */
+ struct GNUNET_HashCode hash;
+};
+
+
+/**
+ * Hash used to represent the salted hash of a
+ * merchant's bank account.
+ */
+struct TALER_MerchantWireHashP
+{
+ /**
+ * Actual hash value.
+ */
+ struct GNUNET_HashCode hash;
+};
+
+
+/**
+ * Hash used to represent the unsalted hash of a
+ * payto:// URI representing a bank account.
+ */
+struct TALER_PaytoHashP
+{
+ /**
+ * Actual hash value.
+ */
+ struct GNUNET_ShortHashCode hash;
+};
+
+
+/**
+ * Hash used to represent a commitment to a blinded
+ * coin, i.e. the hash of the envelope.
+ */
+struct TALER_BlindedCoinHashP
+{
+ /**
+ * Actual hash value.
+ */
+ struct GNUNET_HashCode hash;
+};
+
+
+/**
+ * Hash used to represent the hash of the public
+ * key of a coin (without blinding).
+ */
+struct TALER_CoinPubHashP
+{
+ /**
+ * Actual hash value.
+ */
+ struct GNUNET_HashCode hash;
+};
+
+
+/**
+ * @brief Value that uniquely identifies a reward.
+ */
+struct TALER_RewardIdentifierP
+{
+ /**
+ * The tip identifier is a SHA-512 hash code.
+ */
+ struct GNUNET_HashCode hash;
+};
+
+
+/**
+ * @brief Value that uniquely identifies a tip pick up operation.
+ */
+struct TALER_PickupIdentifierP
+{
+ /**
+ * The pickup identifier is a SHA-512 hash code.
+ */
+ struct GNUNET_HashCode hash;
+};
+
+
+/**
+ * @brief Salted hash over the JSON object representing the manifests of
+ * extensions.
+ */
+struct TALER_ExtensionManifestsHashP
+{
+ /**
+ * Actual hash value.
+ */
+ struct GNUNET_HashCode hash;
+};
+
+
+/**
+ * Set of the fees applying to a denomination.
+ */
+struct TALER_DenomFeeSetNBOP
+{
+
+ /**
+ * The fee the exchange charges when a coin of this type is withdrawn.
+ * (can be zero).
+ */
+ struct TALER_AmountNBO withdraw;
+
+ /**
+ * The fee the exchange charges when a coin of this type is deposited.
+ * (can be zero).
+ */
+ struct TALER_AmountNBO deposit;
+
+ /**
+ * The fee the exchange charges when a coin of this type is refreshed.
+ * (can be zero).
+ */
+ struct TALER_AmountNBO refresh;
+
+ /**
+ * The fee the exchange charges when a coin of this type is refunded.
+ * (can be zero). Note that refund fees are charged to the customer;
+ * if a refund is given, the deposit fee is also refunded.
+ */
+ struct TALER_AmountNBO refund;
+
+};
+
+
+/**
+ * Set of the fees applying for a given
+ * time-range and wire method.
+ */
+struct TALER_WireFeeSetNBOP
+{
+
+ /**
+ * The fee the exchange charges for wiring funds
+ * to a merchant.
+ */
+ struct TALER_AmountNBO wire;
+
+ /**
+ * The fee the exchange charges for closing a reserve
+ * and wiring the funds back to the origin account.
+ */
+ struct TALER_AmountNBO closing;
+
+};
+
+
+/**
+ * Set of the fees applying globally for a given
+ * time-range.
+ */
+struct TALER_GlobalFeeSetNBOP
+{
+
+ /**
+ * The fee the exchange charges for returning the history of a reserve or
+ * account.
+ */
+ struct TALER_AmountNBO history;
+
+ /**
+ * The fee the exchange charges for keeping an account or reserve open for a
+ * year.
+ */
+ struct TALER_AmountNBO account;
+
+ /**
+ * The fee the exchange charges if a purse is abandoned and this was not
+ * covered by the account limit.
+ */
+ struct TALER_AmountNBO purse;
+};
+
+
+GNUNET_NETWORK_STRUCT_END
+
+
+/**
+ * @brief Builds POS confirmation token to verify payment.
+ *
+ * @param pos_key encoded key for verification payment
+ * @param pos_alg algorithm to compute the payment verification
+ * @param total of the order paid
+ * @param ts is the time given
+ * @return POS token on success, NULL otherwise
+ */
+char *
+TALER_build_pos_confirmation (const char *pos_key,
+ enum TALER_MerchantConfirmationAlgorithm pos_alg,
+ const struct TALER_Amount *total,
+ struct GNUNET_TIME_Timestamp ts);
+
+
+/**
+ * Set of the fees applying to a denomination.
+ */
+struct TALER_DenomFeeSet
+{
+
+ /**
+ * The fee the exchange charges when a coin of this type is withdrawn.
+ * (can be zero).
+ */
+ struct TALER_Amount withdraw;
+
+ /**
+ * The fee the exchange charges when a coin of this type is deposited.
+ * (can be zero).
+ */
+ struct TALER_Amount deposit;
+
+ /**
+ * The fee the exchange charges when a coin of this type is refreshed.
+ * (can be zero).
+ */
+ struct TALER_Amount refresh;
+
+ /**
+ * The fee the exchange charges when a coin of this type is refunded.
+ * (can be zero). Note that refund fees are charged to the customer;
+ * if a refund is given, the deposit fee is also refunded.
+ */
+ struct TALER_Amount refund;
+
+};
+
+
+/**
+ * Set of the fees applying for a given time-range and wire method.
+ */
+struct TALER_WireFeeSet
+{
+
+ /**
+ * The fee the exchange charges for wiring funds to a merchant.
+ */
+ struct TALER_Amount wire;
+
+ /**
+ * The fee the exchange charges for closing a reserve
+ * and wiring the funds back to the origin account.
+ */
+ struct TALER_Amount closing;
+
+};
+
+
+/**
+ * Set of the fees applying globally for a given
+ * time-range.
+ */
+struct TALER_GlobalFeeSet
+{
+
+ /**
+ * The fee the exchange charges for returning the
+ * history of a reserve or account.
+ */
+ struct TALER_Amount history;
+
+ /**
+ * The fee the exchange charges for keeping
+ * an account or reserve open for a year.
+ */
+ struct TALER_Amount account;
+
+ /**
+ * The fee the exchange charges if a purse
+ * is abandoned and this was not covered by
+ * the account limit.
+ */
+ struct TALER_Amount purse;
+};
+
+
+/**
+ * Convert fee set from host to network byte order.
+ *
+ * @param[out] nbo where to write the result
+ * @param fees fee set to convert
+ */
+void
+TALER_denom_fee_set_hton (struct TALER_DenomFeeSetNBOP *nbo,
+ const struct TALER_DenomFeeSet *fees);
+
+
+/**
+ * Convert fee set from network to host network byte order.
+ *
+ * @param[out] fees where to write the result
+ * @param nbo fee set to convert
+ */
+void
+TALER_denom_fee_set_ntoh (struct TALER_DenomFeeSet *fees,
+ const struct TALER_DenomFeeSetNBOP *nbo);
+
+
+/**
+ * Convert global fee set from host to network byte order.
+ *
+ * @param[out] nbo where to write the result
+ * @param fees fee set to convert
+ */
+void
+TALER_global_fee_set_hton (struct TALER_GlobalFeeSetNBOP *nbo,
+ const struct TALER_GlobalFeeSet *fees);
+
+
+/**
+ * Convert global fee set from network to host network byte order.
+ *
+ * @param[out] fees where to write the result
+ * @param nbo fee set to convert
+ */
+void
+TALER_global_fee_set_ntoh (struct TALER_GlobalFeeSet *fees,
+ const struct TALER_GlobalFeeSetNBOP *nbo);
+
+
+/**
+ * Compare global fee sets.
+ *
+ * @param f1 first set to compare
+ * @param f2 second set to compare
+ * @return 0 if sets are equal
+ */
+int
+TALER_global_fee_set_cmp (const struct TALER_GlobalFeeSet *f1,
+ const struct TALER_GlobalFeeSet *f2);
+
+
+/**
+ * Convert wire fee set from host to network byte order.
+ *
+ * @param[out] nbo where to write the result
+ * @param fees fee set to convert
+ */
+void
+TALER_wire_fee_set_hton (struct TALER_WireFeeSetNBOP *nbo,
+ const struct TALER_WireFeeSet *fees);
+
+
+/**
+ * Convert wire fee set from network to host network byte order.
+ *
+ * @param[out] fees where to write the result
+ * @param nbo fee set to convert
+ */
+void
+TALER_wire_fee_set_ntoh (struct TALER_WireFeeSet *fees,
+ const struct TALER_WireFeeSetNBOP *nbo);
+
+
+/**
+ * Compare wire fee sets.
+ *
+ * @param f1 first set to compare
+ * @param f2 second set to compare
+ * @return 0 if sets are equal
+ */
+int
+TALER_wire_fee_set_cmp (const struct TALER_WireFeeSet *f1,
+ const struct TALER_WireFeeSet *f2);
+
+
+/**
+ * Hash @a rsa.
+ *
+ * @param rsa key to hash
+ * @param[out] h_rsa where to write the result
+ */
+void
+TALER_rsa_pub_hash (const struct GNUNET_CRYPTO_RsaPublicKey *rsa,
+ struct TALER_RsaPubHashP *h_rsa);
+
+
+/**
+ * Hash @a cs.
+ *
+ * @param cs key to hash
+ * @param[out] h_cs where to write the result
+ */
+void
+TALER_cs_pub_hash (const struct GNUNET_CRYPTO_CsPublicKey *cs,
+ struct TALER_CsPubHashP *h_cs);
+
+
+/**
+ * @brief Type of (unblinded) coin signatures for Taler.
+ */
+struct TALER_DenominationSignature
+{
+ /**
+ * Denominations use blind signatures.
+ */
+ struct GNUNET_CRYPTO_UnblindedSignature *unblinded_sig;
+};
+
+
+/**
+ * @brief Type for *blinded* denomination signatures for Taler.
+ * Must be unblinded before it becomes valid.
+ */
+struct TALER_BlindedDenominationSignature
+{
+ /**
+ * Denominations use blind signatures.
+ */
+ struct GNUNET_CRYPTO_BlindedSignature *blinded_sig;
+};
+
+
+/* *************** Age Restriction *********************************** */
+
+/*
+ * @brief Type of a list of age groups, represented as bit mask.
+ *
+ * The bits set in the mask mark the edges at the beginning of a next age
+ * group. F.e. for the age groups
+ * 0-7, 8-9, 10-11, 12-13, 14-15, 16-17, 18-21, 21-*
+ * the following bits are set:
+ *
+ * 31 24 16 8 0
+ * | | | | |
+ * oooooooo oo1oo1o1 o1o1o1o1 ooooooo1
+ *
+ * A value of 0 means that the exchange does not support the extension for
+ * age-restriction.
+ *
+ * For a non-0 age mask, the 0th bit always must be set, otherwise the age
+ * mask is considered invalid.
+ */
+struct TALER_AgeMask
+{
+ uint32_t bits;
+};
+
+/**
+ * @brief Age commitment of a coin.
+ */
+struct TALER_AgeCommitmentHash
+{
+ /**
+ * The commitment is a SHA-256 hash code.
+ */
+ struct GNUNET_ShortHashCode shash;
+};
+
+/**
+ * @brief Signature of an age with the private key for the corresponding age
group of an age commitment.
+ */
+struct TALER_AgeAttestation
+{
+#ifdef AGE_RESTRICTION_WITH_ECDSA
+ struct GNUNET_CRYPTO_EcdsaSignature signature;
+#else
+ struct GNUNET_CRYPTO_Edx25519Signature signature;
+#endif
+};
+
+#define TALER_AgeCommitmentHash_isNullOrZero(ph) ((NULL == ph) || \
+ GNUNET_is_zero (ph))
+
+/**
+ * @brief Type of public signing keys for verifying blindly signed coins.
+ */
+struct TALER_DenominationPublicKey
+{
+
+ /**
+ * Age restriction mask used for the key.
+ */
+ struct TALER_AgeMask age_mask;
+
+ /**
+ * Type of the public key.
+ */
+ struct GNUNET_CRYPTO_BlindSignPublicKey *bsign_pub_key;
+
+};
+
+
+/**
+ * @brief Type of private signing keys for blind signing of coins.
+ */
+struct TALER_DenominationPrivateKey
+{
+
+ struct GNUNET_CRYPTO_BlindSignPrivateKey *bsign_priv_key;
+
+};
+
+
+/**
+ * @brief Blinded planchet send to exchange for blind signing.
+ */
+struct TALER_BlindedPlanchet
+{
+ /**
+ * A blinded message.
+ */
+ struct GNUNET_CRYPTO_BlindedMessage *blinded_message;
+
+};
+
+
+/**
+ * @brief Public information about a coin (including the public key
+ * of the coin, the denomination key and the signature with
+ * the denomination key).
+ */
+struct TALER_CoinPublicInfo
+{
+ /**
+ * The coin's public key.
+ */
+ struct TALER_CoinSpendPublicKeyP coin_pub;
+
+ /**
+ * Hash of the public key representing the denomination of the coin that is
+ * being deposited.
+ */
+ struct TALER_DenominationHashP denom_pub_hash;
+
+ /**
+ * Hash of the age commitment. If no age commitment was provided, it must be
+ * set to all zeroes.
+ */
+ struct TALER_AgeCommitmentHash h_age_commitment;
+
+ /**
+ * True, if age commitment is not applicable.
+ */
+ bool no_age_commitment;
+
+ /**
+ * (Unblinded) signature over @e coin_pub with @e denom_pub,
+ * which demonstrates that the coin is valid.
+ */
+ struct TALER_DenominationSignature denom_sig;
+};
+
+
+/**
+ * Details for one of the /deposit operations that the
+ * exchange combined into a single wire transfer.
+ */
+struct TALER_TrackTransferDetails
+{
+ /**
+ * Hash of the proposal data.
+ */
+ struct TALER_PrivateContractHashP h_contract_terms;
+
+ /**
+ * Which coin was deposited?
+ */
+ struct TALER_CoinSpendPublicKeyP coin_pub;
+
+ /**
+ * Value of the deposit (including fee).
+ */
+ struct TALER_Amount coin_value;
+
+ /**
+ * Fee charged by the exchange for the deposit.
+ */
+ struct TALER_Amount coin_fee;
+
+};
+
+
+/**
+ * @brief Inputs needed from the exchange for blind signing.
+ */
+struct TALER_ExchangeWithdrawValues
+{
+
+ /**
+ * Input values.
+ */
+ struct GNUNET_CRYPTO_BlindingInputValues *blinding_inputs;
+};
+
+
+/**
+ * Return the alg value singleton for creation of
+ * blinding secrets for RSA.
+ *
+ * @return singleton to use for RSA blinding
+ */
+const struct TALER_ExchangeWithdrawValues *
+TALER_denom_ewv_rsa_singleton (void);
+
+
+/**
+ * Make a (deep) copy of the given @a bi_src to
+ * @a bi_dst.
+ *
+ * @param[out] bi_dst target to copy to
+ * @param bi_src blinding input values to copy
+ */
+void
+TALER_denom_ewv_deep_copy (
+ struct TALER_ExchangeWithdrawValues *bi_dst,
+ const struct TALER_ExchangeWithdrawValues *bi_src);
+
+
+/**
+ * Create private key for a Taler coin.
+ * @param ps planchet secret to derive coin priv key
+ * @param alg_values includes algorithm specific values
+ * @param[out] coin_priv private key to initialize
+ */
+void
+TALER_planchet_setup_coin_priv (
+ const struct TALER_PlanchetMasterSecretP *ps,
+ const struct TALER_ExchangeWithdrawValues *alg_values,
+ struct TALER_CoinSpendPrivateKeyP *coin_priv);
+
+
+/**
+ * @brief Method to derive withdraw /csr nonce
+ *
+ * @param ps planchet secrets of the coin
+ * @param[out] nonce withdraw nonce included in the request to generate R_0
and R_1
+ */
+void
+TALER_cs_withdraw_nonce_derive (
+ const struct TALER_PlanchetMasterSecretP *ps,
+ struct GNUNET_CRYPTO_CsSessionNonce *nonce);
+
+
+/**
+ * @brief Method to derive /csr nonce
+ * to be used during refresh/melt operation.
+ *
+ * @param rms secret input for the refresh operation
+ * @param idx index of the fresh coin
+ * @param[out] nonce set to nonce included in the request to generate R_0 and
R_1
+ */
+void
+TALER_cs_refresh_nonce_derive (
+ const struct TALER_RefreshMasterSecretP *rms,
+ uint32_t idx,
+ struct GNUNET_CRYPTO_CsSessionNonce *nonce);
+
+
+/**
+ * Initialize denomination public-private key pair.
+ *
+ * For #GNUNET_CRYPTO_BSA_RSA, an additional "unsigned int"
+ * argument with the number of bits for 'n' (e.g. 2048) must
+ * be passed.
+ *
+ * @param[out] denom_priv where to write the private key
+ * @param[out] denom_pub where to write the public key
+ * @param cipher which type of cipher to use
+ * @param ... RSA key size (eg. 2048/3072/4096)
+ * @return #GNUNET_OK on success, #GNUNET_NO if parameters were invalid
+ */
+enum GNUNET_GenericReturnValue
+TALER_denom_priv_create (struct TALER_DenominationPrivateKey *denom_priv,
+ struct TALER_DenominationPublicKey *denom_pub,
+ enum GNUNET_CRYPTO_BlindSignatureAlgorithm cipher,
+ ...);
+
+
+/**
+ * Free internals of @a denom_pub, but not @a denom_pub itself.
+ *
+ * @param[in] denom_pub key to free
+ */
+void
+TALER_denom_pub_free (struct TALER_DenominationPublicKey *denom_pub);
+
+
+/**
+ * Free internals of @a ewv, but not @a ewv itself.
+ *
+ * @param[in] ewv input values to free
+ */
+void
+TALER_denom_ewv_free (struct TALER_ExchangeWithdrawValues *ewv);
+
+
+/**
+ * Free internals of @a denom_priv, but not @a denom_priv itself.
+ *
+ * @param[in] denom_priv key to free
+ */
+void
+TALER_denom_priv_free (struct TALER_DenominationPrivateKey *denom_priv);
+
+
+/**
+ * Free internals of @a denom_sig, but not @a denom_sig itself.
+ *
+ * @param[in] denom_sig signature to free
+ */
+void
+TALER_denom_sig_free (struct TALER_DenominationSignature *denom_sig);
+
+
+/**
+ * Blind coin for blind signing with @a dk using blinding secret @a coin_bks.
+ *
+ * NOTE: As a particular oddity, the @a blinded_planchet is only partially
+ * initialized by this function in the case of CS-denominations. Here, the
+ * 'nonce' must be initialized separately!
+ *
+ * @param dk denomination public key to blind for
+ * @param coin_bks blinding secret to use
+ * @param nonce nonce used to derive session values,
+ * could be NULL for ciphers that do not use it
+ * @param age_commitment_hash hash of the age commitment to be used for the
coin. NULL if no commitment is made.
+ * @param coin_pub public key of the coin to blind
+ * @param alg_values algorithm specific values to blind the planchet
+ * @param[out] c_hash resulting hashed coin
+ * @param[out] blinded_planchet planchet data to initialize
+ * @return #GNUNET_OK on success
+ */
+enum GNUNET_GenericReturnValue
+TALER_denom_blind (const struct TALER_DenominationPublicKey *dk,
+ const union GNUNET_CRYPTO_BlindingSecretP *coin_bks,
+ const union GNUNET_CRYPTO_BlindSessionNonce *nonce,
+ const struct TALER_AgeCommitmentHash *age_commitment_hash,
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ const struct TALER_ExchangeWithdrawValues *alg_values,
+ struct TALER_CoinPubHashP *c_hash,
+ struct TALER_BlindedPlanchet *blinded_planchet);
+
+
+/**
+ * Create blinded signature.
+ *
+ * @param[out] denom_sig where to write the signature
+ * @param denom_priv private key to use for signing
+ * @param for_melt true to use the HKDF for melt
+ * @param blinded_planchet the planchet already blinded
+ * @return #GNUNET_OK on success
+ */
+enum GNUNET_GenericReturnValue
+TALER_denom_sign_blinded (struct TALER_BlindedDenominationSignature *denom_sig,
+ const struct TALER_DenominationPrivateKey
*denom_priv,
+ bool for_melt,
+ const struct TALER_BlindedPlanchet
*blinded_planchet);
+
+
+/**
+ * Unblind blinded signature.
+ *
+ * @param[out] denom_sig where to write the unblinded signature
+ * @param bdenom_sig the blinded signature
+ * @param bks blinding secret to use
+ * @param c_hash hash of the coin's public key for verification of the
signature
+ * @param alg_values algorithm specific values
+ * @param denom_pub public key used for signing
+ * @return #GNUNET_OK on success
+ */
+enum GNUNET_GenericReturnValue
+TALER_denom_sig_unblind (
+ struct TALER_DenominationSignature *denom_sig,
+ const struct TALER_BlindedDenominationSignature *bdenom_sig,
+ const union GNUNET_CRYPTO_BlindingSecretP *bks,
+ const struct TALER_CoinPubHashP *c_hash,
+ const struct TALER_ExchangeWithdrawValues *alg_values,
+ const struct TALER_DenominationPublicKey *denom_pub);
+
+
+/**
+ * Free internals of @a denom_sig, but not @a denom_sig itself.
+ *
+ * @param[in] denom_sig signature to free
+ */
+void
+TALER_blinded_denom_sig_free (
+ struct TALER_BlindedDenominationSignature *denom_sig);
+
+
+/**
+ * Compute the hash of the given @a denom_pub.
+ *
+ * @param denom_pub public key to hash
+ * @param[out] denom_hash resulting hash value
+ */
+void
+TALER_denom_pub_hash (const struct TALER_DenominationPublicKey *denom_pub,
+ struct TALER_DenominationHashP *denom_hash);
+
+
+/**
+ * Make a (deep) copy of the given @a denom_src to
+ * @a denom_dst.
+ *
+ * @param[out] denom_dst target to copy to
+ * @param denom_src public key to copy
+ */
+void
+TALER_denom_pub_deep_copy (struct TALER_DenominationPublicKey *denom_dst,
+ const struct TALER_DenominationPublicKey
*denom_src);
+
+
+/**
+ * Make a (deep) copy of the given @a denom_src to
+ * @a denom_dst.
+ *
+ * @param[out] denom_dst target to copy to
+ * @param denom_src public key to copy
+ */
+void
+TALER_denom_sig_deep_copy (struct TALER_DenominationSignature *denom_dst,
+ const struct TALER_DenominationSignature
*denom_src);
+
+
+/**
+ * Make a (deep) copy of the given @a denom_src to
+ * @a denom_dst.
+ *
+ * @param[out] denom_dst target to copy to
+ * @param denom_src public key to copy
+ */
+void
+TALER_blinded_denom_sig_deep_copy (
+ struct TALER_BlindedDenominationSignature *denom_dst,
+ const struct TALER_BlindedDenominationSignature *denom_src);
+
+
+/**
+ * Compare two denomination public keys.
+ *
+ * @param denom1 first key
+ * @param denom2 second key
+ * @return 0 if the keys are equal, otherwise -1 or 1
+ */
+int
+TALER_denom_pub_cmp (const struct TALER_DenominationPublicKey *denom1,
+ const struct TALER_DenominationPublicKey *denom2);
+
+
+/**
+ * Compare two denomination signatures.
+ *
+ * @param sig1 first signature
+ * @param sig2 second signature
+ * @return 0 if the keys are equal, otherwise -1 or 1
+ */
+int
+TALER_denom_sig_cmp (const struct TALER_DenominationSignature *sig1,
+ const struct TALER_DenominationSignature *sig2);
+
+
+/**
+ * Compare two blinded denomination signatures.
+ *
+ * @param sig1 first signature
+ * @param sig2 second signature
+ * @return 0 if the keys are equal, otherwise -1 or 1
+ */
+int
+TALER_blinded_denom_sig_cmp (
+ const struct TALER_BlindedDenominationSignature *sig1,
+ const struct TALER_BlindedDenominationSignature *sig2);
+
+
+/**
+ * Compare two blinded planchets.
+ *
+ * @param bp1 first blinded planchet
+ * @param bp2 second blinded planchet
+ * @return 0 if the keys are equal, otherwise -1 or 1
+ */
+int
+TALER_blinded_planchet_cmp (
+ const struct TALER_BlindedPlanchet *bp1,
+ const struct TALER_BlindedPlanchet *bp2);
+
+
+/**
+ * Verify signature made with a denomination public key
+ * over a coin.
+ *
+ * @param denom_pub public denomination key
+ * @param denom_sig signature made with the private key
+ * @param c_hash hash over the coin
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_denom_pub_verify (const struct TALER_DenominationPublicKey *denom_pub,
+ const struct TALER_DenominationSignature *denom_sig,
+ const struct TALER_CoinPubHashP *c_hash);
+
+
+/**
+ * Encrypts KYC attributes for storage in the database.
+ *
+ * @param key encryption key to use
+ * @param attr set of attributes to encrypt
+ * @param[out] enc_attr encrypted attribute data
+ * @param[out] enc_attr_size number of bytes in @a enc_attr
+ */
+void
+TALER_CRYPTO_kyc_attributes_encrypt (
+ const struct TALER_AttributeEncryptionKeyP *key,
+ const json_t *attr,
+ void **enc_attr,
+ size_t *enc_attr_size);
+
+
+/**
+ * Encrypts KYC attributes for storage in the database.
+ *
+ * @param key encryption key to use
+ * @param enc_attr encrypted attribute data
+ * @param enc_attr_size number of bytes in @a enc_attr
+ * @return set of decrypted attributes, NULL on failure
+ */
+json_t *
+TALER_CRYPTO_kyc_attributes_decrypt (
+ const struct TALER_AttributeEncryptionKeyP *key,
+ const void *enc_attr,
+ size_t enc_attr_size);
+
+
+/**
+ * Takes a set of KYC attributes and extracts key
+ * data that we use to detect similar / duplicate
+ * entries in the database.
+ *
+ * @param attr set of KYC attributes
+ * @param[out] kyc_prox set to the proximity hash
+ */
+void
+TALER_CRYPTO_attributes_to_kyc_prox (
+ const json_t *attr,
+ struct GNUNET_ShortHashCode *kyc_prox);
+
+
+/**
+ * Check if a coin is valid; that is, whether the denomination key exists,
+ * is not expired, and the signature is correct.
+ *
+ * @param coin_public_info the coin public info to check for validity
+ * @param denom_pub denomination key, must match @a coin_public_info's
`denom_pub_hash`
+ * @return #GNUNET_YES if the coin is valid,
+ * #GNUNET_NO if it is invalid
+ * #GNUNET_SYSERR if an internal error occurred
+ */
+enum GNUNET_GenericReturnValue
+TALER_test_coin_valid (const struct TALER_CoinPublicInfo *coin_public_info,
+ const struct TALER_DenominationPublicKey *denom_pub);
+
+
+/**
+ * Compute the hash of a blinded coin.
+ *
+ * @param blinded_planchet blinded planchet
+ * @param denom_hash hash of the denomination publick key
+ * @param[out] bch where to write the hash
+ * @return #GNUNET_OK when successful, #GNUNET_SYSERR if an internal error
occurred
+ */
+enum GNUNET_GenericReturnValue
+TALER_coin_ev_hash (const struct TALER_BlindedPlanchet *blinded_planchet,
+ const struct TALER_DenominationHashP *denom_hash,
+ struct TALER_BlindedCoinHashP *bch);
+
+
+/**
+ * Compute the hash of a coin.
+ *
+ * @param coin_pub public key of the coin
+ * @param age_commitment_hash hash of the age commitment vector. NULL, if no
age commitment was set
+ * @param[out] coin_h where to write the hash
+ */
+void
+TALER_coin_pub_hash (const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ const struct TALER_AgeCommitmentHash *age_commitment_hash,
+ struct TALER_CoinPubHashP *coin_h);
+
+
+/**
+ * Compute the hash of a payto URI.
+ *
+ * @param payto URI to hash
+ * @param[out] h_payto where to write the hash
+ */
+void
+TALER_payto_hash (const char *payto,
+ struct TALER_PaytoHashP *h_payto);
+
+
+/**
+ * Details about a planchet that the customer wants to obtain
+ * a withdrawal authorization. This is the information that
+ * will need to be sent to the exchange to obtain the blind
+ * signature required to turn a planchet into a coin.
+ */
+struct TALER_PlanchetDetail
+{
+ /**
+ * Hash of the denomination public key.
+ */
+ struct TALER_DenominationHashP denom_pub_hash;
+
+ /**
+ * The blinded planchet
+ */
+ struct TALER_BlindedPlanchet blinded_planchet;
+};
+
+
+/**
+ * Information about a (fresh) coin, returned from the API when we
+ * finished creating a coin. Note that @e sig needs to be freed
+ * using the appropriate code.
+ */
+struct TALER_FreshCoin
+{
+
+ /**
+ * The exchange's signature over the coin's public key.
+ */
+ struct TALER_DenominationSignature sig;
+
+ /**
+ * The coin's private key.
+ */
+ struct TALER_CoinSpendPrivateKeyP coin_priv;
+
+ /**
+ * Optional hash of an age commitment bound to this coin, maybe NULL.
+ */
+ const struct TALER_AgeCommitmentHash *h_age_commitment;
+};
+
+
+GNUNET_NETWORK_STRUCT_BEGIN
+
+/**
+ * @brief Secret used to decrypt the key to decrypt link secrets.
+ */
+struct TALER_TransferSecretP
+{
+ /**
+ * Secret used to derive private inputs for refreshed coins.
+ * Must be (currently) a hash as this is what
+ * GNUNET_CRYPTO_ecc_ecdh() returns to us.
+ */
+ struct GNUNET_HashCode key;
+};
+
+
+/**
+ * Length of the raw value in the Taler wire transfer identifier
+ * (in binary representation).
+ */
+#define TALER_BANK_TRANSFER_IDENTIFIER_LEN 32
+
+/**
+ * #TALER_BANK_TRANSFER_IDENTIFIER_LEN as a string.
+ */
+#define TALER_BANK_TRANSFER_IDENTIFIER_LEN_STR "32"
+
+
+/**
+ * Raw value of a wire transfer subjects, without the checksum.
+ */
+struct TALER_WireTransferIdentifierRawP
+{
+
+ /**
+ * Raw value. Note that typical payment systems (SEPA, ACH) support
+ * at least two lines of 27 ASCII characters to encode a transaction
+ * subject or "details", for a total of 54 characters. (The payment
+ * system protocols often support more lines, but the forms presented
+ * to customers are usually limited to 54 characters.)
+ *
+ * With a Base32-encoding of 5 bit per character, this gives us 270
+ * bits or (rounded down) 33 bytes. So we use the first 32 bytes to
+ * encode the actual value (i.e. a 256-bit / 32-byte public key or
+ * a hash code), and the last byte for a minimalistic checksum.
+ */
+ uint8_t raw[TALER_BANK_TRANSFER_IDENTIFIER_LEN];
+};
+
+
+/**
+ * Raw value of a wire transfer subject for a wad.
+ */
+struct TALER_WadIdentifierP
+{
+
+ /**
+ * Wad identifier, in binary encoding.
+ */
+ uint8_t raw[24];
+};
+
+
+/**
+ * Binary information encoded in Crockford's Base32 in wire transfer
+ * subjects of transfers from Taler to a merchant. The actual value
+ * is chosen by the exchange and has no particular semantics, other than
+ * being unique so that the exchange can lookup details about the wire
+ * transfer when needed.
+ */
+struct TALER_WireTransferIdentifierP
+{
+
+ /**
+ * Raw value.
+ */
+ struct TALER_WireTransferIdentifierRawP raw;
+
+ /**
+ * Checksum using CRC8 over the @e raw data.
+ */
+ uint8_t crc8;
+};
+
+
+GNUNET_NETWORK_STRUCT_END
+
+
+/**
+ * Setup information for a fresh coin, deriving the coin planchet secrets from
+ * which we will later derive the private key and the blinding factor. The
+ * planchet secrets derivation is based on the @a secret_seed with a KDF
+ * salted by the @a coin_num_salt.
+ *
+ * @param secret_seed seed to use for KDF to derive coin keys
+ * @param coin_num_salt number of the coin to include in KDF
+ * @param[out] ps value to initialize
+ */
+void
+TALER_transfer_secret_to_planchet_secret (
+ const struct TALER_TransferSecretP *secret_seed,
+ uint32_t coin_num_salt,
+ struct TALER_PlanchetMasterSecretP *ps);
+
+
+/**
+ * Derive the @a coin_num transfer private key @a tpriv from a refresh from
+ * the @a rms seed and the @a old_coin_pub of the refresh operation. The
+ * transfer private key derivation is based on the @a ps with a KDF salted by
+ * the @a coin_num.
+ *
+ * @param rms seed to use for KDF to derive transfer keys
+ * @param old_coin_priv private key of the old coin
+ * @param cnc_num cut and choose number to include in KDF
+ * @param[out] tpriv value to initialize
+ */
+void
+TALER_planchet_secret_to_transfer_priv (
+ const struct TALER_RefreshMasterSecretP *rms,
+ const struct TALER_CoinSpendPrivateKeyP *old_coin_priv,
+ uint32_t cnc_num,
+ struct TALER_TransferPrivateKeyP *tpriv);
+
+
+/**
+ * Setup secret seed information for fresh coins to be
+ * withdrawn.
+ *
+ * @param[out] ps value to initialize
+ */
+void
+TALER_planchet_master_setup_random (
+ struct TALER_PlanchetMasterSecretP *ps);
+
+
+/**
+ * Setup secret seed for fresh coins to be refreshed.
+ *
+ * @param[out] rms value to initialize
+ */
+void
+TALER_refresh_master_setup_random (
+ struct TALER_RefreshMasterSecretP *rms);
+
+
+/**
+ * Create a blinding secret @a bks given the client's @a ps and the alg_values
+ * from the exchange.
+ *
+ * @param ps secret to derive blindings from
+ * @param alg_values withdraw values containing cipher and additional CS values
+ * @param[out] bks blinding secrets
+ */
+void
+TALER_planchet_blinding_secret_create (
+ const struct TALER_PlanchetMasterSecretP *ps,
+ const struct TALER_ExchangeWithdrawValues *alg_values,
+ union GNUNET_CRYPTO_BlindingSecretP *bks);
+
+
+/**
+ * Prepare a planchet for withdrawal. Creates and blinds a coin.
+ *
+ * @param dk denomination key for the coin to be created
+ * @param alg_values algorithm specific values
+ * @param bks blinding secrets
+ * @param nonce session nonce used to get @a alg_values
+ * @param coin_priv coin private key
+ * @param ach hash of age commitment to bind to this coin, maybe NULL
+ * @param[out] c_hash set to the hash of the public key of the coin (needed
later)
+ * @param[out] pd set to the planchet detail for TALER_MERCHANT_tip_pickup()
and
+ * other withdraw operations, `pd->blinded_planchet.cipher` will
be set
+ * to cipher from @a dk
+ * @return #GNUNET_OK on success
+ */
+enum GNUNET_GenericReturnValue
+TALER_planchet_prepare (
+ const struct TALER_DenominationPublicKey *dk,
+ const struct TALER_ExchangeWithdrawValues *alg_values,
+ const union GNUNET_CRYPTO_BlindingSecretP *bks,
+ const union GNUNET_CRYPTO_BlindSessionNonce *nonce,
+ const struct TALER_CoinSpendPrivateKeyP *coin_priv,
+ const struct TALER_AgeCommitmentHash *ach,
+ struct TALER_CoinPubHashP *c_hash,
+ struct TALER_PlanchetDetail *pd);
+
+
+/**
+ * Frees blinded message inside blinded planchet depending on
`blinded_planchet->cipher`.
+ * Does not free the @a blinded_planchet itself!
+ *
+ * @param[in] blinded_planchet blinded planchet
+ */
+void
+TALER_blinded_planchet_free (struct TALER_BlindedPlanchet *blinded_planchet);
+
+
+/**
+ * Frees blinded message inside planchet detail @a pd.
+ *
+ * @param[in] pd planchet detail to free
+ */
+void
+TALER_planchet_detail_free (struct TALER_PlanchetDetail *pd);
+
+
+/**
+ * Obtain a coin from the planchet's secrets and the blind signature
+ * of the exchange.
+ *
+ * @param dk denomination key, must match what was given to
#TALER_planchet_prepare()
+ * @param blind_sig blind signature from the exchange
+ * @param bks blinding key secret
+ * @param coin_priv private key of the coin
+ * @param ach hash of age commitment that is bound to this coin, maybe NULL
+ * @param c_hash hash of the coin's public key for verification of the
signature
+ * @param alg_values values obtained from the exchange for the withdrawal
+ * @param[out] coin set to the details of the fresh coin
+ * @return #GNUNET_OK on success
+ */
+enum GNUNET_GenericReturnValue
+TALER_planchet_to_coin (
+ const struct TALER_DenominationPublicKey *dk,
+ const struct TALER_BlindedDenominationSignature *blind_sig,
+ const union GNUNET_CRYPTO_BlindingSecretP *bks,
+ const struct TALER_CoinSpendPrivateKeyP *coin_priv,
+ const struct TALER_AgeCommitmentHash *ach,
+ const struct TALER_CoinPubHashP *c_hash,
+ const struct TALER_ExchangeWithdrawValues *alg_values,
+ struct TALER_FreshCoin *coin);
+
+
+/**
+ * Add the hash of the @a bp (in some canonicalized form)
+ * to the @a hash_context.
+ *
+ * @param bp blinded planchet to hash
+ * @param[in,out] hash_context hash context to use
+ */
+void
+TALER_blinded_planchet_hash_ (const struct TALER_BlindedPlanchet *bp,
+ struct GNUNET_HashContext *hash_context);
+
+
+/**
+ * Given the coin and the transfer private keys, compute the
+ * transfer secret. (Technically, we only need one of the two
+ * private keys, but the caller currently trivially only has
+ * the two private keys, so we derive one of the public keys
+ * internally to this function.)
+ *
+ * @param coin_priv coin key
+ * @param trans_priv transfer private key
+ * @param[out] ts computed transfer secret
+ */
+void
+TALER_link_derive_transfer_secret (
+ const struct TALER_CoinSpendPrivateKeyP *coin_priv,
+ const struct TALER_TransferPrivateKeyP *trans_priv,
+ struct TALER_TransferSecretP *ts);
+
+
+/**
+ * Decrypt the shared @a secret from the information in the
+ * @a trans_priv and @a coin_pub.
+ *
+ * @param trans_priv transfer private key
+ * @param coin_pub coin public key
+ * @param[out] transfer_secret set to the shared secret
+ */
+void
+TALER_link_reveal_transfer_secret (
+ const struct TALER_TransferPrivateKeyP *trans_priv,
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ struct TALER_TransferSecretP *transfer_secret);
+
+
+/**
+ * Decrypt the shared @a secret from the information in the
+ * @a trans_priv and @a coin_pub.
+ *
+ * @param trans_pub transfer private key
+ * @param coin_priv coin public key
+ * @param[out] transfer_secret set to the shared secret
+ */
+void
+TALER_link_recover_transfer_secret (
+ const struct TALER_TransferPublicKeyP *trans_pub,
+ const struct TALER_CoinSpendPrivateKeyP *coin_priv,
+ struct TALER_TransferSecretP *transfer_secret);
+
+
+/**
+ * Information about a coin to be created during a refresh operation.
+ */
+struct TALER_RefreshCoinData
+{
+
+ /**
+ * The denomination's public key.
+ */
+ const struct TALER_DenominationPublicKey *dk;
+
+ /**
+ * The blinded planchet (details depend on cipher).
+ */
+ struct TALER_BlindedPlanchet blinded_planchet;
+
+};
+
+
+/**
+ * One of the #TALER_CNC_KAPPA commitments.
+ */
+struct TALER_RefreshCommitmentEntry
+{
+ /**
+ * Transfer public key of this commitment.
+ */
+ struct TALER_TransferPublicKeyP transfer_pub;
+
+ /**
+ * Array of @e num_new_coins new coins to be created.
+ */
+ struct TALER_RefreshCoinData *new_coins;
+};
+
+
+/**
+ * Compute the commitment for a /refresh/melt operation from
+ * the respective public inputs.
+ *
+ * @param[out] rc set to the value the wallet must commit to
+ * @param kappa number of transfer public keys involved (must be
#TALER_CNC_KAPPA)
+ * @param rms refresh master secret to include, can be NULL!
+ * @param num_new_coins number of new coins to be created
+ * @param rcs array of @a kappa commitments
+ * @param coin_pub public key of the coin to be melted
+ * @param amount_with_fee amount to be melted, including fee
+ */
+void
+TALER_refresh_get_commitment (struct TALER_RefreshCommitmentP *rc,
+ uint32_t kappa,
+ const struct TALER_RefreshMasterSecretP *rms,
+ uint32_t num_new_coins,
+ const struct TALER_RefreshCommitmentEntry *rcs,
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ const struct TALER_Amount *amount_with_fee);
+
+
+/**
+ * Encrypt contract for transmission to a party that will
+ * merge it into a reserve.
+ *
+ * @param purse_pub public key of the purse
+ * @param contract_priv private key of the contract
+ * @param merge_priv merge capability to include
+ * @param contract_terms contract terms to encrypt
+ * @param[out] econtract set to encrypted contract
+ * @param[out] econtract_size set to number of bytes in @a econtract
+ */
+void
+TALER_CRYPTO_contract_encrypt_for_merge (
+ const struct TALER_PurseContractPublicKeyP *purse_pub,
+ const struct TALER_ContractDiffiePrivateP *contract_priv,
+ const struct TALER_PurseMergePrivateKeyP *merge_priv,
+ const json_t *contract_terms,
+ void **econtract,
+ size_t *econtract_size);
+
+
+/**
+ * Decrypt contract for the party that will
+ * merge it into a reserve.
+ *
+ * @param purse_pub public key of the purse
+ * @param contract_priv private key of the contract
+ * @param econtract encrypted contract
+ * @param econtract_size number of bytes in @a econtract
+ * @param[out] merge_priv set to merge capability
+ * @return decrypted contract terms, or NULL on failure
+ */
+json_t *
+TALER_CRYPTO_contract_decrypt_for_merge (
+ const struct TALER_ContractDiffiePrivateP *contract_priv,
+ const struct TALER_PurseContractPublicKeyP *purse_pub,
+ const void *econtract,
+ size_t econtract_size,
+ struct TALER_PurseMergePrivateKeyP *merge_priv);
+
+
+/**
+ * Encrypt contract for transmission to a party that will
+ * pay for it.
+ *
+ * @param purse_pub public key of the purse
+ * @param contract_priv private key of the contract
+ * @param contract_terms contract terms to encrypt
+ * @param[out] econtract set to encrypted contract
+ * @param[out] econtract_size set to number of bytes in @a econtract
+ */
+void
+TALER_CRYPTO_contract_encrypt_for_deposit (
+ const struct TALER_PurseContractPublicKeyP *purse_pub,
+ const struct TALER_ContractDiffiePrivateP *contract_priv,
+ const json_t *contract_terms,
+ void **econtract,
+ size_t *econtract_size);
+
+
+/**
+ * Decrypt contract for the party that will pay for it.
+ *
+ * @param contract_priv private key of the contract
+ * @param econtract encrypted contract
+ * @param econtract_size number of bytes in @a econtract
+ * @return decrypted contract terms, or NULL on failure
+ */
+json_t *
+TALER_CRYPTO_contract_decrypt_for_deposit (
+ const struct TALER_ContractDiffiePrivateP *contract_priv,
+ const void *econtract,
+ size_t econtract_size);
+
+
+/* **************** AML officer signatures **************** */
+
+/**
+ * Sign AML query. Simple authentication, doesn't actually
+ * sign anything.
+ *
+ * @param officer_priv private key of AML officer
+ * @param[out] officer_sig where to write the signature
+ */
+void
+TALER_officer_aml_query_sign (
+ const struct TALER_AmlOfficerPrivateKeyP *officer_priv,
+ struct TALER_AmlOfficerSignatureP *officer_sig);
+
+
+/**
+ * Verify AML query authorization.
+ *
+ * @param officer_pub public key of AML officer
+ * @param officer_sig signature to verify
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_officer_aml_query_verify (
+ const struct TALER_AmlOfficerPublicKeyP *officer_pub,
+ const struct TALER_AmlOfficerSignatureP *officer_sig);
+
+
+/**
+ * Sign AML decision.
+ *
+ * @param justification human-readable justification
+ * @param decision_time when was the decision made
+ * @param new_threshold at what monthly amount threshold
+ * should a revision be triggered
+ * @param h_payto payto URI hash of the account the
+ * decision is about
+ * @param new_state updated AML state
+ * @param kyc_requirements additional KYC requirements to
+ * impose, can be NULL
+ * @param officer_priv private key of AML officer
+ * @param[out] officer_sig where to write the signature
+ */
+void
+TALER_officer_aml_decision_sign (
+ const char *justification,
+ struct GNUNET_TIME_Timestamp decision_time,
+ const struct TALER_Amount *new_threshold,
+ const struct TALER_PaytoHashP *h_payto,
+ enum TALER_AmlDecisionState new_state,
+ const json_t *kyc_requirements,
+ const struct TALER_AmlOfficerPrivateKeyP *officer_priv,
+ struct TALER_AmlOfficerSignatureP *officer_sig);
+
+
+/**
+ * Verify AML decision.
+ *
+ * @param justification human-readable justification
+ * @param decision_time when was the decision made
+ * @param new_threshold at what monthly amount threshold
+ * should a revision be triggered
+ * @param h_payto payto URI hash of the account the
+ * decision is about
+ * @param new_state updated AML state
+ * @param kyc_requirements additional KYC requirements to
+ * impose, can be NULL
+ * @param officer_pub public key of AML officer
+ * @param officer_sig signature to verify
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_officer_aml_decision_verify (
+ const char *justification,
+ struct GNUNET_TIME_Timestamp decision_time,
+ const struct TALER_Amount *new_threshold,
+ const struct TALER_PaytoHashP *h_payto,
+ enum TALER_AmlDecisionState new_state,
+ const json_t *kyc_requirements,
+ const struct TALER_AmlOfficerPublicKeyP *officer_pub,
+ const struct TALER_AmlOfficerSignatureP *officer_sig);
+
+
+/* **************** Helper-based RSA operations **************** */
+
+/**
+ * Handle for talking to an Denomination key signing helper.
+ */
+struct TALER_CRYPTO_RsaDenominationHelper;
+
+/**
+ * Function called with information about available keys for signing. Usually
+ * only called once per key upon connect. Also called again in case a key is
+ * being revoked, in that case with an @a end_time of zero.
+ *
+ * @param cls closure
+ * @param section_name name of the denomination type in the configuration;
+ * NULL if the key has been revoked or purged
+ * @param start_time when does the key become available for signing;
+ * zero if the key has been revoked or purged
+ * @param validity_duration how long does the key remain available for signing;
+ * zero if the key has been revoked or purged
+ * @param h_rsa hash of the RSA @a denom_pub that is available (or was purged)
+ * @param denom_pub the public key itself, NULL if the key was revoked or
purged
+ * @param sm_pub public key of the security module, NULL if the key was
revoked or purged
+ * @param sm_sig signature from the security module, NULL if the key was
revoked or purged
+ * The signature was already verified against @a sm_pub.
+ */
+typedef void
+(*TALER_CRYPTO_RsaDenominationKeyStatusCallback)(
+ void *cls,
+ const char *section_name,
+ struct GNUNET_TIME_Timestamp start_time,
+ struct GNUNET_TIME_Relative validity_duration,
+ const struct TALER_RsaPubHashP *h_rsa,
+ struct GNUNET_CRYPTO_BlindSignPublicKey *bs_pub,
+ const struct TALER_SecurityModulePublicKeyP *sm_pub,
+ const struct TALER_SecurityModuleSignatureP *sm_sig);
+
+
+/**
+ * Initiate connection to an denomination key helper.
+ *
+ * @param cfg configuration to use
+ * @param dkc function to call with key information
+ * @param dkc_cls closure for @a dkc
+ * @return NULL on error (such as bad @a cfg).
+ */
+struct TALER_CRYPTO_RsaDenominationHelper *
+TALER_CRYPTO_helper_rsa_connect (
+ const struct GNUNET_CONFIGURATION_Handle *cfg,
+ TALER_CRYPTO_RsaDenominationKeyStatusCallback dkc,
+ void *dkc_cls);
+
+
+/**
+ * Function to call to 'poll' for updates to the available key material.
+ * Should be called whenever it is important that the key material status is
+ * current, like when handling a "/keys" request. This function basically
+ * briefly checks if there are messages from the helper announcing changes to
+ * denomination keys.
+ *
+ * @param dh helper process connection
+ */
+void
+TALER_CRYPTO_helper_rsa_poll (struct TALER_CRYPTO_RsaDenominationHelper *dh);
+
+
+/**
+ * Information needed for an RSA signature request.
+ */
+struct TALER_CRYPTO_RsaSignRequest
+{
+ /**
+ * Hash of the RSA public key.
+ */
+ const struct TALER_RsaPubHashP *h_rsa;
+
+ /**
+ * Message to be (blindly) signed.
+ */
+ const void *msg;
+
+ /**
+ * Number of bytes in @e msg.
+ */
+ size_t msg_size;
+};
+
+
+/**
+ * Request helper @a dh to sign message in @a rsr using the public key
+ * corresponding to the key in @a rsr.
+ *
+ * This operation will block until the signature has been obtained. Should
+ * this process receive a signal (that is not ignored) while the operation is
+ * pending, the operation will fail. Note that the helper may still believe
+ * that it created the signature. Thus, signals may result in a small
+ * differences in the signature counters. Retrying in this case may work.
+ *
+ * @param dh helper process connection
+ * @param rsr details about the requested signature
+ * @param[out] bs set to the blind signature
+ * @return #TALER_EC_NONE on success
+ */
+enum TALER_ErrorCode
+TALER_CRYPTO_helper_rsa_sign (
+ struct TALER_CRYPTO_RsaDenominationHelper *dh,
+ const struct TALER_CRYPTO_RsaSignRequest *rsr,
+ struct TALER_BlindedDenominationSignature *bs);
+
+
+/**
+ * Request helper @a dh to batch sign messages in @a rsrs using the public key
+ * corresponding to the keys in @a rsrs.
+ *
+ * This operation will block until all the signatures have been obtained.
Should
+ * this process receive a signal (that is not ignored) while the operation is
+ * pending, the operation will fail. Note that the helper may still believe
+ * that it created the signature. Thus, signals may result in a small
+ * differences in the signature counters. Retrying in this case may work.
+ *
+ * Note that in case of errors, the @a bss array may still have been partially
+ * filled with signatures, which in this case must be freed by the caller
+ * (this is in contrast to the #TALER_CRYPTO_helper_rsa_sign() API which never
+ * returns any signatures if there was an error).
+ *
+ * @param dh helper process connection
+ * @param rsrs array with details about the requested signatures
+ * @param rsrs_length length of the @a rsrs array
+ * @param[out] bss array set to the blind signatures, must be of length @a
rsrs_length!
+ * @return #TALER_EC_NONE on success
+ */
+enum TALER_ErrorCode
+TALER_CRYPTO_helper_rsa_batch_sign (
+ struct TALER_CRYPTO_RsaDenominationHelper *dh,
+ unsigned int rsrs_length,
+ const struct TALER_CRYPTO_RsaSignRequest rsrs[static rsrs_length],
+ struct TALER_BlindedDenominationSignature bss[static rsrs_length]);
+
+
+/**
+ * Ask the helper to revoke the public key associated with @a h_denom_pub.
+ * Will cause the helper to tell all clients that the key is now unavailable,
+ * and to create a replacement key.
+ *
+ * This operation will block until the revocation request has been
+ * transmitted. Should this process receive a signal (that is not ignored)
+ * while the operation is pending, the operation may fail. If the key is
+ * unknown, this function will also appear to have succeeded. To be sure that
+ * the revocation worked, clients must watch the denomination key status
+ * callback.
+ *
+ * @param dh helper to process connection
+ * @param h_rsa hash of the RSA public key to revoke
+ */
+void
+TALER_CRYPTO_helper_rsa_revoke (
+ struct TALER_CRYPTO_RsaDenominationHelper *dh,
+ const struct TALER_RsaPubHashP *h_rsa);
+
+
+/**
+ * Close connection to @a dh.
+ *
+ * @param[in] dh connection to close
+ */
+void
+TALER_CRYPTO_helper_rsa_disconnect (
+ struct TALER_CRYPTO_RsaDenominationHelper *dh);
+
+
+/* **************** Helper-based CS operations **************** */
+
+/**
+ * Handle for talking to an Denomination key signing helper.
+ */
+struct TALER_CRYPTO_CsDenominationHelper;
+
+/**
+ * Function called with information about available keys for signing. Usually
+ * only called once per key upon connect. Also called again in case a key is
+ * being revoked, in that case with an @a end_time of zero.
+ *
+ * @param cls closure
+ * @param section_name name of the denomination type in the configuration;
+ * NULL if the key has been revoked or purged
+ * @param start_time when does the key become available for signing;
+ * zero if the key has been revoked or purged
+ * @param validity_duration how long does the key remain available for signing;
+ * zero if the key has been revoked or purged
+ * @param h_cs hash of the CS @a denom_pub that is available (or was purged)
+ * @param bsign_pub the public key itself, NULL if the key was revoked or
purged
+ * @param sm_pub public key of the security module, NULL if the key was
revoked or purged
+ * @param sm_sig signature from the security module, NULL if the key was
revoked or purged
+ * The signature was already verified against @a sm_pub.
+ */
+typedef void
+(*TALER_CRYPTO_CsDenominationKeyStatusCallback)(
+ void *cls,
+ const char *section_name,
+ struct GNUNET_TIME_Timestamp start_time,
+ struct GNUNET_TIME_Relative validity_duration,
+ const struct TALER_CsPubHashP *h_cs,
+ struct GNUNET_CRYPTO_BlindSignPublicKey *bsign_pub,
+ const struct TALER_SecurityModulePublicKeyP *sm_pub,
+ const struct TALER_SecurityModuleSignatureP *sm_sig);
+
+
+/**
+ * Initiate connection to an denomination key helper.
+ *
+ * @param cfg configuration to use
+ * @param dkc function to call with key information
+ * @param dkc_cls closure for @a dkc
+ * @return NULL on error (such as bad @a cfg).
+ */
+struct TALER_CRYPTO_CsDenominationHelper *
+TALER_CRYPTO_helper_cs_connect (
+ const struct GNUNET_CONFIGURATION_Handle *cfg,
+ TALER_CRYPTO_CsDenominationKeyStatusCallback dkc,
+ void *dkc_cls);
+
+
+/**
+ * Function to call to 'poll' for updates to the available key material.
+ * Should be called whenever it is important that the key material status is
+ * current, like when handling a "/keys" request. This function basically
+ * briefly checks if there are messages from the helper announcing changes to
+ * denomination keys.
+ *
+ * @param dh helper process connection
+ */
+void
+TALER_CRYPTO_helper_cs_poll (struct TALER_CRYPTO_CsDenominationHelper *dh);
+
+
+/**
+ * Information about what we should sign over.
+ */
+struct TALER_CRYPTO_CsSignRequest
+{
+ /**
+ * Hash of the CS public key to use to sign.
+ */
+ const struct TALER_CsPubHashP *h_cs;
+
+ /**
+ * Blinded planchet containing c and the nonce.
+ */
+ const struct GNUNET_CRYPTO_CsBlindedMessage *blinded_planchet;
+
+};
+
+
+/**
+ * Request helper @a dh to sign @a req.
+ *
+ * This operation will block until the signature has been obtained. Should
+ * this process receive a signal (that is not ignored) while the operation is
+ * pending, the operation will fail. Note that the helper may still believe
+ * that it created the signature. Thus, signals may result in a small
+ * differences in the signature counters. Retrying in this case may work.
+ *
+ * @param dh helper process connection
+ * @param req information about the key to sign with and the value to sign
+ * @param for_melt true if for melt operation
+ * @param[out] bs set to the blind signature
+ * @return #TALER_EC_NONE on success
+ */
+enum TALER_ErrorCode
+TALER_CRYPTO_helper_cs_sign (
+ struct TALER_CRYPTO_CsDenominationHelper *dh,
+ const struct TALER_CRYPTO_CsSignRequest *req,
+ bool for_melt,
+ struct TALER_BlindedDenominationSignature *bs);
+
+
+/**
+ * Request helper @a dh to sign batch of @a reqs requests.
+ *
+ * This operation will block until the signature has been obtained. Should
+ * this process receive a signal (that is not ignored) while the operation is
+ * pending, the operation will fail. Note that the helper may still believe
+ * that it created the signature. Thus, signals may result in a small
+ * differences in the signature counters. Retrying in this case may work.
+ *
+ * @param dh helper process connection
+ * @param reqs information about the keys to sign with and the values to sign
+ * @param reqs_length length of the @a reqs array
+ * @param for_melt true if this is for a melt operation
+ * @param[out] bss array set to the blind signatures, must be of length @a
reqs_length!
+ * @return #TALER_EC_NONE on success
+ */
+enum TALER_ErrorCode
+TALER_CRYPTO_helper_cs_batch_sign (
+ struct TALER_CRYPTO_CsDenominationHelper *dh,
+ unsigned int reqs_length,
+ const struct TALER_CRYPTO_CsSignRequest reqs[static reqs_length],
+ bool for_melt,
+ struct TALER_BlindedDenominationSignature bss[static reqs_length]);
+
+
+/**
+ * Ask the helper to revoke the public key associated with @a h_cs.
+ * Will cause the helper to tell all clients that the key is now unavailable,
+ * and to create a replacement key.
+ *
+ * This operation will block until the revocation request has been
+ * transmitted. Should this process receive a signal (that is not ignored)
+ * while the operation is pending, the operation may fail. If the key is
+ * unknown, this function will also appear to have succeeded. To be sure that
+ * the revocation worked, clients must watch the denomination key status
+ * callback.
+ *
+ * @param dh helper to process connection
+ * @param h_cs hash of the CS public key to revoke
+ */
+void
+TALER_CRYPTO_helper_cs_revoke (
+ struct TALER_CRYPTO_CsDenominationHelper *dh,
+ const struct TALER_CsPubHashP *h_cs);
+
+
+/**
+ * Information about what we should derive for.
+ */
+struct TALER_CRYPTO_CsDeriveRequest
+{
+ /**
+ * Hash of the CS public key to use to sign.
+ */
+ const struct TALER_CsPubHashP *h_cs;
+
+ /**
+ * Nonce to use for the /csr request.
+ */
+ const struct GNUNET_CRYPTO_CsSessionNonce *nonce;
+};
+
+
+/**
+ * Ask the helper to derive R using the information
+ * from @a cdr.
+ *
+ * This operation will block until the R has been obtained. Should
+ * this process receive a signal (that is not ignored) while the operation is
+ * pending, the operation will fail. Note that the helper may still believe
+ * that it created the signature. Thus, signals may result in a small
+ * differences in the signature counters. Retrying in this case may work.
+ *
+ * @param dh helper to process connection
+ * @param cdr derivation input data
+ * @param for_melt true if this is for a melt operation
+ * @param[out] crp set to the pair of R values
+ * @return set to the error code (or #TALER_EC_NONE on success)
+ */
+enum TALER_ErrorCode
+TALER_CRYPTO_helper_cs_r_derive (
+ struct TALER_CRYPTO_CsDenominationHelper *dh,
+ const struct TALER_CRYPTO_CsDeriveRequest *cdr,
+ bool for_melt,
+ struct GNUNET_CRYPTO_CSPublicRPairP *crp);
+
+
+/**
+ * Ask the helper to derive R using the information from @a cdrs.
+ *
+ * This operation will block until the R has been obtained. Should
+ * this process receive a signal (that is not ignored) while the operation is
+ * pending, the operation will fail. Note that the helper may still believe
+ * that it created the signature. Thus, signals may result in a small
+ * differences in the signature counters. Retrying in this case may work.
+ *
+ * @param dh helper to process connection
+ * @param cdrs_length length of the @a cdrs array
+ * @param cdrs array with derivation input data
+ * @param for_melt true if this is for a melt operation
+ * @param[out] crps array set to the pair of R values, must be of length @a
cdrs_length
+ * @return set to the error code (or #TALER_EC_NONE on success)
+ */
+enum TALER_ErrorCode
+TALER_CRYPTO_helper_cs_r_batch_derive (
+ struct TALER_CRYPTO_CsDenominationHelper *dh,
+ unsigned int cdrs_length,
+ const struct TALER_CRYPTO_CsDeriveRequest cdrs[static cdrs_length],
+ bool for_melt,
+ struct GNUNET_CRYPTO_CSPublicRPairP crps[static cdrs_length]);
+
+
+/**
+ * Close connection to @a dh.
+ *
+ * @param[in] dh connection to close
+ */
+void
+TALER_CRYPTO_helper_cs_disconnect (
+ struct TALER_CRYPTO_CsDenominationHelper *dh);
+
+/**
+ * Handle for talking to an online key signing helper.
+ */
+struct TALER_CRYPTO_ExchangeSignHelper;
+
+/**
+ * Function called with information about available keys for signing. Usually
+ * only called once per key upon connect. Also called again in case a key is
+ * being revoked, in that case with an @a end_time of zero.
+ *
+ * @param cls closure
+ * @param start_time when does the key become available for signing;
+ * zero if the key has been revoked or purged
+ * @param validity_duration how long does the key remain available for signing;
+ * zero if the key has been revoked or purged
+ * @param exchange_pub the public key itself, NULL if the key was revoked or
purged
+ * @param sm_pub public key of the security module, NULL if the key was
revoked or purged
+ * @param sm_sig signature from the security module, NULL if the key was
revoked or purged
+ * The signature was already verified against @a sm_pub.
+ */
+typedef void
+(*TALER_CRYPTO_ExchangeKeyStatusCallback)(
+ void *cls,
+ struct GNUNET_TIME_Timestamp start_time,
+ struct GNUNET_TIME_Relative validity_duration,
+ const struct TALER_ExchangePublicKeyP *exchange_pub,
+ const struct TALER_SecurityModulePublicKeyP *sm_pub,
+ const struct TALER_SecurityModuleSignatureP *sm_sig);
+
+
+/**
+ * Initiate connection to an online signing key helper.
+ *
+ * @param cfg configuration to use
+ * @param ekc function to call with key information
+ * @param ekc_cls closure for @a ekc
+ * @return NULL on error (such as bad @a cfg).
+ */
+struct TALER_CRYPTO_ExchangeSignHelper *
+TALER_CRYPTO_helper_esign_connect (
+ const struct GNUNET_CONFIGURATION_Handle *cfg,
+ TALER_CRYPTO_ExchangeKeyStatusCallback ekc,
+ void *ekc_cls);
+
+
+/**
+ * Function to call to 'poll' for updates to the available key material.
+ * Should be called whenever it is important that the key material status is
+ * current, like when handling a "/keys" request. This function basically
+ * briefly checks if there are messages from the helper announcing changes to
+ * exchange online signing keys.
+ *
+ * @param esh helper process connection
+ */
+void
+TALER_CRYPTO_helper_esign_poll (struct TALER_CRYPTO_ExchangeSignHelper *esh);
+
+
+/**
+ * Request helper @a esh to sign @a msg using the current online
+ * signing key.
+ *
+ * This operation will block until the signature has been obtained. Should
+ * this process receive a signal (that is not ignored) while the operation is
+ * pending, the operation will fail. Note that the helper may still believe
+ * that it created the signature. Thus, signals may result in a small
+ * differences in the signature counters. Retrying in this case may work.
+ *
+ * @param esh helper process connection
+ * @param purpose message to sign (must extend beyond the purpose)
+ * @param[out] exchange_pub set to the public key used for the signature upon
success
+ * @param[out] exchange_sig set to the signature upon success
+ * @return the error code (or #TALER_EC_NONE on success)
+ */
+enum TALER_ErrorCode
+TALER_CRYPTO_helper_esign_sign_ (
+ struct TALER_CRYPTO_ExchangeSignHelper *esh,
+ const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
+ struct TALER_ExchangePublicKeyP *exchange_pub,
+ struct TALER_ExchangeSignatureP *exchange_sig);
+
+
+/**
+ * Request helper @a esh to sign @a msg using the current online
+ * signing key.
+ *
+ * This operation will block until the signature has been obtained. Should
+ * this process receive a signal (that is not ignored) while the operation is
+ * pending, the operation will fail. Note that the helper may still believe
+ * that it created the signature. Thus, signals may result in a small
+ * differences in the signature counters. Retrying in this case may work.
+ *
+ * @param esh helper process connection
+ * @param ps message to sign (MUST begin with a purpose)
+ * @param[out] epub set to the public key used for the signature upon success
+ * @param[out] esig set to the signature upon success
+ * @return the error code (or #TALER_EC_NONE on success)
+ */
+#define TALER_CRYPTO_helper_esign_sign(esh,ps,epub,esig) ( \
+ /* check size is set correctly */ \
+ GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*ps)), \
+ /* check 'ps' begins with the purpose */ \
+ GNUNET_static_assert (((void*) (ps)) == \
+ ((void*) &(ps)->purpose)), \
+ TALER_CRYPTO_helper_esign_sign_ (esh, \
+ &(ps)->purpose, \
+ epub, \
+ esig) )
+
+
+/**
+ * Ask the helper to revoke the public key @a exchange_pub .
+ * Will cause the helper to tell all clients that the key is now unavailable,
+ * and to create a replacement key.
+ *
+ * This operation will block until the revocation request has been
+ * transmitted. Should this process receive a signal (that is not ignored)
+ * while the operation is pending, the operation may fail. If the key is
+ * unknown, this function will also appear to have succeeded. To be sure that
+ * the revocation worked, clients must watch the signing key status callback.
+ *
+ * @param esh helper to process connection
+ * @param exchange_pub the public key to revoke
+ */
+void
+TALER_CRYPTO_helper_esign_revoke (
+ struct TALER_CRYPTO_ExchangeSignHelper *esh,
+ const struct TALER_ExchangePublicKeyP *exchange_pub);
+
+
+/**
+ * Close connection to @a esh.
+ *
+ * @param[in] esh connection to close
+ */
+void
+TALER_CRYPTO_helper_esign_disconnect (
+ struct TALER_CRYPTO_ExchangeSignHelper *esh);
+
+
+/* ********************* wallet signing ************************** */
+
+
+/**
+ * Sign a request to create a purse.
+ *
+ * @param purse_expiration when should the purse expire
+ * @param h_contract_terms contract the two parties agree on
+ * @param merge_pub public key defining the merge capability
+ * @param min_age age restriction to apply for deposits into the purse
+ * @param amount total amount in the purse (including fees)
+ * @param purse_priv key identifying the purse
+ * @param[out] purse_sig resulting signature
+ */
+void
+TALER_wallet_purse_create_sign (
+ struct GNUNET_TIME_Timestamp purse_expiration,
+ const struct TALER_PrivateContractHashP *h_contract_terms,
+ const struct TALER_PurseMergePublicKeyP *merge_pub,
+ uint32_t min_age,
+ const struct TALER_Amount *amount,
+ const struct TALER_PurseContractPrivateKeyP *purse_priv,
+ struct TALER_PurseContractSignatureP *purse_sig);
+
+
+/**
+ * Verify a purse creation request.
+ *
+ * @param purse_expiration when should the purse expire
+ * @param h_contract_terms contract the two parties agree on
+ * @param merge_pub public key defining the merge capability
+ * @param min_age age restriction to apply for deposits into the purse
+ * @param amount total amount in the purse (including fees)
+ * @param purse_pub purse’s public key
+ * @param purse_sig the signature made with purpose
#TALER_SIGNATURE_WALLET_PURSE_CREATE
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_wallet_purse_create_verify (
+ struct GNUNET_TIME_Timestamp purse_expiration,
+ const struct TALER_PrivateContractHashP *h_contract_terms,
+ const struct TALER_PurseMergePublicKeyP *merge_pub,
+ uint32_t min_age,
+ const struct TALER_Amount *amount,
+ const struct TALER_PurseContractPublicKeyP *purse_pub,
+ const struct TALER_PurseContractSignatureP *purse_sig);
+
+
+/**
+ * Sign a request to delete a purse.
+ *
+ * @param purse_priv key identifying the purse
+ * @param[out] purse_sig resulting signature
+ */
+void
+TALER_wallet_purse_delete_sign (
+ const struct TALER_PurseContractPrivateKeyP *purse_priv,
+ struct TALER_PurseContractSignatureP *purse_sig);
+
+
+/**
+ * Verify a purse deletion request.
+ *
+ * @param purse_pub purse’s public key
+ * @param purse_sig the signature made with purpose
#TALER_SIGNATURE_WALLET_PURSE_DELETE
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_wallet_purse_delete_verify (
+ const struct TALER_PurseContractPublicKeyP *purse_pub,
+ const struct TALER_PurseContractSignatureP *purse_sig);
+
+
+/**
+ * Sign a request to upload an encrypted contract.
+ *
+ * @param econtract encrypted contract
+ * @param econtract_size number of bytes in @a econtract
+ * @param contract_pub public key for the DH-encryption
+ * @param purse_priv key identifying the purse
+ * @param[out] purse_sig resulting signature
+ */
+void
+TALER_wallet_econtract_upload_sign (
+ const void *econtract,
+ size_t econtract_size,
+ const struct TALER_ContractDiffiePublicP *contract_pub,
+ const struct TALER_PurseContractPrivateKeyP *purse_priv,
+ struct TALER_PurseContractSignatureP *purse_sig);
+
+
+/**
+ * Verify a signature over encrypted contract.
+ *
+ * @param econtract encrypted contract
+ * @param econtract_size number of bytes in @a econtract
+ * @param contract_pub public key for the DH-encryption
+ * @param purse_pub purse’s public key
+ * @param purse_sig the signature made with purpose
#TALER_SIGNATURE_WALLET_PURSE_CREATE
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_wallet_econtract_upload_verify (
+ const void *econtract,
+ size_t econtract_size,
+ const struct TALER_ContractDiffiePublicP *contract_pub,
+ const struct TALER_PurseContractPublicKeyP *purse_pub,
+ const struct TALER_PurseContractSignatureP *purse_sig);
+
+
+/**
+ * Verify a signature over encrypted contract.
+ *
+ * @param h_econtract hashed encrypted contract
+ * @param contract_pub public key for the DH-encryption
+ * @param purse_pub purse’s public key
+ * @param purse_sig the signature made with purpose
#TALER_SIGNATURE_WALLET_PURSE_CREATE
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_wallet_econtract_upload_verify2 (
+ const struct GNUNET_HashCode *h_econtract,
+ const struct TALER_ContractDiffiePublicP *contract_pub,
+ const struct TALER_PurseContractPublicKeyP *purse_pub,
+ const struct TALER_PurseContractSignatureP *purse_sig);
+
+
+/**
+ * Sign a request to inquire about a purse's status.
+ *
+ * @param purse_priv key identifying the purse
+ * @param[out] purse_sig resulting signature
+ */
+void
+TALER_wallet_purse_status_sign (
+ const struct TALER_PurseContractPrivateKeyP *purse_priv,
+ struct TALER_PurseContractSignatureP *purse_sig);
+
+
+/**
+ * Verify a purse status request signature.
+ *
+ * @param purse_pub purse’s public key
+ * @param purse_sig the signature made with purpose
#TALER_SIGNATURE_WALLET_PURSE_STATUS
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_wallet_purse_status_verify (
+ const struct TALER_PurseContractPublicKeyP *purse_pub,
+ const struct TALER_PurseContractSignatureP *purse_sig);
+
+
+/**
+ * Sign a request to deposit a coin into a purse.
+ *
+ * @param exchange_base_url URL of the exchange hosting the purse
+ * @param purse_pub purse’s public key
+ * @param amount amount of the coin's value to transfer to the purse
+ * @param h_denom_pub hash of the coin's denomination
+ * @param h_age_commitment hash of the coin's age commitment
+ * @param coin_priv key identifying the coin to be deposited
+ * @param[out] coin_sig resulting signature
+ */
+void
+TALER_wallet_purse_deposit_sign (
+ const char *exchange_base_url,
+ const struct TALER_PurseContractPublicKeyP *purse_pub,
+ const struct TALER_Amount *amount,
+ const struct TALER_DenominationHashP *h_denom_pub,
+ const struct TALER_AgeCommitmentHash *h_age_commitment,
+ const struct TALER_CoinSpendPrivateKeyP *coin_priv,
+ struct TALER_CoinSpendSignatureP *coin_sig);
+
+
+/**
+ * Verify a purse deposit request.
+ *
+ * @param exchange_base_url URL of the exchange hosting the purse
+ * @param purse_pub purse’s public key
+ * @param amount amount of the coin's value to transfer to the purse
+ * @param h_denom_pub hash of the coin's denomination
+ * @param h_age_commitment hash of the coin's age commitment
+ * @param coin_pub key identifying the coin that is being deposited
+ * @param[out] coin_sig resulting signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_wallet_purse_deposit_verify (
+ const char *exchange_base_url,
+ const struct TALER_PurseContractPublicKeyP *purse_pub,
+ const struct TALER_Amount *amount,
+ const struct TALER_DenominationHashP *h_denom_pub,
+ const struct TALER_AgeCommitmentHash *h_age_commitment,
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ const struct TALER_CoinSpendSignatureP *coin_sig);
+
+
+/**
+ * Sign a request by a purse to merge it into an account.
+ *
+ * @param reserve_uri identifies the location of the reserve
+ * @param merge_timestamp time when the merge happened
+ * @param purse_pub key identifying the purse
+ * @param merge_priv key identifying the merge capability
+ * @param[out] merge_sig resulting signature
+ */
+void
+TALER_wallet_purse_merge_sign (
+ const char *reserve_uri,
+ struct GNUNET_TIME_Timestamp merge_timestamp,
+ const struct TALER_PurseContractPublicKeyP *purse_pub,
+ const struct TALER_PurseMergePrivateKeyP *merge_priv,
+ struct TALER_PurseMergeSignatureP *merge_sig);
+
+
+/**
+ * Verify a purse merge request.
+ *
+ * @param reserve_uri identifies the location of the reserve
+ * @param merge_timestamp time when the merge happened
+ * @param purse_pub public key of the purse to merge
+ * @param merge_pub public key of the merge capability
+ * @param merge_sig the signature made with purpose
#TALER_SIGNATURE_WALLET_PURSE_MERGE
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_wallet_purse_merge_verify (
+ const char *reserve_uri,
+ struct GNUNET_TIME_Timestamp merge_timestamp,
+ const struct TALER_PurseContractPublicKeyP *purse_pub,
+ const struct TALER_PurseMergePublicKeyP *merge_pub,
+ const struct TALER_PurseMergeSignatureP *merge_sig);
+
+
+/**
+ * Flags for a merge signature.
+ */
+enum TALER_WalletAccountMergeFlags
+{
+
+ /**
+ * A mode must be set. None is not a legal mode!
+ */
+ TALER_WAMF_MODE_NONE = 0,
+
+ /**
+ * We are merging a fully paid-up purse into a reserve.
+ */
+ TALER_WAMF_MODE_MERGE_FULLY_PAID_PURSE = 1,
+
+ /**
+ * We are creating a fresh purse, from the contingent
+ * of free purses that our account brings.
+ */
+ TALER_WAMF_MODE_CREATE_FROM_PURSE_QUOTA = 2,
+
+ /**
+ * The account owner is willing to pay the purse_fee for the purse to be
+ * created from the account balance.
+ */
+ TALER_WAMF_MODE_CREATE_WITH_PURSE_FEE = 3,
+
+ /**
+ * Bitmask to AND the full flags with to get the mode.
+ */
+ TALER_WAMF_MERGE_MODE_MASK = 3
+
+};
+
+
+/**
+ * Sign a request by an account to merge a purse.
+ *
+ * @param merge_timestamp time when the merge happened
+ * @param purse_pub public key of the purse to merge
+ * @param purse_expiration when should the purse expire
+ * @param h_contract_terms contract the two parties agree on
+ * @param amount total amount in the purse (including fees)
+ * @param purse_fee purse fee the reserve will pay,
+ * only used if @a flags is #TALER_WAMF_MODE_CREATE_WITH_PURSE_FEE
+ * @param min_age age restriction to apply for deposits into the purse
+ * @param flags flags for the operation
+ * @param reserve_priv key identifying the reserve
+ * @param[out] reserve_sig resulting signature
+ */
+void
+TALER_wallet_account_merge_sign (
+ struct GNUNET_TIME_Timestamp merge_timestamp,
+ const struct TALER_PurseContractPublicKeyP *purse_pub,
+ struct GNUNET_TIME_Timestamp purse_expiration,
+ const struct TALER_PrivateContractHashP *h_contract_terms,
+ const struct TALER_Amount *amount,
+ const struct TALER_Amount *purse_fee,
+ uint32_t min_age,
+ enum TALER_WalletAccountMergeFlags flags,
+ const struct TALER_ReservePrivateKeyP *reserve_priv,
+ struct TALER_ReserveSignatureP *reserve_sig);
+
+
+/**
+ * Verify an account's request to merge a purse.
+ *
+ * @param merge_timestamp time when the merge happened
+ * @param purse_pub public key of the purse to merge
+ * @param purse_expiration when should the purse expire
+ * @param h_contract_terms contract the two parties agree on
+ * @param amount total amount in the purse (including fees)
+ * @param purse_fee purse fee the reserve will pay,
+ * only used if @a flags is #TALER_WAMF_MODE_CREATE_WITH_PURSE_FEE
+ * @param min_age age restriction to apply for deposits into the purse
+ * @param flags flags for the operation
+ * @param reserve_pub account’s public key
+ * @param reserve_sig the signature made with purpose
#TALER_SIGNATURE_WALLET_ACCOUNT_MERGE
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_wallet_account_merge_verify (
+ struct GNUNET_TIME_Timestamp merge_timestamp,
+ const struct TALER_PurseContractPublicKeyP *purse_pub,
+ struct GNUNET_TIME_Timestamp purse_expiration,
+ const struct TALER_PrivateContractHashP *h_contract_terms,
+ const struct TALER_Amount *amount,
+ const struct TALER_Amount *purse_fee,
+ uint32_t min_age,
+ enum TALER_WalletAccountMergeFlags flags,
+ const struct TALER_ReservePublicKeyP *reserve_pub,
+ const struct TALER_ReserveSignatureP *reserve_sig);
+
+
+/**
+ * Sign a request to keep a reserve open.
+ *
+ * @param reserve_payment how much to pay from the
+ * reserve's own balance for opening the reserve
+ * @param request_timestamp when was the request created
+ * @param reserve_expiration desired expiration time for the reserve
+ * @param purse_limit minimum number of purses the client
+ * wants to have concurrently open for this reserve
+ * @param reserve_priv key identifying the reserve
+ * @param[out] reserve_sig resulting signature
+ */
+void
+TALER_wallet_reserve_open_sign (
+ const struct TALER_Amount *reserve_payment,
+ struct GNUNET_TIME_Timestamp request_timestamp,
+ struct GNUNET_TIME_Timestamp reserve_expiration,
+ uint32_t purse_limit,
+ const struct TALER_ReservePrivateKeyP *reserve_priv,
+ struct TALER_ReserveSignatureP *reserve_sig);
+
+
+/**
+ * Verify a request to keep a reserve open.
+ *
+ * @param reserve_payment how much to pay from the
+ * reserve's own balance for opening the reserve
+ * @param request_timestamp when was the request created
+ * @param reserve_expiration desired expiration time for the reserve
+ * @param purse_limit minimum number of purses the client
+ * wants to have concurrently open for this reserve
+ * @param reserve_pub key identifying the reserve
+ * @param reserve_sig resulting signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_wallet_reserve_open_verify (
+ const struct TALER_Amount *reserve_payment,
+ struct GNUNET_TIME_Timestamp request_timestamp,
+ struct GNUNET_TIME_Timestamp reserve_expiration,
+ uint32_t purse_limit,
+ const struct TALER_ReservePublicKeyP *reserve_pub,
+ const struct TALER_ReserveSignatureP *reserve_sig);
+
+
+/**
+ * Sign to deposit coin to pay for keeping a reserve open.
+ *
+ * @param coin_contribution how much the coin should contribute
+ * @param reserve_sig signature over the reserve open operation
+ * @param coin_priv private key of the coin
+ * @param[out] coin_sig signature by the coin
+ */
+void
+TALER_wallet_reserve_open_deposit_sign (
+ const struct TALER_Amount *coin_contribution,
+ const struct TALER_ReserveSignatureP *reserve_sig,
+ const struct TALER_CoinSpendPrivateKeyP *coin_priv,
+ struct TALER_CoinSpendSignatureP *coin_sig);
+
+
+/**
+ * Verify signature that deposits coin to pay for keeping a reserve open.
+ *
+ * @param coin_contribution how much the coin should contribute
+ * @param reserve_sig signature over the reserve open operation
+ * @param coin_pub public key of the coin
+ * @param coin_sig signature by the coin
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_wallet_reserve_open_deposit_verify (
+ const struct TALER_Amount *coin_contribution,
+ const struct TALER_ReserveSignatureP *reserve_sig,
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ const struct TALER_CoinSpendSignatureP *coin_sig);
+
+
+/**
+ * Sign a request to close a reserve.
+ *
+ * @param request_timestamp when was the request created
+ * @param h_payto where to send the funds (NULL allowed to send
+ * to origin of the reserve)
+ * @param reserve_priv key identifying the reserve
+ * @param[out] reserve_sig resulting signature
+ */
+void
+TALER_wallet_reserve_close_sign (
+ struct GNUNET_TIME_Timestamp request_timestamp,
+ const struct TALER_PaytoHashP *h_payto,
+ const struct TALER_ReservePrivateKeyP *reserve_priv,
+ struct TALER_ReserveSignatureP *reserve_sig);
+
+
+/**
+ * Verify wallet request to close an account.
+ *
+ * @param request_timestamp when was the request created
+ * @param h_payto where to send the funds (NULL/all zeros
+ * allowed to send to origin of the reserve)
+ * @param reserve_pub account’s public key
+ * @param reserve_sig the signature made with purpose
#TALER_SIGNATURE_WALLET_RESERVE_CLOSE
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_wallet_reserve_close_verify (
+ struct GNUNET_TIME_Timestamp request_timestamp,
+ const struct TALER_PaytoHashP *h_payto,
+ const struct TALER_ReservePublicKeyP *reserve_pub,
+ const struct TALER_ReserveSignatureP *reserve_sig);
+
+
+/**
+ * Sign a request by a wallet to perform a KYC check.
+ *
+ * @param reserve_priv key identifying the wallet/account
+ * @param balance_threshold the balance threshold the wallet is about to cross
+ * @param[out] reserve_sig resulting signature
+ */
+void
+TALER_wallet_account_setup_sign (
+ const struct TALER_ReservePrivateKeyP *reserve_priv,
+ const struct TALER_Amount *balance_threshold,
+ struct TALER_ReserveSignatureP *reserve_sig);
+
+
+/**
+ * Verify account setup request.
+ *
+ * @param reserve_pub reserve the setup request was for
+ * @param balance_threshold the balance threshold the wallet is about to cross
+ * @param reserve_sig resulting signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_wallet_account_setup_verify (
+ const struct TALER_ReservePublicKeyP *reserve_pub,
+ const struct TALER_Amount *balance_threshold,
+ const struct TALER_ReserveSignatureP *reserve_sig);
+
+
+/**
+ * Sign request to the exchange to confirm certain
+ * @a details about the owner of a reserve.
+ *
+ * @param request_timestamp when was the request created
+ * @param details which attributes are requested
+ * @param reserve_priv private key of the reserve
+ * @param[out] reserve_sig where to store the signature
+ */
+void
+TALER_wallet_reserve_attest_request_sign (
+ struct GNUNET_TIME_Timestamp request_timestamp,
+ const json_t *details,
+ const struct TALER_ReservePrivateKeyP *reserve_priv,
+ struct TALER_ReserveSignatureP *reserve_sig);
+
+
+/**
+ * Verify request to the exchange to confirm certain
+ * @a details about the owner of a reserve.
+ *
+ * @param request_timestamp when was the request created
+ * @param details which attributes are requested
+ * @param reserve_pub public key of the reserve
+ * @param reserve_sig where to store the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_wallet_reserve_attest_request_verify (
+ struct GNUNET_TIME_Timestamp request_timestamp,
+ const json_t *details,
+ const struct TALER_ReservePublicKeyP *reserve_pub,
+ const struct TALER_ReserveSignatureP *reserve_sig);
+
+
+/**
+ * Sign a deposit permission. Function for wallets.
+ *
+ * @param amount the amount to be deposited
+ * @param deposit_fee the deposit fee we expect to pay
+ * @param h_wire hash of the merchant’s account details
+ * @param h_contract_terms hash of the contact of the merchant with the
customer (further details are never disclosed to the exchange)
+ * @param wallet_data_hash hash over wallet inputs into the contract (maybe
NULL)
+ * @param h_age_commitment hash over the age commitment, if applicable to the
denomination (maybe NULL)
+ * @param h_policy hash over the policy extension
+ * @param h_denom_pub hash of the coin denomination's public key
+ * @param coin_priv coin’s private key
+ * @param wallet_timestamp timestamp when the contract was finalized, must not
be too far in the future
+ * @param merchant_pub the public key of the merchant (used to identify the
merchant for refund requests)
+ * @param refund_deadline date until which the merchant can issue a refund to
the customer via the exchange (can be zero if refunds are not allowed); must
not be after the @a wire_deadline
+ * @param[out] coin_sig set to the signature made with purpose
#TALER_SIGNATURE_WALLET_COIN_DEPOSIT
+ */
+void
+TALER_wallet_deposit_sign (
+ const struct TALER_Amount *amount,
+ const struct TALER_Amount *deposit_fee,
+ const struct TALER_MerchantWireHashP *h_wire,
+ const struct TALER_PrivateContractHashP *h_contract_terms,
+ const struct GNUNET_HashCode *wallet_data_hash,
+ const struct TALER_AgeCommitmentHash *h_age_commitment,
+ const struct TALER_ExtensionPolicyHashP *h_policy,
+ const struct TALER_DenominationHashP *h_denom_pub,
+ struct GNUNET_TIME_Timestamp wallet_timestamp,
+ const struct TALER_MerchantPublicKeyP *merchant_pub,
+ struct GNUNET_TIME_Timestamp refund_deadline,
+ const struct TALER_CoinSpendPrivateKeyP *coin_priv,
+ struct TALER_CoinSpendSignatureP *coin_sig);
+
+
+/**
+ * Verify a deposit permission.
+ *
+ * @param amount the amount to be deposited
+ * @param deposit_fee the deposit fee we expect to pay
+ * @param h_wire hash of the merchant’s account details
+ * @param h_contract_terms hash of the contact of the merchant with the
customer (further details are never disclosed to the exchange)
+ * @param wallet_data_hash hash over wallet inputs into the contract (maybe
NULL)
+ * @param h_age_commitment hash over the age commitment (maybe all zeroes, if
not applicable to the denomination)
+ * @param h_policy hash over the policy extension
+ * @param h_denom_pub hash of the coin denomination's public key
+ * @param wallet_timestamp timestamp when the contract was finalized, must not
be too far in the future
+ * @param merchant_pub the public key of the merchant (used to identify the
merchant for refund requests)
+ * @param refund_deadline date until which the merchant can issue a refund to
the customer via the exchange (can be zero if refunds are not allowed); must
not be after the @a wire_deadline
+ * @param coin_pub coin’s public key
+ * @param coin_sig the signature made with purpose
#TALER_SIGNATURE_WALLET_COIN_DEPOSIT
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_wallet_deposit_verify (
+ const struct TALER_Amount *amount,
+ const struct TALER_Amount *deposit_fee,
+ const struct TALER_MerchantWireHashP *h_wire,
+ const struct TALER_PrivateContractHashP *h_contract_terms,
+ const struct GNUNET_HashCode *wallet_data_hash,
+ const struct TALER_AgeCommitmentHash *h_age_commitment,
+ const struct TALER_ExtensionPolicyHashP *h_policy,
+ const struct TALER_DenominationHashP *h_denom_pub,
+ struct GNUNET_TIME_Timestamp wallet_timestamp,
+ const struct TALER_MerchantPublicKeyP *merchant_pub,
+ struct GNUNET_TIME_Timestamp refund_deadline,
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ const struct TALER_CoinSpendSignatureP *coin_sig);
+
+
+/**
+ * Sign a melt request.
+ *
+ * @param amount_with_fee the amount to be melted (with fee)
+ * @param melt_fee the melt fee we expect to pay
+ * @param rc refresh session we are committed to
+ * @param h_denom_pub hash of the coin denomination's public key
+ * @param h_age_commitment hash of the age commitment (may be NULL)
+ * @param coin_priv coin’s private key
+ * @param[out] coin_sig set to the signature made with purpose
#TALER_SIGNATURE_WALLET_COIN_MELT
+ */
+void
+TALER_wallet_melt_sign (
+ const struct TALER_Amount *amount_with_fee,
+ const struct TALER_Amount *melt_fee,
+ const struct TALER_RefreshCommitmentP *rc,
+ const struct TALER_DenominationHashP *h_denom_pub,
+ const struct TALER_AgeCommitmentHash *h_age_commitment,
+ const struct TALER_CoinSpendPrivateKeyP *coin_priv,
+ struct TALER_CoinSpendSignatureP *coin_sig);
+
+
+/**
+ * Verify a melt request.
+ *
+ * @param amount_with_fee the amount to be melted (with fee)
+ * @param melt_fee the melt fee we expect to pay
+ * @param rc refresh session we are committed to
+ * @param h_denom_pub hash of the coin denomination's public key
+ * @param h_age_commitment hash of the age commitment (may be NULL)
+ * @param coin_pub coin’s public key
+ * @param coin_sig the signature made with purpose
#TALER_SIGNATURE_WALLET_COIN_MELT
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_wallet_melt_verify (
+ const struct TALER_Amount *amount_with_fee,
+ const struct TALER_Amount *melt_fee,
+ const struct TALER_RefreshCommitmentP *rc,
+ const struct TALER_DenominationHashP *h_denom_pub,
+ const struct TALER_AgeCommitmentHash *h_age_commitment,
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ const struct TALER_CoinSpendSignatureP *coin_sig);
+
+
+/**
+ * Sign link data.
+ *
+ * @param h_denom_pub hash of the denomiantion public key of the new coin
+ * @param transfer_pub transfer public key
+ * @param bch blinded coin hash
+ * @param old_coin_priv private key to sign with
+ * @param[out] coin_sig resulting signature
+ */
+void
+TALER_wallet_link_sign (
+ const struct TALER_DenominationHashP *h_denom_pub,
+ const struct TALER_TransferPublicKeyP *transfer_pub,
+ const struct TALER_BlindedCoinHashP *bch,
+ const struct TALER_CoinSpendPrivateKeyP *old_coin_priv,
+ struct TALER_CoinSpendSignatureP *coin_sig);
+
+
+/**
+ * Verify link signature.
+ *
+ * @param h_denom_pub hash of the denomiantion public key of the new coin
+ * @param transfer_pub transfer public key
+ * @param h_coin_ev hash of the coin envelope
+ * @param old_coin_pub old coin key that the link signature is for
+ * @param coin_sig resulting signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_wallet_link_verify (
+ const struct TALER_DenominationHashP *h_denom_pub,
+ const struct TALER_TransferPublicKeyP *transfer_pub,
+ const struct TALER_BlindedCoinHashP *h_coin_ev,
+ const struct TALER_CoinSpendPublicKeyP *old_coin_pub,
+ const struct TALER_CoinSpendSignatureP *coin_sig);
+
+
+/**
+ * Sign withdraw request.
+ *
+ * @param h_denom_pub hash of the denomiantion public key of the coin to
withdraw
+ * @param amount_with_fee amount to debit the reserve for
+ * @param bch blinded coin hash
+ * @param reserve_priv private key to sign with
+ * @param[out] reserve_sig resulting signature
+ */
+void
+TALER_wallet_withdraw_sign (
+ const struct TALER_DenominationHashP *h_denom_pub,
+ const struct TALER_Amount *amount_with_fee,
+ const struct TALER_BlindedCoinHashP *bch,
+ const struct TALER_ReservePrivateKeyP *reserve_priv,
+ struct TALER_ReserveSignatureP *reserve_sig);
+
+
+/**
+ * Verify withdraw request.
+ *
+ * @param h_denom_pub hash of the denomiantion public key of the coin to
withdraw
+ * @param amount_with_fee amount to debit the reserve for
+ * @param bch blinded coin hash
+ * @param reserve_pub public key of the reserve
+ * @param reserve_sig resulting signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_wallet_withdraw_verify (
+ const struct TALER_DenominationHashP *h_denom_pub,
+ const struct TALER_Amount *amount_with_fee,
+ const struct TALER_BlindedCoinHashP *bch,
+ const struct TALER_ReservePublicKeyP *reserve_pub,
+ const struct TALER_ReserveSignatureP *reserve_sig);
+
+
+/**
+ * Sign age-withdraw request.
+ *
+ * @param h_commitment hash over all n*kappa blinded coins in the commitment
for the age-withdraw
+ * @param amount_with_fee amount to debit the reserve for
+ * @param mask the mask that defines the age groups
+ * @param max_age maximum age from which the age group is derived, that the
withdrawn coins must be restricted to.
+ * @param reserve_priv private key to sign with
+ * @param[out] reserve_sig resulting signature
+ */
+void
+TALER_wallet_age_withdraw_sign (
+ const struct TALER_AgeWithdrawCommitmentHashP *h_commitment,
+ const struct TALER_Amount *amount_with_fee,
+ const struct TALER_AgeMask *mask,
+ uint8_t max_age,
+ const struct TALER_ReservePrivateKeyP *reserve_priv,
+ struct TALER_ReserveSignatureP *reserve_sig);
+
+/**
+ * Verify an age-withdraw request.
+ *
+ * @param h_commitment hash all n*kappa blinded coins in the commitment for
the age-withdraw
+ * @param amount_with_fee amount to debit the reserve for
+ * @param mask the mask that defines the age groups
+ * @param max_age maximum age from which the age group is derived, that the
withdrawn coins must be restricted to.
+ * @param reserve_pub public key of the reserve
+ * @param reserve_sig resulting signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_wallet_age_withdraw_verify (
+ const struct TALER_AgeWithdrawCommitmentHashP *h_commitment,
+ const struct TALER_Amount *amount_with_fee,
+ const struct TALER_AgeMask *mask,
+ uint8_t max_age,
+ const struct TALER_ReservePublicKeyP *reserve_pub,
+ const struct TALER_ReserveSignatureP *reserve_sig);
+
+/**
+ * Verify exchange melt confirmation.
+ *
+ * @param rc refresh session this is about
+ * @param noreveal_index gamma value chosen by the exchange
+ * @param exchange_pub public signing key used
+ * @param exchange_sig signature to check
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_melt_confirmation_verify (
+ const struct TALER_RefreshCommitmentP *rc,
+ uint32_t noreveal_index,
+ const struct TALER_ExchangePublicKeyP *exchange_pub,
+ const struct TALER_ExchangeSignatureP *exchange_sig);
+
+
+/**
+ * Verify recoup signature.
+ *
+ * @param h_denom_pub hash of the denomiantion public key of the coin
+ * @param coin_bks blinding factor used when withdrawing the coin
+ * @param coin_pub coin key of the coin to be recouped
+ * @param coin_sig resulting signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_wallet_recoup_verify (
+ const struct TALER_DenominationHashP *h_denom_pub,
+ const union GNUNET_CRYPTO_BlindingSecretP *coin_bks,
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ const struct TALER_CoinSpendSignatureP *coin_sig);
+
+
+/**
+ * Create recoup signature.
+ *
+ * @param h_denom_pub hash of the denomiantion public key of the coin
+ * @param coin_bks blinding factor used when withdrawing the coin
+ * @param coin_priv coin key of the coin to be recouped
+ * @param[out] coin_sig resulting signature
+ */
+void
+TALER_wallet_recoup_sign (
+ const struct TALER_DenominationHashP *h_denom_pub,
+ const union GNUNET_CRYPTO_BlindingSecretP *coin_bks,
+ const struct TALER_CoinSpendPrivateKeyP *coin_priv,
+ struct TALER_CoinSpendSignatureP *coin_sig);
+
+
+/**
+ * Verify recoup-refresh signature.
+ *
+ * @param h_denom_pub hash of the denomiantion public key of the coin
+ * @param coin_bks blinding factor used when withdrawing the coin
+ * @param coin_pub coin key of the coin to be recouped
+ * @param coin_sig resulting signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_wallet_recoup_refresh_verify (
+ const struct TALER_DenominationHashP *h_denom_pub,
+ const union GNUNET_CRYPTO_BlindingSecretP *coin_bks,
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ const struct TALER_CoinSpendSignatureP *coin_sig);
+
+
+/**
+ * Create recoup-refresh signature.
+ *
+ * @param h_denom_pub hash of the denomiantion public key of the coin
+ * @param coin_bks blinding factor used when withdrawing the coin
+ * @param coin_priv coin key of the coin to be recouped
+ * @param[out] coin_sig resulting signature
+ */
+void
+TALER_wallet_recoup_refresh_sign (
+ const struct TALER_DenominationHashP *h_denom_pub,
+ const union GNUNET_CRYPTO_BlindingSecretP *coin_bks,
+ const struct TALER_CoinSpendPrivateKeyP *coin_priv,
+ struct TALER_CoinSpendSignatureP *coin_sig);
+
+
+/**
+ * Verify reserve history request signature.
+ *
+ * @param start_off start of the requested range
+ * @param reserve_pub reserve the history request was for
+ * @param reserve_sig resulting signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_wallet_reserve_history_verify (
+ uint64_t start_off,
+ const struct TALER_ReservePublicKeyP *reserve_pub,
+ const struct TALER_ReserveSignatureP *reserve_sig);
+
+
+/**
+ * Create reserve status request signature.
+ *
+ * @param start_off start of the requested range
+ * @param reserve_priv private key of the reserve the history request is for
+ * @param[out] reserve_sig resulting signature
+ */
+void
+TALER_wallet_reserve_history_sign (
+ uint64_t start_off,
+ const struct TALER_ReservePrivateKeyP *reserve_priv,
+ struct TALER_ReserveSignatureP *reserve_sig);
+
+
+/**
+ * Verify coin history request signature.
+ *
+ * @param start_off start of the requested range
+ * @param coin_pub coin the history request was for
+ * @param coin_sig resulting signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_wallet_coin_history_verify (
+ uint64_t start_off,
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ const struct TALER_CoinSpendSignatureP *coin_sig);
+
+
+/**
+ * Create coin status request signature.
+ *
+ * @param start_off start of the requested range
+ * @param coin_priv private key of the coin the history request is for
+ * @param[out] coin_sig resulting signature
+ */
+void
+TALER_wallet_coin_history_sign (
+ uint64_t start_off,
+ const struct TALER_CoinSpendPrivateKeyP *coin_priv,
+ struct TALER_CoinSpendSignatureP *coin_sig);
+
+
+/* ********************* merchant signing ************************** */
+
+
+/**
+ * Create merchant signature approving a refund.
+ *
+ * @param coin_pub coin to be refunded
+ * @param h_contract_terms contract to be refunded
+ * @param rtransaction_id unique ID for this (partial) refund
+ * @param amount amount to be refunded
+ * @param merchant_priv private key to sign with
+ * @param[out] merchant_sig where to write the signature
+ */
+void
+TALER_merchant_refund_sign (
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ const struct TALER_PrivateContractHashP *h_contract_terms,
+ uint64_t rtransaction_id,
+ const struct TALER_Amount *amount,
+ const struct TALER_MerchantPrivateKeyP *merchant_priv,
+ struct TALER_MerchantSignatureP *merchant_sig);
+
+
+/**
+ * Verify merchant signature approving a refund.
+ *
+ * @param coin_pub coin to be refunded
+ * @param h_contract_terms contract to be refunded
+ * @param rtransaction_id unique ID for this (partial) refund
+ * @param amount amount to be refunded
+ * @param merchant_pub public key of the merchant
+ * @param merchant_sig signature to verify
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_merchant_refund_verify (
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ const struct TALER_PrivateContractHashP *h_contract_terms,
+ uint64_t rtransaction_id,
+ const struct TALER_Amount *amount,
+ const struct TALER_MerchantPublicKeyP *merchant_pub,
+ const struct TALER_MerchantSignatureP *merchant_sig);
+
+
+/* ********************* exchange deposit signing ************************* */
+
+/**
+ * Sign a deposit.
+ *
+ * @param h_contract_terms hash of contract terms
+ * @param h_wire hash of the merchant account details
+ * @param coin_pub coin to be deposited
+ * @param merchant_priv private key to sign with
+ * @param[out] merchant_sig where to write the signature
+ */
+void
+TALER_merchant_deposit_sign (
+ const struct TALER_PrivateContractHashP *h_contract_terms,
+ const struct TALER_MerchantWireHashP *h_wire,
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ const struct TALER_MerchantPrivateKeyP *merchant_priv,
+ struct TALER_MerchantSignatureP *merchant_sig);
+
+
+/**
+ * Verify a deposit.
+ *
+ * @param merchant merchant public key
+ * @param coin_pub public key of the deposited coin
+ * @param h_contract_terms hash of contract terms
+ * @param h_wire hash of the merchant account details
+ * @param merchant_sig signature of the merchant
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_merchant_deposit_verify (
+ const struct TALER_MerchantPublicKeyP *merchant,
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ const struct TALER_PrivateContractHashP *h_contract_terms,
+ const struct TALER_MerchantWireHashP *h_wire,
+ const struct TALER_MerchantSignatureP *merchant_sig);
+
+
+/* ********************* exchange online signing ************************** */
+
+
+/**
+ * Signature of a function that signs the message in @a purpose with the
+ * exchange's signing key.
+ *
+ * The @a purpose data is the beginning of the data of which the signature is
+ * to be created. The `size` field in @a purpose must correctly indicate the
+ * number of bytes of the data structure, including its header. *
+ * @param purpose the message to sign
+ * @param[out] pub set to the current public signing key of the exchange
+ * @param[out] sig signature over purpose using current signing key
+ * @return #TALER_EC_NONE on success
+ */
+typedef enum TALER_ErrorCode
+(*TALER_ExchangeSignCallback)(
+ const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
+ struct TALER_ExchangePublicKeyP *pub,
+ struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Signature of a function that signs the message in @a purpose with the
+ * exchange's signing key.
+ *
+ * The @a purpose data is the beginning of the data of which the signature is
+ * to be created. The `size` field in @a purpose must correctly indicate the
+ * number of bytes of the data structure, including its header. *
+ * @param cls closure
+ * @param purpose the message to sign
+ * @param[out] pub set to the current public signing key of the exchange
+ * @param[out] sig signature over purpose using current signing key
+ * @return #TALER_EC_NONE on success
+ */
+typedef enum TALER_ErrorCode
+(*TALER_ExchangeSignCallback2)(
+ void *cls,
+ const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
+ struct TALER_ExchangePublicKeyP *pub,
+ struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Create deposit confirmation signature.
+ *
+ * @param scb function to call to create the signature
+ * @param h_contract_terms hash of the contact of the merchant with the
customer (further details are never disclosed to the exchange)
+ * @param h_wire hash of the merchant’s account details
+ * @param h_policy hash over the policy extension, can be NULL
+ * @param exchange_timestamp timestamp when the contract was finalized, must
not be too far off
+ * @param wire_deadline date until which the exchange should wire the funds
+ * @param refund_deadline date until which the merchant can issue a refund to
the customer via the exchange (can be zero if refunds are not allowed); must
not be after the @a wire_deadline
+ * @param total_without_fee the total amount to be deposited after fees over
all coins
+ * @param num_coins length of @a coin_sigs array
+ * @param coin_sigs signatures of the deposited coins
+ * @param merchant_pub the public key of the merchant (used to identify the
merchant for refund requests)
+ * @param[out] pub where to write the public key
+ * @param[out] sig where to write the signature
+ * @return #TALER_EC_NONE on success
+ */
+enum TALER_ErrorCode
+TALER_exchange_online_deposit_confirmation_sign (
+ TALER_ExchangeSignCallback scb,
+ const struct TALER_PrivateContractHashP *h_contract_terms,
+ const struct TALER_MerchantWireHashP *h_wire,
+ const struct TALER_ExtensionPolicyHashP *h_policy,
+ struct GNUNET_TIME_Timestamp exchange_timestamp,
+ struct GNUNET_TIME_Timestamp wire_deadline,
+ struct GNUNET_TIME_Timestamp refund_deadline,
+ const struct TALER_Amount *total_without_fee,
+ unsigned int num_coins,
+ const struct TALER_CoinSpendSignatureP *coin_sigs[static num_coins],
+ const struct TALER_MerchantPublicKeyP *merchant_pub,
+ struct TALER_ExchangePublicKeyP *pub,
+ struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Verify deposit confirmation signature.
+ *
+ * @param h_contract_terms hash of the contact of the merchant with the
customer (further details are never disclosed to the exchange)
+ * @param h_wire hash of the merchant’s account details
+ * @param h_policy hash over the policy extension, can be NULL
+ * @param exchange_timestamp timestamp when the contract was finalized, must
not be too far off
+ * @param wire_deadline date until which the exchange should wire the funds
+ * @param refund_deadline date until which the merchant can issue a refund to
the customer via the exchange (can be zero if refunds are not allowed); must
not be after the @a wire_deadline
+ * @param total_without_fee the total amount to be deposited after fees over
all coins
+ * @param num_coins length of @a coin_sigs array
+ * @param coin_sigs signatures of the deposited coins
+ * @param merchant_pub the public key of the merchant (used to identify the
merchant for refund requests)
+ * @param pub where to write the public key
+ * @param sig where to write the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_online_deposit_confirmation_verify (
+ const struct TALER_PrivateContractHashP *h_contract_terms,
+ const struct TALER_MerchantWireHashP *h_wire,
+ const struct TALER_ExtensionPolicyHashP *h_policy,
+ struct GNUNET_TIME_Timestamp exchange_timestamp,
+ struct GNUNET_TIME_Timestamp wire_deadline,
+ struct GNUNET_TIME_Timestamp refund_deadline,
+ const struct TALER_Amount *total_without_fee,
+ unsigned int num_coins,
+ const struct TALER_CoinSpendSignatureP *coin_sigs[static num_coins],
+ const struct TALER_MerchantPublicKeyP *merchant_pub,
+ const struct TALER_ExchangePublicKeyP *pub,
+ const struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Create refund confirmation signature.
+ *
+ * @param scb function to call to create the signature
+ * @param h_contract_terms hash of contract being refunded
+ * @param coin_pub public key of the coin receiving the refund
+ * @param merchant public key of the merchant that granted the refund
+ * @param rtransaction_id refund transaction ID used by the merchant
+ * @param refund_amount amount refunded
+ * @param[out] pub where to write the exchange public key
+ * @param[out] sig where to write the exchange signature
+ * @return #TALER_EC_NONE on success
+ */
+enum TALER_ErrorCode
+TALER_exchange_online_refund_confirmation_sign (
+ TALER_ExchangeSignCallback scb,
+ const struct TALER_PrivateContractHashP *h_contract_terms,
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ const struct TALER_MerchantPublicKeyP *merchant,
+ uint64_t rtransaction_id,
+ const struct TALER_Amount *refund_amount,
+ struct TALER_ExchangePublicKeyP *pub,
+ struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Verify refund confirmation signature.
+ *
+ * @param h_contract_terms hash of contract being refunded
+ * @param coin_pub public key of the coin receiving the refund
+ * @param merchant public key of the merchant that granted the refund
+ * @param rtransaction_id refund transaction ID used by the merchant
+ * @param refund_amount amount refunded
+ * @param pub where to write the public key
+ * @param sig where to write the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_online_refund_confirmation_verify (
+ const struct TALER_PrivateContractHashP *h_contract_terms,
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ const struct TALER_MerchantPublicKeyP *merchant,
+ uint64_t rtransaction_id,
+ const struct TALER_Amount *refund_amount,
+ const struct TALER_ExchangePublicKeyP *pub,
+ const struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Create refresh melt confirmation signature.
+ *
+ * @param scb function to call to create the signature
+ * @param rc refresh commitment that identifies the melt operation
+ * @param noreveal_index gamma cut-and-choose value chosen by the exchange
+ * @param[out] pub where to write the exchange public key
+ * @param[out] sig where to write the exchange signature
+ * @return #TALER_EC_NONE on success
+ */
+enum TALER_ErrorCode
+TALER_exchange_online_melt_confirmation_sign (
+ TALER_ExchangeSignCallback scb,
+ const struct TALER_RefreshCommitmentP *rc,
+ uint32_t noreveal_index,
+ struct TALER_ExchangePublicKeyP *pub,
+ struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Verify refresh melt confirmation signature.
+ *
+ * @param rc refresh commitment that identifies the melt operation
+ * @param noreveal_index gamma cut-and-choose value chosen by the exchange
+ * @param pub where to write the public key
+ * @param sig where to write the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_online_melt_confirmation_verify (
+ const struct TALER_RefreshCommitmentP *rc,
+ uint32_t noreveal_index,
+ const struct TALER_ExchangePublicKeyP *pub,
+ const struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Create exchange purse refund confirmation signature.
+ *
+ * @param scb function to call to create the signature
+ * @param amount_without_fee refunded amount
+ * @param refund_fee refund fee charged
+ * @param coin_pub coin that was refunded
+ * @param purse_pub public key of the expired purse
+ * @param[out] pub where to write the public key
+ * @param[out] sig where to write the signature
+ * @return #TALER_EC_NONE on success
+ */
+enum TALER_ErrorCode
+TALER_exchange_online_purse_refund_sign (
+ TALER_ExchangeSignCallback scb,
+ const struct TALER_Amount *amount_without_fee,
+ const struct TALER_Amount *refund_fee,
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ const struct TALER_PurseContractPublicKeyP *purse_pub,
+ struct TALER_ExchangePublicKeyP *pub,
+ struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Verify signature of exchange affirming purse refund
+ * from purse expiration.
+ *
+ * @param amount_without_fee refunded amount
+ * @param refund_fee refund fee charged
+ * @param coin_pub coin that was refunded
+ * @param purse_pub public key of the expired purse
+ * @param pub public key to verify signature against
+ * @param sig signature to verify
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_online_purse_refund_verify (
+ const struct TALER_Amount *amount_without_fee,
+ const struct TALER_Amount *refund_fee,
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ const struct TALER_PurseContractPublicKeyP *purse_pub,
+ const struct TALER_ExchangePublicKeyP *pub,
+ const struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Create exchange key set signature.
+ *
+ * @param scb function to call to create the signature
+ * @param cls closure for @a scb
+ * @param timestamp time when the key set was issued
+ * @param hc hash over all the keys
+ * @param[out] pub where to write the public key
+ * @param[out] sig where to write the signature
+ * @return #TALER_EC_NONE on success
+ */
+enum TALER_ErrorCode
+TALER_exchange_online_key_set_sign (
+ TALER_ExchangeSignCallback2 scb,
+ void *cls,
+ struct GNUNET_TIME_Timestamp timestamp,
+ const struct GNUNET_HashCode *hc,
+ struct TALER_ExchangePublicKeyP *pub,
+ struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Verify key set signature.
+ *
+ * @param timestamp time when the key set was issued
+ * @param hc hash over all the keys
+ * @param pub public key to verify signature against
+ * @param sig signature to verify
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_online_key_set_verify (
+ struct GNUNET_TIME_Timestamp timestamp,
+ const struct GNUNET_HashCode *hc,
+ const struct TALER_ExchangePublicKeyP *pub,
+ const struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Create account KYC setup success signature.
+ *
+ * @param scb function to call to create the signature
+ * @param h_payto target of the KYC account
+ * @param kyc JSON data describing which KYC checks
+ * were satisfied
+ * @param timestamp time when the KYC was confirmed
+ * @param[out] pub where to write the public key
+ * @param[out] sig where to write the signature
+ * @return #TALER_EC_NONE on success
+ */
+enum TALER_ErrorCode
+TALER_exchange_online_account_setup_success_sign (
+ TALER_ExchangeSignCallback scb,
+ const struct TALER_PaytoHashP *h_payto,
+ const json_t *kyc,
+ struct GNUNET_TIME_Timestamp timestamp,
+ struct TALER_ExchangePublicKeyP *pub,
+ struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Verify account KYC setup success signature.
+ *
+ * @param h_payto target of the KYC account
+ * @param kyc JSON data describing which KYC checks
+ * were satisfied
+ * @param timestamp time when the KYC was confirmed
+ * @param pub where to write the public key
+ * @param sig where to write the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_online_account_setup_success_verify (
+ const struct TALER_PaytoHashP *h_payto,
+ const json_t *kyc,
+ struct GNUNET_TIME_Timestamp timestamp,
+ const struct TALER_ExchangePublicKeyP *pub,
+ const struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Hash normalized @a j JSON object or array and
+ * store the result in @a hc.
+ *
+ * @param j JSON to hash
+ * @param[out] hc where to write the hash
+ */
+void
+TALER_json_hash (const json_t *j,
+ struct GNUNET_HashCode *hc);
+
+
+/**
+ * Update the @a hash_context in the computation of the
+ * h_details for a wire status signature.
+ *
+ * @param[in,out] hash_context context to update
+ * @param h_contract_terms hash of the contract
+ * @param execution_time when was the wire transfer initiated
+ * @param coin_pub deposited coin
+ * @param deposit_value contribution of the coin
+ * @param deposit_fee how high was the deposit fee
+ */
+void
+TALER_exchange_online_wire_deposit_append (
+ struct GNUNET_HashContext *hash_context,
+ const struct TALER_PrivateContractHashP *h_contract_terms,
+ struct GNUNET_TIME_Timestamp execution_time,
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ const struct TALER_Amount *deposit_value,
+ const struct TALER_Amount *deposit_fee);
+
+
+/**
+ * Create wire deposit signature.
+ *
+ * @param scb function to call to create the signature
+ * @param total amount the merchant was credited
+ * @param wire_fee fee charged by the exchange for the wire transfer
+ * @param merchant_pub which merchant was credited
+ * @param payto payto://-URI of the merchant account
+ * @param h_details hash over the aggregation details
+ * @param[out] pub where to write the public key
+ * @param[out] sig where to write the signature
+ * @return #TALER_EC_NONE on success
+ */
+enum TALER_ErrorCode
+TALER_exchange_online_wire_deposit_sign (
+ TALER_ExchangeSignCallback scb,
+ const struct TALER_Amount *total,
+ const struct TALER_Amount *wire_fee,
+ const struct TALER_MerchantPublicKeyP *merchant_pub,
+ const char *payto,
+ const struct GNUNET_HashCode *h_details,
+ struct TALER_ExchangePublicKeyP *pub,
+ struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Verify wire deposit signature.
+ *
+ * @param total amount the merchant was credited
+ * @param wire_fee fee charged by the exchange for the wire transfer
+ * @param merchant_pub which merchant was credited
+ * @param h_payto hash of the payto://-URI of the merchant account
+ * @param h_details hash over the aggregation details
+ * @param pub where to write the public key
+ * @param sig where to write the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_online_wire_deposit_verify (
+ const struct TALER_Amount *total,
+ const struct TALER_Amount *wire_fee,
+ const struct TALER_MerchantPublicKeyP *merchant_pub,
+ const struct TALER_PaytoHashP *h_payto,
+ const struct GNUNET_HashCode *h_details,
+ const struct TALER_ExchangePublicKeyP *pub,
+ const struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Create wire confirmation signature.
+ *
+ * @param scb function to call to create the signature
+ * @param h_wire hash of the merchant's account
+ * @param h_contract_terms hash of the contract
+ * @param wtid wire transfer this deposit was aggregated into
+ * @param coin_pub public key of the deposited coin
+ * @param execution_time when was wire transfer initiated
+ * @param coin_contribution what was @a coin_pub's contribution to the wire
transfer
+ * @param[out] pub where to write the public key
+ * @param[out] sig where to write the signature
+ * @return #TALER_EC_NONE on success
+ */
+enum TALER_ErrorCode
+TALER_exchange_online_confirm_wire_sign (
+ TALER_ExchangeSignCallback scb,
+ const struct TALER_MerchantWireHashP *h_wire,
+ const struct TALER_PrivateContractHashP *h_contract_terms,
+ const struct TALER_WireTransferIdentifierRawP *wtid,
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ struct GNUNET_TIME_Timestamp execution_time,
+ const struct TALER_Amount *coin_contribution,
+ struct TALER_ExchangePublicKeyP *pub,
+ struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Verify confirm wire signature.
+ *
+ * @param h_wire hash of the merchant's account
+ * @param h_contract_terms hash of the contract
+ * @param wtid wire transfer this deposit was aggregated into
+ * @param coin_pub public key of the deposited coin
+ * @param execution_time when was wire transfer initiated
+ * @param coin_contribution what was @a coin_pub's contribution to the wire
transfer
+ * @param pub where to write the public key
+ * @param sig where to write the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_online_confirm_wire_verify (
+ const struct TALER_MerchantWireHashP *h_wire,
+ const struct TALER_PrivateContractHashP *h_contract_terms,
+ const struct TALER_WireTransferIdentifierRawP *wtid,
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ struct GNUNET_TIME_Timestamp execution_time,
+ const struct TALER_Amount *coin_contribution,
+ const struct TALER_ExchangePublicKeyP *pub,
+ const struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Create confirm recoup signature.
+ *
+ * @param scb function to call to create the signature
+ * @param timestamp when was the recoup done
+ * @param recoup_amount how much was recouped
+ * @param coin_pub coin that was recouped
+ * @param reserve_pub reserve that was credited
+ * @param[out] pub where to write the public key
+ * @param[out] sig where to write the signature
+ * @return #TALER_EC_NONE on success
+ */
+enum TALER_ErrorCode
+TALER_exchange_online_confirm_recoup_sign (
+ TALER_ExchangeSignCallback scb,
+ struct GNUNET_TIME_Timestamp timestamp,
+ const struct TALER_Amount *recoup_amount,
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ const struct TALER_ReservePublicKeyP *reserve_pub,
+ struct TALER_ExchangePublicKeyP *pub,
+ struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Verify confirm recoup signature.
+ *
+ * @param timestamp when was the recoup done
+ * @param recoup_amount how much was recouped
+ * @param coin_pub coin that was recouped
+ * @param reserve_pub reserve that was credited
+ * @param pub where to write the public key
+ * @param sig where to write the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_online_confirm_recoup_verify (
+ struct GNUNET_TIME_Timestamp timestamp,
+ const struct TALER_Amount *recoup_amount,
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ const struct TALER_ReservePublicKeyP *reserve_pub,
+ const struct TALER_ExchangePublicKeyP *pub,
+ const struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Create confirm recoup refresh signature.
+ *
+ * @param scb function to call to create the signature
+ * @param timestamp when was the recoup done
+ * @param recoup_amount how much was recouped
+ * @param coin_pub coin that was recouped
+ * @param old_coin_pub old coin that was credited
+ * @param[out] pub where to write the public key
+ * @param[out] sig where to write the signature
+ * @return #TALER_EC_NONE on success
+ */
+enum TALER_ErrorCode
+TALER_exchange_online_confirm_recoup_refresh_sign (
+ TALER_ExchangeSignCallback scb,
+ struct GNUNET_TIME_Timestamp timestamp,
+ const struct TALER_Amount *recoup_amount,
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ const struct TALER_CoinSpendPublicKeyP *old_coin_pub,
+ struct TALER_ExchangePublicKeyP *pub,
+ struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Verify confirm recoup refresh signature.
+ *
+ * @param timestamp when was the recoup done
+ * @param recoup_amount how much was recouped
+ * @param coin_pub coin that was recouped
+ * @param old_coin_pub old coin that was credited
+ * @param pub where to write the public key
+ * @param sig where to write the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_online_confirm_recoup_refresh_verify (
+ struct GNUNET_TIME_Timestamp timestamp,
+ const struct TALER_Amount *recoup_amount,
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ const struct TALER_CoinSpendPublicKeyP *old_coin_pub,
+ const struct TALER_ExchangePublicKeyP *pub,
+ const struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Create denomination unknown signature.
+ *
+ * @param scb function to call to create the signature
+ * @param timestamp when was the error created
+ * @param h_denom_pub hash of denomination that is unknown
+ * @param[out] pub where to write the public key
+ * @param[out] sig where to write the signature
+ * @return #TALER_EC_NONE on success
+ */
+enum TALER_ErrorCode
+TALER_exchange_online_denomination_unknown_sign (
+ TALER_ExchangeSignCallback scb,
+ struct GNUNET_TIME_Timestamp timestamp,
+ const struct TALER_DenominationHashP *h_denom_pub,
+ struct TALER_ExchangePublicKeyP *pub,
+ struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Verify denomination unknown signature.
+ *
+ * @param timestamp when was the error created
+ * @param h_denom_pub hash of denomination that is unknown
+ * @param pub where to write the public key
+ * @param sig where to write the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_online_denomination_unknown_verify (
+ struct GNUNET_TIME_Timestamp timestamp,
+ const struct TALER_DenominationHashP *h_denom_pub,
+ const struct TALER_ExchangePublicKeyP *pub,
+ const struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Create denomination expired signature.
+ *
+ * @param scb function to call to create the signature
+ * @param timestamp when was the error created
+ * @param h_denom_pub hash of denomination that is expired
+ * @param op character string describing the operation for which
+ * the denomination is expired
+ * @param[out] pub where to write the public key
+ * @param[out] sig where to write the signature
+ * @return #TALER_EC_NONE on success
+ */
+enum TALER_ErrorCode
+TALER_exchange_online_denomination_expired_sign (
+ TALER_ExchangeSignCallback scb,
+ struct GNUNET_TIME_Timestamp timestamp,
+ const struct TALER_DenominationHashP *h_denom_pub,
+ const char *op,
+ struct TALER_ExchangePublicKeyP *pub,
+ struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Verify denomination expired signature.
+ *
+ * @param timestamp when was the error created
+ * @param h_denom_pub hash of denomination that is expired
+ * @param op character string describing the operation for which
+ * the denomination is expired
+ * @param pub where to write the public key
+ * @param sig where to write the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_online_denomination_expired_verify (
+ struct GNUNET_TIME_Timestamp timestamp,
+ const struct TALER_DenominationHashP *h_denom_pub,
+ const char *op,
+ const struct TALER_ExchangePublicKeyP *pub,
+ const struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Create reserve closure signature.
+ *
+ * @param scb function to call to create the signature
+ * @param timestamp time when the reserve was closed
+ * @param closing_amount amount left in the reserve
+ * @param closing_fee closing fee charged
+ * @param payto target of the wire transfer
+ * @param wtid wire transfer subject used
+ * @param reserve_pub public key of the closed reserve
+ * @param[out] pub where to write the public key
+ * @param[out] sig where to write the signature
+ * @return #TALER_EC_NONE on success
+ */
+enum TALER_ErrorCode
+TALER_exchange_online_reserve_closed_sign (
+ TALER_ExchangeSignCallback scb,
+ struct GNUNET_TIME_Timestamp timestamp,
+ const struct TALER_Amount *closing_amount,
+ const struct TALER_Amount *closing_fee,
+ const char *payto,
+ const struct TALER_WireTransferIdentifierRawP *wtid,
+ const struct TALER_ReservePublicKeyP *reserve_pub,
+ struct TALER_ExchangePublicKeyP *pub,
+ struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Verify reserve closure signature.
+ *
+ * @param timestamp time when the reserve was closed
+ * @param closing_amount amount left in the reserve
+ * @param closing_fee closing fee charged
+ * @param payto target of the wire transfer
+ * @param wtid wire transfer subject used
+ * @param reserve_pub public key of the closed reserve
+ * @param pub the public key of the exchange to check against
+ * @param sig the signature to check
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_online_reserve_closed_verify (
+ struct GNUNET_TIME_Timestamp timestamp,
+ const struct TALER_Amount *closing_amount,
+ const struct TALER_Amount *closing_fee,
+ const char *payto,
+ const struct TALER_WireTransferIdentifierRawP *wtid,
+ const struct TALER_ReservePublicKeyP *reserve_pub,
+ const struct TALER_ExchangePublicKeyP *pub,
+ const struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Create signature by exchange affirming that a reserve
+ * has had certain attributes verified via KYC.
+ *
+ * @param scb function to call to create the signature
+ * @param attest_timestamp our time
+ * @param expiration_time when does the KYC data expire
+ * @param reserve_pub for which reserve are attributes attested
+ * @param attributes JSON object with attributes being attested to
+ * @param[out] pub where to write the public key
+ * @param[out] sig where to write the signature
+ * @return #TALER_EC_NONE on success
+ */
+enum TALER_ErrorCode
+TALER_exchange_online_reserve_attest_details_sign (
+ TALER_ExchangeSignCallback scb,
+ struct GNUNET_TIME_Timestamp attest_timestamp,
+ struct GNUNET_TIME_Timestamp expiration_time,
+ const struct TALER_ReservePublicKeyP *reserve_pub,
+ const json_t *attributes,
+ struct TALER_ExchangePublicKeyP *pub,
+ struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Verify signature by exchange affirming that a reserve
+ * has had certain attributes verified via KYC.
+ *
+ * @param attest_timestamp our time
+ * @param expiration_time when does the KYC data expire
+ * @param reserve_pub for which reserve are attributes attested
+ * @param attributes JSON object with attributes being attested to
+ * @param pub exchange public key
+ * @param sig exchange signature to verify
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_online_reserve_attest_details_verify (
+ struct GNUNET_TIME_Timestamp attest_timestamp,
+ struct GNUNET_TIME_Timestamp expiration_time,
+ const struct TALER_ReservePublicKeyP *reserve_pub,
+ const json_t *attributes,
+ struct TALER_ExchangePublicKeyP *pub,
+ struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Create signature by exchange affirming that a purse was created.
+ *
+ * @param scb function to call to create the signature
+ * @param exchange_time our time
+ * @param purse_expiration when will the purse expire
+ * @param amount_without_fee total amount to be put into the purse (without
deposit fees)
+ * @param total_deposited total currently in the purse
+ * @param purse_pub public key of the purse
+ * @param h_contract_terms hash of the contract for the purse
+ * @param[out] pub where to write the public key
+ * @param[out] sig where to write the signature
+ * @return #TALER_EC_NONE on success
+ */
+enum TALER_ErrorCode
+TALER_exchange_online_purse_created_sign (
+ TALER_ExchangeSignCallback scb,
+ struct GNUNET_TIME_Timestamp exchange_time,
+ struct GNUNET_TIME_Timestamp purse_expiration,
+ const struct TALER_Amount *amount_without_fee,
+ const struct TALER_Amount *total_deposited,
+ const struct TALER_PurseContractPublicKeyP *purse_pub,
+ const struct TALER_PrivateContractHashP *h_contract_terms,
+ struct TALER_ExchangePublicKeyP *pub,
+ struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Verify exchange signature about a purse creation and balance.
+ *
+ * @param exchange_time our time
+ * @param purse_expiration when will the purse expire
+ * @param amount_without_fee total amount to be put into the purse (without
deposit fees)
+ * @param total_deposited total currently in the purse
+ * @param purse_pub public key of the purse
+ * @param h_contract_terms hash of the contract for the purse
+ * @param pub the public key of the exchange to check against
+ * @param sig the signature to check
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_online_purse_created_verify (
+ struct GNUNET_TIME_Timestamp exchange_time,
+ struct GNUNET_TIME_Timestamp purse_expiration,
+ const struct TALER_Amount *amount_without_fee,
+ const struct TALER_Amount *total_deposited,
+ const struct TALER_PurseContractPublicKeyP *purse_pub,
+ const struct TALER_PrivateContractHashP *h_contract_terms,
+ const struct TALER_ExchangePublicKeyP *pub,
+ const struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Sign affirmation that a purse was merged.
+ *
+ * @param scb function to call to create the signature
+ * @param exchange_time our time
+ * @param purse_expiration when does the purse expire
+ * @param amount_without_fee total amount that should be in the purse without
deposit fees
+ * @param purse_pub public key of the purse
+ * @param h_contract_terms hash of the contract of the purse
+ * @param reserve_pub reserve the purse will be merged into
+ * @param exchange_url exchange at which the @a reserve_pub lives
+ * @param[out] pub where to write the public key
+ * @param[out] sig where to write the signature
+ * @return #TALER_EC_NONE on success
+ */
+enum TALER_ErrorCode
+TALER_exchange_online_purse_merged_sign (
+ TALER_ExchangeSignCallback scb,
+ struct GNUNET_TIME_Timestamp exchange_time,
+ struct GNUNET_TIME_Timestamp purse_expiration,
+ const struct TALER_Amount *amount_without_fee,
+ const struct TALER_PurseContractPublicKeyP *purse_pub,
+ const struct TALER_PrivateContractHashP *h_contract_terms,
+ const struct TALER_ReservePublicKeyP *reserve_pub,
+ const char *exchange_url,
+ struct TALER_ExchangePublicKeyP *pub,
+ struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Verify affirmation that a purse will be merged.
+ *
+ * @param exchange_time our time
+ * @param purse_expiration when does the purse expire
+ * @param amount_without_fee total amount that should be in the purse without
deposit fees
+ * @param purse_pub public key of the purse
+ * @param h_contract_terms hash of the contract of the purse
+ * @param reserve_pub reserve the purse will be merged into
+ * @param exchange_url exchange at which the @a reserve_pub lives
+ * @param pub the public key of the exchange to check against
+ * @param sig the signature to check
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_online_purse_merged_verify (
+ struct GNUNET_TIME_Timestamp exchange_time,
+ struct GNUNET_TIME_Timestamp purse_expiration,
+ const struct TALER_Amount *amount_without_fee,
+ const struct TALER_PurseContractPublicKeyP *purse_pub,
+ const struct TALER_PrivateContractHashP *h_contract_terms,
+ const struct TALER_ReservePublicKeyP *reserve_pub,
+ const char *exchange_url,
+ const struct TALER_ExchangePublicKeyP *pub,
+ const struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Sign information about the status of a purse.
+ *
+ * @param scb function to call to create the signature
+ * @param merge_timestamp when was the purse merged (can be never)
+ * @param deposit_timestamp when was the purse fully paid up (can be never)
+ * @param balance current balance of the purse
+ * @param[out] pub where to write the public key
+ * @param[out] sig where to write the signature
+ * @return #TALER_EC_NONE on success
+ */
+enum TALER_ErrorCode
+TALER_exchange_online_purse_status_sign (
+ TALER_ExchangeSignCallback scb,
+ struct GNUNET_TIME_Timestamp merge_timestamp,
+ struct GNUNET_TIME_Timestamp deposit_timestamp,
+ const struct TALER_Amount *balance,
+ struct TALER_ExchangePublicKeyP *pub,
+ struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Verify signature over information about the status of a purse.
+ *
+ * @param merge_timestamp when was the purse merged (can be never)
+ * @param deposit_timestamp when was the purse fully paid up (can be never)
+ * @param balance current balance of the purse
+ * @param exchange_pub the public key of the exchange to check against
+ * @param exchange_sig the signature to check
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_online_purse_status_verify (
+ struct GNUNET_TIME_Timestamp merge_timestamp,
+ struct GNUNET_TIME_Timestamp deposit_timestamp,
+ const struct TALER_Amount *balance,
+ const struct TALER_ExchangePublicKeyP *exchange_pub,
+ const struct TALER_ExchangeSignatureP *exchange_sig);
+
+
+/**
+ * Create age-withdraw confirmation signature.
+ *
+ * @param scb function to call to create the signature
+ * @param h_commitment age-withdraw commitment that identifies the n*kappa
blinded coins
+ * @param noreveal_index gamma cut-and-choose value chosen by the exchange
+ * @param[out] pub where to write the exchange public key
+ * @param[out] sig where to write the exchange signature
+ * @return #TALER_EC_NONE on success
+ */
+enum TALER_ErrorCode
+TALER_exchange_online_age_withdraw_confirmation_sign (
+ TALER_ExchangeSignCallback scb,
+ const struct TALER_AgeWithdrawCommitmentHashP *h_commitment,
+ uint32_t noreveal_index,
+ struct TALER_ExchangePublicKeyP *pub,
+ struct TALER_ExchangeSignatureP *sig);
+
+
+/**
+ * Verfiy an exchange age-withdraw confirmation
+ *
+ * @param h_commitment Commitment over all n*kappa coin candidates from the
original request to age-withdraw
+ * @param noreveal_index The index returned by the exchange
+ * @param exchange_pub The public key used for signing
+ * @param exchange_sig The signature from the exchange
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_online_age_withdraw_confirmation_verify (
+ const struct TALER_AgeWithdrawCommitmentHashP *h_commitment,
+ uint32_t noreveal_index,
+ const struct TALER_ExchangePublicKeyP *exchange_pub,
+ const struct TALER_ExchangeSignatureP *exchange_sig);
+
+
+/* ********************* offline signing ************************** */
+
+
+/**
+ * Create AML officer status change signature.
+ *
+ * @param officer_pub public key of the AML officer
+ * @param officer_name name of the officer
+ * @param change_date when to affect the status change
+ * @param is_active true to enable the officer
+ * @param read_only true to only allow read-only access
+ * @param master_priv private key to sign with
+ * @param[out] master_sig where to write the signature
+ */
+void
+TALER_exchange_offline_aml_officer_status_sign (
+ const struct TALER_AmlOfficerPublicKeyP *officer_pub,
+ const char *officer_name,
+ struct GNUNET_TIME_Timestamp change_date,
+ bool is_active,
+ bool read_only,
+ const struct TALER_MasterPrivateKeyP *master_priv,
+ struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Verify AML officer status change signature.
+ *
+ * @param officer_pub public key of the AML officer
+ * @param officer_name name of the officer
+ * @param change_date when to affect the status change
+ * @param is_active true to enable the officer
+ * @param read_only true to only allow read-only access
+ * @param master_pub public key to verify against
+ * @param master_sig the signature the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_offline_aml_officer_status_verify (
+ const struct TALER_AmlOfficerPublicKeyP *officer_pub,
+ const char *officer_name,
+ struct GNUNET_TIME_Timestamp change_date,
+ bool is_active,
+ bool read_only,
+ const struct TALER_MasterPublicKeyP *master_pub,
+ const struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Create auditor addition signature.
+ *
+ * @param auditor_pub public key of the auditor
+ * @param auditor_url URL of the auditor
+ * @param start_date when to enable the auditor (for replay detection)
+ * @param master_priv private key to sign with
+ * @param[out] master_sig where to write the signature
+ */
+void
+TALER_exchange_offline_auditor_add_sign (
+ const struct TALER_AuditorPublicKeyP *auditor_pub,
+ const char *auditor_url,
+ struct GNUNET_TIME_Timestamp start_date,
+ const struct TALER_MasterPrivateKeyP *master_priv,
+ struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Verify auditor add signature.
+ *
+ * @param auditor_pub public key of the auditor
+ * @param auditor_url URL of the auditor
+ * @param start_date when to enable the auditor (for replay detection)
+ * @param master_pub public key to verify against
+ * @param master_sig the signature the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_offline_auditor_add_verify (
+ const struct TALER_AuditorPublicKeyP *auditor_pub,
+ const char *auditor_url,
+ struct GNUNET_TIME_Timestamp start_date,
+ const struct TALER_MasterPublicKeyP *master_pub,
+ const struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Create auditor deletion signature.
+ *
+ * @param auditor_pub public key of the auditor
+ * @param end_date when to disable the auditor (for replay detection)
+ * @param master_priv private key to sign with
+ * @param[out] master_sig where to write the signature
+ */
+void
+TALER_exchange_offline_auditor_del_sign (
+ const struct TALER_AuditorPublicKeyP *auditor_pub,
+ struct GNUNET_TIME_Timestamp end_date,
+ const struct TALER_MasterPrivateKeyP *master_priv,
+ struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Verify auditor del signature.
+ *
+ * @param auditor_pub public key of the auditor
+ * @param end_date when to disable the auditor (for replay detection)
+ * @param master_pub public key to verify against
+ * @param master_sig the signature the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_offline_auditor_del_verify (
+ const struct TALER_AuditorPublicKeyP *auditor_pub,
+ struct GNUNET_TIME_Timestamp end_date,
+ const struct TALER_MasterPublicKeyP *master_pub,
+ const struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Create denomination revocation signature.
+ *
+ * @param h_denom_pub hash of public denomination key to revoke
+ * @param master_priv private key to sign with
+ * @param[out] master_sig where to write the signature
+ */
+void
+TALER_exchange_offline_denomination_revoke_sign (
+ const struct TALER_DenominationHashP *h_denom_pub,
+ const struct TALER_MasterPrivateKeyP *master_priv,
+ struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Verify denomination revocation signature.
+ *
+ * @param h_denom_pub hash of public denomination key to revoke
+ * @param master_pub public key to verify against
+ * @param master_sig the signature the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_offline_denomination_revoke_verify (
+ const struct TALER_DenominationHashP *h_denom_pub,
+ const struct TALER_MasterPublicKeyP *master_pub,
+ const struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Create signkey revocation signature.
+ *
+ * @param exchange_pub public signing key to revoke
+ * @param master_priv private key to sign with
+ * @param[out] master_sig where to write the signature
+ */
+void
+TALER_exchange_offline_signkey_revoke_sign (
+ const struct TALER_ExchangePublicKeyP *exchange_pub,
+ const struct TALER_MasterPrivateKeyP *master_priv,
+ struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Verify signkey revocation signature.
+ *
+ * @param exchange_pub public signkey key to revoke
+ * @param master_pub public key to verify against
+ * @param master_sig the signature the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_offline_signkey_revoke_verify (
+ const struct TALER_ExchangePublicKeyP *exchange_pub,
+ const struct TALER_MasterPublicKeyP *master_pub,
+ const struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Create signkey validity signature.
+ *
+ * @param exchange_pub public signing key to validate
+ * @param start_sign starting point of validity for signing
+ * @param end_sign end point (exclusive) for validity for signing
+ * @param end_legal legal end point of signature validity
+ * @param master_priv private key to sign with
+ * @param[out] master_sig where to write the signature
+ */
+void
+TALER_exchange_offline_signkey_validity_sign (
+ const struct TALER_ExchangePublicKeyP *exchange_pub,
+ struct GNUNET_TIME_Timestamp start_sign,
+ struct GNUNET_TIME_Timestamp end_sign,
+ struct GNUNET_TIME_Timestamp end_legal,
+ const struct TALER_MasterPrivateKeyP *master_priv,
+ struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Verify signkey validitity signature.
+ *
+ * @param exchange_pub public signkey key to validate
+ * @param start_sign starting point of validity for signing
+ * @param end_sign end point (exclusive) for validity for signing
+ * @param end_legal legal end point of signature validity
+ * @param master_pub public key to verify against
+ * @param master_sig the signature the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_offline_signkey_validity_verify (
+ const struct TALER_ExchangePublicKeyP *exchange_pub,
+ struct GNUNET_TIME_Timestamp start_sign,
+ struct GNUNET_TIME_Timestamp end_sign,
+ struct GNUNET_TIME_Timestamp end_legal,
+ const struct TALER_MasterPublicKeyP *master_pub,
+ const struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Create denomination key validity signature.
+ *
+ * @param h_denom_pub hash of the denomination's public key
+ * @param stamp_start when does the exchange begin signing with this key
+ * @param stamp_expire_withdraw when does the exchange end signing with this
key
+ * @param stamp_expire_deposit how long does the exchange accept the deposit
of coins with this key
+ * @param stamp_expire_legal how long does the exchange preserve information
for legal disputes with this key
+ * @param coin_value what is the value of coins signed with this key
+ * @param fees fees for this denomination
+ * @param master_priv private key to sign with
+ * @param[out] master_sig where to write the signature
+ */
+void
+TALER_exchange_offline_denom_validity_sign (
+ const struct TALER_DenominationHashP *h_denom_pub,
+ struct GNUNET_TIME_Timestamp stamp_start,
+ struct GNUNET_TIME_Timestamp stamp_expire_withdraw,
+ struct GNUNET_TIME_Timestamp stamp_expire_deposit,
+ struct GNUNET_TIME_Timestamp stamp_expire_legal,
+ const struct TALER_Amount *coin_value,
+ const struct TALER_DenomFeeSet *fees,
+ const struct TALER_MasterPrivateKeyP *master_priv,
+ struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Verify denomination key validity signature.
+ *
+ * @param h_denom_pub hash of the denomination's public key
+ * @param stamp_start when does the exchange begin signing with this key
+ * @param stamp_expire_withdraw when does the exchange end signing with this
key
+ * @param stamp_expire_deposit how long does the exchange accept the deposit
of coins with this key
+ * @param stamp_expire_legal how long does the exchange preserve information
for legal disputes with this key
+ * @param coin_value what is the value of coins signed with this key
+ * @param fees fees for this denomination
+ * @param master_pub public key to verify against
+ * @param master_sig the signature the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_offline_denom_validity_verify (
+ const struct TALER_DenominationHashP *h_denom_pub,
+ struct GNUNET_TIME_Timestamp stamp_start,
+ struct GNUNET_TIME_Timestamp stamp_expire_withdraw,
+ struct GNUNET_TIME_Timestamp stamp_expire_deposit,
+ struct GNUNET_TIME_Timestamp stamp_expire_legal,
+ const struct TALER_Amount *coin_value,
+ const struct TALER_DenomFeeSet *fees,
+ const struct TALER_MasterPublicKeyP *master_pub,
+ const struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Create offline signature about an exchange's partners.
+ *
+ * @param partner_pub master public key of the partner
+ * @param start_date validity period start
+ * @param end_date validity period end
+ * @param wad_frequency how often will we do wad transfers to this partner
+ * @param wad_fee what is the wad fee to this partner
+ * @param partner_base_url what is the base URL of the @a partner_pub exchange
+ * @param master_priv private key to sign with
+ * @param[out] master_sig where to write the signature
+ */
+void
+TALER_exchange_offline_partner_details_sign (
+ const struct TALER_MasterPublicKeyP *partner_pub,
+ struct GNUNET_TIME_Timestamp start_date,
+ struct GNUNET_TIME_Timestamp end_date,
+ struct GNUNET_TIME_Relative wad_frequency,
+ const struct TALER_Amount *wad_fee,
+ const char *partner_base_url,
+ const struct TALER_MasterPrivateKeyP *master_priv,
+ struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Verify signature about an exchange's partners.
+ *
+ * @param partner_pub master public key of the partner
+ * @param start_date validity period start
+ * @param end_date validity period end
+ * @param wad_frequency how often will we do wad transfers to this partner
+ * @param wad_fee what is the wad fee to this partner
+ * @param partner_base_url what is the base URL of the @a partner_pub exchange
+ * @param master_pub public key to verify against
+ * @param master_sig the signature the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_offline_partner_details_verify (
+ const struct TALER_MasterPublicKeyP *partner_pub,
+ struct GNUNET_TIME_Timestamp start_date,
+ struct GNUNET_TIME_Timestamp end_date,
+ struct GNUNET_TIME_Relative wad_frequency,
+ const struct TALER_Amount *wad_fee,
+ const char *partner_base_url,
+ const struct TALER_MasterPublicKeyP *master_pub,
+ const struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Create offline signature about wiring profits to a
+ * regular non-escrowed account of the exchange.
+ *
+ * @param wtid (random) wire transfer ID to be used
+ * @param date when was the profit drain approved (not exact time of execution)
+ * @param amount how much should be wired
+ * @param account_section configuration section of the
+ * exchange specifying the account to be debited
+ * @param payto_uri target account to be credited
+ * @param master_priv private key to sign with
+ * @param[out] master_sig where to write the signature
+ */
+void
+TALER_exchange_offline_profit_drain_sign (
+ const struct TALER_WireTransferIdentifierRawP *wtid,
+ struct GNUNET_TIME_Timestamp date,
+ const struct TALER_Amount *amount,
+ const char *account_section,
+ const char *payto_uri,
+ const struct TALER_MasterPrivateKeyP *master_priv,
+ struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Verify offline signature about wiring profits to a
+ * regular non-escrowed account of the exchange.
+ *
+ * @param wtid (random) wire transfer ID to be used
+ * @param date when was the profit drain approved (not exact time of execution)
+ * @param amount how much should be wired
+ * @param account_section configuration section of the
+ * exchange specifying the account to be debited
+ * @param payto_uri target account to be credited
+ * @param master_pub public key to verify signature against
+ * @param master_sig the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_offline_profit_drain_verify (
+ const struct TALER_WireTransferIdentifierRawP *wtid,
+ struct GNUNET_TIME_Timestamp date,
+ const struct TALER_Amount *amount,
+ const char *account_section,
+ const char *payto_uri,
+ const struct TALER_MasterPublicKeyP *master_pub,
+ const struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Create security module EdDSA signature.
+ *
+ * @param exchange_pub public signing key to validate
+ * @param start_sign starting point of validity for signing
+ * @param duration how long will the key be in use
+ * @param secm_priv security module key to sign with
+ * @param[out] secm_sig where to write the signature
+ */
+void
+TALER_exchange_secmod_eddsa_sign (
+ const struct TALER_ExchangePublicKeyP *exchange_pub,
+ struct GNUNET_TIME_Timestamp start_sign,
+ struct GNUNET_TIME_Relative duration,
+ const struct TALER_SecurityModulePrivateKeyP *secm_priv,
+ struct TALER_SecurityModuleSignatureP *secm_sig);
+
+
+/**
+ * Verify security module EdDSA signature.
+ *
+ * @param exchange_pub public signing key to validate
+ * @param start_sign starting point of validity for signing
+ * @param duration how long will the key be in use
+ * @param secm_pub public key to verify against
+ * @param secm_sig the signature the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_secmod_eddsa_verify (
+ const struct TALER_ExchangePublicKeyP *exchange_pub,
+ struct GNUNET_TIME_Timestamp start_sign,
+ struct GNUNET_TIME_Relative duration,
+ const struct TALER_SecurityModulePublicKeyP *secm_pub,
+ const struct TALER_SecurityModuleSignatureP *secm_sig);
+
+
+/**
+ * Create security module denomination signature.
+ *
+ * @param h_rsa hash of the RSA public key to sign
+ * @param section_name name of the section in the configuration
+ * @param start_sign starting point of validity for signing
+ * @param duration how long will the key be in use
+ * @param secm_priv security module key to sign with
+ * @param[out] secm_sig where to write the signature
+ */
+void
+TALER_exchange_secmod_rsa_sign (
+ const struct TALER_RsaPubHashP *h_rsa,
+ const char *section_name,
+ struct GNUNET_TIME_Timestamp start_sign,
+ struct GNUNET_TIME_Relative duration,
+ const struct TALER_SecurityModulePrivateKeyP *secm_priv,
+ struct TALER_SecurityModuleSignatureP *secm_sig);
+
+
+/**
+ * Verify security module denomination signature.
+ *
+ * @param h_rsa hash of the public key to validate
+ * @param section_name name of the section in the configuration
+ * @param start_sign starting point of validity for signing
+ * @param duration how long will the key be in use
+ * @param secm_pub public key to verify against
+ * @param secm_sig the signature the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_secmod_rsa_verify (
+ const struct TALER_RsaPubHashP *h_rsa,
+ const char *section_name,
+ struct GNUNET_TIME_Timestamp start_sign,
+ struct GNUNET_TIME_Relative duration,
+ const struct TALER_SecurityModulePublicKeyP *secm_pub,
+ const struct TALER_SecurityModuleSignatureP *secm_sig);
+
+
+/**
+ * Create security module denomination signature.
+ *
+ * @param h_cs hash of the CS public key to sign
+ * @param section_name name of the section in the configuration
+ * @param start_sign starting point of validity for signing
+ * @param duration how long will the key be in use
+ * @param secm_priv security module key to sign with
+ * @param[out] secm_sig where to write the signature
+ */
+void
+TALER_exchange_secmod_cs_sign (
+ const struct TALER_CsPubHashP *h_cs,
+ const char *section_name,
+ struct GNUNET_TIME_Timestamp start_sign,
+ struct GNUNET_TIME_Relative duration,
+ const struct TALER_SecurityModulePrivateKeyP *secm_priv,
+ struct TALER_SecurityModuleSignatureP *secm_sig);
+
+
+/**
+ * Verify security module denomination signature.
+ *
+ * @param h_cs hash of the public key to validate
+ * @param section_name name of the section in the configuration
+ * @param start_sign starting point of validity for signing
+ * @param duration how long will the key be in use
+ * @param secm_pub public key to verify against
+ * @param secm_sig the signature the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_secmod_cs_verify (
+ const struct TALER_CsPubHashP *h_cs,
+ const char *section_name,
+ struct GNUNET_TIME_Timestamp start_sign,
+ struct GNUNET_TIME_Relative duration,
+ const struct TALER_SecurityModulePublicKeyP *secm_pub,
+ const struct TALER_SecurityModuleSignatureP *secm_sig);
+
+
+/**
+ * Create denomination key validity signature by the auditor.
+ *
+ * @param auditor_url BASE URL of the auditor's API
+ * @param h_denom_pub hash of the denomination's public key
+ * @param master_pub master public key of the exchange
+ * @param stamp_start when does the exchange begin signing with this key
+ * @param stamp_expire_withdraw when does the exchange end signing with this
key
+ * @param stamp_expire_deposit how long does the exchange accept the deposit
of coins with this key
+ * @param stamp_expire_legal how long does the exchange preserve information
for legal disputes with this key
+ * @param coin_value what is the value of coins signed with this key
+ * @param fees fees the exchange charges for this denomination
+ * @param auditor_priv private key to sign with
+ * @param[out] auditor_sig where to write the signature
+ */
+void
+TALER_auditor_denom_validity_sign (
+ const char *auditor_url,
+ const struct TALER_DenominationHashP *h_denom_pub,
+ const struct TALER_MasterPublicKeyP *master_pub,
+ struct GNUNET_TIME_Timestamp stamp_start,
+ struct GNUNET_TIME_Timestamp stamp_expire_withdraw,
+ struct GNUNET_TIME_Timestamp stamp_expire_deposit,
+ struct GNUNET_TIME_Timestamp stamp_expire_legal,
+ const struct TALER_Amount *coin_value,
+ const struct TALER_DenomFeeSet *fees,
+ const struct TALER_AuditorPrivateKeyP *auditor_priv,
+ struct TALER_AuditorSignatureP *auditor_sig);
+
+
+/**
+ * Verify denomination key validity signature from auditor.
+ *
+ * @param auditor_url BASE URL of the auditor's API
+ * @param h_denom_pub hash of the denomination's public key
+ * @param master_pub master public key of the exchange
+ * @param stamp_start when does the exchange begin signing with this key
+ * @param stamp_expire_withdraw when does the exchange end signing with this
key
+ * @param stamp_expire_deposit how long does the exchange accept the deposit
of coins with this key
+ * @param stamp_expire_legal how long does the exchange preserve information
for legal disputes with this key
+ * @param coin_value what is the value of coins signed with this key
+ * @param fees fees the exchange charges for this denomination
+ * @param auditor_pub public key to verify against
+ * @param auditor_sig the signature the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_auditor_denom_validity_verify (
+ const char *auditor_url,
+ const struct TALER_DenominationHashP *h_denom_pub,
+ const struct TALER_MasterPublicKeyP *master_pub,
+ struct GNUNET_TIME_Timestamp stamp_start,
+ struct GNUNET_TIME_Timestamp stamp_expire_withdraw,
+ struct GNUNET_TIME_Timestamp stamp_expire_deposit,
+ struct GNUNET_TIME_Timestamp stamp_expire_legal,
+ const struct TALER_Amount *coin_value,
+ const struct TALER_DenomFeeSet *fees,
+ const struct TALER_AuditorPublicKeyP *auditor_pub,
+ const struct TALER_AuditorSignatureP *auditor_sig);
+
+
+/* **************** /wire account offline signing **************** */
+
+
+/**
+ * Create wire fee signature.
+ *
+ * @param payment_method the payment method
+ * @param start_time when do the fees start to apply
+ * @param end_time when do the fees start to apply
+ * @param fees the wire fees
+ * @param master_priv private key to sign with
+ * @param[out] master_sig where to write the signature
+ */
+void
+TALER_exchange_offline_wire_fee_sign (
+ const char *payment_method,
+ struct GNUNET_TIME_Timestamp start_time,
+ struct GNUNET_TIME_Timestamp end_time,
+ const struct TALER_WireFeeSet *fees,
+ const struct TALER_MasterPrivateKeyP *master_priv,
+ struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Verify wire fee signature.
+ *
+ * @param payment_method the payment method
+ * @param start_time when do the fees start to apply
+ * @param end_time when do the fees start to apply
+ * @param fees the wire fees
+ * @param master_pub public key to verify against
+ * @param master_sig the signature the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_offline_wire_fee_verify (
+ const char *payment_method,
+ struct GNUNET_TIME_Timestamp start_time,
+ struct GNUNET_TIME_Timestamp end_time,
+ const struct TALER_WireFeeSet *fees,
+ const struct TALER_MasterPublicKeyP *master_pub,
+ const struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Create global fees signature.
+ *
+ * @param start_time when do the fees start to apply
+ * @param end_time when do the fees start to apply
+ * @param fees the global fees
+ * @param purse_timeout how long do unmerged purses stay around
+ * @param history_expiration how long do we keep the history of an account
+ * @param purse_account_limit how many concurrent purses are free per account
holder
+ * @param master_priv private key to sign with
+ * @param[out] master_sig where to write the signature
+ */
+void
+TALER_exchange_offline_global_fee_sign (
+ struct GNUNET_TIME_Timestamp start_time,
+ struct GNUNET_TIME_Timestamp end_time,
+ const struct TALER_GlobalFeeSet *fees,
+ struct GNUNET_TIME_Relative purse_timeout,
+ struct GNUNET_TIME_Relative history_expiration,
+ uint32_t purse_account_limit,
+ const struct TALER_MasterPrivateKeyP *master_priv,
+ struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Verify global fees signature.
+ *
+ * @param start_time when do the fees start to apply
+ * @param end_time when do the fees start to apply
+ * @param fees the global fees
+ * @param purse_timeout how long do unmerged purses stay around
+ * @param history_expiration how long do we keep the history of an account
+ * @param purse_account_limit how many concurrent purses are free per account
holder
+ * @param master_pub public key to verify against
+ * @param master_sig the signature the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_offline_global_fee_verify (
+ struct GNUNET_TIME_Timestamp start_time,
+ struct GNUNET_TIME_Timestamp end_time,
+ const struct TALER_GlobalFeeSet *fees,
+ struct GNUNET_TIME_Relative purse_timeout,
+ struct GNUNET_TIME_Relative history_expiration,
+ uint32_t purse_account_limit,
+ const struct TALER_MasterPublicKeyP *master_pub,
+ const struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Create wire account addition signature.
+ *
+ * @param payto_uri bank account
+ * @param conversion_url URL of the conversion service, or NULL if none
+ * @param debit_restrictions JSON encoding of debit restrictions on the
account; see AccountRestriction in the spec
+ * @param credit_restrictions JSON encoding of credit restrictions on the
account; see AccountRestriction in the spec
+ * @param now timestamp to use for the signature (rounded)
+ * @param master_priv private key to sign with
+ * @param[out] master_sig where to write the signature
+ */
+void
+TALER_exchange_offline_wire_add_sign (
+ const char *payto_uri,
+ const char *conversion_url,
+ const json_t *debit_restrictions,
+ const json_t *credit_restrictions,
+ struct GNUNET_TIME_Timestamp now,
+ const struct TALER_MasterPrivateKeyP *master_priv,
+ struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Verify wire account addition signature.
+ *
+ * @param payto_uri bank account
+ * @param conversion_url URL of the conversion service, or NULL if none
+ * @param debit_restrictions JSON encoding of debit restrictions on the
account; see AccountRestriction in the spec
+ * @param credit_restrictions JSON encoding of credit restrictions on the
account; see AccountRestriction in the spec
+ * @param sign_time timestamp when signature was created
+ * @param master_pub public key to verify against
+ * @param master_sig the signature the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_offline_wire_add_verify (
+ const char *payto_uri,
+ const char *conversion_url,
+ const json_t *debit_restrictions,
+ const json_t *credit_restrictions,
+ struct GNUNET_TIME_Timestamp sign_time,
+ const struct TALER_MasterPublicKeyP *master_pub,
+ const struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Create wire account removal signature.
+ *
+ * @param payto_uri bank account
+ * @param now timestamp to use for the signature (rounded)
+ * @param master_priv private key to sign with
+ * @param[out] master_sig where to write the signature
+ */
+void
+TALER_exchange_offline_wire_del_sign (
+ const char *payto_uri,
+ struct GNUNET_TIME_Timestamp now,
+ const struct TALER_MasterPrivateKeyP *master_priv,
+ struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Verify wire account deletion signature.
+ *
+ * @param payto_uri bank account
+ * @param sign_time timestamp when signature was created
+ * @param master_pub public key to verify against
+ * @param master_sig the signature the signature
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_offline_wire_del_verify (
+ const char *payto_uri,
+ struct GNUNET_TIME_Timestamp sign_time,
+ const struct TALER_MasterPublicKeyP *master_pub,
+ const struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Check the signature in @a master_sig.
+ *
+ * @param payto_uri URI that is signed
+ * @param conversion_url URL of the conversion service, or NULL if none
+ * @param debit_restrictions JSON encoding of debit restrictions on the
account; see AccountRestriction in the spec
+ * @param credit_restrictions JSON encoding of credit restrictions on the
account; see AccountRestriction in the spec
+ * @param master_pub master public key of the exchange
+ * @param master_sig signature of the exchange
+ * @return #GNUNET_OK if signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_wire_signature_check (
+ const char *payto_uri,
+ const char *conversion_url,
+ const json_t *debit_restrictions,
+ const json_t *credit_restrictions,
+ const struct TALER_MasterPublicKeyP *master_pub,
+ const struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Create a signed wire statement for the given account.
+ *
+ * @param payto_uri account specification
+ * @param conversion_url URL of the conversion service, or NULL if none
+ * @param debit_restrictions JSON encoding of debit restrictions on the
account; see AccountRestriction in the spec
+ * @param credit_restrictions JSON encoding of credit restrictions on the
account; see AccountRestriction in the spec
+ * @param master_priv private key to sign with
+ * @param[out] master_sig where to write the signature
+ */
+void
+TALER_exchange_wire_signature_make (
+ const char *payto_uri,
+ const char *conversion_url,
+ const json_t *debit_restrictions,
+ const json_t *credit_restrictions,
+ const struct TALER_MasterPrivateKeyP *master_priv,
+ struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Compute the hash of the given wire details. The resulting
+ * @a hc is what will be put into the contract between customer
+ * and merchant for signing by both parties.
+ *
+ * @param payto_uri bank account
+ * @param salt salt used to eliminate brute-force inversion
+ * @param[out] hc set to the hash
+ */
+void
+TALER_merchant_wire_signature_hash (const char *payto_uri,
+ const struct TALER_WireSaltP *salt,
+ struct TALER_MerchantWireHashP *hc);
+
+
+/**
+ * Check the signature in @a wire_s.
+ *
+ * @param payto_uri URL that is signed
+ * @param salt the salt used to salt the @a payto_uri when hashing
+ * @param merch_pub public key of the merchant
+ * @param merch_sig signature of the merchant
+ * @return #GNUNET_OK if signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_merchant_wire_signature_check (
+ const char *payto_uri,
+ const struct TALER_WireSaltP *salt,
+ const struct TALER_MerchantPublicKeyP *merch_pub,
+ const struct TALER_MerchantSignatureP *merch_sig);
+
+
+/**
+ * Create a signed wire statement for the given account.
+ *
+ * @param payto_uri account specification
+ * @param salt the salt used to salt the @a payto_uri when hashing
+ * @param merch_priv private key to sign with
+ * @param[out] merch_sig where to write the signature
+ */
+void
+TALER_merchant_wire_signature_make (
+ const char *payto_uri,
+ const struct TALER_WireSaltP *salt,
+ const struct TALER_MerchantPrivateKeyP *merch_priv,
+ struct TALER_MerchantSignatureP *merch_sig);
+
+
+/**
+ * Sign a payment confirmation.
+ *
+ * @param h_contract_terms hash of the contact of the merchant with the
customer
+ * @param merch_priv private key to sign with
+ * @param[out] merch_sig where to write the signature
+ */
+void
+TALER_merchant_pay_sign (
+ const struct TALER_PrivateContractHashP *h_contract_terms,
+ const struct TALER_MerchantPrivateKeyP *merch_priv,
+ struct GNUNET_CRYPTO_EddsaSignature *merch_sig);
+
+
+/**
+ * Verify payment confirmation signature.
+ *
+ * @param h_contract_terms hash of the contact of the merchant with the
customer
+ * @param merchant_pub public key of the merchant
+ * @param merchant_sig signature to verify
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_merchant_pay_verify (
+ const struct TALER_PrivateContractHashP *h_contract_terms,
+ const struct TALER_MerchantPublicKeyP *merchant_pub,
+ const struct TALER_MerchantSignatureP *merchant_sig);
+
+
+/**
+ * Sign contract sent by the merchant to the wallet.
+ *
+ * @param h_contract_terms hash of the contract terms
+ * @param merch_priv private key to sign with
+ * @param[out] merch_sig where to write the signature
+ */
+void
+TALER_merchant_contract_sign (
+ const struct TALER_PrivateContractHashP *h_contract_terms,
+ const struct TALER_MerchantPrivateKeyP *merch_priv,
+ struct GNUNET_CRYPTO_EddsaSignature *merch_sig);
+
+
+/* **************** /management/extensions offline signing **************** */
+
+/**
+ * Create a signature for the hash of the manifests of extensions
+ *
+ * @param h_manifests hash of the JSON object representing the manifests
+ * @param master_priv private key to sign with
+ * @param[out] master_sig where to write the signature
+ */
+void
+TALER_exchange_offline_extension_manifests_hash_sign (
+ const struct TALER_ExtensionManifestsHashP *h_manifests,
+ const struct TALER_MasterPrivateKeyP *master_priv,
+ struct TALER_MasterSignatureP *master_sig);
+
+
+/**
+ * Verify the signature in @a master_sig of the given hash, taken over the JSON
+ * blob representing the manifests of extensions
+ *
+ * @param h_manifest hash of the JSON blob of manifests of extensions
+ * @param master_pub master public key of the exchange
+ * @param master_sig signature of the exchange
+ * @return #GNUNET_OK if signature is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_exchange_offline_extension_manifests_hash_verify (
+ const struct TALER_ExtensionManifestsHashP *h_manifest,
+ const struct TALER_MasterPublicKeyP *master_pub,
+ const struct TALER_MasterSignatureP *master_sig
+ );
+
+
+/**
+ * @brief Representation of an age commitment: one public key per age group.
+ *
+ * The number of keys must be be the same as the number of bits set in the
+ * corresponding age mask.
+ */
+struct TALER_AgeCommitment
+{
+
+ /**
+ * The age mask defines the age groups that were a parameter during the
+ * generation of this age commitment
+ */
+ struct TALER_AgeMask mask;
+
+ /**
+ * The number of public keys, which must be the same as the number of
+ * groups in the mask.
+ */
+ size_t num;
+
+ /**
+ * The list of @e num public keys. In must have same size as the number of
+ * age groups defined in the mask.
+ *
+ * A hash of this list is the hashed commitment that goes into FDC
+ * calculation during the withdraw and refresh operations for new coins. That
+ * way, the particular age commitment becomes mandatory and bound to a coin.
+ *
+ * The list has been allocated via GNUNET_malloc().
+ */
+ struct TALER_AgeCommitmentPublicKeyP *keys;
+};
+
+
+/**
+ * @brief Proof for a particular age commitment, used in age attestation
+ *
+ * This struct is used in a call to TALER_age_commitment_attest to create an
+ * attestation for a minimum age (if that minimum age is less or equal to the
+ * committed age for this proof). It consists of a list private keys, one per
+ * age group, for which the committed age is either lager or within that
+ * particular group.
+ */
+struct TALER_AgeProof
+{
+ /**
+ * The number of private keys, which must be at most num_pub_keys. One minus
+ * this number corresponds to the largest age group that is supported with
+ * this age commitment.
+ * **Note**, that this and the next field are only relevant on the wallet
+ * side for attestation and derive operations.
+ */
+ size_t num;
+
+ /**
+ * List of @e num private keys.
+ *
+ * Note that the list can be _smaller_ than the corresponding list of public
+ * keys. In that case, the wallet can sign off only for a subset of the age
+ * groups.
+ *
+ * The list has been allocated via GNUNET_malloc.
+ */
+ struct TALER_AgeCommitmentPrivateKeyP *keys;
+};
+
+
+/**
+ * @brief Commitment and Proof for a maximum age
+ *
+ * Calling TALER_age_restriction_commit on an (maximum) age value returns this
+ * data structure. It consists of the proof, which is used to create
+ * attestations for compatible minimum ages, and the commitment, which is used
+ * to verify the attestations and derived commitments.
+ *
+ * The hash value of the commitment is bound to a particular coin with age
+ * restriction.
+ */
+struct TALER_AgeCommitmentProof
+{
+ /**
+ * The commitment is used to verify a particular attestation. Its hash value
+ * is bound to a particular coin with age restriction. This structure is
+ * sent to the merchant in order to verify a particular attestation for a
+ * minimum age.
+ * In itself, it does not convey any information about the maximum age that
+ * went into the call to TALER_age_restriction_commit.
+ */
+ struct TALER_AgeCommitment commitment;
+
+ /**
+ * The proof is used to create an attestation for a (compatible) minimum age.
+ */
+ struct TALER_AgeProof proof;
+};
+
+
+/**
+ * @brief Generates a hash of the public keys in the age commitment.
+ *
+ * @param commitment the age commitment - one public key per age group
+ * @param[out] hash resulting hash
+ */
+void
+TALER_age_commitment_hash (
+ const struct TALER_AgeCommitment *commitment,
+ struct TALER_AgeCommitmentHash *hash);
+
+
+/**
+ * @brief Generates an age commitent for the given age.
+ *
+ * @param mask The age mask the defines the age groups
+ * @param age The actual age for which an age commitment is generated
+ * @param seed The seed that goes into the key generation. MUST be chosen
uniformly random.
+ * @param[out] comm_proof The generated age commitment, ->priv and ->pub
allocated via GNUNET_malloc() on success
+ */
+void
+TALER_age_restriction_commit (
+ const struct TALER_AgeMask *mask,
+ uint8_t age,
+ const struct GNUNET_HashCode *seed,
+ struct TALER_AgeCommitmentProof *comm_proof);
+
+
+/**
+ * @brief Derives another, equivalent age commitment for a given one.
+ *
+ * @param orig Original age commitment
+ * @param salt Salt to randomly move the points on the elliptic curve in order
to generate another, equivalent commitment.
+ * @param[out] derived The resulting age commitment, ->priv and ->pub
allocated via GNUNET_malloc() on success.
+ * @return #GNUNET_OK on success, #GNUNET_SYSERR otherwise
+ */
+enum GNUNET_GenericReturnValue
+TALER_age_commitment_derive (
+ const struct TALER_AgeCommitmentProof *orig,
+ const struct GNUNET_HashCode *salt,
+ struct TALER_AgeCommitmentProof *derived);
+
+
+/**
+ * @brief Provide attestation for a given age, from a given age commitment, if
possible.
+ *
+ * @param comm_proof The age commitment to be used for attestation. For
successful attestation, it must contain the private key for the corresponding
age group.
+ * @param age Age (not age group) for which the an attestation should be done
+ * @param[out] attest Signature of the age with the appropriate key from the
age commitment for the corresponding age group, if applicaple.
+ * @return #GNUNET_OK on success, #GNUNET_NO when no attestation can be made
for that age with the given commitment, #GNUNET_SYSERR otherwise
+ */
+enum GNUNET_GenericReturnValue
+TALER_age_commitment_attest (
+ const struct TALER_AgeCommitmentProof *comm_proof,
+ uint8_t age,
+ struct TALER_AgeAttestation *attest);
+
+
+/**
+ * @brief Verify the attestation for an given age and age commitment
+ *
+ * @param commitment The age commitment that went into the attestation. Only
the public keys are needed.
+ * @param age Age (not age group) for which the an attestation should be done
+ * @param attest Signature of the age with the appropriate key from the age
commitment for the corresponding age group, if applicaple.
+ * @return #GNUNET_OK when the attestation was successful, #GNUNET_NO no
attestation couldn't be verified, #GNUNET_SYSERR otherwise
+ */
+enum GNUNET_GenericReturnValue
+TALER_age_commitment_verify (
+ const struct TALER_AgeCommitment *commitment,
+ uint8_t age,
+ const struct TALER_AgeAttestation *attest);
+
+
+/**
+ * @brief helper function to free memory of a struct TALER_AgeCommitment
+ *
+ * @param ac the commitment from which all memory should be freed.
+ */
+void
+TALER_age_commitment_free (
+ struct TALER_AgeCommitment *ac);
+
+
+/**
+ * @brief helper function to free memory of a struct TALER_AgeProof
+ *
+ * @param ap the proof of commitment from which all memory should be freed.
+ */
+void
+TALER_age_proof_free (
+ struct TALER_AgeProof *ap);
+
+
+/**
+ * @brief helper function to free memory of a struct TALER_AgeCommitmentProof
+ *
+ * @param acp the commitment and its proof from which all memory should be
freed.
+ */
+void
+TALER_age_commitment_proof_free (
+ struct TALER_AgeCommitmentProof *acp);
+
+
+/**
+ * @brief helper function to allocate and copy a struct
TALER_AgeCommitmentProof
+ *
+ * @param[in] acp The original age commitment proof
+ * @return The deep copy of @e acp, allocated
+ */
+struct TALER_AgeCommitmentProof *
+TALER_age_commitment_proof_duplicate (
+ const struct TALER_AgeCommitmentProof *acp);
+
+/**
+ * @brief helper function to copy a struct TALER_AgeCommitmentProof
+ *
+ * @param[in] acp The original age commitment proof
+ * @param[out] nacp The struct to copy the data into, with freshly allocated
and copied keys.
+ */
+void
+TALER_age_commitment_proof_deep_copy (
+ const struct TALER_AgeCommitmentProof *acp,
+ struct TALER_AgeCommitmentProof *nacp);
+
+/**
+ * @brief For age-withdraw, clients have to prove that the public keys for all
+ * age groups larger than the allowed maximum age group are derived by scalar
+ * multiplication from this Edx25519 public key (in Crockford Base32 encoding):
+ *
+ * DZJRF6HXN520505XDAWM8NMH36QV9J3VH77265WQ09EBQ76QSKCG
+ *
+ * Its private key was chosen randomly and then deleted.
+ */
+extern struct
+#ifndef AGE_RESTRICTION_WITH_ECDSA
+GNUNET_CRYPTO_Edx25519PublicKey
+#else
+GNUNET_CRYPTO_EcdsaPublicKey
+#endif
+TALER_age_commitment_base_public_key;
+
+/**
+ * @brief Similar to TALER_age_restriction_commit, but takes the coin's
+ * private key as seed input and calculates the public keys in the slots larger
+ * than the given age as derived from TALER_age_commitment_base_public_key.
+ *
+ * See
https://docs.taler.net/core/api-exchange.html#withdraw-with-age-restriction
+ *
+ * @param secret The master secret of the coin from which we derive the age
restriction
+ * @param mask The age mask, defining the age groups
+ * @param max_age The maximum age for this coin.
+ * @param[out] comm_proof The commitment and proof for age restriction for age
@a max_age
+ */
+void
+TALER_age_restriction_from_secret (
+ const struct TALER_PlanchetMasterSecretP *secret,
+ const struct TALER_AgeMask *mask,
+ const uint8_t max_age,
+ struct TALER_AgeCommitmentProof *comm_proof);
+
+
+/**
+ * Group of Denominations. These are the common fields of an array of
+ * denominations.
+ *
+ * The corresponding JSON-blob will also contain an array of particular
+ * denominations with only the timestamps, cipher-specific public key and the
+ * master signature.
+ */
+struct TALER_DenominationGroup
+{
+
+ /**
+ * Value of coins in this denomination group.
+ */
+ struct TALER_Amount value;
+
+ /**
+ * Fee structure for all coins in the group.
+ */
+ struct TALER_DenomFeeSet fees;
+
+ /**
+ * Cipher used for the denomination.
+ */
+ enum GNUNET_CRYPTO_BlindSignatureAlgorithm cipher;
+
+ /**
+ * Age mask for the denomiation.
+ */
+ struct TALER_AgeMask age_mask;
+
+};
+
+
+/**
+ * Compute a unique key for the meta data of a denomination group.
+ *
+ * @param dg denomination group to evaluate
+ * @param[out] key key to set
+ */
+void
+TALER_denomination_group_get_key (
+ const struct TALER_DenominationGroup *dg,
+ struct GNUNET_HashCode *key);
+
+
+#endif
diff --git a/src/include/taler_error_codes.h b/src/include/taler_error_codes.h
new file mode 100644
index 0000000..57b9b15
--- /dev/null
+++ b/src/include/taler_error_codes.h
@@ -0,0 +1,4499 @@
+/*
+ This file is part of GNU Taler
+ Copyright (C) 2012-2020 Taler Systems SA
+
+ GNU Taler is free software: you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published
+ by the Free Software Foundation, either version 3 of the License,
+ or (at your option) any later version.
+
+ GNU Taler is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+ SPDX-License-Identifier: LGPL3.0-or-later
+
+ Note: the LGPL does not apply to all components of GNU Taler,
+ but it does apply to this file.
+ */
+ /**
+ * @file include/taler_error_codes.h
+ * @brief GNU Taler error codes, generated via https://gana.gnunet.org/
+ *
+ * Do NOT edit this file, it is generated!
+ */
+#ifndef GNU_TALER_ERROR_CODES_H
+#define GNU_TALER_ERROR_CODES_H
+
+#ifdef __cplusplus
+extern "C" {
+#if 0 /* keep Emacsens' auto-indent happy */
+}
+#endif
+#endif
+
+#include <limits.h>
+
+
+/**
+ * Taler error codes.
+ */
+enum TALER_ErrorCode
+{
+
+
+ /**
+ * Special code to indicate success (no error).
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_NONE = 0,
+
+
+ /**
+ * A non-integer error code was returned in the JSON response.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_INVALID = 1,
+
+
+ /**
+ * An internal failure happened on the client side.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_CLIENT_INTERNAL_ERROR = 2,
+
+
+ /**
+ * The response we got from the server was not even in JSON format.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_INVALID_RESPONSE = 10,
+
+
+ /**
+ * An operation timed out.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_TIMEOUT = 11,
+
+
+ /**
+ * The version string given does not follow the expected
CURRENT:REVISION:AGE Format.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_VERSION_MALFORMED = 12,
+
+
+ /**
+ * The service responded with a reply that was in JSON but did not satsify
the protocol. Note that invalid cryptographic signatures should have
signature-specific error codes.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_REPLY_MALFORMED = 13,
+
+
+ /**
+ * There is an error in the client-side configuration, for example the base
URL specified is malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_CONFIGURATION_INVALID = 14,
+
+
+ /**
+ * The client made a request to a service, but received an error response it
does not know how to handle.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_UNEXPECTED_REQUEST_ERROR = 15,
+
+
+ /**
+ * The token used by the client to authorize the request does not grant the
required permissions for the request.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_TOKEN_PERMISSION_INSUFFICIENT = 16,
+
+
+ /**
+ * The HTTP method used is invalid for this endpoint.
+ * Returned with an HTTP status code of #MHD_HTTP_METHOD_NOT_ALLOWED (405).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_METHOD_INVALID = 20,
+
+
+ /**
+ * There is no endpoint defined for the URL provided by the client.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_ENDPOINT_UNKNOWN = 21,
+
+
+ /**
+ * The JSON in the client's request was malformed (generic parse error).
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_JSON_INVALID = 22,
+
+
+ /**
+ * Some of the HTTP headers provided by the client caused the server to not
be able to handle the request.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_HTTP_HEADERS_MALFORMED = 23,
+
+
+ /**
+ * The payto:// URI provided by the client is malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_PAYTO_URI_MALFORMED = 24,
+
+
+ /**
+ * A required parameter in the request was missing.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_PARAMETER_MISSING = 25,
+
+
+ /**
+ * A parameter in the request was malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_PARAMETER_MALFORMED = 26,
+
+
+ /**
+ * The reserve public key given as part of a /reserves/ endpoint was
malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_RESERVE_PUB_MALFORMED = 27,
+
+
+ /**
+ * The body in the request could not be decompressed by the server.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_COMPRESSION_INVALID = 28,
+
+
+ /**
+ * The currency involved in the operation is not acceptable for this backend.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_CURRENCY_MISMATCH = 30,
+
+
+ /**
+ * The URI is longer than the longest URI the HTTP server is willing to
parse.
+ * Returned with an HTTP status code of #MHD_HTTP_URI_TOO_LONG (414).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_URI_TOO_LONG = 31,
+
+
+ /**
+ * The body is too large to be permissible for the endpoint.
+ * Returned with an HTTP status code of #MHD_HTTP_CONTENT_TOO_LARGE (413).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_UPLOAD_EXCEEDS_LIMIT = 32,
+
+
+ /**
+ * The service refused the request due to lack of proper authorization.
+ * Returned with an HTTP status code of #MHD_HTTP_UNAUTHORIZED (401).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_UNAUTHORIZED = 40,
+
+
+ /**
+ * The service refused the request as the given authorization token is
unknown.
+ * Returned with an HTTP status code of #MHD_HTTP_UNAUTHORIZED (401).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_TOKEN_UNKNOWN = 41,
+
+
+ /**
+ * The service refused the request as the given authorization token expired.
+ * Returned with an HTTP status code of #MHD_HTTP_UNAUTHORIZED (401).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_TOKEN_EXPIRED = 42,
+
+
+ /**
+ * The service refused the request as the given authorization token is
malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_UNAUTHORIZED (401).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_TOKEN_MALFORMED = 43,
+
+
+ /**
+ * The service refused the request due to lack of proper rights on the
resource.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_FORBIDDEN = 44,
+
+
+ /**
+ * The service failed initialize its connection to the database.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_DB_SETUP_FAILED = 50,
+
+
+ /**
+ * The service encountered an error event to just start the database
transaction.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_DB_START_FAILED = 51,
+
+
+ /**
+ * The service failed to store information in its database.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_DB_STORE_FAILED = 52,
+
+
+ /**
+ * The service failed to fetch information from its database.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_DB_FETCH_FAILED = 53,
+
+
+ /**
+ * The service encountered an error event to commit the database transaction
(hard, unrecoverable error).
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_DB_COMMIT_FAILED = 54,
+
+
+ /**
+ * The service encountered an error event to commit the database
transaction, even after repeatedly retrying it there was always a conflicting
transaction. (This indicates a repeated serialization error; should only happen
if some client maliciously tries to create conflicting concurrent transactions.)
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_DB_SOFT_FAILURE = 55,
+
+
+ /**
+ * The service's database is inconsistent and violates service-internal
invariants.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_DB_INVARIANT_FAILURE = 56,
+
+
+ /**
+ * The HTTP server experienced an internal invariant failure (bug).
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE = 60,
+
+
+ /**
+ * The service could not compute a cryptographic hash over some JSON value.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_FAILED_COMPUTE_JSON_HASH = 61,
+
+
+ /**
+ * The service could not compute an amount.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_FAILED_COMPUTE_AMOUNT = 62,
+
+
+ /**
+ * The HTTP server had insufficient memory to parse the request.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_PARSER_OUT_OF_MEMORY = 70,
+
+
+ /**
+ * The HTTP server failed to allocate memory.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_ALLOCATION_FAILURE = 71,
+
+
+ /**
+ * The HTTP server failed to allocate memory for building JSON reply.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_JSON_ALLOCATION_FAILURE = 72,
+
+
+ /**
+ * The HTTP server failed to allocate memory for making a CURL request.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_CURL_ALLOCATION_FAILURE = 73,
+
+
+ /**
+ * The backend could not locate a required template to generate an HTML
reply.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_FAILED_TO_LOAD_TEMPLATE = 74,
+
+
+ /**
+ * The backend could not expand the template to generate an HTML reply.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_GENERIC_FAILED_TO_EXPAND_TEMPLATE = 75,
+
+
+ /**
+ * Exchange is badly configured and thus cannot operate.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_BAD_CONFIGURATION = 1000,
+
+
+ /**
+ * Operation specified unknown for this endpoint.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_OPERATION_UNKNOWN = 1001,
+
+
+ /**
+ * The number of segments included in the URI does not match the number of
segments expected by the endpoint.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_WRONG_NUMBER_OF_SEGMENTS = 1002,
+
+
+ /**
+ * The same coin was already used with a different denomination previously.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_COIN_CONFLICTING_DENOMINATION_KEY = 1003,
+
+
+ /**
+ * The public key of given to a "/coins/" endpoint of the exchange was
malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_COINS_INVALID_COIN_PUB = 1004,
+
+
+ /**
+ * The exchange is not aware of the denomination key the wallet requested
for the operation.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN = 1005,
+
+
+ /**
+ * The signature of the denomination key over the coin is not valid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_DENOMINATION_SIGNATURE_INVALID = 1006,
+
+
+ /**
+ * The exchange failed to perform the operation as it could not find the
private keys. This is a problem with the exchange setup, not with the client's
request.
+ * Returned with an HTTP status code of #MHD_HTTP_SERVICE_UNAVAILABLE (503).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING = 1007,
+
+
+ /**
+ * Validity period of the denomination lies in the future.
+ * Returned with an HTTP status code of #MHD_HTTP_PRECONDITION_FAILED (412).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_DENOMINATION_VALIDITY_IN_FUTURE = 1008,
+
+
+ /**
+ * Denomination key of the coin is past its expiration time for the
requested operation.
+ * Returned with an HTTP status code of #MHD_HTTP_GONE (410).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_DENOMINATION_EXPIRED = 1009,
+
+
+ /**
+ * Denomination key of the coin has been revoked.
+ * Returned with an HTTP status code of #MHD_HTTP_GONE (410).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_DENOMINATION_REVOKED = 1010,
+
+
+ /**
+ * An operation where the exchange interacted with a security module timed
out.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_SECMOD_TIMEOUT = 1011,
+
+
+ /**
+ * The respective coin did not have sufficient residual value for the
operation. The "history" in this response provides the "residual_value" of the
coin, which may be less than its "original_value".
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_INSUFFICIENT_FUNDS = 1012,
+
+
+ /**
+ * The exchange had an internal error reconstructing the transaction history
of the coin that was being processed.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_COIN_HISTORY_COMPUTATION_FAILED = 1013,
+
+
+ /**
+ * The exchange failed to obtain the transaction history of the given coin
from the database while generating an insufficient funds errors.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_HISTORY_DB_ERROR_INSUFFICIENT_FUNDS = 1014,
+
+
+ /**
+ * The same coin was already used with a different age hash previously.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_COIN_CONFLICTING_AGE_HASH = 1015,
+
+
+ /**
+ * The requested operation is not valid for the cipher used by the selected
denomination.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_INVALID_DENOMINATION_CIPHER_FOR_OPERATION = 1016,
+
+
+ /**
+ * The provided arguments for the operation use inconsistent ciphers.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_CIPHER_MISMATCH = 1017,
+
+
+ /**
+ * The number of denominations specified in the request exceeds the limit of
the exchange.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_NEW_DENOMS_ARRAY_SIZE_EXCESSIVE = 1018,
+
+
+ /**
+ * The coin is not known to the exchange (yet).
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_COIN_UNKNOWN = 1019,
+
+
+ /**
+ * The time at the server is too far off from the time specified in the
request. Most likely the client system time is wrong.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_CLOCK_SKEW = 1020,
+
+
+ /**
+ * The specified amount for the coin is higher than the value of the
denomination of the coin.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_AMOUNT_EXCEEDS_DENOMINATION_VALUE = 1021,
+
+
+ /**
+ * The exchange was not properly configured with global fees.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_GLOBAL_FEES_MISSING = 1022,
+
+
+ /**
+ * The exchange was not properly configured with wire fees.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_WIRE_FEES_MISSING = 1023,
+
+
+ /**
+ * The purse public key was malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_PURSE_PUB_MALFORMED = 1024,
+
+
+ /**
+ * The purse is unknown.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_PURSE_UNKNOWN = 1025,
+
+
+ /**
+ * The purse has expired.
+ * Returned with an HTTP status code of #MHD_HTTP_GONE (410).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_PURSE_EXPIRED = 1026,
+
+
+ /**
+ * The exchange has no information about the "reserve_pub" that was given.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_RESERVE_UNKNOWN = 1027,
+
+
+ /**
+ * The exchange is not allowed to proceed with the operation until the
client has satisfied a KYC check.
+ * Returned with an HTTP status code of
#MHD_HTTP_UNAVAILABLE_FOR_LEGAL_REASONS (451).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_KYC_REQUIRED = 1028,
+
+
+ /**
+ * Inconsistency between provided age commitment and attest: either none or
both must be provided
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_PURSE_DEPOSIT_COIN_CONFLICTING_ATTEST_VS_AGE_COMMITMENT =
1029,
+
+
+ /**
+ * The provided attestation for the minimum age couldn't be verified by the
exchange.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_PURSE_DEPOSIT_COIN_AGE_ATTESTATION_FAILURE = 1030,
+
+
+ /**
+ * The purse was deleted.
+ * Returned with an HTTP status code of #MHD_HTTP_GONE (410).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_PURSE_DELETED = 1031,
+
+
+ /**
+ * The public key of the AML officer in the URL was malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_AML_OFFICER_PUB_MALFORMED = 1032,
+
+
+ /**
+ * The signature affirming the GET request of the AML officer is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_AML_OFFICER_GET_SIGNATURE_INVALID = 1033,
+
+
+ /**
+ * The specified AML officer does not have access at this time.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_AML_OFFICER_ACCESS_DENIED = 1034,
+
+
+ /**
+ * The requested operation is denied pending the resolution of an anti-money
laundering investigation by the exchange operator. This is a manual process,
please wait and retry later.
+ * Returned with an HTTP status code of
#MHD_HTTP_UNAVAILABLE_FOR_LEGAL_REASONS (451).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_AML_PENDING = 1035,
+
+
+ /**
+ * The requested operation is denied as the account was frozen on suspicion
of money laundering. Please contact the exchange operator.
+ * Returned with an HTTP status code of
#MHD_HTTP_UNAVAILABLE_FOR_LEGAL_REASONS (451).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GENERIC_AML_FROZEN = 1036,
+
+
+ /**
+ * The exchange did not find information about the specified transaction in
the database.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_DEPOSITS_GET_NOT_FOUND = 1100,
+
+
+ /**
+ * The wire hash of given to a "/deposits/" handler was malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_DEPOSITS_GET_INVALID_H_WIRE = 1101,
+
+
+ /**
+ * The merchant key of given to a "/deposits/" handler was malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_DEPOSITS_GET_INVALID_MERCHANT_PUB = 1102,
+
+
+ /**
+ * The hash of the contract terms given to a "/deposits/" handler was
malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_DEPOSITS_GET_INVALID_H_CONTRACT_TERMS = 1103,
+
+
+ /**
+ * The coin public key of given to a "/deposits/" handler was malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_DEPOSITS_GET_INVALID_COIN_PUB = 1104,
+
+
+ /**
+ * The signature returned by the exchange in a /deposits/ request was
malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_DEPOSITS_GET_INVALID_SIGNATURE_BY_EXCHANGE = 1105,
+
+
+ /**
+ * The signature of the merchant is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_DEPOSITS_GET_MERCHANT_SIGNATURE_INVALID = 1106,
+
+
+ /**
+ * The provided policy data was not accepted
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_DEPOSITS_POLICY_NOT_ACCEPTED = 1107,
+
+
+ /**
+ * The given reserve does not have sufficient funds to admit the requested
withdraw operation at this time. The response includes the current "balance"
of the reserve as well as the transaction "history" that lead to this balance.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_WITHDRAW_INSUFFICIENT_FUNDS = 1150,
+
+
+ /**
+ * The given reserve does not have sufficient funds to admit the requested
age-withdraw operation at this time. The response includes the current
"balance" of the reserve as well as the transaction "history" that lead to this
balance.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_AGE_WITHDRAW_INSUFFICIENT_FUNDS = 1151,
+
+
+ /**
+ * The amount to withdraw together with the fee exceeds the numeric range
for Taler amounts. This is not a client failure, as the coin value and fees
come from the exchange's configuration.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_WITHDRAW_AMOUNT_FEE_OVERFLOW = 1152,
+
+
+ /**
+ * The exchange failed to create the signature using the denomination key.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_WITHDRAW_SIGNATURE_FAILED = 1153,
+
+
+ /**
+ * The signature of the reserve is not valid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_WITHDRAW_RESERVE_SIGNATURE_INVALID = 1154,
+
+
+ /**
+ * When computing the reserve history, we ended up with a negative overall
balance, which should be impossible.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_RESERVE_HISTORY_ERROR_INSUFFICIENT_FUNDS = 1155,
+
+
+ /**
+ * The reserve did not have sufficient funds in it to pay for a full reserve
history statement.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_GET_RESERVE_HISTORY_ERROR_INSUFFICIENT_BALANCE = 1156,
+
+
+ /**
+ * Withdraw period of the coin to be withdrawn is in the past.
+ * Returned with an HTTP status code of #MHD_HTTP_GONE (410).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_WITHDRAW_DENOMINATION_KEY_LOST = 1158,
+
+
+ /**
+ * The client failed to unblind the blind signature.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_WITHDRAW_UNBLIND_FAILURE = 1159,
+
+
+ /**
+ * The client re-used a withdraw nonce, which is not allowed.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_WITHDRAW_NONCE_REUSE = 1160,
+
+
+ /**
+ * The client provided an unknown commitment for an age-withdraw request.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_AGE_WITHDRAW_COMMITMENT_UNKNOWN = 1161,
+
+
+ /**
+ * The total sum of amounts from the denominations did overflow.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_AGE_WITHDRAW_AMOUNT_OVERFLOW = 1162,
+
+
+ /**
+ * The total sum of value and fees from the denominations differs from the
committed amount with fees.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_AGE_WITHDRAW_AMOUNT_INCORRECT = 1163,
+
+
+ /**
+ * The original commitment differs from the calculated hash
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_AGE_WITHDRAW_REVEAL_INVALID_HASH = 1164,
+
+
+ /**
+ * The maximum age in the commitment is too large for the reserve
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_AGE_WITHDRAW_MAXIMUM_AGE_TOO_LARGE = 1165,
+
+
+ /**
+ * The batch withdraw included a planchet that was already withdrawn. This
is not allowed.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_WITHDRAW_BATCH_IDEMPOTENT_PLANCHET = 1175,
+
+
+ /**
+ * The signature made by the coin over the deposit permission is not valid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_DEPOSIT_COIN_SIGNATURE_INVALID = 1205,
+
+
+ /**
+ * The same coin was already deposited for the same merchant and contract
with other details.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_DEPOSIT_CONFLICTING_CONTRACT = 1206,
+
+
+ /**
+ * The stated value of the coin after the deposit fee is subtracted would be
negative.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_DEPOSIT_NEGATIVE_VALUE_AFTER_FEE = 1207,
+
+
+ /**
+ * The stated refund deadline is after the wire deadline.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_DEPOSIT_REFUND_DEADLINE_AFTER_WIRE_DEADLINE = 1208,
+
+
+ /**
+ * The stated wire deadline is "never", which makes no sense.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_DEPOSIT_WIRE_DEADLINE_IS_NEVER = 1209,
+
+
+ /**
+ * The exchange failed to canonicalize and hash the given wire format. For
example, the merchant failed to provide the "salt" or a valid payto:// URI in
the wire details. Note that while the exchange will do some basic sanity
checking on the wire details, it cannot warrant that the banking system will
ultimately be able to route to the specified address, even if this check passed.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_DEPOSIT_INVALID_WIRE_FORMAT_JSON = 1210,
+
+
+ /**
+ * The hash of the given wire address does not match the wire hash specified
in the proposal data.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_DEPOSIT_INVALID_WIRE_FORMAT_CONTRACT_HASH_CONFLICT = 1211,
+
+
+ /**
+ * The signature provided by the exchange is not valid.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_DEPOSIT_INVALID_SIGNATURE_BY_EXCHANGE = 1221,
+
+
+ /**
+ * The deposited amount is smaller than the deposit fee, which would result
in a negative contribution.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_DEPOSIT_FEE_ABOVE_AMOUNT = 1222,
+
+
+ /**
+ * The proof of policy fulfillment was invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_EXTENSIONS_INVALID_FULFILLMENT = 1240,
+
+
+ /**
+ * The coin history was requested with a bad signature.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_COIN_HISTORY_BAD_SIGNATURE = 1251,
+
+
+ /**
+ * The reserve history was requested with a bad signature.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_RESERVE_HISTORY_BAD_SIGNATURE = 1252,
+
+
+ /**
+ * The exchange encountered melt fees exceeding the melted coin's
contribution.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MELT_FEES_EXCEED_CONTRIBUTION = 1302,
+
+
+ /**
+ * The signature made with the coin to be melted is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MELT_COIN_SIGNATURE_INVALID = 1303,
+
+
+ /**
+ * The denomination of the given coin has past its expiration date and it is
also not a valid zombie (that is, was not refreshed with the fresh coin being
subjected to recoup).
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MELT_COIN_EXPIRED_NO_ZOMBIE = 1305,
+
+
+ /**
+ * The signature returned by the exchange in a melt request was malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MELT_INVALID_SIGNATURE_BY_EXCHANGE = 1306,
+
+
+ /**
+ * The provided transfer keys do not match up with the original commitment.
Information about the original commitment is included in the response.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_REFRESHES_REVEAL_COMMITMENT_VIOLATION = 1353,
+
+
+ /**
+ * Failed to produce the blinded signatures over the coins to be returned.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_REFRESHES_REVEAL_SIGNING_ERROR = 1354,
+
+
+ /**
+ * The exchange is unaware of the refresh session specified in the request.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_REFRESHES_REVEAL_SESSION_UNKNOWN = 1355,
+
+
+ /**
+ * The size of the cut-and-choose dimension of the private transfer keys
request does not match #TALER_CNC_KAPPA - 1.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_REFRESHES_REVEAL_CNC_TRANSFER_ARRAY_SIZE_INVALID = 1356,
+
+
+ /**
+ * The number of envelopes given does not match the number of denomination
keys given.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_REFRESHES_REVEAL_NEW_DENOMS_ARRAY_SIZE_MISMATCH = 1358,
+
+
+ /**
+ * The exchange encountered a numeric overflow totaling up the cost for the
refresh operation.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_REFRESHES_REVEAL_COST_CALCULATION_OVERFLOW = 1359,
+
+
+ /**
+ * The exchange's cost calculation shows that the melt amount is below the
costs of the transaction.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_REFRESHES_REVEAL_AMOUNT_INSUFFICIENT = 1360,
+
+
+ /**
+ * The signature made with the coin over the link data is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_REFRESHES_REVEAL_LINK_SIGNATURE_INVALID = 1361,
+
+
+ /**
+ * The refresh session hash given to a /refreshes/ handler was malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_REFRESHES_REVEAL_INVALID_RCH = 1362,
+
+
+ /**
+ * Operation specified invalid for this endpoint.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_REFRESHES_REVEAL_OPERATION_INVALID = 1363,
+
+
+ /**
+ * The client provided age commitment data, but age restriction is not
supported on this server.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_REFRESHES_REVEAL_AGE_RESTRICTION_NOT_SUPPORTED = 1364,
+
+
+ /**
+ * The client provided invalid age commitment data: missing, not an array,
or array of invalid size.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_REFRESHES_REVEAL_AGE_RESTRICTION_COMMITMENT_INVALID = 1365,
+
+
+ /**
+ * The coin specified in the link request is unknown to the exchange.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_LINK_COIN_UNKNOWN = 1400,
+
+
+ /**
+ * The public key of given to a /transfers/ handler was malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_TRANSFERS_GET_WTID_MALFORMED = 1450,
+
+
+ /**
+ * The exchange did not find information about the specified wire transfer
identifier in the database.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_TRANSFERS_GET_WTID_NOT_FOUND = 1451,
+
+
+ /**
+ * The exchange did not find information about the wire transfer fees it
charged.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_TRANSFERS_GET_WIRE_FEE_NOT_FOUND = 1452,
+
+
+ /**
+ * The exchange found a wire fee that was above the total transfer value
(and thus could not have been charged).
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_TRANSFERS_GET_WIRE_FEE_INCONSISTENT = 1453,
+
+
+ /**
+ * The wait target of the URL was not in the set of expected values.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_PURSES_INVALID_WAIT_TARGET = 1475,
+
+
+ /**
+ * The signature on the purse status returned by the exchange was invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_PURSES_GET_INVALID_SIGNATURE_BY_EXCHANGE = 1476,
+
+
+ /**
+ * The exchange knows literally nothing about the coin we were asked to
refund. But without a transaction history, we cannot issue a refund. This is
kind-of OK, the owner should just refresh it directly without executing the
refund.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_REFUND_COIN_NOT_FOUND = 1500,
+
+
+ /**
+ * We could not process the refund request as the coin's transaction history
does not permit the requested refund because then refunds would exceed the
deposit amount. The "history" in the response proves this.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_REFUND_CONFLICT_DEPOSIT_INSUFFICIENT = 1501,
+
+
+ /**
+ * The exchange knows about the coin we were asked to refund, but not about
the specific /deposit operation. Hence, we cannot issue a refund (as we do not
know if this merchant public key is authorized to do a refund).
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_REFUND_DEPOSIT_NOT_FOUND = 1502,
+
+
+ /**
+ * The exchange can no longer refund the customer/coin as the money was
already transferred (paid out) to the merchant. (It should be past the refund
deadline.)
+ * Returned with an HTTP status code of #MHD_HTTP_GONE (410).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_REFUND_MERCHANT_ALREADY_PAID = 1503,
+
+
+ /**
+ * The refund fee specified for the request is lower than the refund fee
charged by the exchange for the given denomination key of the refunded coin.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_REFUND_FEE_TOO_LOW = 1504,
+
+
+ /**
+ * The refunded amount is smaller than the refund fee, which would result in
a negative refund.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_REFUND_FEE_ABOVE_AMOUNT = 1505,
+
+
+ /**
+ * The signature of the merchant is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_REFUND_MERCHANT_SIGNATURE_INVALID = 1506,
+
+
+ /**
+ * Merchant backend failed to create the refund confirmation signature.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_REFUND_MERCHANT_SIGNING_FAILED = 1507,
+
+
+ /**
+ * The signature returned by the exchange in a refund request was malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_REFUND_INVALID_SIGNATURE_BY_EXCHANGE = 1508,
+
+
+ /**
+ * The failure proof returned by the exchange is incorrect.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_REFUND_INVALID_FAILURE_PROOF_BY_EXCHANGE = 1509,
+
+
+ /**
+ * Conflicting refund granted before with different amount but same refund
transaction ID.
+ * Returned with an HTTP status code of #MHD_HTTP_FAILED_DEPENDENCY (424).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_REFUND_INCONSISTENT_AMOUNT = 1510,
+
+
+ /**
+ * The given coin signature is invalid for the request.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_RECOUP_SIGNATURE_INVALID = 1550,
+
+
+ /**
+ * The exchange could not find the corresponding withdraw operation. The
request is denied.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_RECOUP_WITHDRAW_NOT_FOUND = 1551,
+
+
+ /**
+ * The coin's remaining balance is zero. The request is denied.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_RECOUP_COIN_BALANCE_ZERO = 1552,
+
+
+ /**
+ * The exchange failed to reproduce the coin's blinding.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_RECOUP_BLINDING_FAILED = 1553,
+
+
+ /**
+ * The coin's remaining balance is zero. The request is denied.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_RECOUP_COIN_BALANCE_NEGATIVE = 1554,
+
+
+ /**
+ * The coin's denomination has not been revoked yet.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_RECOUP_NOT_ELIGIBLE = 1555,
+
+
+ /**
+ * The given coin signature is invalid for the request.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_RECOUP_REFRESH_SIGNATURE_INVALID = 1575,
+
+
+ /**
+ * The exchange could not find the corresponding melt operation. The request
is denied.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_RECOUP_REFRESH_MELT_NOT_FOUND = 1576,
+
+
+ /**
+ * The exchange failed to reproduce the coin's blinding.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_RECOUP_REFRESH_BLINDING_FAILED = 1578,
+
+
+ /**
+ * The coin's denomination has not been revoked yet.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_RECOUP_REFRESH_NOT_ELIGIBLE = 1580,
+
+
+ /**
+ * This exchange does not allow clients to request /keys for times other
than the current (exchange) time.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_KEYS_TIMETRAVEL_FORBIDDEN = 1600,
+
+
+ /**
+ * A signature in the server's response was malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_WIRE_SIGNATURE_INVALID = 1650,
+
+
+ /**
+ * No bank accounts are enabled for the exchange. The administrator should
enable-account using the taler-exchange-offline tool.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_WIRE_NO_ACCOUNTS_CONFIGURED = 1651,
+
+
+ /**
+ * The payto:// URI stored in the exchange database for its bank account is
malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_WIRE_INVALID_PAYTO_CONFIGURED = 1652,
+
+
+ /**
+ * No wire fees are configured for an enabled wire method of the exchange.
The administrator must set the wire-fee using the taler-exchange-offline tool.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_WIRE_FEES_NOT_CONFIGURED = 1653,
+
+
+ /**
+ * This purse was previously created with different meta data.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_RESERVES_PURSE_CREATE_CONFLICTING_META_DATA = 1675,
+
+
+ /**
+ * This purse was previously merged with different meta data.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_RESERVES_PURSE_MERGE_CONFLICTING_META_DATA = 1676,
+
+
+ /**
+ * The reserve has insufficient funds to create another purse.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_RESERVES_PURSE_CREATE_INSUFFICIENT_FUNDS = 1677,
+
+
+ /**
+ * The purse fee specified for the request is lower than the purse fee
charged by the exchange at this time.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_RESERVES_PURSE_FEE_TOO_LOW = 1678,
+
+
+ /**
+ * The payment request cannot be deleted anymore, as it either already
completed or timed out.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_PURSE_DELETE_ALREADY_DECIDED = 1679,
+
+
+ /**
+ * The signature affirming the purse deletion is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_PURSE_DELETE_SIGNATURE_INVALID = 1680,
+
+
+ /**
+ * Withdrawal from the reserve requires age restriction to be set.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_RESERVES_AGE_RESTRICTION_REQUIRED = 1681,
+
+
+ /**
+ * The exchange failed to talk to the process responsible for its private
denomination keys or the helpers had no denominations (properly) configured.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_GATEWAY (502).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_DENOMINATION_HELPER_UNAVAILABLE = 1700,
+
+
+ /**
+ * The response from the denomination key helper process was malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_DENOMINATION_HELPER_BUG = 1701,
+
+
+ /**
+ * The helper refuses to sign with the key, because it is too early: the
validity period has not yet started.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_DENOMINATION_HELPER_TOO_EARLY = 1702,
+
+
+ /**
+ * The signature of the exchange on the reply was invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_PURSE_DEPOSIT_EXCHANGE_SIGNATURE_INVALID = 1725,
+
+
+ /**
+ * The exchange failed to talk to the process responsible for its private
signing keys.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_GATEWAY (502).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_SIGNKEY_HELPER_UNAVAILABLE = 1750,
+
+
+ /**
+ * The response from the online signing key helper process was malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_SIGNKEY_HELPER_BUG = 1751,
+
+
+ /**
+ * The helper refuses to sign with the key, because it is too early: the
validity period has not yet started.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_SIGNKEY_HELPER_TOO_EARLY = 1752,
+
+
+ /**
+ * The purse expiration time is in the past at the time of its creation.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_RESERVES_PURSE_EXPIRATION_BEFORE_NOW = 1775,
+
+
+ /**
+ * The purse expiration time is set to never, which is not allowed.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_RESERVES_PURSE_EXPIRATION_IS_NEVER = 1776,
+
+
+ /**
+ * The signature affirming the merge of the purse is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_RESERVES_PURSE_MERGE_SIGNATURE_INVALID = 1777,
+
+
+ /**
+ * The signature by the reserve affirming the merge is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_RESERVES_RESERVE_MERGE_SIGNATURE_INVALID = 1778,
+
+
+ /**
+ * The signature by the reserve affirming the open operation is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_RESERVES_OPEN_BAD_SIGNATURE = 1785,
+
+
+ /**
+ * The signature by the reserve affirming the close operation is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_RESERVES_CLOSE_BAD_SIGNATURE = 1786,
+
+
+ /**
+ * The signature by the reserve affirming the attestion request is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_RESERVES_ATTEST_BAD_SIGNATURE = 1787,
+
+
+ /**
+ * The exchange does not know an origin account to which the remaining
reserve balance could be wired to, and the wallet failed to provide one.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_RESERVES_CLOSE_NO_TARGET_ACCOUNT = 1788,
+
+
+ /**
+ * The reserve balance is insufficient to pay for the open operation.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_RESERVES_OPEN_INSUFFICIENT_FUNDS = 1789,
+
+
+ /**
+ * The auditor that was supposed to be disabled is unknown to this exchange.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MANAGEMENT_AUDITOR_NOT_FOUND = 1800,
+
+
+ /**
+ * The exchange has a more recently signed conflicting instruction and is
thus refusing the current change (replay detected).
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MANAGEMENT_AUDITOR_MORE_RECENT_PRESENT = 1801,
+
+
+ /**
+ * The signature to add or enable the auditor does not validate.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MANAGEMENT_AUDITOR_ADD_SIGNATURE_INVALID = 1802,
+
+
+ /**
+ * The signature to disable the auditor does not validate.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MANAGEMENT_AUDITOR_DEL_SIGNATURE_INVALID = 1803,
+
+
+ /**
+ * The signature to revoke the denomination does not validate.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MANAGEMENT_DENOMINATION_REVOKE_SIGNATURE_INVALID = 1804,
+
+
+ /**
+ * The signature to revoke the online signing key does not validate.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MANAGEMENT_SIGNKEY_REVOKE_SIGNATURE_INVALID = 1805,
+
+
+ /**
+ * The exchange has a more recently signed conflicting instruction and is
thus refusing the current change (replay detected).
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MANAGEMENT_WIRE_MORE_RECENT_PRESENT = 1806,
+
+
+ /**
+ * The signingkey specified is unknown to the exchange.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MANAGEMENT_KEYS_SIGNKEY_UNKNOWN = 1807,
+
+
+ /**
+ * The signature to publish wire account does not validate.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MANAGEMENT_WIRE_DETAILS_SIGNATURE_INVALID = 1808,
+
+
+ /**
+ * The signature to add the wire account does not validate.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MANAGEMENT_WIRE_ADD_SIGNATURE_INVALID = 1809,
+
+
+ /**
+ * The signature to disable the wire account does not validate.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MANAGEMENT_WIRE_DEL_SIGNATURE_INVALID = 1810,
+
+
+ /**
+ * The wire account to be disabled is unknown to the exchange.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MANAGEMENT_WIRE_NOT_FOUND = 1811,
+
+
+ /**
+ * The signature to affirm wire fees does not validate.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MANAGEMENT_WIRE_FEE_SIGNATURE_INVALID = 1812,
+
+
+ /**
+ * The signature conflicts with a previous signature affirming different
fees.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MANAGEMENT_WIRE_FEE_MISMATCH = 1813,
+
+
+ /**
+ * The signature affirming the denomination key is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MANAGEMENT_KEYS_DENOMKEY_ADD_SIGNATURE_INVALID = 1814,
+
+
+ /**
+ * The signature affirming the signing key is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MANAGEMENT_KEYS_SIGNKEY_ADD_SIGNATURE_INVALID = 1815,
+
+
+ /**
+ * The signature conflicts with a previous signature affirming different
fees.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MANAGEMENT_GLOBAL_FEE_MISMATCH = 1816,
+
+
+ /**
+ * The signature affirming the fee structure is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MANAGEMENT_GLOBAL_FEE_SIGNATURE_INVALID = 1817,
+
+
+ /**
+ * The signature affirming the profit drain is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MANAGEMENT_DRAIN_PROFITS_SIGNATURE_INVALID = 1818,
+
+
+ /**
+ * The signature affirming the AML decision is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_AML_DECISION_ADD_SIGNATURE_INVALID = 1825,
+
+
+ /**
+ * The AML officer specified is not allowed to make AML decisions right now.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_AML_DECISION_INVALID_OFFICER = 1826,
+
+
+ /**
+ * There is a more recent AML decision on file. The decision was rejected as
timestamps of AML decisions must be monotonically increasing.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_AML_DECISION_MORE_RECENT_PRESENT = 1827,
+
+
+ /**
+ * There AML decision would impose an AML check of a type that is not
provided by any KYC provider known to the exchange.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_AML_DECISION_UNKNOWN_CHECK = 1828,
+
+
+ /**
+ * The signature affirming the change in the AML officer status is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MANAGEMENT_UPDATE_AML_OFFICER_SIGNATURE_INVALID = 1830,
+
+
+ /**
+ * A more recent decision about the AML officer status is known to the
exchange.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MANAGEMENT_AML_OFFICERS_MORE_RECENT_PRESENT = 1831,
+
+
+ /**
+ * The purse was previously created with different meta data.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_PURSE_CREATE_CONFLICTING_META_DATA = 1850,
+
+
+ /**
+ * The purse was previously created with a different contract.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_PURSE_CREATE_CONFLICTING_CONTRACT_STORED = 1851,
+
+
+ /**
+ * A coin signature for a deposit into the purse is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_PURSE_CREATE_COIN_SIGNATURE_INVALID = 1852,
+
+
+ /**
+ * The purse expiration time is in the past.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_PURSE_CREATE_EXPIRATION_BEFORE_NOW = 1853,
+
+
+ /**
+ * The purse expiration time is "never".
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_PURSE_CREATE_EXPIRATION_IS_NEVER = 1854,
+
+
+ /**
+ * The purse signature over the purse meta data is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_PURSE_CREATE_SIGNATURE_INVALID = 1855,
+
+
+ /**
+ * The signature over the encrypted contract is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_PURSE_ECONTRACT_SIGNATURE_INVALID = 1856,
+
+
+ /**
+ * The signature from the exchange over the confirmation is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_PURSE_CREATE_EXCHANGE_SIGNATURE_INVALID = 1857,
+
+
+ /**
+ * The coin was previously deposited with different meta data.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_PURSE_DEPOSIT_CONFLICTING_META_DATA = 1858,
+
+
+ /**
+ * The encrypted contract was previously uploaded with different meta data.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_PURSE_ECONTRACT_CONFLICTING_META_DATA = 1859,
+
+
+ /**
+ * The deposited amount is less than the purse fee.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_CREATE_PURSE_NEGATIVE_VALUE_AFTER_FEE = 1860,
+
+
+ /**
+ * The signature using the merge key is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_PURSE_MERGE_INVALID_MERGE_SIGNATURE = 1876,
+
+
+ /**
+ * The signature using the reserve key is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_PURSE_MERGE_INVALID_RESERVE_SIGNATURE = 1877,
+
+
+ /**
+ * The targeted purse is not yet full and thus cannot be merged. Retrying
the request later may succeed.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_PURSE_NOT_FULL = 1878,
+
+
+ /**
+ * The signature from the exchange over the confirmation is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_PURSE_MERGE_EXCHANGE_SIGNATURE_INVALID = 1879,
+
+
+ /**
+ * The exchange of the target account is not a partner of this exchange.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MERGE_PURSE_PARTNER_UNKNOWN = 1880,
+
+
+ /**
+ * The signature affirming the new partner is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MANAGEMENT_ADD_PARTNER_SIGNATURE_INVALID = 1890,
+
+
+ /**
+ * Conflicting data for the partner already exists with the exchange.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_MANAGEMENT_ADD_PARTNER_DATA_CONFLICT = 1891,
+
+
+ /**
+ * The auditor signature over the denomination meta data is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_AUDITORS_AUDITOR_SIGNATURE_INVALID = 1900,
+
+
+ /**
+ * The auditor that was specified is unknown to this exchange.
+ * Returned with an HTTP status code of #MHD_HTTP_PRECONDITION_FAILED (412).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_AUDITORS_AUDITOR_UNKNOWN = 1901,
+
+
+ /**
+ * The auditor that was specified is no longer used by this exchange.
+ * Returned with an HTTP status code of #MHD_HTTP_GONE (410).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_AUDITORS_AUDITOR_INACTIVE = 1902,
+
+
+ /**
+ * The signature affirming the wallet's KYC request was invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_KYC_WALLET_SIGNATURE_INVALID = 1925,
+
+
+ /**
+ * The exchange received an unexpected malformed response from its KYC
backend.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_GATEWAY (502).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_KYC_PROOF_BACKEND_INVALID_RESPONSE = 1926,
+
+
+ /**
+ * The backend signaled an unexpected failure.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_GATEWAY (502).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_KYC_PROOF_BACKEND_ERROR = 1927,
+
+
+ /**
+ * The backend signaled an authorization failure.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_KYC_PROOF_BACKEND_AUTHORIZATION_FAILED = 1928,
+
+
+ /**
+ * The exchange is unaware of having made an the authorization request.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_KYC_PROOF_REQUEST_UNKNOWN = 1929,
+
+
+ /**
+ * The payto-URI hash did not match. Hence the request was denied.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_KYC_CHECK_AUTHORIZATION_FAILED = 1930,
+
+
+ /**
+ * The request used a logic specifier that is not known to the exchange.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_KYC_GENERIC_LOGIC_UNKNOWN = 1931,
+
+
+ /**
+ * The request requires a logic which is no longer configured at the
exchange.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_KYC_GENERIC_LOGIC_GONE = 1932,
+
+
+ /**
+ * The logic plugin had a bug in its interaction with the KYC provider.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_KYC_GENERIC_LOGIC_BUG = 1933,
+
+
+ /**
+ * The exchange could not process the request with its KYC provider because
the provider refused access to the service. This indicates some configuration
issue at the Taler exchange operator.
+ * Returned with an HTTP status code of
#MHD_HTTP_NETWORK_AUTHENTICATION_REQUIRED (511).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_KYC_GENERIC_PROVIDER_ACCESS_REFUSED = 1934,
+
+
+ /**
+ * There was a timeout in the interaction between the exchange and the KYC
provider. The most likely cause is some networking problem. Trying again later
might succeed.
+ * Returned with an HTTP status code of #MHD_HTTP_GATEWAY_TIMEOUT (504).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_KYC_GENERIC_PROVIDER_TIMEOUT = 1935,
+
+
+ /**
+ * The KYC provider responded with a status that was completely unexpected
by the KYC logic of the exchange.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_GATEWAY (502).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_KYC_GENERIC_PROVIDER_UNEXPECTED_REPLY = 1936,
+
+
+ /**
+ * The rate limit of the exchange at the KYC provider has been exceeded.
Trying much later might work.
+ * Returned with an HTTP status code of #MHD_HTTP_SERVICE_UNAVAILABLE (503).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_KYC_GENERIC_PROVIDER_RATE_LIMIT_EXCEEDED = 1937,
+
+
+ /**
+ * The request to the webhook lacked proper authorization or authentication
data.
+ * Returned with an HTTP status code of #MHD_HTTP_UNAUTHORIZED (401).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_KYC_WEBHOOK_UNAUTHORIZED = 1938,
+
+
+ /**
+ * The exchange does not know a contract under the given contract public key.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_CONTRACTS_UNKNOWN = 1950,
+
+
+ /**
+ * The URL does not encode a valid exchange public key in its path.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_CONTRACTS_INVALID_CONTRACT_PUB = 1951,
+
+
+ /**
+ * The returned encrypted contract did not decrypt.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_CONTRACTS_DECRYPTION_FAILED = 1952,
+
+
+ /**
+ * The signature on the encrypted contract did not validate.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_CONTRACTS_SIGNATURE_INVALID = 1953,
+
+
+ /**
+ * The decrypted contract was malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_CONTRACTS_DECODING_FAILED = 1954,
+
+
+ /**
+ * A coin signature for a deposit into the purse is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_PURSE_DEPOSIT_COIN_SIGNATURE_INVALID = 1975,
+
+
+ /**
+ * It is too late to deposit coins into the purse.
+ * Returned with an HTTP status code of #MHD_HTTP_GONE (410).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_PURSE_DEPOSIT_DECIDED_ALREADY = 1976,
+
+
+ /**
+ * TOTP key is not valid.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_EXCHANGE_TOTP_KEY_INVALID = 1980,
+
+
+ /**
+ * The backend could not find the merchant instance specified in the request.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GENERIC_INSTANCE_UNKNOWN = 2000,
+
+
+ /**
+ * The start and end-times in the wire fee structure leave a hole. This is
not allowed.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GENERIC_HOLE_IN_WIRE_FEE_STRUCTURE = 2001,
+
+
+ /**
+ * The merchant was unable to obtain a valid answer to /wire from the
exchange.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_GATEWAY (502).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GENERIC_EXCHANGE_WIRE_REQUEST_FAILED = 2002,
+
+
+ /**
+ * The proposal is not known to the backend.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GENERIC_ORDER_UNKNOWN = 2005,
+
+
+ /**
+ * The order provided to the backend could not be completed, because a
product to be completed via inventory data is not actually in our inventory.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GENERIC_PRODUCT_UNKNOWN = 2006,
+
+
+ /**
+ * The reward ID is unknown. This could happen if the reward has expired.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GENERIC_REWARD_ID_UNKNOWN = 2007,
+
+
+ /**
+ * The contract obtained from the merchant backend was malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GENERIC_DB_CONTRACT_CONTENT_INVALID = 2008,
+
+
+ /**
+ * The order we found does not match the provided contract hash.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GENERIC_CONTRACT_HASH_DOES_NOT_MATCH_ORDER = 2009,
+
+
+ /**
+ * The exchange failed to provide a valid response to the merchant's /keys
request.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_GATEWAY (502).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GENERIC_EXCHANGE_KEYS_FAILURE = 2010,
+
+
+ /**
+ * The exchange failed to respond to the merchant on time.
+ * Returned with an HTTP status code of #MHD_HTTP_GATEWAY_TIMEOUT (504).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GENERIC_EXCHANGE_TIMEOUT = 2011,
+
+
+ /**
+ * The merchant failed to talk to the exchange.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GENERIC_EXCHANGE_CONNECT_FAILURE = 2012,
+
+
+ /**
+ * The exchange returned a maformed response.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_GATEWAY (502).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GENERIC_EXCHANGE_REPLY_MALFORMED = 2013,
+
+
+ /**
+ * The exchange returned an unexpected response status.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_GATEWAY (502).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GENERIC_EXCHANGE_UNEXPECTED_STATUS = 2014,
+
+
+ /**
+ * The merchant refused the request due to lack of authorization.
+ * Returned with an HTTP status code of #MHD_HTTP_UNAUTHORIZED (401).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GENERIC_UNAUTHORIZED = 2015,
+
+
+ /**
+ * The merchant instance specified in the request was deleted.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GENERIC_INSTANCE_DELETED = 2016,
+
+
+ /**
+ * The backend could not find the inbound wire transfer specified in the
request.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GENERIC_TRANSFER_UNKNOWN = 2017,
+
+
+ /**
+ * The backend could not find the template(id) because it is not exist.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GENERIC_TEMPLATE_UNKNOWN = 2018,
+
+
+ /**
+ * The backend could not find the webhook(id) because it is not exist.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GENERIC_WEBHOOK_UNKNOWN = 2019,
+
+
+ /**
+ * The backend could not find the webhook(serial) because it is not exist.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GENERIC_PENDING_WEBHOOK_UNKNOWN = 2020,
+
+
+ /**
+ * The backend could not find the OTP device(id) because it is not exist.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GENERIC_OTP_DEVICE_UNKNOWN = 2021,
+
+
+ /**
+ * The account is not known to the backend.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GENERIC_ACCOUNT_UNKNOWN = 2022,
+
+
+ /**
+ * The wire hash was malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GENERIC_H_WIRE_MALFORMED = 2023,
+
+
+ /**
+ * The currency specified in the operation does not work with the current
state of the given resource.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GENERIC_CURRENCY_MISMATCH = 2024,
+
+
+ /**
+ * The exchange failed to provide a valid answer to the tracking request,
thus those details are not in the response.
+ * Returned with an HTTP status code of #MHD_HTTP_OK (200).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GET_ORDERS_EXCHANGE_TRACKING_FAILURE = 2100,
+
+
+ /**
+ * The merchant backend failed to construct the request for tracking to the
exchange, thus tracking details are not in the response.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GET_ORDERS_ID_EXCHANGE_REQUEST_FAILURE = 2103,
+
+
+ /**
+ * The merchant backend failed trying to contact the exchange for tracking
details, thus those details are not in the response.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GET_ORDERS_ID_EXCHANGE_LOOKUP_START_FAILURE = 2104,
+
+
+ /**
+ * The claim token used to authenticate the client is invalid for this order.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GET_ORDERS_ID_INVALID_TOKEN = 2105,
+
+
+ /**
+ * The contract terms hash used to authenticate the client is invalid for
this order.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_GET_ORDERS_ID_INVALID_CONTRACT_HASH = 2106,
+
+
+ /**
+ * The exchange responded saying that funds were insufficient (for example,
due to double-spending).
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_PAY_INSUFFICIENT_FUNDS = 2150,
+
+
+ /**
+ * The denomination key used for payment is not listed among the
denomination keys of the exchange.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_PAY_DENOMINATION_KEY_NOT_FOUND = 2151,
+
+
+ /**
+ * The denomination key used for payment is not audited by an auditor
approved by the merchant.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_PAY_DENOMINATION_KEY_AUDITOR_FAILURE = 2152,
+
+
+ /**
+ * There was an integer overflow totaling up the amounts or deposit fees in
the payment.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_PAY_AMOUNT_OVERFLOW = 2153,
+
+
+ /**
+ * The deposit fees exceed the total value of the payment.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_PAY_FEES_EXCEED_PAYMENT = 2154,
+
+
+ /**
+ * After considering deposit and wire fees, the payment is insufficient to
satisfy the required amount for the contract. The client should revisit the
logic used to calculate fees it must cover.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_ACCEPTABLE (406).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_PAY_INSUFFICIENT_DUE_TO_FEES = 2155,
+
+
+ /**
+ * Even if we do not consider deposit and wire fees, the payment is
insufficient to satisfy the required amount for the contract.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_ACCEPTABLE (406).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_PAY_PAYMENT_INSUFFICIENT = 2156,
+
+
+ /**
+ * The signature over the contract of one of the coins was invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_PAY_COIN_SIGNATURE_INVALID = 2157,
+
+
+ /**
+ * When we tried to find information about the exchange to issue the
deposit, we failed. This usually only happens if the merchant backend is
somehow unable to get its own HTTP client logic to work.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_PAY_EXCHANGE_LOOKUP_FAILED = 2158,
+
+
+ /**
+ * The refund deadline in the contract is after the transfer deadline.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+
TALER_EC_MERCHANT_POST_ORDERS_ID_PAY_REFUND_DEADLINE_PAST_WIRE_TRANSFER_DEADLINE
= 2159,
+
+
+ /**
+ * The order was already paid (maybe by another wallet).
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_PAY_ALREADY_PAID = 2160,
+
+
+ /**
+ * The payment is too late, the offer has expired.
+ * Returned with an HTTP status code of #MHD_HTTP_GONE (410).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_PAY_OFFER_EXPIRED = 2161,
+
+
+ /**
+ * The "merchant" field is missing in the proposal data. This is an internal
error as the proposal is from the merchant's own database at this point.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_PAY_MERCHANT_FIELD_MISSING = 2162,
+
+
+ /**
+ * Failed to locate merchant's account information matching the wire hash
given in the proposal.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_PAY_WIRE_HASH_UNKNOWN = 2163,
+
+
+ /**
+ * The deposit time for the denomination has expired.
+ * Returned with an HTTP status code of #MHD_HTTP_GONE (410).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_PAY_DENOMINATION_DEPOSIT_EXPIRED = 2165,
+
+
+ /**
+ * The exchange of the deposited coin charges a wire fee that could not be
added to the total (total amount too high).
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_PAY_EXCHANGE_WIRE_FEE_ADDITION_FAILED =
2166,
+
+
+ /**
+ * The contract was not fully paid because of refunds. Note that clients MAY
treat this as paid if, for example, contracts must be executed despite of
refunds.
+ * Returned with an HTTP status code of #MHD_HTTP_PAYMENT_REQUIRED (402).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_PAY_REFUNDED = 2167,
+
+
+ /**
+ * According to our database, we have refunded more than we were paid (which
should not be possible).
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_PAY_REFUNDS_EXCEED_PAYMENTS = 2168,
+
+
+ /**
+ * Legacy stuff. Remove me with protocol v1.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+
TALER_EC_DEAD_QQQ_PAY_MERCHANT_POST_ORDERS_ID_ABORT_REFUND_REFUSED_PAYMENT_COMPLETE
= 2169,
+
+
+ /**
+ * The payment failed at the exchange.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_GATEWAY (502).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_PAY_EXCHANGE_FAILED = 2170,
+
+
+ /**
+ * The payment required a minimum age but one of the coins (of a
denomination with support for age restriction) did not provide any
age_commitment.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_PAY_AGE_COMMITMENT_MISSING = 2171,
+
+
+ /**
+ * The payment required a minimum age but one of the coins provided an
age_commitment that contained a wrong number of public keys compared to the
number of age groups defined in the denomination of the coin.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_PAY_AGE_COMMITMENT_SIZE_MISMATCH = 2172,
+
+
+ /**
+ * The payment required a minimum age but one of the coins provided a
minimum_age_sig that couldn't be verified with the given age_commitment for
that particular minimum age.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_PAY_AGE_VERIFICATION_FAILED = 2173,
+
+
+ /**
+ * The payment required no minimum age but one of the coins (of a
denomination with support for age restriction) did not provide the required
h_age_commitment.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_PAY_AGE_COMMITMENT_HASH_MISSING = 2174,
+
+
+ /**
+ * The exchange does not support the selected bank account of the merchant.
Likely the merchant had stale data on the bank accounts of the exchange and
thus selected an inappropriate exchange when making the offer.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_PAY_WIRE_METHOD_UNSUPPORTED = 2175,
+
+
+ /**
+ * The contract hash does not match the given order ID.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_PAID_CONTRACT_HASH_MISMATCH = 2200,
+
+
+ /**
+ * The signature of the merchant is not valid for the given contract hash.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_PAID_COIN_SIGNATURE_INVALID = 2201,
+
+
+ /**
+ * The merchant failed to send the exchange the refund request.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_ABORT_EXCHANGE_REFUND_FAILED = 2251,
+
+
+ /**
+ * The merchant failed to find the exchange to process the lookup.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_ABORT_EXCHANGE_LOOKUP_FAILED = 2252,
+
+
+ /**
+ * The merchant could not find the contract.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_ABORT_CONTRACT_NOT_FOUND = 2253,
+
+
+ /**
+ * The payment was already completed and thus cannot be aborted anymore.
+ * Returned with an HTTP status code of #MHD_HTTP_PRECONDITION_FAILED (412).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_ABORT_REFUND_REFUSED_PAYMENT_COMPLETE =
2254,
+
+
+ /**
+ * The hash provided by the wallet does not match the order.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_ABORT_CONTRACT_HASH_MISSMATCH = 2255,
+
+
+ /**
+ * The array of coins cannot be empty.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_ABORT_COINS_ARRAY_EMPTY = 2256,
+
+
+ /**
+ * We could not claim the order because the backend is unaware of it.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_CLAIM_NOT_FOUND = 2300,
+
+
+ /**
+ * We could not claim the order because someone else claimed it first.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_CLAIM_ALREADY_CLAIMED = 2301,
+
+
+ /**
+ * The client-side experienced an internal failure.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_CLAIM_CLIENT_INTERNAL_FAILURE = 2302,
+
+
+ /**
+ * The backend failed to sign the refund request.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_ORDERS_ID_REFUND_SIGNATURE_FAILED = 2350,
+
+
+ /**
+ * The client failed to unblind the signature returned by the merchant.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_REWARD_PICKUP_UNBLIND_FAILURE = 2400,
+
+
+ /**
+ * The exchange returned a failure code for the withdraw operation.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_GATEWAY (502).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_REWARD_PICKUP_EXCHANGE_ERROR = 2403,
+
+
+ /**
+ * The merchant failed to add up the amounts to compute the pick up value.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_REWARD_PICKUP_SUMMATION_FAILED = 2404,
+
+
+ /**
+ * The reward expired.
+ * Returned with an HTTP status code of #MHD_HTTP_GONE (410).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_REWARD_PICKUP_HAS_EXPIRED = 2405,
+
+
+ /**
+ * The requested withdraw amount exceeds the amount remaining to be picked
up.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_REWARD_PICKUP_AMOUNT_EXCEEDS_REWARD_REMAINING = 2406,
+
+
+ /**
+ * The merchant did not find the specified denomination key in the
exchange's key set.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_REWARD_PICKUP_DENOMINATION_UNKNOWN = 2407,
+
+
+ /**
+ * The backend lacks a wire transfer method configuration option for the
given instance. Thus, this instance is unavailable (not findable for creating
new orders).
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_ORDERS_INSTANCE_CONFIGURATION_LACKS_WIRE =
2500,
+
+
+ /**
+ * The proposal had no timestamp and the backend failed to obtain the local
time. Likely to be an internal error.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_ORDERS_NO_LOCALTIME = 2501,
+
+
+ /**
+ * The order provided to the backend could not be parsed, some required
fields were missing or ill-formed.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_ORDERS_PROPOSAL_PARSE_ERROR = 2502,
+
+
+ /**
+ * The backend encountered an error: the proposal already exists.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_ORDERS_ALREADY_EXISTS = 2503,
+
+
+ /**
+ * The request is invalid: the wire deadline is before the refund deadline.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_ORDERS_REFUND_AFTER_WIRE_DEADLINE = 2504,
+
+
+ /**
+ * The request is invalid: a delivery date was given, but it is in the past.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_ORDERS_DELIVERY_DATE_IN_PAST = 2505,
+
+
+ /**
+ * The request is invalid: the wire deadline for the order would be "never".
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_ORDERS_WIRE_DEADLINE_IS_NEVER = 2506,
+
+
+ /**
+ * The request is invalid: a payment deadline was given, but it is in the
past.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_ORDERS_PAY_DEADLINE_IN_PAST = 2507,
+
+
+ /**
+ * The request is invalid: a refund deadline was given, but it is in the
past.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_ORDERS_REFUND_DEADLINE_IN_PAST = 2508,
+
+
+ /**
+ * The backend does not trust any exchange that would allow funds to be
wired to any bank account of this instance using the selected wire method. Note
that right now, we do not support the use of exchange bank accounts with
mandatory currency conversion.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_ORDERS_NO_EXCHANGES_FOR_WIRE_METHOD = 2509,
+
+
+ /**
+ * One of the paths to forget is malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_PATCH_ORDERS_ID_FORGET_PATH_SYNTAX_INCORRECT =
2510,
+
+
+ /**
+ * One of the paths to forget was not marked as forgettable.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_PATCH_ORDERS_ID_FORGET_PATH_NOT_FORGETTABLE = 2511,
+
+
+ /**
+ * The order provided to the backend could not be deleted, our offer is
still valid and awaiting payment.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_DELETE_ORDERS_AWAITING_PAYMENT = 2520,
+
+
+ /**
+ * The order provided to the backend could not be deleted as the order was
already paid.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_DELETE_ORDERS_ALREADY_PAID = 2521,
+
+
+ /**
+ * The amount to be refunded is inconsistent: either is lower than the
previous amount being awarded, or it is too big to be paid back. In this second
case, the fault stays on the business dept. side.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_ORDERS_ID_REFUND_INCONSISTENT_AMOUNT = 2530,
+
+
+ /**
+ * The frontend gave an unpaid order id to issue the refund to.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_ORDERS_ID_REFUND_ORDER_UNPAID = 2531,
+
+
+ /**
+ * The refund delay was set to 0 and thus no refunds are allowed for this
order.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_ORDERS_ID_REFUND_NOT_ALLOWED_BY_CONTRACT =
2532,
+
+
+ /**
+ * The exchange says it does not know this transfer.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_GATEWAY (502).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_TRANSFERS_EXCHANGE_UNKNOWN = 2550,
+
+
+ /**
+ * We internally failed to execute the /track/transfer request.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_GATEWAY (502).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_TRANSFERS_REQUEST_ERROR = 2551,
+
+
+ /**
+ * The amount transferred differs between what was submitted and what the
exchange claimed.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_TRANSFERS_CONFLICTING_TRANSFERS = 2552,
+
+
+ /**
+ * The exchange gave conflicting information about a coin which has been
wire transferred.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_TRANSFERS_CONFLICTING_REPORTS = 2553,
+
+
+ /**
+ * The exchange charged a different wire fee than what it originally
advertised, and it is higher.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_GATEWAY (502).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_TRANSFERS_BAD_WIRE_FEE = 2554,
+
+
+ /**
+ * We did not find the account that the transfer was made to.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_TRANSFERS_ACCOUNT_NOT_FOUND = 2555,
+
+
+ /**
+ * The backend could not delete the transfer as the echange already replied
to our inquiry about it and we have integrated the result.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_DELETE_TRANSFERS_ALREADY_CONFIRMED = 2556,
+
+
+ /**
+ * The backend was previously informed about a wire transfer with the same
ID but a different amount. Multiple wire transfers with the same ID are not
allowed. If the new amount is correct, the old transfer should first be deleted.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_TRANSFERS_CONFLICTING_SUBMISSION = 2557,
+
+
+ /**
+ * We are waiting for the exchange to provide us with key material before
checking the wire transfer.
+ * Returned with an HTTP status code of #MHD_HTTP_ACCEPTED (202).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_EXCHANGE_TRANSFERS_AWAITING_KEYS = 2258,
+
+
+ /**
+ * We are waiting for the exchange to provide us with the list of aggregated
transactions.
+ * Returned with an HTTP status code of #MHD_HTTP_ACCEPTED (202).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_EXCHANGE_TRANSFERS_AWAITING_LIST = 2259,
+
+
+ /**
+ * The endpoint indicated in the wire transfer does not belong to a GNU
Taler exchange.
+ * Returned with an HTTP status code of #MHD_HTTP_OK (200).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_EXCHANGE_TRANSFERS_FATAL_NO_EXCHANGE = 2260,
+
+
+ /**
+ * The exchange indicated in the wire transfer claims to know nothing about
the wire transfer.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_EXCHANGE_TRANSFERS_FATAL_NOT_FOUND = 2261,
+
+
+ /**
+ * The interaction with the exchange is delayed due to rate limiting.
+ * Returned with an HTTP status code of #MHD_HTTP_ACCEPTED (202).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_EXCHANGE_TRANSFERS_RATE_LIMITED = 2262,
+
+
+ /**
+ * We experienced a transient failure in our interaction with the exchange.
+ * Returned with an HTTP status code of #MHD_HTTP_ACCEPTED (202).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_EXCHANGE_TRANSFERS_TRANSIENT_FAILURE = 2263,
+
+
+ /**
+ * The response from the exchange was unacceptable and should be reviewed
with an auditor.
+ * Returned with an HTTP status code of #MHD_HTTP_OK (200).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_EXCHANGE_TRANSFERS_HARD_FAILURE = 2264,
+
+
+ /**
+ * The amount transferred differs between what was submitted and what the
exchange claimed.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_EXCHANGE_TRANSFERS_CONFLICTING_TRANSFERS = 2563,
+
+
+ /**
+ * The merchant backend cannot create an instance under the given identifier
as one already exists. Use PATCH to modify the existing entry.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_INSTANCES_ALREADY_EXISTS = 2600,
+
+
+ /**
+ * The merchant backend cannot create an instance because the authentication
configuration field is malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_INSTANCES_BAD_AUTH = 2601,
+
+
+ /**
+ * The merchant backend cannot update an instance's authentication settings
because the provided authentication settings are malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_INSTANCE_AUTH_BAD_AUTH = 2602,
+
+
+ /**
+ * The merchant backend cannot create an instance under the given
identifier, the previous one was deleted but must be purged first.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_INSTANCES_PURGE_REQUIRED = 2603,
+
+
+ /**
+ * The merchant backend cannot update an instance under the given
identifier, the previous one was deleted but must be purged first.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_PATCH_INSTANCES_PURGE_REQUIRED = 2625,
+
+
+ /**
+ * The bank account referenced in the requested operation was not found.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_ACCOUNT_DELETE_UNKNOWN_ACCOUNT = 2626,
+
+
+ /**
+ * The bank account specified in the request already exists at the merchant.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_ACCOUNT_EXISTS = 2627,
+
+
+ /**
+ * The product ID exists.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_PRODUCTS_CONFLICT_PRODUCT_EXISTS = 2650,
+
+
+ /**
+ * The update would have reduced the total amount of product lost, which is
not allowed.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_PATCH_PRODUCTS_TOTAL_LOST_REDUCED = 2660,
+
+
+ /**
+ * The update would have mean that more stocks were lost than what remains
from total inventory after sales, which is not allowed.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_PATCH_PRODUCTS_TOTAL_LOST_EXCEEDS_STOCKS = 2661,
+
+
+ /**
+ * The update would have reduced the total amount of product in stock, which
is not allowed.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_PATCH_PRODUCTS_TOTAL_STOCKED_REDUCED = 2662,
+
+
+ /**
+ * The update would have reduced the total amount of product sold, which is
not allowed.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_PATCH_PRODUCTS_TOTAL_SOLD_REDUCED = 2663,
+
+
+ /**
+ * The lock request is for more products than we have left (unlocked) in
stock.
+ * Returned with an HTTP status code of #MHD_HTTP_GONE (410).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_PRODUCTS_LOCK_INSUFFICIENT_STOCKS = 2670,
+
+
+ /**
+ * The deletion request is for a product that is locked.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_DELETE_PRODUCTS_CONFLICTING_LOCK = 2680,
+
+
+ /**
+ * The requested wire method is not supported by the exchange.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_RESERVES_UNSUPPORTED_WIRE_METHOD = 2700,
+
+
+ /**
+ * The requested exchange does not allow rewards.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_RESERVES_REWARDS_NOT_ALLOWED = 2701,
+
+
+ /**
+ * The reserve could not be deleted because it is unknown.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_DELETE_RESERVES_NO_SUCH_RESERVE = 2710,
+
+
+ /**
+ * The reserve that was used to fund the rewards has expired.
+ * Returned with an HTTP status code of #MHD_HTTP_GONE (410).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_REWARD_AUTHORIZE_RESERVE_EXPIRED = 2750,
+
+
+ /**
+ * The reserve that was used to fund the rewards was not found in the DB.
+ * Returned with an HTTP status code of #MHD_HTTP_SERVICE_UNAVAILABLE (503).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_REWARD_AUTHORIZE_RESERVE_UNKNOWN = 2751,
+
+
+ /**
+ * The backend knows the instance that was supposed to support the reward,
and it was configured for rewardping. However, the funds remaining are
insufficient to cover the reward, and the merchant should top up the reserve.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_REWARD_AUTHORIZE_INSUFFICIENT_FUNDS = 2752,
+
+
+ /**
+ * The backend failed to find a reserve needed to authorize the reward.
+ * Returned with an HTTP status code of #MHD_HTTP_SERVICE_UNAVAILABLE (503).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_REWARD_AUTHORIZE_RESERVE_NOT_FOUND = 2753,
+
+
+ /**
+ * The merchant backend encountered a failure in computing the deposit total.
+ * Returned with an HTTP status code of #MHD_HTTP_OK (200).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_GET_ORDERS_ID_AMOUNT_ARITHMETIC_FAILURE = 2800,
+
+
+ /**
+ * The template ID already exists.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_TEMPLATES_CONFLICT_TEMPLATE_EXISTS = 2850,
+
+
+ /**
+ * The OTP device ID already exists.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_OTP_DEVICES_CONFLICT_OTP_DEVICE_EXISTS = 2851,
+
+
+ /**
+ * Amount given in the using template and in the template contract. There is
a conflict.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+
TALER_EC_MERCHANT_POST_USING_TEMPLATES_AMOUNT_CONFLICT_TEMPLATES_CONTRACT_AMOUNT
= 2860,
+
+
+ /**
+ * Subject given in the using template and in the template contract. There
is a conflict.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+
TALER_EC_MERCHANT_POST_USING_TEMPLATES_SUMMARY_CONFLICT_TEMPLATES_CONTRACT_SUBJECT
= 2861,
+
+
+ /**
+ * Amount not given in the using template and in the template contract.
There is a conflict.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_USING_TEMPLATES_NO_AMOUNT = 2862,
+
+
+ /**
+ * Subject not given in the using template and in the template contract.
There is a conflict.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_POST_USING_TEMPLATES_NO_SUMMARY = 2863,
+
+
+ /**
+ * The webhook ID elready exists.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_MERCHANT_PRIVATE_POST_WEBHOOKS_CONFLICT_WEBHOOK_EXISTS = 2900,
+
+
+ /**
+ * The webhook serial elready exists.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+
TALER_EC_MERCHANT_PRIVATE_POST_PENDING_WEBHOOKS_CONFLICT_PENDING_WEBHOOK_EXISTS
= 2910,
+
+
+ /**
+ * The signature from the exchange on the deposit confirmation is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_AUDITOR_DEPOSIT_CONFIRMATION_SIGNATURE_INVALID = 3100,
+
+
+ /**
+ * The exchange key used for the signature on the deposit confirmation was
revoked.
+ * Returned with an HTTP status code of #MHD_HTTP_GONE (410).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_AUDITOR_EXCHANGE_SIGNING_KEY_REVOKED = 3101,
+
+
+ /**
+ * Wire transfer attempted with credit and debit party being the same bank
account.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_SAME_ACCOUNT = 5101,
+
+
+ /**
+ * Wire transfer impossible, due to financial limitation of the party that
attempted the payment.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_UNALLOWED_DEBIT = 5102,
+
+
+ /**
+ * Negative numbers are not allowed (as value and/or fraction) to
instantiate an amount object.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_NEGATIVE_NUMBER_AMOUNT = 5103,
+
+
+ /**
+ * A too big number was used (as value and/or fraction) to instantiate an
amount object.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_NUMBER_TOO_BIG = 5104,
+
+
+ /**
+ * The bank account referenced in the requested operation was not found.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_UNKNOWN_ACCOUNT = 5106,
+
+
+ /**
+ * The transaction referenced in the requested operation (typically a reject
operation), was not found.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_TRANSACTION_NOT_FOUND = 5107,
+
+
+ /**
+ * Bank received a malformed amount string.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_BAD_FORMAT_AMOUNT = 5108,
+
+
+ /**
+ * The client does not own the account credited by the transaction which is
to be rejected, so it has no rights do reject it.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_REJECT_NO_RIGHTS = 5109,
+
+
+ /**
+ * This error code is returned when no known exception types captured the
exception.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_UNMANAGED_EXCEPTION = 5110,
+
+
+ /**
+ * This error code is used for all those exceptions that do not really need
a specific error code to return to the client. Used for example when a client
is trying to register with a unavailable username.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_SOFT_EXCEPTION = 5111,
+
+
+ /**
+ * The request UID for a request to transfer funds has already been used,
but with different details for the transfer.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_TRANSFER_REQUEST_UID_REUSED = 5112,
+
+
+ /**
+ * The withdrawal operation already has a reserve selected. The current
request conflicts with the existing selection.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_WITHDRAWAL_OPERATION_RESERVE_SELECTION_CONFLICT = 5113,
+
+
+ /**
+ * The wire transfer subject duplicates an existing reserve public key. But
wire transfer subjects must be unique.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_DUPLICATE_RESERVE_PUB_SUBJECT = 5114,
+
+
+ /**
+ * The client requested a transaction that is so far in the past, that it
has been forgotten by the bank.
+ * Returned with an HTTP status code of #MHD_HTTP_GONE (410).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_ANCIENT_TRANSACTION_GONE = 5115,
+
+
+ /**
+ * The client attempted to abort a transaction that was already confirmed.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_ABORT_CONFIRM_CONFLICT = 5116,
+
+
+ /**
+ * The client attempted to confirm a transaction that was already aborted.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_CONFIRM_ABORT_CONFLICT = 5117,
+
+
+ /**
+ * The client attempted to register an account with the same name.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_REGISTER_CONFLICT = 5118,
+
+
+ /**
+ * The client attempted to confirm a withdrawal operation before the wallet
posted the required details.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_POST_WITHDRAWAL_OPERATION_REQUIRED = 5119,
+
+
+ /**
+ * The client tried to register a new account under a reserved username
(like 'admin' for example).
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_RESERVED_USERNAME_CONFLICT = 5120,
+
+
+ /**
+ * The client tried to register a new account with an username already in
use.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_REGISTER_USERNAME_REUSE = 5121,
+
+
+ /**
+ * The client tried to register a new account with a payto:// URI already in
use.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_REGISTER_PAYTO_URI_REUSE = 5122,
+
+
+ /**
+ * The client tried to delete an account with a non null balance.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_ACCOUNT_BALANCE_NOT_ZERO = 5123,
+
+
+ /**
+ * The client tried to create a transaction or an operation that credit an
unknown account.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_UNKNOWN_CREDITOR = 5124,
+
+
+ /**
+ * The client tried to create a transaction or an operation that debit an
unknown account.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_UNKNOWN_DEBTOR = 5125,
+
+
+ /**
+ * The client tried to perform an action prohibited for exchange accounts.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_ACCOUNT_IS_EXCHANGE = 5126,
+
+
+ /**
+ * The client tried to perform an action reserved for exchange accounts.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_ACCOUNT_IS_NOT_EXCHANGE = 5127,
+
+
+ /**
+ * Received currency conversion is wrong.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_BAD_CONVERSION = 5128,
+
+
+ /**
+ * The account referenced in this operation is missing tan info for the
chosen channel.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_MISSING_TAN_INFO = 5129,
+
+
+ /**
+ * The client attempted to confirm a transaction with incomplete info.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_BANK_CONFIRM_INCOMPLETE = 5130,
+
+
+ /**
+ * The sync service failed find the account in its database.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_SYNC_ACCOUNT_UNKNOWN = 6100,
+
+
+ /**
+ * The SHA-512 hash provided in the If-None-Match header is malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_SYNC_BAD_IF_NONE_MATCH = 6101,
+
+
+ /**
+ * The SHA-512 hash provided in the If-Match header is malformed or missing.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_SYNC_BAD_IF_MATCH = 6102,
+
+
+ /**
+ * The signature provided in the "Sync-Signature" header is malformed or
missing.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_SYNC_BAD_SYNC_SIGNATURE = 6103,
+
+
+ /**
+ * The signature provided in the "Sync-Signature" header does not match the
account, old or new Etags.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_SYNC_INVALID_SIGNATURE = 6104,
+
+
+ /**
+ * The "Content-length" field for the upload is not a number.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_SYNC_MALFORMED_CONTENT_LENGTH = 6105,
+
+
+ /**
+ * The "Content-length" field for the upload is too big based on the
server's terms of service.
+ * Returned with an HTTP status code of #MHD_HTTP_CONTENT_TOO_LARGE (413).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_SYNC_EXCESSIVE_CONTENT_LENGTH = 6106,
+
+
+ /**
+ * The server is out of memory to handle the upload. Trying again later may
succeed.
+ * Returned with an HTTP status code of #MHD_HTTP_CONTENT_TOO_LARGE (413).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_SYNC_OUT_OF_MEMORY_ON_CONTENT_LENGTH = 6107,
+
+
+ /**
+ * The uploaded data does not match the Etag.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_SYNC_INVALID_UPLOAD = 6108,
+
+
+ /**
+ * HTTP server experienced a timeout while awaiting promised payment.
+ * Returned with an HTTP status code of #MHD_HTTP_REQUEST_TIMEOUT (408).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_SYNC_PAYMENT_GENERIC_TIMEOUT = 6109,
+
+
+ /**
+ * Sync could not setup the payment request with its own backend.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_SYNC_PAYMENT_CREATE_BACKEND_ERROR = 6110,
+
+
+ /**
+ * The sync service failed find the backup to be updated in its database.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_SYNC_PREVIOUS_BACKUP_UNKNOWN = 6111,
+
+
+ /**
+ * The "Content-length" field for the upload is missing.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_SYNC_MISSING_CONTENT_LENGTH = 6112,
+
+
+ /**
+ * Sync had problems communicating with its payment backend.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_GATEWAY (502).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_SYNC_GENERIC_BACKEND_ERROR = 6113,
+
+
+ /**
+ * Sync experienced a timeout communicating with its payment backend.
+ * Returned with an HTTP status code of #MHD_HTTP_GATEWAY_TIMEOUT (504).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_SYNC_GENERIC_BACKEND_TIMEOUT = 6114,
+
+
+ /**
+ * The wallet does not implement a version of the exchange protocol that is
compatible with the protocol version of the exchange.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_IMPLEMENTED (501).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_EXCHANGE_PROTOCOL_VERSION_INCOMPATIBLE = 7000,
+
+
+ /**
+ * The wallet encountered an unexpected exception. This is likely a bug in
the wallet implementation.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_UNEXPECTED_EXCEPTION = 7001,
+
+
+ /**
+ * The wallet received a response from a server, but the response can't be
parsed.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_RECEIVED_MALFORMED_RESPONSE = 7002,
+
+
+ /**
+ * The wallet tried to make a network request, but it received no response.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_NETWORK_ERROR = 7003,
+
+
+ /**
+ * The wallet tried to make a network request, but it was throttled.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_HTTP_REQUEST_THROTTLED = 7004,
+
+
+ /**
+ * The wallet made a request to a service, but received an error response it
does not know how to handle.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_UNEXPECTED_REQUEST_ERROR = 7005,
+
+
+ /**
+ * The denominations offered by the exchange are insufficient. Likely the
exchange is badly configured or not maintained.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_EXCHANGE_DENOMINATIONS_INSUFFICIENT = 7006,
+
+
+ /**
+ * The wallet does not support the operation requested by a client.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_CORE_API_OPERATION_UNKNOWN = 7007,
+
+
+ /**
+ * The given taler://pay URI is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_INVALID_TALER_PAY_URI = 7008,
+
+
+ /**
+ * The signature on a coin by the exchange's denomination key is invalid
after unblinding it.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_EXCHANGE_COIN_SIGNATURE_INVALID = 7009,
+
+
+ /**
+ * The exchange does not know about the reserve (yet), and thus withdrawal
can't progress.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_EXCHANGE_WITHDRAW_RESERVE_UNKNOWN_AT_EXCHANGE = 7010,
+
+
+ /**
+ * The wallet core service is not available.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_CORE_NOT_AVAILABLE = 7011,
+
+
+ /**
+ * The bank has aborted a withdrawal operation, and thus a withdrawal can't
complete.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_WITHDRAWAL_OPERATION_ABORTED_BY_BANK = 7012,
+
+
+ /**
+ * An HTTP request made by the wallet timed out.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_HTTP_REQUEST_GENERIC_TIMEOUT = 7013,
+
+
+ /**
+ * The order has already been claimed by another wallet.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_ORDER_ALREADY_CLAIMED = 7014,
+
+
+ /**
+ * A group of withdrawal operations (typically for the same reserve at the
same exchange) has errors and will be tried again later.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_WITHDRAWAL_GROUP_INCOMPLETE = 7015,
+
+
+ /**
+ * The signature on a coin by the exchange's denomination key (obtained
through the merchant via a reward) is invalid after unblinding it.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_REWARD_COIN_SIGNATURE_INVALID = 7016,
+
+
+ /**
+ * The wallet does not implement a version of the bank integration API that
is compatible with the version offered by the bank.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_BANK_INTEGRATION_PROTOCOL_VERSION_INCOMPATIBLE = 7017,
+
+
+ /**
+ * The wallet processed a taler://pay URI, but the merchant base URL in the
downloaded contract terms does not match the merchant base URL derived from the
URI.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_CONTRACT_TERMS_BASE_URL_MISMATCH = 7018,
+
+
+ /**
+ * The merchant's signature on the contract terms is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_CONTRACT_TERMS_SIGNATURE_INVALID = 7019,
+
+
+ /**
+ * The contract terms given by the merchant are malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_CONTRACT_TERMS_MALFORMED = 7020,
+
+
+ /**
+ * A pending operation failed, and thus the request can't be completed.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_PENDING_OPERATION_FAILED = 7021,
+
+
+ /**
+ * A payment was attempted, but the merchant had an internal server error
(5xx).
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_PAY_MERCHANT_SERVER_ERROR = 7022,
+
+
+ /**
+ * The crypto worker failed.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_CRYPTO_WORKER_ERROR = 7023,
+
+
+ /**
+ * The crypto worker received a bad request.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_CRYPTO_WORKER_BAD_REQUEST = 7024,
+
+
+ /**
+ * A KYC step is required before withdrawal can proceed.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_WITHDRAWAL_KYC_REQUIRED = 7025,
+
+
+ /**
+ * The wallet does not have sufficient balance to create a deposit group.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_DEPOSIT_GROUP_INSUFFICIENT_BALANCE = 7026,
+
+
+ /**
+ * The wallet does not have sufficient balance to create a peer push payment.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_PEER_PUSH_PAYMENT_INSUFFICIENT_BALANCE = 7027,
+
+
+ /**
+ * The wallet does not have sufficient balance to pay for an invoice.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_PEER_PULL_PAYMENT_INSUFFICIENT_BALANCE = 7028,
+
+
+ /**
+ * A group of refresh operations has errors and will be tried again later.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_REFRESH_GROUP_INCOMPLETE = 7029,
+
+
+ /**
+ * The exchange's self-reported base URL does not match the one that the
wallet is using.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_EXCHANGE_BASE_URL_MISMATCH = 7030,
+
+
+ /**
+ * The order has already been paid by another wallet.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_WALLET_ORDER_ALREADY_PAID = 7031,
+
+
+ /**
+ * We encountered a timeout with our payment backend.
+ * Returned with an HTTP status code of #MHD_HTTP_GATEWAY_TIMEOUT (504).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_GENERIC_BACKEND_TIMEOUT = 8000,
+
+
+ /**
+ * The backend requested payment, but the request is malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_GENERIC_INVALID_PAYMENT_REQUEST = 8001,
+
+
+ /**
+ * The backend got an unexpected reply from the payment processor.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_GATEWAY (502).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_GENERIC_BACKEND_ERROR = 8002,
+
+
+ /**
+ * The "Content-length" field for the upload is missing.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_GENERIC_MISSING_CONTENT_LENGTH = 8003,
+
+
+ /**
+ * The "Content-length" field for the upload is malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_GENERIC_MALFORMED_CONTENT_LENGTH = 8004,
+
+
+ /**
+ * The backend failed to setup an order with the payment processor.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_GATEWAY (502).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_GENERIC_ORDER_CREATE_BACKEND_ERROR = 8005,
+
+
+ /**
+ * The backend was not authorized to check for payment with the payment
processor.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_GENERIC_PAYMENT_CHECK_UNAUTHORIZED = 8006,
+
+
+ /**
+ * The backend could not check payment status with the payment processor.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_GENERIC_PAYMENT_CHECK_START_FAILED = 8007,
+
+
+ /**
+ * The Anastasis provider could not be reached.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_GENERIC_PROVIDER_UNREACHABLE = 8008,
+
+
+ /**
+ * HTTP server experienced a timeout while awaiting promised payment.
+ * Returned with an HTTP status code of #MHD_HTTP_REQUEST_TIMEOUT (408).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_PAYMENT_GENERIC_TIMEOUT = 8009,
+
+
+ /**
+ * The key share is unknown to the provider.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_TRUTH_UNKNOWN = 8108,
+
+
+ /**
+ * The authorization method used for the key share is no longer supported by
the provider.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_TRUTH_AUTHORIZATION_METHOD_NO_LONGER_SUPPORTED = 8109,
+
+
+ /**
+ * The client needs to respond to the challenge.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_TRUTH_CHALLENGE_RESPONSE_REQUIRED = 8110,
+
+
+ /**
+ * The client's response to the challenge was invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_TRUTH_CHALLENGE_FAILED = 8111,
+
+
+ /**
+ * The backend is not aware of having issued the provided challenge code.
Either this is the wrong code, or it has expired.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_TRUTH_CHALLENGE_UNKNOWN = 8112,
+
+
+ /**
+ * The backend failed to initiate the authorization process.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_TRUTH_AUTHORIZATION_START_FAILED = 8114,
+
+
+ /**
+ * The authorization succeeded, but the key share is no longer available.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_TRUTH_KEY_SHARE_GONE = 8115,
+
+
+ /**
+ * The backend forgot the order we asked the client to pay for
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_GATEWAY (502).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_TRUTH_ORDER_DISAPPEARED = 8116,
+
+
+ /**
+ * The backend itself reported a bad exchange interaction.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_GATEWAY (502).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_TRUTH_BACKEND_EXCHANGE_BAD = 8117,
+
+
+ /**
+ * The backend reported a payment status we did not expect.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_TRUTH_UNEXPECTED_PAYMENT_STATUS = 8118,
+
+
+ /**
+ * The backend failed to setup the order for payment.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_GATEWAY (502).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_TRUTH_PAYMENT_CREATE_BACKEND_ERROR = 8119,
+
+
+ /**
+ * The decryption of the key share failed with the provided key.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_TRUTH_DECRYPTION_FAILED = 8120,
+
+
+ /**
+ * The request rate is too high. The server is refusing requests to guard
against brute-force attacks.
+ * Returned with an HTTP status code of #MHD_HTTP_TOO_MANY_REQUESTS (429).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_TRUTH_RATE_LIMITED = 8121,
+
+
+ /**
+ * A request to issue a challenge is not valid for this authentication
method.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_TRUTH_CHALLENGE_WRONG_METHOD = 8123,
+
+
+ /**
+ * The backend failed to store the key share because the UUID is already in
use.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_TRUTH_UPLOAD_UUID_EXISTS = 8150,
+
+
+ /**
+ * The backend failed to store the key share because the authorization
method is not supported.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_TRUTH_UPLOAD_METHOD_NOT_SUPPORTED = 8151,
+
+
+ /**
+ * The provided phone number is not an acceptable number.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_SMS_PHONE_INVALID = 8200,
+
+
+ /**
+ * Failed to run the SMS transmission helper process.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_SMS_HELPER_EXEC_FAILED = 8201,
+
+
+ /**
+ * Provider failed to send SMS. Helper terminated with a non-successful
result.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_SMS_HELPER_COMMAND_FAILED = 8202,
+
+
+ /**
+ * The provided email address is not an acceptable address.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_EMAIL_INVALID = 8210,
+
+
+ /**
+ * Failed to run the E-mail transmission helper process.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_EMAIL_HELPER_EXEC_FAILED = 8211,
+
+
+ /**
+ * Provider failed to send E-mail. Helper terminated with a non-successful
result.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_EMAIL_HELPER_COMMAND_FAILED = 8212,
+
+
+ /**
+ * The provided postal address is not an acceptable address.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_POST_INVALID = 8220,
+
+
+ /**
+ * Failed to run the mail transmission helper process.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_POST_HELPER_EXEC_FAILED = 8221,
+
+
+ /**
+ * Provider failed to send mail. Helper terminated with a non-successful
result.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_POST_HELPER_COMMAND_FAILED = 8222,
+
+
+ /**
+ * The provided IBAN address is not an acceptable IBAN.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_IBAN_INVALID = 8230,
+
+
+ /**
+ * The provider has not yet received the IBAN wire transfer authorizing the
disclosure of the key share.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_IBAN_MISSING_TRANSFER = 8231,
+
+
+ /**
+ * The backend did not find a TOTP key in the data provided.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_TOTP_KEY_MISSING = 8240,
+
+
+ /**
+ * The key provided does not satisfy the format restrictions for an
Anastasis TOTP key.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_TOTP_KEY_INVALID = 8241,
+
+
+ /**
+ * The given if-none-match header is malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_POLICY_BAD_IF_NONE_MATCH = 8301,
+
+
+ /**
+ * The server is out of memory to handle the upload. Trying again later may
succeed.
+ * Returned with an HTTP status code of #MHD_HTTP_CONTENT_TOO_LARGE (413).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_POLICY_OUT_OF_MEMORY_ON_CONTENT_LENGTH = 8304,
+
+
+ /**
+ * The signature provided in the "Anastasis-Policy-Signature" header is
malformed or missing.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_POLICY_BAD_SIGNATURE = 8305,
+
+
+ /**
+ * The given if-match header is malformed.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_POLICY_BAD_IF_MATCH = 8306,
+
+
+ /**
+ * The uploaded data does not match the Etag.
+ * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_POLICY_INVALID_UPLOAD = 8307,
+
+
+ /**
+ * The provider is unaware of the requested policy.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_POLICY_NOT_FOUND = 8350,
+
+
+ /**
+ * The given action is invalid for the current state of the reducer.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_REDUCER_ACTION_INVALID = 8400,
+
+
+ /**
+ * The given state of the reducer is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_REDUCER_STATE_INVALID = 8401,
+
+
+ /**
+ * The given input to the reducer is invalid.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_REDUCER_INPUT_INVALID = 8402,
+
+
+ /**
+ * The selected authentication method does not work for the Anastasis
provider.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_REDUCER_AUTHENTICATION_METHOD_NOT_SUPPORTED = 8403,
+
+
+ /**
+ * The given input and action do not work for the current state.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_REDUCER_INPUT_INVALID_FOR_STATE = 8404,
+
+
+ /**
+ * We experienced an unexpected failure interacting with the backend.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_REDUCER_BACKEND_FAILURE = 8405,
+
+
+ /**
+ * The contents of a resource file did not match our expectations.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_REDUCER_RESOURCE_MALFORMED = 8406,
+
+
+ /**
+ * A required resource file is missing.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_REDUCER_RESOURCE_MISSING = 8407,
+
+
+ /**
+ * An input did not match the regular expression.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_REDUCER_INPUT_REGEX_FAILED = 8408,
+
+
+ /**
+ * An input did not match the custom validation logic.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_REDUCER_INPUT_VALIDATION_FAILED = 8409,
+
+
+ /**
+ * Our attempts to download the recovery document failed with all providers.
Most likely the personal information you entered differs from the information
you provided during the backup process and you should go back to the previous
step. Alternatively, if you used a backup provider that is unknown to this
application, you should add that provider manually.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_REDUCER_POLICY_LOOKUP_FAILED = 8410,
+
+
+ /**
+ * Anastasis provider reported a fatal failure.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_REDUCER_BACKUP_PROVIDER_FAILED = 8411,
+
+
+ /**
+ * Anastasis provider failed to respond to the configuration request.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_REDUCER_PROVIDER_CONFIG_FAILED = 8412,
+
+
+ /**
+ * The policy we downloaded is malformed. Must have been a client error
while creating the backup.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_REDUCER_POLICY_MALFORMED = 8413,
+
+
+ /**
+ * We failed to obtain the policy, likely due to a network issue.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_REDUCER_NETWORK_FAILED = 8414,
+
+
+ /**
+ * The recovered secret did not match the required syntax.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_REDUCER_SECRET_MALFORMED = 8415,
+
+
+ /**
+ * The challenge data provided is too large for the available providers.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_REDUCER_CHALLENGE_DATA_TOO_BIG = 8416,
+
+
+ /**
+ * The provided core secret is too large for some of the providers.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_REDUCER_SECRET_TOO_BIG = 8417,
+
+
+ /**
+ * The provider returned in invalid configuration.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_REDUCER_PROVIDER_INVALID_CONFIG = 8418,
+
+
+ /**
+ * The reducer encountered an internal error, likely a bug that needs to be
reported.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_REDUCER_INTERNAL_ERROR = 8419,
+
+
+ /**
+ * The reducer already synchronized with all providers.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_ANASTASIS_REDUCER_PROVIDERS_ALREADY_SYNCED = 8420,
+
+
+ /**
+ * A generic error happened in the LibEuFin nexus. See the enclose details
JSON for more information.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_LIBEUFIN_NEXUS_GENERIC_ERROR = 9000,
+
+
+ /**
+ * An uncaught exception happened in the LibEuFin nexus service.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_LIBEUFIN_NEXUS_UNCAUGHT_EXCEPTION = 9001,
+
+
+ /**
+ * A generic error happened in the LibEuFin sandbox. See the enclose
details JSON for more information.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_LIBEUFIN_SANDBOX_GENERIC_ERROR = 9500,
+
+
+ /**
+ * An uncaught exception happened in the LibEuFin sandbox service.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_LIBEUFIN_SANDBOX_UNCAUGHT_EXCEPTION = 9501,
+
+
+ /**
+ * This validation method is not supported by the service.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_TALDIR_METHOD_NOT_SUPPORTED = 9600,
+
+
+ /**
+ * Number of allowed attempts for initiating a challenge exceeded.
+ * Returned with an HTTP status code of #MHD_HTTP_TOO_MANY_REQUESTS (429).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_TALDIR_REGISTER_RATE_LIMITED = 9601,
+
+
+ /**
+ * The client is unknown or unauthorized.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_CHALLENGER_GENERIC_CLIENT_UNKNOWN = 9750,
+
+
+ /**
+ * The client is not authorized to use the given redirect URI.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_CHALLENGER_GENERIC_CLIENT_FORBIDDEN_BAD_REDIRECT_URI = 9751,
+
+
+ /**
+ * The service failed to execute its helper process to send the challenge.
+ * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR
(500).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_CHALLENGER_HELPER_EXEC_FAILED = 9752,
+
+
+ /**
+ * The grant is unknown to the service (it could also have expired).
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_CHALLENGER_GRANT_UNKNOWN = 9753,
+
+
+ /**
+ * The code given is not even well-formed.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_CHALLENGER_CLIENT_FORBIDDEN_BAD_CODE = 9754,
+
+
+ /**
+ * The service is not aware of the referenced validation process.
+ * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_CHALLENGER_GENERIC_VALIDATION_UNKNOWN = 9755,
+
+
+ /**
+ * The code given is not valid.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_CHALLENGER_CLIENT_FORBIDDEN_INVALID_CODE = 9756,
+
+
+ /**
+ * Too many attempts have been made, validation is temporarily disabled for
this address.
+ * Returned with an HTTP status code of #MHD_HTTP_TOO_MANY_REQUESTS (429).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_CHALLENGER_TOO_MANY_ATTEMPTS = 9757,
+
+
+ /**
+ * The PIN code provided is incorrect.
+ * Returned with an HTTP status code of #MHD_HTTP_FORBIDDEN (403).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_CHALLENGER_INVALID_PIN = 9758,
+
+
+ /**
+ * The token cannot be valid as no address was ever provided by the client.
+ * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_CHALLENGER_MISSING_ADDRESS = 9759,
+
+
+ /**
+ * End of error code range.
+ * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+ * (A value of 0 indicates that the error is generated client-side).
+ */
+ TALER_EC_END = 9999,
+
+
+};
+
+
+/**
+ * Returns a hint for a given error code.
+ *
+ * @param ec the error code.
+ * @return the hint if it could be found, otherwise "<no hint found>"
+ */
+const char *
+TALER_ErrorCode_get_hint (enum TALER_ErrorCode ec);
+
+
+/**
+ * Return HTTP status for a given error code.
+ *
+ * @param ec the error code.
+ * @return the HTTP status code for the given @a ec, UINT_MAX if not found
+ */
+unsigned int
+TALER_ErrorCode_get_http_status (enum TALER_ErrorCode ec);
+
+
+/**
+ * Return HTTP status for a given error code that is guaranteed
+ * to work (no corner cases).
+ *
+ * @param ec the error code.
+ * @return the HTTP status code for the given @a ec, 500 if
+ * the @a ec is not found or is a client-side code
+ */
+unsigned int
+TALER_ErrorCode_get_http_status_safe (enum TALER_ErrorCode ec);
+
+
+#if 0 /* keep Emacsens' auto-indent happy */
+{
+#endif
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/src/include/taler_donau_util.h b/src/include/taler_util.h
similarity index 94%
rename from src/include/taler_donau_util.h
rename to src/include/taler_util.h
index 97610b0..1ca019b 100644
--- a/src/include/taler_donau_util.h
+++ b/src/include/taler_util.h
@@ -7,7 +7,7 @@
Foundation; either version 3, or (at your option) any later version.
TALER is distributed in the hope that it will be useful, but WITHOUT ANY
- WARRANTY; without even the implied warranty of CHARITYABILITY or FITNESS FOR
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with
@@ -18,15 +18,14 @@
* @brief Interface for common utility functions
* @author Sree Harsha Totakura <sreeharsha@totakura.in>
*/
-#ifndef TALER_DONAU_UTIL_H
-#define TALER_DONAU_UTIL_H
+#ifndef TALER_UTIL_H
+#define TALER_UTIL_H
#include <gnunet/gnunet_common.h>
-#define __TALER_DONAU_UTIL_LIB_H_INSIDE__
+#define __TALER_UTIL_LIB_H_INSIDE__
#include <gnunet/gnunet_util_lib.h>
#include <microhttpd.h>
-#include "taler_util.h"
#include "taler_amount_lib.h"
#include "taler_crypto_lib.h"
@@ -88,6 +87,16 @@
*/
#define TALER_AML_OFFICER_SIGNATURE_HEADER "Taler-AML-Officer-Signature"
+/**
+ * Header with signature for reserve history requests.
+ */
+#define TALER_RESERVE_HISTORY_SIGNATURE_HEADER
"Taler-Reserve-History-Signature"
+
+/**
+ * Header with signature for coin history requests.
+ */
+#define TALER_COIN_HISTORY_SIGNATURE_HEADER "Taler-Coin-History-Signature"
+
/**
* Log an error message at log-level 'level' that indicates
* a failure of the command 'cmd' with the message given
@@ -199,6 +208,7 @@ enum GNUNET_GenericReturnValue
TALER_config_get_currency (const struct GNUNET_CONFIGURATION_Handle *cfg,
char **currency);
+
/**
* Details about how to render a currency.
*/
@@ -215,12 +225,6 @@ struct TALER_CurrencySpecification
*/
char *name;
- /**
- * Character used to separate decimals. String as
- * multi-byte sequences may be required (UTF-8!).
- */
- char *decimal_separator;
-
/**
* how many digits the user may enter at most after the @e decimal_separator
*/
@@ -294,6 +298,18 @@ TALER_CONFIG_currency_specs_to_json (
const struct TALER_CurrencySpecification *cspec);
+/**
+ * Check that @a map contains a valid currency scale
+ * map that maps integers from [-12,24] to currency
+ * symbols given as strings.
+ *
+ * @param map map to check
+ * @return #GNUNET_OK if @a map is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_check_currency_scale_map (const json_t *map);
+
+
/**
* Allow user to specify an amount on the command line.
*
@@ -519,15 +535,15 @@ TALER_payto_validate (const char *payto_uri);
/**
- * Create payto://-URI for a given donau base URL
+ * Create payto://-URI for a given exchange base URL
* and a @a reserve_pub.
*
- * @param donau_url the base URL of the donau
+ * @param exchange_url the base URL of the exchange
* @param reserve_pub the public key of the reserve
* @return payto://-URI for the reserve (without receiver-name!)
*/
char *
-TALER_reserve_make_payto (const char *donau_url,
+TALER_reserve_make_payto (const char *exchange_url,
const struct TALER_ReservePublicKeyP *reserve_pub);
@@ -548,22 +564,22 @@ TALER_iban_validate (const char *iban);
/**
* Possible values for a binary filter.
*/
-enum TALER_DONAU_YesNoAll
+enum TALER_EXCHANGE_YesNoAll
{
/**
* If condition is yes.
*/
- TALER_DONAU_YNA_YES = 1,
+ TALER_EXCHANGE_YNA_YES = 1,
/**
* If condition is no.
*/
- TALER_DONAU_YNA_NO = 2,
+ TALER_EXCHANGE_YNA_NO = 2,
/**
* Condition disabled.
*/
- TALER_DONAU_YNA_ALL = 3
+ TALER_EXCHANGE_YNA_ALL = 3
};
@@ -579,8 +595,8 @@ enum TALER_DONAU_YesNoAll
bool
TALER_arg_to_yna (struct MHD_Connection *connection,
const char *arg,
- enum TALER_DONAU_YesNoAll default_val,
- enum TALER_DONAU_YesNoAll *yna);
+ enum TALER_EXCHANGE_YesNoAll default_val,
+ enum TALER_EXCHANGE_YesNoAll *yna);
/**
@@ -590,7 +606,7 @@ TALER_arg_to_yna (struct MHD_Connection *connection,
* @return string representation ("yes"/"no"/"all").
*/
const char *
-TALER_yna_to_string (enum TALER_DONAU_YesNoAll yna);
+TALER_yna_to_string (enum TALER_EXCHANGE_YesNoAll yna);
#ifdef __APPLE__
@@ -779,6 +795,6 @@ void
TALER_JSON_external_conversion_stop (
struct TALER_JSON_ExternalConversion *ec);
-#undef __TALER_DONAU_UTIL_LIB_H_INSIDE__
+#undef __TALER_UTIL_LIB_H_INSIDE__
#endif
diff --git a/src/util/charity_signatures.c b/src/util/charity_signatures.c
index 02ef3c3..fcf603b 100644
--- a/src/util/charity_signatures.c
+++ b/src/util/charity_signatures.c
@@ -38,12 +38,12 @@ struct TALER_DepositTrackPS
/**
* Hash over the proposal data of the contract for which this deposit is
made.
*/
- struct TALER_PrivateContractHashP h_contract_terms GNUNET_PACKED;
+ // struct TALER_PrivateContractHashP h_contract_terms GNUNET_PACKED;
/**
* Hash over the wiring information of the charity.
*/
- struct TALER_CharityWireHashP h_wire GNUNET_PACKED;
+ // struct TALER_CharityWireHashP h_wire GNUNET_PACKED;
/**
* The coin's public key. This is the value that must have been
@@ -55,7 +55,7 @@ struct TALER_DepositTrackPS
GNUNET_NETWORK_STRUCT_END
-
+/*
void
TALER_charity_deposit_sign (
const struct TALER_PrivateContractHashP *h_contract_terms,
@@ -75,9 +75,9 @@ TALER_charity_deposit_sign (
GNUNET_CRYPTO_eddsa_sign (&charity_priv->eddsa_priv,
&dtp,
&charity_sig->eddsa_sig);
-}
-
+}*/
+/*
enum GNUNET_GenericReturnValue
TALER_charity_deposit_verify (
const struct TALER_CharityPublicKeyP *charity,
@@ -99,70 +99,9 @@ TALER_charity_deposit_verify (
&tps,
&charity_sig->eddsa_sig,
&charity->eddsa_pub);
-}
-
-
-/**
- * @brief Format used to generate the signature on a request to refund
- * a coin into the account of the donor.
- */
-struct TALER_RefundRequestPS
-{
- /**
- * Purpose must be #TALER_SIGNATURE_CHARITY_REFUND.
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * Hash over the proposal data to identify the contract
- * which is being refunded.
- */
- struct TALER_PrivateContractHashP h_contract_terms GNUNET_PACKED;
-
- /**
- * The coin's public key. This is the value that must have been
- * signed (blindly) by the Donau.
- */
- struct TALER_CoinSpendPublicKeyP coin_pub;
-
- /**
- * Charity-generated transaction ID for the refund.
- */
- uint64_t rtransaction_id GNUNET_PACKED;
-
- /**
- * Amount to be refunded, including refund fee charged by the
- * donau to the donor.
- */
- struct TALER_AmountNBO refund_amount;
-};
-
-
-void
-TALER_charity_refund_sign (
- const struct TALER_CoinSpendPublicKeyP *coin_pub,
- const struct TALER_PrivateContractHashP *h_contract_terms,
- uint64_t rtransaction_id,
- const struct TALER_Amount *amount,
- const struct TALER_CharityPrivateKeyP *charity_priv,
- struct TALER_CharitySignatureP *charity_sig)
-{
- struct TALER_RefundRequestPS rr = {
- .purpose.purpose = htonl (TALER_SIGNATURE_CHARITY_REFUND),
- .purpose.size = htonl (sizeof (rr)),
- .h_contract_terms = *h_contract_terms,
- .coin_pub = *coin_pub,
- .rtransaction_id = GNUNET_htonll (rtransaction_id)
- };
-
- TALER_amount_hton (&rr.refund_amount,
- amount);
- GNUNET_CRYPTO_eddsa_sign (&charity_priv->eddsa_priv,
- &rr,
- &charity_sig->eddsa_sig);
-}
-
+}*/
+/*
enum GNUNET_GenericReturnValue
TALER_charity_refund_verify (
const struct TALER_CoinSpendPublicKeyP *coin_pub,
@@ -187,165 +126,64 @@ TALER_charity_refund_verify (
&rr,
&charity_sig->eddsa_sig,
&charity_pub->eddsa_pub);
-}
-
-
-/**
- * @brief Information signed by the donau's master
- * key affirming the IBAN details for the donau.
- */
-struct TALER_CharityWireDetailsPS
-{
-
- /**
- * Purpose is #TALER_SIGNATURE_CHARITY_WIRE_DETAILS.
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * Salted hash over the account holder's payto:// URL and
- * the salt, as done by #TALER_charity_wire_signature_hash().
- */
- struct TALER_CharityWireHashP h_wire_details GNUNET_PACKED;
-
-};
-
-
-enum GNUNET_GenericReturnValue
-TALER_charity_wire_signature_check (
- const char *payto_uri,
- const struct TALER_WireSaltP *salt,
- const struct TALER_CharityPublicKeyP *merch_pub,
- const struct TALER_CharitySignatureP *merch_sig)
-{
- struct TALER_CharityWireDetailsPS wd = {
- .purpose.purpose = htonl (TALER_SIGNATURE_CHARITY_WIRE_DETAILS),
- .purpose.size = htonl (sizeof (wd))
- };
-
- TALER_charity_wire_signature_hash (payto_uri,
- salt,
- &wd.h_wire_details);
- return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_CHARITY_WIRE_DETAILS,
- &wd,
- &merch_sig->eddsa_sig,
- &merch_pub->eddsa_pub);
-}
-
-
-void
-TALER_charity_wire_signature_make (
- const char *payto_uri,
- const struct TALER_WireSaltP *salt,
- const struct TALER_CharityPrivateKeyP *merch_priv,
- struct TALER_CharitySignatureP *merch_sig)
-{
- struct TALER_CharityWireDetailsPS wd = {
- .purpose.purpose = htonl (TALER_SIGNATURE_CHARITY_WIRE_DETAILS),
- .purpose.size = htonl (sizeof (wd))
- };
-
- TALER_charity_wire_signature_hash (payto_uri,
- salt,
- &wd.h_wire_details);
- GNUNET_CRYPTO_eddsa_sign (&merch_priv->eddsa_priv,
- &wd,
- &merch_sig->eddsa_sig);
-}
-
+}*/
/**
* Used by charities to return signed responses to /pay requests.
* Currently only used to return 200 OK signed responses.
*/
-struct TALER_PaymentResponsePS
-{
+
+// struct TALER_PaymentResponsePS
+// {
/**
* Set to #TALER_SIGNATURE_CHARITY_PAYMENT_OK. Note that
* unsuccessful payments are usually proven by some donau's signature.
*/
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
+ // struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
/**
* Hash of the proposal data associated with this confirmation
*/
- struct TALER_PrivateContractHashP h_contract_terms;
-};
-
-void
-TALER_charity_pay_sign (
- const struct TALER_PrivateContractHashP *h_contract_terms,
- const struct TALER_CharityPrivateKeyP *merch_priv,
- struct GNUNET_CRYPTO_EddsaSignature *merch_sig)
-{
- struct TALER_PaymentResponsePS mr = {
- .purpose.purpose = htonl (TALER_SIGNATURE_CHARITY_PAYMENT_OK),
- .purpose.size = htonl (sizeof (mr)),
- .h_contract_terms = *h_contract_terms
- };
-
- GNUNET_CRYPTO_eddsa_sign (&merch_priv->eddsa_priv,
- &mr,
- merch_sig);
-}
-
-
-enum GNUNET_GenericReturnValue
-TALER_charity_pay_verify (
- const struct TALER_PrivateContractHashP *h_contract_terms,
- const struct TALER_CharityPublicKeyP *charity_pub,
- const struct TALER_CharitySignatureP *charity_sig)
-{
- struct TALER_PaymentResponsePS pr = {
- .purpose.purpose = htonl (TALER_SIGNATURE_CHARITY_PAYMENT_OK),
- .purpose.size = htonl (sizeof (pr)),
- .h_contract_terms = *h_contract_terms
- };
-
- return
- GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_CHARITY_PAYMENT_OK,
- &pr,
- &charity_sig->eddsa_sig,
- &charity_pub->eddsa_pub);
-}
-
-
-/**
- * The contract sent by the charity to the wallet.
- */
-struct TALER_ProposalDataPS
-{
- /**
- * Purpose header for the signature over the proposal data
- * with purpose #TALER_SIGNATURE_CHARITY_CONTRACT.
- */
- struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-
- /**
- * Hash of the JSON contract in UTF-8 including 0-termination,
- * using JSON_COMPACT | JSON_SORT_KEYS
- */
- struct TALER_PrivateContractHashP hash;
-};
-
-void
-TALER_charity_contract_sign (
- const struct TALER_PrivateContractHashP *h_contract_terms,
- const struct TALER_CharityPrivateKeyP *merch_priv,
- struct GNUNET_CRYPTO_EddsaSignature *merch_sig)
-{
- struct TALER_ProposalDataPS pdps = {
- .purpose.purpose = htonl (TALER_SIGNATURE_CHARITY_CONTRACT),
- .purpose.size = htonl (sizeof (pdps)),
- .hash = *h_contract_terms
- };
-
- GNUNET_CRYPTO_eddsa_sign (&merch_priv->eddsa_priv,
- &pdps,
- merch_sig);
-}
+ // struct TALER_PrivateContractHashP h_contract_terms;
+// };
+
+// void
+// TALER_charity_pay_sign (
+ // const struct TALER_PrivateContractHashP *h_contract_terms,
+ // const struct TALER_CharityPrivateKeyP *merch_priv,
+ // struct GNUNET_CRYPTO_EddsaSignature *merch_sig)
+// {
+ // struct TALER_PaymentResponsePS mr = {
+ // .purpose.purpose = htonl (TALER_SIGNATURE_CHARITY_PAYMENT_OK),
+ // .purpose.size = htonl (sizeof (mr)),
+ // .h_contract_terms = *h_contract_terms
+ // };
+
+ // GNUNET_CRYPTO_eddsa_sign (&merch_priv->eddsa_priv,
+ // &mr,
+ // merch_sig);
+// }
+
+
+// enum GNUNET_GenericReturnValue
+// TALER_charity_pay_verify (
+// const struct TALER_PrivateContractHashP *h_contract_terms,
+// const struct TALER_CharityPublicKeyP *charity_pub,
+// const struct TALER_CharitySignatureP *charity_sig)
+// {
+// struct TALER_PaymentResponsePS pr = {
+// .purpose.purpose = htonl (TALER_SIGNATURE_CHARITY_PAYMENT_OK),
+// .purpose.size = htonl (sizeof (pr)),
+// .h_contract_terms = *h_contract_terms
+// };
+//
+// return
+// GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_CHARITY_PAYMENT_OK,
+// &pr,
+// &charity_sig->eddsa_sig,
+// &charity_pub->eddsa_pub);
+// }
-// NB: "TALER_charity_contract_verify" not (yet?) needed / not defined.
/* end of charity_signatures.c */
diff --git a/src/util/donau_signatures.c b/src/util/donau_signatures.c
index 70d8509..23bf765 100644
--- a/src/util/donau_signatures.c
+++ b/src/util/donau_signatures.c
@@ -21,7 +21,7 @@
#include "platform.h"
#include "taler_util.h"
#include "taler_signatures.h"
-
+#include "donau_util.h"
GNUNET_NETWORK_STRUCT_BEGIN
@@ -45,7 +45,7 @@ struct TALER_DepositConfirmationPS
/**
* Hash over the wiring information of the charity.
*/
- struct TALER_CharityWireHashP h_wire GNUNET_PACKED;
+ // struct TALER_CharityWireHashP h_wire GNUNET_PACKED;
/**
* Hash over the optional policy extension of the deposit, 0 if there
@@ -89,7 +89,7 @@ struct TALER_DepositConfirmationPS
* The Charity's public key. Allows the charity to later refund
* the transaction or to inquire about the wire transfer identifier.
*/
- struct TALER_CharityPublicKeyP charity_pub;
+ struct DONAU_CharityPublicKeyP charity_pub;
};
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-donau] branch master updated: [lib] add includes, remove "taler" prefix from some files,
gnunet <=