[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] branch master updated: rest api fix
From: |
gnunet |
Subject: |
[taler-anastasis] branch master updated: rest api fix |
Date: |
Wed, 10 Jun 2020 17:28:55 +0200 |
This is an automated email from the git hooks/post-receive script.
ds-meister pushed a commit to branch master
in repository anastasis.
The following commit(s) were added to refs/heads/master by this push:
new 2f1f532 rest api fix
2f1f532 is described below
commit 2f1f5321a03407ba61ad5abbea1c194f48bc0e24
Author: Dominik Meister <dominiksamuel.meister@students.bfh.ch>
AuthorDate: Wed Jun 10 17:28:49 2020 +0200
rest api fix
---
doc/thesis/rest_api_documentation.tex | 23 +++++++++++------------
1 file changed, 11 insertions(+), 12 deletions(-)
diff --git a/doc/thesis/rest_api_documentation.tex
b/doc/thesis/rest_api_documentation.tex
index 9c7c3cb..6b96c71 100644
--- a/doc/thesis/rest_api_documentation.tex
+++ b/doc/thesis/rest_api_documentation.tex
@@ -8,7 +8,7 @@
\section{REST API documentation} \label{appendix_server_api}
The server api is a RESTful API which has the following endpoints.
-\subsection{Obtain Salt}
+\subsection*{Obtain Salt}
\textbf{GET /salt}
\\
Obtain the salt used by the escrow provider. Different providers will use
different high-entropy salt values. The resulting provider salt is then used in
various operations to ensure cryptographic operations differ by provider. A
provider must never change its salt value. \\
@@ -21,7 +21,7 @@ interface SaltResponse {
}
\end{lstlisting}
-\subsection{Obatain terms of service}
+\subsection*{Obatain terms of service}
\textbf{GET /terms}
\\
Obtain the terms of service provided by the escrow provider.
@@ -89,7 +89,7 @@ interface AuthenticationMethod {
}
\end{lstlisting}
-\subsection{Manage Policy}
+\subsection*{Manage Policy}
This API is used by the Anastasis client to deposit or request encrypted
recovery documents with the escrow provider. Generally, a client will deposit
the same encrypted recovery document with each escrow provider, but provide
different truth to each escrow provider. \\
\\
Operations by the client are identified and authorized by \$ACCOUNT\_PUB,
which should be kept secret from third parties. \$ACCOUNT\_PUB should be an
account public key using the Crockford base32-encoding.\\
@@ -124,9 +124,8 @@ Etag: Set by the server to the Base32-encoded SHA512 hash
of the body. Used for
If-None-Match: If this is not the very first request of the client, this
contains the Etag-value which the client has reveived before from the server.
The client SHOULD send this header with every request (except for the first
request) to avoid unnecessary downloads.\\
\\
Anastasis-Account-Signature: The client must provide Base-32 encoded EdDSA
signature over hash of body with \$ACCOUNT\_PRIV, affirming desire to download
the requested encrypted recovery document. The purpose used MUST be
TALER\_SIGNATURE\_ANASTASIS\_POLICY\_DOWNLOAD (1401).\\
-
+\newline
\textbf{POST /policy/\$ACCOUNT\_PUB} \\
- \\
Upload a new version of the customer’s encrypted recovery document. While the
document’s structure is described in JSON below, the upload should just be the
bytestream of the raw data (i.e. 32 bytes nonce followed by 16 bytes tag
followed by the encrypted document). If request has been seen before, the
server should do nothing, and otherwise store the new version. The body must
begin with a nonce, an AES-GCM tag and continue with the ciphertext. The format
is the same as specified for th [...]
\\
\textbf{Status Codes: } \\
@@ -231,17 +230,17 @@ interface DecryptionPolicy {
}
\end{lstlisting}
-\subsection{Manage Truth}
+\subsection*{Manage Truth}
This API is used by the Anastasis client to deposit truth or request a
(encrypted) key share with the escrow provider.\\
- \\
+\newline
An escrow method specifies an Anastasis provider and how the user should
authorize themself. The truth API allows the user to provide the (encrypted)
key share to the respective escrow provider, as well as auxiliary data required
for such an respective escrow method. \\
- \\
-An Anastasis-server may store truth for free for a certain time period, or
charge per truth operation using GNU Taler.
- \\
+\newline
+An Anastasis-server may store truth for free for a certain time period, or
charge per truth operation using GNU Taler. \\
+\newline
\textbf{POST /truth/\$UUID}
- \\
+\newline
Upload a TruthUploadRequest-Object according to the policy the client created
before (see RecoveryDocument). If request has been seen before, the server
should do nothing, and otherwise store the new object. \\
- \\
+\newline
\textbf{Status Codes: } \\
\begin{itemize}
\item 204 No content – Truth stored successfully.
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-anastasis] branch master updated: rest api fix,
gnunet <=