diff options
| author | Christian Grothoff <christian@grothoff.org> | 2015-07-06 09:10:36 +0200 | 
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2015-07-06 09:10:36 +0200 | 
| commit | 7ad57d7a6708eb451395a78b4c88797844d78d62 (patch) | |
| tree | e7c9f5c0adfa588fe14cdd683ddcd11b473bc7de /src/mint-tools/taler-auditor-sign.c | |
| parent | b8c264656cb387f90697885767c5c47216a51816 (diff) | |
starting with auditor signing tool
Diffstat (limited to 'src/mint-tools/taler-auditor-sign.c')
| -rw-r--r-- | src/mint-tools/taler-auditor-sign.c | 192 | 
1 files changed, 192 insertions, 0 deletions
| diff --git a/src/mint-tools/taler-auditor-sign.c b/src/mint-tools/taler-auditor-sign.c new file mode 100644 index 00000000..a2457a2f --- /dev/null +++ b/src/mint-tools/taler-auditor-sign.c @@ -0,0 +1,192 @@ +/* +  This file is part of TALER +  Copyright (C) 2014, 2015 Christian Grothoff (and other contributing authors) + +  TALER is free software; you can redistribute it and/or modify it under the +  terms of the GNU General Public License as published by the Free Software +  Foundation; either version 3, or (at your option) any later version. + +  TALER is distributed in the hope that it will be useful, but WITHOUT ANY +  WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR +  A PARTICULAR PURPOSE.  See the GNU General Public License for more details. + +  You should have received a copy of the GNU General Public License along with +  TALER; see the file COPYING.  If not, If not, see <http://www.gnu.org/licenses/> +*/ +/** + * @file taler-auditor-sign.c + * @brief Tool used by the auditor to sign the mint's master key and the + *        denomination key(s). + * @author Christian Grothoff + */ +#include <platform.h> +#include "taler_mintdb_lib.h" + + +/** + * Filename of the auditor's private key. + */ +static char *auditor_key_file; + +/** + * Mint's public key (in Crockford base32 encoding). + */ +static char *mint_public_key; + +/** + * File with the Mint's denomination keys to sign, itself + * signed by the Mint's public key. + */ +static char *mint_request_file; + +/** + * Where should we write the auditor's signature? + */ +static char *output_file; + +/** + * Handle to the auditor's configuration + */ +static struct GNUNET_CONFIGURATION_Handle *kcfg; + +/** + * Master public key of the mint. + */ +static struct TALER_MasterPublicKeyP master_public_key; + + + +/** + * The main function of the taler-auditor-sign tool.  This tool is used + * to sign a mint's master and denomination keys, affirming that the + * auditor is aware of them and will validate the mint's database with + * respect to these keys. + * + * @param argc number of arguments from the command line + * @param argv command line arguments + * @return 0 ok, 1 on error + */ +int +main (int argc, +      char *const *argv) +{ +  static const struct GNUNET_GETOPT_CommandLineOption options[] = { +    {'a', "auditor-key", "FILE", +     "file containing the private key of the auditor", 1, +     &GNUNET_GETOPT_set_filename, &auditor_key_file}, +    TALER_GETOPT_OPTION_HELP ("Private key of the auditor to use for signing"), +    {'m', "mint-key", "KEY", +     "public key of the mint (Crockford base32 encoded)", 1, +     &GNUNET_GETOPT_set_filename, &mint_public_key}, +    {'r', "mint-request", "FILE", +     "set of keys the mint requested the auditor to sign", 0, +     &GNUNET_GETOPT_set_string, &mint_request_file}, +    {'o', "output", "FILE", +     "where to write our signature", 0, +     &GNUNET_GETOPT_set_string, &output_file}, +    GNUNET_GETOPT_OPTION_VERSION (VERSION "-" VCS_VERSION), +    GNUNET_GETOPT_OPTION_END +  }; +  struct GNUNET_CRYPTO_EddsaPrivateKey *eddsa_priv; +  struct GNUNET_DISK_FileHandle *fh; +  struct GNUNET_DISK_FileHandle *fout; +  off_t in_size; + +  GNUNET_assert (GNUNET_OK == +                 GNUNET_log_setup ("taler-mint-keyup", +                                   "WARNING", +                                   NULL)); +  if (GNUNET_GETOPT_run ("taler-mint-keyup", +                         options, +                         argc, argv) < 0) +    return 1; +  if (NULL == auditor_key_file) +  { +    fprintf (stderr, +             "Auditor key file not given\n"); +    return 1; +  } +  eddsa_priv = GNUNET_CRYPTO_eddsa_key_create_from_file (auditor_key_file); +  if (NULL == eddsa_priv) +  { +    fprintf (stderr, +             "Failed to initialize auditor key from file `%s'\n", +             auditor_key_file); +    return 1; +  } +  if (NULL == mint_public_key) +  { +    fprintf (stderr, +             "Mint public key not given\n"); +    return 1; +  } +  if (GNUNET_OK != +      GNUNET_STRINGS_string_to_data (mint_public_key, +                                     strlen (mint_public_key), +                                     &master_public_key, +                                     sizeof (master_public_key))) +  { +    fprintf (stderr, +             "Public key `%s' malformed\n", +             mint_public_key); +    return 1; +  } +  if (NULL == mint_request_file) +  { +    fprintf (stderr, +             "Mint signing request not given\n"); +    return 1; +  } +  fh = GNUNET_DISK_file_open (mint_request_file, +                              GNUNET_DISK_OPEN_READ, +                              GNUNET_DISK_PERM_NONE); +  if (NULL == fh) +  { +    fprintf (stderr, +             "Failed to open file `%s': %s\n", +             mint_request_file, +             STRERROR (errno)); +    return 1; +  } +  if (GNUNET_OK != +      GNUNET_DISK_file_handle_size (fh, +                                    &in_size)) +  { +    fprintf (stderr, +             "Failed to obtain input file size `%s': %s\n", +             mint_request_file, +             STRERROR (errno)); +    GNUNET_DISK_file_close (fh); +    return 1; +  } +  if (NULL == output_file) +  { +    fprintf (stderr, +             "Output file not given\n"); +    GNUNET_DISK_file_close (fh); +    return 1; +  } +  fout = GNUNET_DISK_file_open (output_file, +                                GNUNET_DISK_OPEN_READ | +                                GNUNET_DISK_OPEN_TRUNCATE | +                                GNUNET_DISK_OPEN_CREATE, +                                GNUNET_DISK_PERM_USER_READ | +                                GNUNET_DISK_PERM_USER_WRITE | +                                GNUNET_DISK_PERM_GROUP_READ | +                                GNUNET_DISK_PERM_OTHER_READ); +  if (NULL == fout) +  { +    fprintf (stderr, +             "Failed to open file `%s': %s\n", +             output_file, +             STRERROR (errno)); +    GNUNET_DISK_file_close (fh); +    return 1; +  } +  /* FIXME: finally do real work... */ + +  GNUNET_free (eddsa_priv); +  return 0; +} + +/* end of taler-auditor-sign.c */ | 
