diff options
Diffstat (limited to 'src/mint-tools')
| -rw-r--r-- | src/mint-tools/Makefile.am | 10 | ||||
| -rw-r--r-- | src/mint-tools/taler-auditor-sign.c | 171 | ||||
| -rw-r--r-- | src/mint-tools/taler-mint-keyup.c | 47 |
3 files changed, 206 insertions, 22 deletions
diff --git a/src/mint-tools/Makefile.am b/src/mint-tools/Makefile.am index a1b1302d..94b8fb39 100644 --- a/src/mint-tools/Makefile.am +++ b/src/mint-tools/Makefile.am @@ -7,6 +7,7 @@ if USE_COVERAGE endif bin_PROGRAMS = \ + taler-auditor-sign \ taler-mint-keyup \ taler-mint-keycheck \ taler-mint-reservemod \ @@ -15,7 +16,6 @@ bin_PROGRAMS = \ taler_mint_keyup_SOURCES = \ taler-mint-keyup.c - taler_mint_keyup_LDADD = \ $(LIBGCRYPT_LIBS) \ $(top_builddir)/src/util/libtalerutil.la \ @@ -24,6 +24,14 @@ taler_mint_keyup_LDADD = \ -lgnunetutil $(XLIB) taler_mint_keyup_LDFLAGS = $(POSTGRESQL_LDFLAGS) +taler_auditor_sign_SOURCES = \ + taler-auditor-sign.c +taler_auditor_sign_LDADD = \ + $(LIBGCRYPT_LIBS) \ + $(top_builddir)/src/util/libtalerutil.la \ + $(top_builddir)/src/mintdb/libtalermintdb.la \ + -lgnunetutil $(XLIB) + taler_mint_sepa_SOURCES = \ taler-mint-sepa.c diff --git a/src/mint-tools/taler-auditor-sign.c b/src/mint-tools/taler-auditor-sign.c index a2457a2f..bd37e68d 100644 --- a/src/mint-tools/taler-auditor-sign.c +++ b/src/mint-tools/taler-auditor-sign.c @@ -24,6 +24,11 @@ /** + * Are we running in verbose mode? + */ +static int verbose; + +/** * Filename of the auditor's private key. */ static char *auditor_key_file; @@ -45,15 +50,66 @@ static char *mint_request_file; static char *output_file; /** - * Handle to the auditor's configuration + * Master public key of the mint. */ -static struct GNUNET_CONFIGURATION_Handle *kcfg; +static struct TALER_MasterPublicKeyP master_public_key; + /** - * Master public key of the mint. + * Print denomination key details for diagnostics. + * + * @param dk denomination key to print */ -static struct TALER_MasterPublicKeyP master_public_key; +static void +print_dk (const struct TALER_DenominationKeyValidityPS *dk) +{ + struct TALER_Amount a; + char *s; + fprintf (stdout, + "Denomination key hash: %s\n", + GNUNET_h2s_full (&dk->denom_hash)); + TALER_amount_ntoh (&a, + &dk->value); + fprintf (stdout, + "Value: %s\n", + s = TALER_amount_to_string (&a)); + GNUNET_free (s); + TALER_amount_ntoh (&a, + &dk->fee_withdraw); + fprintf (stdout, + "Withdraw fee: %s\n", + s = TALER_amount_to_string (&a)); + GNUNET_free (s); + TALER_amount_ntoh (&a, + &dk->fee_deposit); + fprintf (stdout, + "Deposit fee: %s\n", + s = TALER_amount_to_string (&a)); + GNUNET_free (s); + TALER_amount_ntoh (&a, + &dk->fee_refresh); + fprintf (stdout, + "Refresh fee: %s\n", + s = TALER_amount_to_string (&a)); + GNUNET_free (s); + + fprintf (stdout, + "Validity start time: %s\n", + GNUNET_STRINGS_absolute_time_to_string (GNUNET_TIME_absolute_ntoh (dk->start))); + fprintf (stdout, + "Withdraw end time: %s\n", + GNUNET_STRINGS_absolute_time_to_string (GNUNET_TIME_absolute_ntoh (dk->expire_withdraw))); + fprintf (stdout, + "Deposit end time: %s\n", + GNUNET_STRINGS_absolute_time_to_string (GNUNET_TIME_absolute_ntoh (dk->expire_spend))); + fprintf (stdout, + "Legal dispute end time: %s\n", + GNUNET_STRINGS_absolute_time_to_string (GNUNET_TIME_absolute_ntoh (dk->expire_legal))); + + fprintf (stdout, + "\n"); +} /** @@ -79,18 +135,24 @@ main (int argc, "public key of the mint (Crockford base32 encoded)", 1, &GNUNET_GETOPT_set_filename, &mint_public_key}, {'r', "mint-request", "FILE", - "set of keys the mint requested the auditor to sign", 0, + "set of keys the mint requested the auditor to sign", 1, &GNUNET_GETOPT_set_string, &mint_request_file}, {'o', "output", "FILE", - "where to write our signature", 0, + "where to write our signature", 1, &GNUNET_GETOPT_set_string, &output_file}, GNUNET_GETOPT_OPTION_VERSION (VERSION "-" VCS_VERSION), + GNUNET_GETOPT_OPTION_VERBOSE (&verbose), GNUNET_GETOPT_OPTION_END }; struct GNUNET_CRYPTO_EddsaPrivateKey *eddsa_priv; + struct TALER_AuditorSignatureP *sigs; + struct TALER_AuditorPublicKeyP apub; struct GNUNET_DISK_FileHandle *fh; - struct GNUNET_DISK_FileHandle *fout; + struct TALER_DenominationKeyValidityPS *dks; + unsigned int dks_len; + struct TALER_MintKeyValidityPS kv; off_t in_size; + unsigned int i; GNUNET_assert (GNUNET_OK == GNUNET_log_setup ("taler-mint-keyup", @@ -114,10 +176,13 @@ main (int argc, auditor_key_file); return 1; } + GNUNET_CRYPTO_eddsa_key_get_public (eddsa_priv, + &apub.eddsa_pub); if (NULL == mint_public_key) { fprintf (stderr, "Mint public key not given\n"); + GNUNET_free (eddsa_priv); return 1; } if (GNUNET_OK != @@ -129,12 +194,14 @@ main (int argc, fprintf (stderr, "Public key `%s' malformed\n", mint_public_key); + GNUNET_free (eddsa_priv); return 1; } if (NULL == mint_request_file) { fprintf (stderr, "Mint signing request not given\n"); + GNUNET_free (eddsa_priv); return 1; } fh = GNUNET_DISK_file_open (mint_request_file, @@ -146,6 +213,7 @@ main (int argc, "Failed to open file `%s': %s\n", mint_request_file, STRERROR (errno)); + GNUNET_free (eddsa_priv); return 1; } if (GNUNET_OK != @@ -157,34 +225,95 @@ main (int argc, mint_request_file, STRERROR (errno)); GNUNET_DISK_file_close (fh); + GNUNET_free (eddsa_priv); return 1; } - if (NULL == output_file) + if (0 != (in_size % sizeof (struct TALER_DenominationKeyValidityPS))) { fprintf (stderr, - "Output file not given\n"); + "Input file size of file `%s' is invalid\n", + mint_request_file); GNUNET_DISK_file_close (fh); + GNUNET_free (eddsa_priv); return 1; } - fout = GNUNET_DISK_file_open (output_file, - GNUNET_DISK_OPEN_READ | - GNUNET_DISK_OPEN_TRUNCATE | - GNUNET_DISK_OPEN_CREATE, - GNUNET_DISK_PERM_USER_READ | - GNUNET_DISK_PERM_USER_WRITE | - GNUNET_DISK_PERM_GROUP_READ | - GNUNET_DISK_PERM_OTHER_READ); - if (NULL == fout) + dks_len = in_size / sizeof (struct TALER_DenominationKeyValidityPS); + kv.purpose.purpose = htonl (TALER_SIGNATURE_AUDITOR_MINT_KEYS); + kv.purpose.size = htonl (sizeof (struct TALER_MintKeyValidityPS)); + kv.master = master_public_key; + dks = GNUNET_new_array (dks_len, + struct TALER_DenominationKeyValidityPS); + sigs = GNUNET_new_array (dks_len, + struct TALER_AuditorSignatureP); + if (in_size != + GNUNET_DISK_file_read (fh, + dks, + in_size)) { fprintf (stderr, - "Failed to open file `%s': %s\n", - output_file, + "Failed to read input file `%s': %s\n", + mint_request_file, STRERROR (errno)); GNUNET_DISK_file_close (fh); + GNUNET_free (sigs); + GNUNET_free (dks); + GNUNET_free (eddsa_priv); + return 1; + } + GNUNET_DISK_file_close (fh); + for (i=0;i<dks_len;i++) + { + struct TALER_DenominationKeyValidityPS *dk = &dks[i]; + + if (verbose) + print_dk (dk); + kv.start = dk->start; + kv.expire_withdraw = dk->expire_withdraw; + kv.expire_spend = dk->expire_spend; + kv.expire_legal = dk->expire_legal; + kv.value = dk->value; + kv.fee_withdraw = dk->fee_withdraw; + kv.fee_deposit = dk->fee_deposit; + kv.fee_refresh = dk->fee_refresh; + kv.denom_hash = dk->denom_hash; + + /* Finally sign ... */ + GNUNET_CRYPTO_eddsa_sign (eddsa_priv, + &kv.purpose, + &sigs[i].eddsa_sig); + + + } + + if (NULL == output_file) + { + fprintf (stderr, + "Output file not given\n"); + GNUNET_free (dks); + GNUNET_free (sigs); + GNUNET_free (eddsa_priv); return 1; } - /* FIXME: finally do real work... */ + /* write result to disk */ + if (GNUNET_OK != + TALER_MINTDB_auditor_write (output_file, + &apub, + sigs, + &master_public_key, + dks_len, + dks)) + { + fprintf (stderr, + "Failed to write to file `%s': %s\n", + output_file, + STRERROR (errno)); + GNUNET_free (sigs); + GNUNET_free (dks); + return 1; + } + GNUNET_free (sigs); + GNUNET_free (dks); GNUNET_free (eddsa_priv); return 0; } diff --git a/src/mint-tools/taler-mint-keyup.c b/src/mint-tools/taler-mint-keyup.c index 15c2d2e7..e2c8d798 100644 --- a/src/mint-tools/taler-mint-keyup.c +++ b/src/mint-tools/taler-mint-keyup.c @@ -158,6 +158,17 @@ struct CoinTypeParams static char *masterkeyfile; /** + * Filename where to write denomination key signing + * requests for the auditor (optional, can be NULL). + */ +static char *auditorrequestfile; + +/** + * Handle for writing the output for the auditor. + */ +static FILE *auditor_output_file; + +/** * Director of the mint, containing the keys. */ static char *mint_directory; @@ -807,6 +818,20 @@ mint_keys_update_cointype (void *cls, GNUNET_CRYPTO_rsa_private_key_free (denomkey_issue.denom_priv.rsa_private_key); return; } + if ( (NULL != auditor_output_file) && + (sizeof (denomkey_issue.issue.properties) != + fwrite (&denomkey_issue.issue.properties, + sizeof (struct TALER_DenominationKeyValidityPS), + 1, + auditor_output_file)) ) + { + fprintf (stderr, + "Failed to write denomination key information to %s: %s\n", + auditorrequestfile, + STRERROR (errno)); + *ret = GNUNET_SYSERR; + return; + } GNUNET_CRYPTO_rsa_private_key_free (denomkey_issue.denom_priv.rsa_private_key); p.anchor = GNUNET_TIME_absolute_add (p.anchor, p.duration_spend); @@ -859,6 +884,9 @@ main (int argc, {'m', "master-key", "FILE", "master key file (private key)", 1, &GNUNET_GETOPT_set_filename, &masterkeyfile}, + {'o', "output", "FILE", + "auditor denomination key signing request file to create", 1, + &GNUNET_GETOPT_set_filename, &auditorrequestfile}, {'t', "time", "TIMESTAMP", "pretend it is a different time for the update", 0, &GNUNET_GETOPT_set_string, &pretend_time_str}, @@ -927,6 +955,20 @@ main (int argc, GNUNET_CRYPTO_eddsa_key_get_public (&master_priv.eddsa_priv, &master_public_key.eddsa_pub); + if (NULL != auditorrequestfile) + { + auditor_output_file = FOPEN (auditorrequestfile, + "w"); + if (NULL == auditor_output_file) + { + fprintf (stderr, + "Failed to open `%s' for writing: %s\n", + auditorrequestfile, + STRERROR (errno)); + return 1; + } + } + /* check if key from file matches the one from the configuration */ { struct GNUNET_CRYPTO_EddsaPublicKey master_public_key_from_cfg; @@ -986,6 +1028,11 @@ main (int argc, if (GNUNET_OK != mint_keys_update_denomkeys ()) return 1; + if (NULL != auditor_output_file) + { + FCLOSE (auditor_output_file); + auditor_output_file = NULL; + } return 0; } |