exchange/src/mint/taler-mint-keyup.c

/*
  This file is part of TALER
  Copyright (C) 2014 Christian Grothoff (and other contributing authors)

  TALER is free software; you can redistribute it and/or modify it under the
  terms of the GNU General Public License as published by the Free Software
  Foundation; either version 3, or (at your option) any later version.

  TALER is distributed in the hope that it will be useful, but WITHOUT ANY
  WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
  A PARTICULAR PURPOSE.  See the GNU General Public License for more details.

  You should have received a copy of the GNU General Public License along with
  TALER; see the file COPYING.  If not, If not, see <http://www.gnu.org/licenses/>
*/
/**
 * @file taler-mint-keyup.c
 * @brief Update the mint's keys for coins and signatures,
 *        using the mint's offline master key.
 * @author Florian Dold
 * @author Benedikt Mueller
 */
#include <platform.h>
#include <gnunet/gnunet_util_lib.h>
#include "taler_util.h"
#include "key_io.h"

/**
 * FIXME: allow user to specify (within reason).
 */
#define RSA_KEYSIZE 2048

/**
 *
 */
#define HASH_CUTOFF 20

/**
 * Macro to round microseconds to seconds in GNUNET_TIME_* structs.
 */
#define ROUND_TO_SECS(name,us_field) name.us_field -= name.us_field % (1000 * 1000);


GNUNET_NETWORK_STRUCT_BEGIN

/**
 *
 */
struct CoinTypeNBO
{
  /**
   *
   */
  struct GNUNET_TIME_RelativeNBO duration_spend;

  /**
   *
   */
  struct GNUNET_TIME_RelativeNBO duration_withdraw;

  /**
   *
   */
  struct TALER_AmountNBO value;

  /**
   *
   */
  struct TALER_AmountNBO fee_withdraw;

  /**
   *
   */
  struct TALER_AmountNBO fee_deposit;

  /**
   *
   */
  struct TALER_AmountNBO fee_refresh;
};

GNUNET_NETWORK_STRUCT_END

/**
 *
 */
struct CoinTypeParams
{

  /**
   *
   */
  struct GNUNET_TIME_Relative duration_spend;

  /**
   *
   */
  struct GNUNET_TIME_Relative duration_withdraw;

  /**
   *
   */
  struct GNUNET_TIME_Relative duration_overlap;

  /**
   *
   */
  struct TALER_Amount value;

  /**
   *
   */
  struct TALER_Amount fee_withdraw;

  /**
   *
   */
  struct TALER_Amount fee_deposit;

  /**
   *
   */
  struct TALER_Amount fee_refresh;

  /**
   *
   */
  struct GNUNET_TIME_Absolute anchor;
};


/**
 * Filename of the master private key.
 */
static char *masterkeyfile;

/**
 * Director of the mint, containing the keys.
 */
static char *mintdir;

/**
 * Time to pretend when the key update is executed.
 */
static char *pretend_time_str;

/**
 * Handle to the mint's configuration
 */
static struct GNUNET_CONFIGURATION_Handle *kcfg;

/**
 * Time when the key update is executed.  Either the actual current time, or a
 * pretended time.
 */
static struct GNUNET_TIME_Absolute now;

/**
 * Master private key of the mint.
 */
static struct GNUNET_CRYPTO_EddsaPrivateKey *master_priv;

/**
 * Master public key of the mint.
 */
static struct GNUNET_CRYPTO_EddsaPublicKey *master_pub;

/**
 * Until what time do we provide keys?
 */
static struct GNUNET_TIME_Absolute lookahead_sign_stamp;


/**
 *
 *
 * @param section
 * @param option
 * @param denom
 * @return
 */
static int
config_get_denom (const char *section,
                  const char *option,
                  struct TALER_Amount *denom)
{
  char *str;

  if (GNUNET_OK !=
      GNUNET_CONFIGURATION_get_value_string (kcfg,
                                             section,
                                             option,
                                             &str))
    return GNUNET_NO;
  if (GNUNET_OK != TALER_string_to_amount (str,
                                           denom))
    return GNUNET_SYSERR;
  return GNUNET_OK;
}


/**
 *
 *
 * @return
 */
static char *
get_signkey_dir ()
{
  char *dir;

  GNUNET_asprintf (&dir,
                   "%s" DIR_SEPARATOR_STR DIR_SIGNKEYS,
                   mintdir);
  return dir;
}


/**
 *
 *
 * @param start
 * @return
 */
static char *
get_signkey_file (struct GNUNET_TIME_Absolute start)
{
  char *dir;

  GNUNET_asprintf (&dir,
                   "%s" DIR_SEPARATOR_STR DIR_SIGNKEYS DIR_SEPARATOR_STR "%llu",
                   mintdir,
                   (unsigned long long) start.abs_value_us);
  return dir;
}


/**
 * Hash the data defining the coin type.
 * Exclude information that may not be the same for all
 * instances of the coin type (i.e. the anchor, overlap).
 *
 * @param p
 * @param hash
 */
static void
hash_coin_type (const struct CoinTypeParams *p,
                struct GNUNET_HashCode *hash)
{
  struct CoinTypeNBO p_nbo;

  memset (&p_nbo,
          0,
          sizeof (struct CoinTypeNBO));

  p_nbo.duration_spend = GNUNET_TIME_relative_hton (p->duration_spend);
  p_nbo.duration_withdraw = GNUNET_TIME_relative_hton (p->duration_withdraw);
  p_nbo.value = TALER_amount_hton (p->value);
  p_nbo.fee_withdraw = TALER_amount_hton (p->fee_withdraw);
  p_nbo.fee_deposit = TALER_amount_hton (p->fee_deposit);
  p_nbo.fee_refresh = TALER_amount_hton (p->fee_refresh);

  GNUNET_CRYPTO_hash (&p_nbo,
                      sizeof (struct CoinTypeNBO),
                      hash);
}


/**
 *
 *
 * @param p
 * @return
 */
static const char *
get_cointype_dir (const struct CoinTypeParams *p)
{
  static char dir[4096];
  struct GNUNET_HashCode hash;
  char *hash_str;
  char *val_str;
  unsigned int i;

  hash_coin_type (p, &hash);
  hash_str = GNUNET_STRINGS_data_to_string_alloc (&hash,
                                                  sizeof (struct GNUNET_HashCode));
  GNUNET_assert (HASH_CUTOFF <= strlen (hash_str) + 1);
  GNUNET_assert (NULL != hash_str);
  hash_str[HASH_CUTOFF] = 0;

  val_str = TALER_amount_to_string (p->value);
  for (i = 0; i < strlen (val_str); i++)
    if (':' == val_str[i] || '.' == val_str[i])
      val_str[i] = '_';

  GNUNET_snprintf (dir,
                   sizeof (dir),
                   "%s" DIR_SEPARATOR_STR DIR_DENOMKEYS DIR_SEPARATOR_STR "%s-%s",
                   mintdir,
                   val_str,
                   hash_str);
  GNUNET_free (hash_str);
  return dir;
}


/**
 *
 *
 * @param p
 * @param start
 * @return
 */
static const char *
get_cointype_file (struct CoinTypeParams *p,
                   struct GNUNET_TIME_Absolute start)
{
  const char *dir;
  static char filename[4096];

  dir = get_cointype_dir (p);
  GNUNET_snprintf (filename,
                   sizeof (filename),
                   "%s" DIR_SEPARATOR_STR "%llu",
                   dir,
                   (unsigned long long) start.abs_value_us);
  return filename;
}


/**
 * Get the latest key file from the past.
 *
 * @param cls closure
 * @param filename complete filename (absolute path)
 * @return #GNUNET_OK to continue to iterate,
 *  #GNUNET_NO to stop iteration with no error,
 *  #GNUNET_SYSERR to abort iteration with error!
 */
static int
get_anchor_iter (void *cls,
                 const char *filename)
{
  struct GNUNET_TIME_Absolute *anchor = cls;
  struct GNUNET_TIME_Absolute stamp;
  const char *base;
  char *end = NULL;

  base = GNUNET_STRINGS_get_short_name (filename);
  stamp.abs_value_us = strtol (base,
                               &end,
                               10);

  if ((NULL == end) || (0 != *end))
  {
    fprintf(stderr,
            "Ignoring unexpected file '%s'.\n",
            filename);
    return GNUNET_OK;
  }

  // TODO: check if it's actually a valid key file

  if ( (stamp.abs_value_us <= now.abs_value_us) &&
      ( stamp.abs_value_us > anchor->abs_value_us) )
    *anchor = stamp;

  return GNUNET_OK;
}


/**
 * Get the timestamp where the first new key should be generated.
 * Relies on correctly named key files.
 *
 * @param dir directory with the signed stuff
 * @param duration how long is one key valid?
 * @param overlap what's the overlap between the keys validity period?
 * @param[out] anchor the timestamp where the first new key should be generated
 */
static void
get_anchor (const char *dir,
            struct GNUNET_TIME_Relative duration,
            struct GNUNET_TIME_Relative overlap,
            struct GNUNET_TIME_Absolute *anchor)
{
  GNUNET_assert (0 == duration.rel_value_us % 1000000);
  GNUNET_assert (0 == overlap.rel_value_us % 1000000);
  if (GNUNET_YES !=
      GNUNET_DISK_directory_test (dir, GNUNET_YES))
  {
    *anchor = now;
    fprintf (stderr,
             "Cannot look for anchor (%s)\n",
             dir);
    return;
  }

  *anchor = GNUNET_TIME_UNIT_ZERO_ABS;
  if (-1 ==
      GNUNET_DISK_directory_scan (dir,
                                  &get_anchor_iter,
                                  anchor))
  {
    *anchor = now;
    return;
  }

  if ((GNUNET_TIME_absolute_add (*anchor,
                                 duration)).abs_value_us < now.abs_value_us)
  {
    // there's no good anchor, start from now
    // (existing keys are too old)
    *anchor = now;
  }
  else if (anchor->abs_value_us != now.abs_value_us)
  {
    // we have a good anchor
    *anchor = GNUNET_TIME_absolute_add (*anchor, duration);
    *anchor = GNUNET_TIME_absolute_subtract (*anchor, overlap);
  }
  // anchor is now the stamp where we need to create a new key
}


/**
 *
 *
 * @param start
 * @param duration
 * @param pi
 */
static void
create_signkey_issue_priv (struct GNUNET_TIME_Absolute start,
                           struct GNUNET_TIME_Relative duration,
                           struct TALER_MINT_SignKeyIssuePriv *pi)
{
  struct GNUNET_CRYPTO_EddsaPrivateKey *priv;
  struct TALER_MINT_SignKeyIssue *issue = &pi->issue;

  priv = GNUNET_CRYPTO_eddsa_key_create ();
  pi->signkey_priv = *priv;
  GNUNET_free (priv);
  issue->master_pub = *master_pub;
  issue->start = GNUNET_TIME_absolute_hton (start);
  issue->expire = GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_add (start,
                                                                       duration));

  GNUNET_CRYPTO_eddsa_key_get_public (&pi->signkey_priv,
                                      &issue->signkey_pub);

  issue->purpose.purpose = htonl (TALER_SIGNATURE_MASTER_SIGNKEY);
  issue->purpose.size = htonl (sizeof (struct TALER_MINT_SignKeyIssue) -
                               offsetof (struct TALER_MINT_SignKeyIssue,
                                         purpose));

  GNUNET_assert (GNUNET_OK ==
                 GNUNET_CRYPTO_eddsa_sign (master_priv,
                                           &issue->purpose,
                                           &issue->signature));
}


/**
 *
 *
 * @param signkey_filename
 * @return
 */
static int
check_signkey_valid (const char *signkey_filename)
{
  // FIXME: do real checks
  return GNUNET_OK;
}


/**
 *
 *
 * @return
 */
static int
mint_keys_update_signkeys ()
{
  struct GNUNET_TIME_Relative signkey_duration;
  struct GNUNET_TIME_Absolute anchor;
  char *signkey_dir;

  if (GNUNET_OK !=
      GNUNET_CONFIGURATION_get_value_time (kcfg,
                                           "mint_keys",
                                           "signkey_duration",
                                           &signkey_duration))
  {
    fprintf (stderr,
             "Cannot read config value mint_keys.signkey_duration\n");
    return GNUNET_SYSERR;
  }
  ROUND_TO_SECS (signkey_duration,
                 rel_value_us);
  signkey_dir = get_signkey_dir ();
  // make sure the directory exists
  if (GNUNET_OK !=
      GNUNET_DISK_directory_create (signkey_dir))
  {
    fprintf (stderr,
             "Failed to create signing key directory\n");
    return GNUNET_SYSERR;
  }

  get_anchor (signkey_dir,
              signkey_duration,
              GNUNET_TIME_UNIT_ZERO,
              &anchor);

  while (anchor.abs_value_us < lookahead_sign_stamp.abs_value_us)
  {
    char *skf;

    skf = get_signkey_file (anchor);
    if (GNUNET_YES !=
        GNUNET_DISK_file_test (skf))
    {
      struct TALER_MINT_SignKeyIssuePriv signkey_issue;
      ssize_t nwrite;

      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                  "Generating signing key for %s.\n",
                  GNUNET_STRINGS_absolute_time_to_string (anchor));
      create_signkey_issue_priv (anchor,
                                 signkey_duration,
                                 &signkey_issue);
      nwrite = GNUNET_DISK_fn_write (skf,
                                     &signkey_issue,
                                     sizeof (struct TALER_MINT_SignKeyIssue),
                                     GNUNET_DISK_PERM_USER_WRITE | GNUNET_DISK_PERM_USER_READ);
      if (nwrite != sizeof (struct TALER_MINT_SignKeyIssue))
      {
        fprintf (stderr,
                 "Failed to write to file `%s': %s\n",
                 skf,
                 STRERROR (errno));
        return GNUNET_SYSERR;
      }
    }
    else if (GNUNET_OK != check_signkey_valid (skf))
    {
      return GNUNET_SYSERR;
    }
    anchor = GNUNET_TIME_absolute_add (anchor, signkey_duration);
  }
  return GNUNET_OK;
}


/**
 *
 *
 * @param ct
 * @param params
 * @return
 */
static int
get_cointype_params (const char *ct,
                     struct CoinTypeParams *params)
{
  const char *dir;

  if (GNUNET_OK !=
      GNUNET_CONFIGURATION_get_value_time (kcfg,
                                           "mint_denom_duration_withdraw",
                                           ct,
                                           &params->duration_withdraw))
  {
    fprintf (stderr,
             "Withdraw duration not given for coin type '%s'\n",
             ct);
    return GNUNET_SYSERR;
  }
  ROUND_TO_SECS (params->duration_withdraw,
                 rel_value_us);
  if (GNUNET_OK !=
      GNUNET_CONFIGURATION_get_value_time (kcfg,
                                           "mint_denom_duration_spend",
                                           ct,
                                           &params->duration_spend))
  {
    fprintf (stderr,
             "Spend duration not given for coin type '%s'\n",
             ct);
    return GNUNET_SYSERR;
  }
  ROUND_TO_SECS (params->duration_spend, rel_value_us);
  if (GNUNET_OK !=
      GNUNET_CONFIGURATION_get_value_time (kcfg,
                                           "mint_denom_duration_overlap",
                                           ct,
                                           &params->duration_overlap))
  {
    fprintf (stderr,
             "Overlap duration not given for coin type '%s'\n",
             ct);
    return GNUNET_SYSERR;
  }
  ROUND_TO_SECS (params->duration_overlap,
                 rel_value_us);

  if (GNUNET_OK !=
      config_get_denom ("mint_denom_value",
                        ct,
                        &params->value))
  {
    fprintf (stderr,
             "Value not given for coin type '%s'\n",
             ct);
    return GNUNET_SYSERR;
  }

  if (GNUNET_OK !=
      config_get_denom ("mint_denom_fee_withdraw",
                        ct,
                        &params->fee_withdraw))
  {
    fprintf (stderr,
             "Withdraw fee not given for coin type '%s'\n",
             ct);
    return GNUNET_SYSERR;
  }

  if (GNUNET_OK !=
      config_get_denom ("mint_denom_fee_deposit",
                        ct,
                        &params->fee_deposit))
  {
    fprintf (stderr,
             "Deposit fee not given for coin type '%s'\n",
             ct);
    return GNUNET_SYSERR;
  }

  if (GNUNET_OK !=
      config_get_denom ("mint_denom_fee_refresh",
                        ct,
                        &params->fee_refresh))
  {
    fprintf (stderr,
             "Deposit fee not given for coin type '%s'\n",
             ct);
    return GNUNET_SYSERR;
  }

  dir = get_cointype_dir (params);
  get_anchor (dir, params->duration_spend, params->duration_overlap, &params->anchor);
  return GNUNET_OK;
}


/**
 *
 *
 * @param params
 * @param dki
 */
static void
create_denomkey_issue (struct CoinTypeParams *params,
                       struct TALER_MINT_DenomKeyIssuePriv *dki)
{
  GNUNET_assert (NULL != (dki->denom_priv = GNUNET_CRYPTO_rsa_private_key_create (RSA_KEYSIZE)));
  dki->denom_pub = GNUNET_CRYPTO_rsa_private_key_get_public (dki->denom_priv);
  GNUNET_CRYPTO_rsa_public_key_hash (dki->denom_pub,
                                     &dki->issue.denom_hash);
  dki->issue.master = *master_pub;
  dki->issue.start = GNUNET_TIME_absolute_hton (params->anchor);
  dki->issue.expire_withdraw =
      GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_add (params->anchor,
                                                           params->duration_withdraw));
  dki->issue.expire_spend =
    GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_add (params->anchor,
                                                           params->duration_spend));
  dki->issue.value = TALER_amount_hton (params->value);
  dki->issue.fee_withdraw = TALER_amount_hton (params->fee_withdraw);
  dki->issue.fee_deposit = TALER_amount_hton (params->fee_deposit);
  dki->issue.fee_refresh = TALER_amount_hton (params->fee_refresh);

  dki->issue.purpose.purpose = htonl (TALER_SIGNATURE_MASTER_DENOM);
  dki->issue.purpose.size = htonl (sizeof (struct TALER_MINT_DenomKeyIssuePriv) -
                                   offsetof (struct TALER_MINT_DenomKeyIssuePriv,
                                             issue.purpose));

  GNUNET_assert (GNUNET_OK ==
                 GNUNET_CRYPTO_eddsa_sign (master_priv,
                                           &dki->issue.purpose,
                                           &dki->issue.signature));
}


/**
 *
 *
 * @param filename
 * @param params
 * @return
 */
static int
check_cointype_valid (const char *filename,
                      struct CoinTypeParams *params)
{
  // FIXME: add real checks
  return GNUNET_OK;
}


/**
 *
 *
 * @param coin_alias
 * @return
 */
static int
mint_keys_update_cointype (const char *coin_alias)
{
  struct CoinTypeParams p;
  const char *cointype_dir;

  if (GNUNET_OK != get_cointype_params (coin_alias, &p))
    return GNUNET_SYSERR;

  cointype_dir = get_cointype_dir (&p);
  if (GNUNET_OK != GNUNET_DISK_directory_create (cointype_dir))
    return GNUNET_SYSERR;

  while (p.anchor.abs_value_us < lookahead_sign_stamp.abs_value_us)
  {
    const char *dkf;

    dkf = get_cointype_file (&p, p.anchor);

    if (GNUNET_YES != GNUNET_DISK_file_test (dkf))
    {
      struct TALER_MINT_DenomKeyIssuePriv denomkey_issue;
      int ret;

      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                  "Generating denomination key for type '%s', start %s at %s\n",
                  coin_alias,
                  GNUNET_STRINGS_absolute_time_to_string (p.anchor),
                  dkf);
      create_denomkey_issue (&p,
                             &denomkey_issue);
      ret = TALER_MINT_write_denom_key (dkf,
                                        &denomkey_issue);
      GNUNET_CRYPTO_rsa_private_key_free (denomkey_issue.denom_priv);
      if (GNUNET_OK != ret)
      {
        fprintf (stderr,
                 "Failed to write to file `%s'\n",
                 dkf);
        return GNUNET_SYSERR;
      }
    }
    else if (GNUNET_OK != check_cointype_valid (dkf, &p))
    {
      return GNUNET_SYSERR;
    }
    p.anchor = GNUNET_TIME_absolute_add (p.anchor, p.duration_spend);
    p.anchor = GNUNET_TIME_absolute_subtract (p.anchor, p.duration_overlap);
  }
  return GNUNET_OK;
}


/**
 *
 *
 * @return
 */
static int
mint_keys_update_denomkeys ()
{
  char *coin_types;
  char *ct;
  char *tok_ctx;

  if (GNUNET_OK !=
      GNUNET_CONFIGURATION_get_value_string (kcfg,
                                             "mint_keys",
                                             "coin_types",
                                             &coin_types))
  {
    fprintf (stderr,
             "mint_keys.coin_types not in configuration\n");
    return GNUNET_SYSERR;
  }

  for (ct = strtok_r (coin_types, " ", &tok_ctx);
       ct != NULL;
       ct = strtok_r (NULL, " ", &tok_ctx))
  {
    if (GNUNET_OK != mint_keys_update_cointype (ct))
    {
      GNUNET_free (coin_types);
      return GNUNET_SYSERR;
    }
  }
  GNUNET_free (coin_types);
  return GNUNET_OK;
}


/**
 *
 * @return
 */
static int
mint_keys_update ()
{
  int ret;
  struct GNUNET_TIME_Relative lookahead_sign;

  if (GNUNET_OK !=
      GNUNET_CONFIGURATION_get_value_time (kcfg,
                                           "mint_keys",
                                           "lookahead_sign",
                                           &lookahead_sign))
  {
    fprintf (stderr,
             "mint_keys.lookahead_sign not found\n");
    return GNUNET_SYSERR;
  }
  if (0 == lookahead_sign.rel_value_us)
  {
    fprintf (stderr,
             "mint_keys.lookahead_sign must not be zero\n");
    return GNUNET_SYSERR;
  }
  ROUND_TO_SECS (lookahead_sign,
                 rel_value_us);
  lookahead_sign_stamp = GNUNET_TIME_absolute_add (now,
                                                   lookahead_sign);

  ret = mint_keys_update_signkeys ();
  if (GNUNET_OK != ret)
    return GNUNET_SYSERR;

  return mint_keys_update_denomkeys ();
}


/**
 * The main function of the keyup tool
 *
 * @param argc number of arguments from the command line
 * @param argv command line arguments
 * @return 0 ok, 1 on error
 */
int
main (int argc, char *const *argv)
{
  static const struct GNUNET_GETOPT_CommandLineOption options[] = {
    GNUNET_GETOPT_OPTION_HELP ("gnunet-mint-keyup OPTIONS"),
    {'m', "master-key", "FILE",
     "master key file (private key)", 1,
     &GNUNET_GETOPT_set_filename, &masterkeyfile},
    {'d', "mint-dir", "DIR",
     "mint directory with keys to update", 1,
     &GNUNET_GETOPT_set_filename, &mintdir},
    {'t', "time", "TIMESTAMP",
     "pretend it is a different time for the update", 0,
     &GNUNET_GETOPT_set_string, &pretend_time_str},
    GNUNET_GETOPT_OPTION_END
  };

  GNUNET_assert (GNUNET_OK ==
                 GNUNET_log_setup ("taler-mint-keyup",
                                   "WARNING",
                                   NULL));

  if (GNUNET_GETOPT_run ("taler-mint-keyup",
                         options,
                         argc, argv) < 0)
    return 1;
  if (NULL == mintdir)
  {
    fprintf (stderr,
             "mint directory not given\n");
    return 1;
  }

  if (NULL != pretend_time_str)
  {
    if (GNUNET_OK !=
        GNUNET_STRINGS_fancy_time_to_absolute (pretend_time_str,
                                               &now))
    {
      fprintf (stderr,
               "timestamp invalid\n");
      return 1;
    }
  }
  else
  {
    now = GNUNET_TIME_absolute_get ();
  }
  ROUND_TO_SECS (now, abs_value_us);

  kcfg = TALER_config_load (mintdir);
  if (NULL == kcfg)
  {
    fprintf (stderr,
             "Failed to load mint configuration\n");
    return 1;
  }

  if (NULL == masterkeyfile)
  {
    fprintf (stderr,
             "master key file not given\n");
    return 1;
  }
  master_priv = GNUNET_CRYPTO_eddsa_key_create_from_file (masterkeyfile);
  if (NULL == master_priv)
  {
    fprintf (stderr,
             "Failed to initialize master key from file `%s'\n",
             masterkeyfile);
    return 1;
  }

  master_pub = GNUNET_new (struct GNUNET_CRYPTO_EddsaPublicKey);
  GNUNET_CRYPTO_eddsa_key_get_public (master_priv,
                                      master_pub);

  // check if key from file matches the one from the configuration
  {
    struct GNUNET_CRYPTO_EddsaPublicKey master_pub_from_cfg;

    if (GNUNET_OK !=
        GNUNET_CONFIGURATION_get_data (kcfg,
                                       "mint",
                                       "master_pub",
                                       &master_pub_from_cfg,
                                       sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)))
    {
      fprintf (stderr,
               "Master public key missing in configuration (mint.master_pub)\n");
      return 1;
    }
    if (0 !=
        memcmp (master_pub,
                &master_pub_from_cfg,
                sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)))
    {
      fprintf (stderr,
               "Mismatch between key from mint configuration and master private key file from command line.\n");
      return 1;
    }
  }

  if (GNUNET_OK != mint_keys_update ())
    return 1;
  return 0;
}

/* end of taler-mint-keyup.c */