towards implementing /wire replies

doc/taler-mint-sepa.1

@@ -0,0 +1,41 @@
+.TH TALER\-MINT\-SEPA 1 "Apr 22, 2015" "GNU Taler"
+
+.SH NAME
+taler\-mint\-sepa \- Create the master-key signed response to /wire/sepa.
+
+.SH SYNOPSIS
+.B taler\-mint\-sepa
+.RI [ options ]
+.br
+
+.SH DESCRIPTION
+\fBtaler\-mint\-sepa\fP is used to create the mint's reply to a /wire/sepa request.  It converts the bank details into the appropriate signed response.  This needs to be done using the long-term offline master key.
+
+.SH OPTIONS
+.B
+.IP "\-b BIC,  \-\-bic=BIC"
+Specifies the BIC code to use.
+.B
+.IP "\-i IBAN,  \-\-iban=IBAN"
+Specifies the IBAN to use.
+.B
+.IP "\-n NAME,  \-\-name=NAME"
+Specifies the name of the account holder.
+.B
+.IP "\-m MASTERKEYFILE,  \-\-master=MASTERKEYFILE"
+Specifies the name of the file containing the mint's master key.
+.B
+.IP "\-o FILENAME,  \-\-output=FILENAME"
+Where to write the SEPA_RESPONSE_FILE.
+.B
+.IP "\-h, \-\-help"
+Print short help on options.
+.B
+.IP "\-v, \-\-version"
+Print version information.
+
+.SH BUGS
+Report bugs by using Mantis <https://gnunet.org/bugs/> or by sending electronic mail to <taler@gnu.org>
+
+.SH "SEE ALSO"
+\fBtaler\-mint\-httpd\fP(1), \fBtaler.conf\fP(5)

doc/taler.conf.5

@@ -1,4 +1,4 @@
-.TH TALER.CONF 5 "Apr 22, 2015" "GNU Taler"
+.TH TALER.CONF 5 "Aug 11, 2015" "GNU Taler"
 
 .SH NAME
 taler.conf \- Taler configuration file.
@@ -25,6 +25,20 @@ The following options are from the "[mint]" section and used by most mint tools:
 .IP MASTER_PUBLIC_KEY
     Crockford Base32-encoded master public key, public version of the mint\'s long\-time offline signing key.
 
+
+.SH WIRE transfer details
+
+The following options must be in section "[mint-wire-test]":
+
+.IP REDIRECT_URL
+    URL to redirect /wire/test to. Should contain a Web form the user can use to charge his wallet with coins in a "test" currency for testing. If this option is not provided, /wire/test will return "501 NOT IMPLEMENTED".
+
+The following options must be in section "[mint-wire-sepa]":
+
+.IP SEPA_RESPONSE_FILE
+    Filename with the JSON body for the /wire/sepa response, signed using the mint's long-term offline master key.  If this option is not provided, /wire/test will return "501 NOT IMPLEMENTED".  Use "taler-mint-sepa" to create the SEPA_RESPONSE_FILE.
+
+
 .SH Postgres database options
 
 The following options must be in section "[mintdb-postgres]":
@@ -71,4 +85,5 @@ The following options are from the "[mint_keys]" section and used by most taler\
 Report bugs by using Mantis <https://gnunet.org/bugs/> or by sending electronic mail to <taler@gnu.org>
 
 .SH "SEE ALSO"
-\fBtaler\-mint\-httpd\fP(1), \fBtaler\-mint\-keyup\fP(1), \fBtaler\-mint\-reservemod\fP(1), \fBtaler\-mint\-dbinit\fP(1)
+\fBtaler\-mint\-httpd\fP(1), \fBtaler\-mint\-keyup\fP(1), \fBtaler\-mint\-reservemod\fP(1), \fBtaler\-mint\-dbinit\fP(1), \fBtaler\-mint\-sepa(1)
+

src/include/taler_signatures.h

@@ -67,6 +67,12 @@
  */
 #define TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY 1025
 
+/**
+ * Signature where the Mint confirms its SEPA details in
+ * the /wire/sepa response.
+ */
+#define TALER_SIGNATURE_MASTER_SEPA_DETAILS 1026
+
 
 /*********************************************/
 /* Mint online signatures (with signing key) */
@@ -95,6 +101,11 @@
  */
 #define TALER_SIGNATURE_MINT_KEY_SET 1035
 
+/**
+ * Signature where the Mint confirms the /wire response.
+ */
+#define TALER_SIGNATURE_MINT_WIRE_TYPES 1036
+
 
 /*********************/
 /* Wallet signatures */
@@ -520,7 +531,6 @@ struct TALER_MintKeySetPS
    */
   struct GNUNET_TIME_AbsoluteNBO list_issue_date;
 
-  /**
    * Hash over the various denomination signing keys returned.
    */
   struct GNUNET_HashCode hc;
@@ -673,6 +683,48 @@ struct TALER_RefreshCommitLinkP
 };
 
 
+/**
+ * @brief Information signed by the mint's master
+ * key affirming the SEPA details for the mint.
+ */
+struct TALER_MasterWireSepaDetailsPS
+{
+
+  /**
+   * Purpose is #TALER_SIGNATURE_MASTER_SEPA_DETAILS.
+   */
+  struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
+
+  /**
+   * Hash over the account holder's name, IBAN and BIC
+   * code (all as 0-terminated strings).
+   */
+  struct GNUNET_HashCode h_sepa_details;
+
+};
+
+
+/**
+ * @brief Information signed by a mint's online signing key affirming
+ * the wire formats supported by the mint.
+ */
+struct TALER_MintWireSupportMethodsPS
+{
+
+  /**
+   * Purpose is #TALER_SIGNATURE_MINT_WIRE_TYPES.
+   */
+  struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
+
+  /**
+   * Hash over the various wire formats supported by this mint
+   * (all as 0-terminated strings).
+   */
+  struct GNUNET_HashCode h_wire_types;
+
+};
+
+
 GNUNET_NETWORK_STRUCT_END
 
 #endif

src/mint-tools/Makefile.am

@@ -10,6 +10,7 @@ bin_PROGRAMS = \
   taler-mint-keyup \
   taler-mint-keycheck \
   taler-mint-reservemod \
+  taler-mint-sepa \
   taler-mint-dbinit
 
 taler_mint_keyup_SOURCES = \
@@ -24,9 +25,16 @@ taler_mint_keyup_LDADD = \
 taler_mint_keyup_LDFLAGS = $(POSTGRESQL_LDFLAGS)
 
 
+taler_mint_sepa_SOURCES = \
+  taler-mint-sepa.c
+taler_mint_sepa_LDADD = \
+  $(LIBGCRYPT_LIBS) \
+  $(top_builddir)/src/util/libtalerutil.la \
+  -lgnunetutil  $(XLIB)
+taler_mint_sepa_LDFLAGS = $(POSTGRESQL_LDFLAGS)
+
 taler_mint_keycheck_SOURCES = \
   taler-mint-keycheck.c
-
 taler_mint_keycheck_LDADD = \
   $(LIBGCRYPT_LIBS) \
   $(top_builddir)/src/util/libtalerutil.la \

src/mint-tools/taler-mint-sepa.c

@@ -0,0 +1,111 @@
+/*
+  This file is part of TALER
+  Copyright (C) 2015 Christian Grothoff (and other contributing authors)
+
+  TALER is free software; you can redistribute it and/or modify it under the
+  terms of the GNU General Public License as published by the Free Software
+  Foundation; either version 3, or (at your option) any later version.
+
+  TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+  WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+  A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
+
+  You should have received a copy of the GNU General Public License along with
+  TALER; see the file COPYING.  If not, If not, see <http://www.gnu.org/licenses/>
+*/
+/**
+ * @file taler-mint-sepa.c
+ * @brief Create signed response for /wire/sepa requests.
+ * @author Christian Grothoff
+ */
+#include <platform.h>
+#include "taler_crypto_lib.h"
+
+/**
+ * Filename of the master private key.
+ */
+static char *masterkeyfile;
+
+/**
+ * Account holder name.
+ */
+static char *sepa_name;
+
+/**
+ * IBAN number.
+ */
+static char *iban;
+
+/**
+ * BIC number.
+ */
+static char *bic;
+
+/**
+ * Where to write the result.
+ */
+static char *output_filename;
+
+
+/**
+ * The main function of the taler-mint-sepa tool.  This tool is used
+ * to sign the SEPA bank account details using the master key.
+ *
+ * @param argc number of arguments from the command line
+ * @param argv command line arguments
+ * @return 0 ok, 1 on error
+ */
+int
+main (int argc,
+      char *const *argv)
+{
+  static const struct GNUNET_GETOPT_CommandLineOption options[] = {
+    {'b', "bic", "BICCODE",
+     "bank BIC code", 1,
+     &GNUNET_GETOPT_set_string, &bic},
+    {'i', "iban", "IBAN",
+     "IBAN number of the account", 1,
+     &GNUNET_GETOPT_set_string, &iban},
+    {'m', "master-key", "FILE",
+     "master key file (private key)", 1,
+     &GNUNET_GETOPT_set_filename, &masterkeyfile},
+    {'n', "name", "NAME",
+     "name of the account holder", 1,
+     &GNUNET_GETOPT_set_string, &sepa_name},
+    {'o', "output", "FILE",
+     "where to write the result", 1,
+     &GNUNET_GETOPT_set_filename, &output_filename},
+    GNUNET_GETOPT_OPTION_VERSION (VERSION "-" VCS_VERSION),
+    GNUNET_GETOPT_OPTION_END
+  };
+  struct GNUNET_CRYPTO_EddsaPrivateKey *eddsa_priv;
+
+  GNUNET_assert (GNUNET_OK ==
+                 GNUNET_log_setup ("taler-mint-sepa",
+                                   "WARNING",
+                                   NULL));
+
+  if (GNUNET_GETOPT_run ("taler-mint-sepa",
+                         options,
+                         argc, argv) < 0)
+    return 1;
+  if (NULL == masterkeyfile)
+  {
+    fprintf (stderr,
+             "Master key file not given\n");
+    return 1;
+  }
+  eddsa_priv = GNUNET_CRYPTO_eddsa_key_create_from_file (masterkeyfile);
+  if (NULL == eddsa_priv)
+  {
+    fprintf (stderr,
+             "Failed to initialize master key from file `%s'\n",
+             masterkeyfile);
+    return 1;
+  }
+  /* FIXME: do real work! */
+  GNUNET_free (eddsa_priv);
+  return 0;
+}
+
+/* end of taler-mint-sepa.c */

src/mint/taler-mint-httpd_wire.c

@@ -19,6 +19,8 @@
  * @author Christian Grothoff
  */
 #include "platform.h"
+#include "taler-mint-httpd_keystate.h"
+#include "taler-mint-httpd_responses.h"
 #include "taler-mint-httpd_wire.h"
 
 
@@ -39,8 +41,27 @@ TMH_WIRE_handler_wire (struct TMH_RequestHandler *rh,
                        const char *upload_data,
                        size_t *upload_data_size)
 {
-  GNUNET_break (0); // FIXME: not implemented (#3477)
-  return MHD_NO;
+  struct TALER_MintWireSupportMethodsPS wsm;
+  struct TALER_MintPublicKeyP pub;
+  struct TALER_MintSignatureP sig;
+
+  wsm.purpose.size = htonl (sizeof (wsm));
+  wsm.purpose.purpose = htonl (TALER_SIGNATURE_MINT_WIRE_TYPES);
+  GNUNET_CRYPTO_hash (TMH_expected_wire_format,
+		      strlen (TMH_expected_wire_format) + 1,
+		      &wsm.h_wire_types);
+  TMH_KS_sign (&wsm.purpose,
+               &pub,
+               &sig);
+  /* FIXME: check against spec! */
+  return TMH_RESPONSE_reply_json_pack (connection,
+                                       MHD_HTTP_OK,
+                                       "{s:s, s:o, s:o}",
+                                       "wire", TMH_expected_wire_format,
+                                       "sig", TALER_json_from_data (&sig,
+                                                                    sizeof (sig)),
+                                       "pub", TALER_json_from_data (&pub,
+                                                                    sizeof (pub)));
 }
 
 
@@ -61,8 +82,42 @@ TMH_WIRE_handler_wire_test (struct TMH_RequestHandler *rh,
                             const char *upload_data,
                             size_t *upload_data_size)
 {
-  GNUNET_break (0); // FIXME: not implemented (#3477)
-  return MHD_NO;
+  struct MHD_Response *response;
+  int ret;
+  char *wire_test_redirect;
+
+  response = MHD_create_response_from_buffer (0, NULL,
+                                              MHD_RESPMEM_PERSISTENT);
+  if (NULL == response)
+  {
+    GNUNET_break (0);
+    return MHD_NO;
+  }
+  if (GNUNET_OK !=
+      GNUNET_CONFIGURATION_get_value_string (cfg,
+					     "mint-wire-test",
+					     "REDIRECT_URL",
+					     &wire_test_redirect))
+  {
+    ret = MHD_queue_response (connection,
+			      MHD_HTTP_NOT_IMPLEMENTED,
+			      response);
+    MHD_destroy_response (response);
+    return ret;
+  }
+  MHD_add_response_header (response,
+                           MHD_HTTP_HEADER_LOCATION,
+                           wire_test_redirect);
+  GNUNET_free (wire_test_redirect);
+  if (NULL != rh->mime_type)
+    (void) MHD_add_response_header (response,
+                                    MHD_HTTP_HEADER_CONTENT_TYPE,
+                                    rh->mime_type);
+  ret = MHD_queue_response (connection,
+                            rh->response_code,
+                            response);
+  MHD_destroy_response (response);
+  return ret;
 }
 
 
@@ -83,8 +138,63 @@ TMH_WIRE_handler_wire_sepa (struct TMH_RequestHandler *rh,
 			    const char *upload_data,
 			    size_t *upload_data_size)
 {
-  GNUNET_break (0); // FIXME: not implemented (#3477)
-  return MHD_NO;
+  struct MHD_Response *response;
+  int ret;
+  char *sepa_wire_file;
+  int fd;
+  struct stat sbuf;
+
+  if (GNUNET_OK !=
+      GNUNET_CONFIGURATION_get_value_string (cfg,
+					     "mint-wire-sepa",
+					     "SEPA_RESPONSE_FILE",
+					     &sepa_wire_file))
+  {
+    ret = MHD_queue_response (connection,
+			      MHD_HTTP_NOT_IMPLEMENTED,
+			      response);
+    MHD_destroy_response (response);
+    return ret;
+  }
+  fd = open (sepa_wire_file,
+	     O_RDONLY);
+  if (-1 == fd)
+  {
+    GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
+			      "open",
+			      sepa_wire_file);
+    GNUNET_free (sepa_wire_file);
+    return TMH_RESPONSE_reply_internal_error (connection,
+					      "Failed to open SEPA_RESPONSE_FILE");
+  }
+  if (0 != fstat (fd, &sbuf))
+  {
+    GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
+			      "fstat",
+			      sepa_wire_file);
+    (void) close (fd);
+    GNUNET_free (sepa_wire_file);
+    return TMH_RESPONSE_reply_internal_error (connection,
+					      "Failed to open SEPA_RESPONSE_FILE");
+  }
+  response = MHD_create_response_from_fd ((size_t) sbuf.st_size,
+					  fd);
+  GNUNET_free (sepa_wire_file);
+  if (NULL == response)
+  {
+    (void) close (fd);
+    GNUNET_break (0);
+    return MHD_NO;
+  }
+  if (NULL != rh->mime_type)
+    (void) MHD_add_response_header (response,
+                                    MHD_HTTP_HEADER_CONTENT_TYPE,
+                                    rh->mime_type);
+  ret = MHD_queue_response (connection,
+                            rh->response_code,
+                            response);
+  MHD_destroy_response (response);
+  return ret;
 }
 
 /* end of taler-mint-httpd_wire.c */