towards implementing /wire replies
This commit is contained in:
parent
655e6f17bd
commit
13619f425c
41
doc/taler-mint-sepa.1
Normal file
41
doc/taler-mint-sepa.1
Normal file
@ -0,0 +1,41 @@
|
||||
.TH TALER\-MINT\-SEPA 1 "Apr 22, 2015" "GNU Taler"
|
||||
|
||||
.SH NAME
|
||||
taler\-mint\-sepa \- Create the master-key signed response to /wire/sepa.
|
||||
|
||||
.SH SYNOPSIS
|
||||
.B taler\-mint\-sepa
|
||||
.RI [ options ]
|
||||
.br
|
||||
|
||||
.SH DESCRIPTION
|
||||
\fBtaler\-mint\-sepa\fP is used to create the mint's reply to a /wire/sepa request. It converts the bank details into the appropriate signed response. This needs to be done using the long-term offline master key.
|
||||
|
||||
.SH OPTIONS
|
||||
.B
|
||||
.IP "\-b BIC, \-\-bic=BIC"
|
||||
Specifies the BIC code to use.
|
||||
.B
|
||||
.IP "\-i IBAN, \-\-iban=IBAN"
|
||||
Specifies the IBAN to use.
|
||||
.B
|
||||
.IP "\-n NAME, \-\-name=NAME"
|
||||
Specifies the name of the account holder.
|
||||
.B
|
||||
.IP "\-m MASTERKEYFILE, \-\-master=MASTERKEYFILE"
|
||||
Specifies the name of the file containing the mint's master key.
|
||||
.B
|
||||
.IP "\-o FILENAME, \-\-output=FILENAME"
|
||||
Where to write the SEPA_RESPONSE_FILE.
|
||||
.B
|
||||
.IP "\-h, \-\-help"
|
||||
Print short help on options.
|
||||
.B
|
||||
.IP "\-v, \-\-version"
|
||||
Print version information.
|
||||
|
||||
.SH BUGS
|
||||
Report bugs by using Mantis <https://gnunet.org/bugs/> or by sending electronic mail to <taler@gnu.org>
|
||||
|
||||
.SH "SEE ALSO"
|
||||
\fBtaler\-mint\-httpd\fP(1), \fBtaler.conf\fP(5)
|
@ -1,4 +1,4 @@
|
||||
.TH TALER.CONF 5 "Apr 22, 2015" "GNU Taler"
|
||||
.TH TALER.CONF 5 "Aug 11, 2015" "GNU Taler"
|
||||
|
||||
.SH NAME
|
||||
taler.conf \- Taler configuration file.
|
||||
@ -25,6 +25,20 @@ The following options are from the "[mint]" section and used by most mint tools:
|
||||
.IP MASTER_PUBLIC_KEY
|
||||
Crockford Base32-encoded master public key, public version of the mint\'s long\-time offline signing key.
|
||||
|
||||
|
||||
.SH WIRE transfer details
|
||||
|
||||
The following options must be in section "[mint-wire-test]":
|
||||
|
||||
.IP REDIRECT_URL
|
||||
URL to redirect /wire/test to. Should contain a Web form the user can use to charge his wallet with coins in a "test" currency for testing. If this option is not provided, /wire/test will return "501 NOT IMPLEMENTED".
|
||||
|
||||
The following options must be in section "[mint-wire-sepa]":
|
||||
|
||||
.IP SEPA_RESPONSE_FILE
|
||||
Filename with the JSON body for the /wire/sepa response, signed using the mint's long-term offline master key. If this option is not provided, /wire/test will return "501 NOT IMPLEMENTED". Use "taler-mint-sepa" to create the SEPA_RESPONSE_FILE.
|
||||
|
||||
|
||||
.SH Postgres database options
|
||||
|
||||
The following options must be in section "[mintdb-postgres]":
|
||||
@ -71,4 +85,5 @@ The following options are from the "[mint_keys]" section and used by most taler\
|
||||
Report bugs by using Mantis <https://gnunet.org/bugs/> or by sending electronic mail to <taler@gnu.org>
|
||||
|
||||
.SH "SEE ALSO"
|
||||
\fBtaler\-mint\-httpd\fP(1), \fBtaler\-mint\-keyup\fP(1), \fBtaler\-mint\-reservemod\fP(1), \fBtaler\-mint\-dbinit\fP(1)
|
||||
\fBtaler\-mint\-httpd\fP(1), \fBtaler\-mint\-keyup\fP(1), \fBtaler\-mint\-reservemod\fP(1), \fBtaler\-mint\-dbinit\fP(1), \fBtaler\-mint\-sepa(1)
|
||||
|
||||
|
@ -67,6 +67,12 @@
|
||||
*/
|
||||
#define TALER_SIGNATURE_MASTER_DENOMINATION_KEY_VALIDITY 1025
|
||||
|
||||
/**
|
||||
* Signature where the Mint confirms its SEPA details in
|
||||
* the /wire/sepa response.
|
||||
*/
|
||||
#define TALER_SIGNATURE_MASTER_SEPA_DETAILS 1026
|
||||
|
||||
|
||||
/*********************************************/
|
||||
/* Mint online signatures (with signing key) */
|
||||
@ -95,6 +101,11 @@
|
||||
*/
|
||||
#define TALER_SIGNATURE_MINT_KEY_SET 1035
|
||||
|
||||
/**
|
||||
* Signature where the Mint confirms the /wire response.
|
||||
*/
|
||||
#define TALER_SIGNATURE_MINT_WIRE_TYPES 1036
|
||||
|
||||
|
||||
/*********************/
|
||||
/* Wallet signatures */
|
||||
@ -520,7 +531,6 @@ struct TALER_MintKeySetPS
|
||||
*/
|
||||
struct GNUNET_TIME_AbsoluteNBO list_issue_date;
|
||||
|
||||
/**
|
||||
* Hash over the various denomination signing keys returned.
|
||||
*/
|
||||
struct GNUNET_HashCode hc;
|
||||
@ -673,6 +683,48 @@ struct TALER_RefreshCommitLinkP
|
||||
};
|
||||
|
||||
|
||||
/**
|
||||
* @brief Information signed by the mint's master
|
||||
* key affirming the SEPA details for the mint.
|
||||
*/
|
||||
struct TALER_MasterWireSepaDetailsPS
|
||||
{
|
||||
|
||||
/**
|
||||
* Purpose is #TALER_SIGNATURE_MASTER_SEPA_DETAILS.
|
||||
*/
|
||||
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
|
||||
|
||||
/**
|
||||
* Hash over the account holder's name, IBAN and BIC
|
||||
* code (all as 0-terminated strings).
|
||||
*/
|
||||
struct GNUNET_HashCode h_sepa_details;
|
||||
|
||||
};
|
||||
|
||||
|
||||
/**
|
||||
* @brief Information signed by a mint's online signing key affirming
|
||||
* the wire formats supported by the mint.
|
||||
*/
|
||||
struct TALER_MintWireSupportMethodsPS
|
||||
{
|
||||
|
||||
/**
|
||||
* Purpose is #TALER_SIGNATURE_MINT_WIRE_TYPES.
|
||||
*/
|
||||
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
|
||||
|
||||
/**
|
||||
* Hash over the various wire formats supported by this mint
|
||||
* (all as 0-terminated strings).
|
||||
*/
|
||||
struct GNUNET_HashCode h_wire_types;
|
||||
|
||||
};
|
||||
|
||||
|
||||
GNUNET_NETWORK_STRUCT_END
|
||||
|
||||
#endif
|
||||
|
@ -10,6 +10,7 @@ bin_PROGRAMS = \
|
||||
taler-mint-keyup \
|
||||
taler-mint-keycheck \
|
||||
taler-mint-reservemod \
|
||||
taler-mint-sepa \
|
||||
taler-mint-dbinit
|
||||
|
||||
taler_mint_keyup_SOURCES = \
|
||||
@ -24,9 +25,16 @@ taler_mint_keyup_LDADD = \
|
||||
taler_mint_keyup_LDFLAGS = $(POSTGRESQL_LDFLAGS)
|
||||
|
||||
|
||||
taler_mint_sepa_SOURCES = \
|
||||
taler-mint-sepa.c
|
||||
taler_mint_sepa_LDADD = \
|
||||
$(LIBGCRYPT_LIBS) \
|
||||
$(top_builddir)/src/util/libtalerutil.la \
|
||||
-lgnunetutil $(XLIB)
|
||||
taler_mint_sepa_LDFLAGS = $(POSTGRESQL_LDFLAGS)
|
||||
|
||||
taler_mint_keycheck_SOURCES = \
|
||||
taler-mint-keycheck.c
|
||||
|
||||
taler_mint_keycheck_LDADD = \
|
||||
$(LIBGCRYPT_LIBS) \
|
||||
$(top_builddir)/src/util/libtalerutil.la \
|
||||
|
111
src/mint-tools/taler-mint-sepa.c
Normal file
111
src/mint-tools/taler-mint-sepa.c
Normal file
@ -0,0 +1,111 @@
|
||||
/*
|
||||
This file is part of TALER
|
||||
Copyright (C) 2015 Christian Grothoff (and other contributing authors)
|
||||
|
||||
TALER is free software; you can redistribute it and/or modify it under the
|
||||
terms of the GNU General Public License as published by the Free Software
|
||||
Foundation; either version 3, or (at your option) any later version.
|
||||
|
||||
TALER is distributed in the hope that it will be useful, but WITHOUT ANY
|
||||
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
|
||||
A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License along with
|
||||
TALER; see the file COPYING. If not, If not, see <http://www.gnu.org/licenses/>
|
||||
*/
|
||||
/**
|
||||
* @file taler-mint-sepa.c
|
||||
* @brief Create signed response for /wire/sepa requests.
|
||||
* @author Christian Grothoff
|
||||
*/
|
||||
#include <platform.h>
|
||||
#include "taler_crypto_lib.h"
|
||||
|
||||
/**
|
||||
* Filename of the master private key.
|
||||
*/
|
||||
static char *masterkeyfile;
|
||||
|
||||
/**
|
||||
* Account holder name.
|
||||
*/
|
||||
static char *sepa_name;
|
||||
|
||||
/**
|
||||
* IBAN number.
|
||||
*/
|
||||
static char *iban;
|
||||
|
||||
/**
|
||||
* BIC number.
|
||||
*/
|
||||
static char *bic;
|
||||
|
||||
/**
|
||||
* Where to write the result.
|
||||
*/
|
||||
static char *output_filename;
|
||||
|
||||
|
||||
/**
|
||||
* The main function of the taler-mint-sepa tool. This tool is used
|
||||
* to sign the SEPA bank account details using the master key.
|
||||
*
|
||||
* @param argc number of arguments from the command line
|
||||
* @param argv command line arguments
|
||||
* @return 0 ok, 1 on error
|
||||
*/
|
||||
int
|
||||
main (int argc,
|
||||
char *const *argv)
|
||||
{
|
||||
static const struct GNUNET_GETOPT_CommandLineOption options[] = {
|
||||
{'b', "bic", "BICCODE",
|
||||
"bank BIC code", 1,
|
||||
&GNUNET_GETOPT_set_string, &bic},
|
||||
{'i', "iban", "IBAN",
|
||||
"IBAN number of the account", 1,
|
||||
&GNUNET_GETOPT_set_string, &iban},
|
||||
{'m', "master-key", "FILE",
|
||||
"master key file (private key)", 1,
|
||||
&GNUNET_GETOPT_set_filename, &masterkeyfile},
|
||||
{'n', "name", "NAME",
|
||||
"name of the account holder", 1,
|
||||
&GNUNET_GETOPT_set_string, &sepa_name},
|
||||
{'o', "output", "FILE",
|
||||
"where to write the result", 1,
|
||||
&GNUNET_GETOPT_set_filename, &output_filename},
|
||||
GNUNET_GETOPT_OPTION_VERSION (VERSION "-" VCS_VERSION),
|
||||
GNUNET_GETOPT_OPTION_END
|
||||
};
|
||||
struct GNUNET_CRYPTO_EddsaPrivateKey *eddsa_priv;
|
||||
|
||||
GNUNET_assert (GNUNET_OK ==
|
||||
GNUNET_log_setup ("taler-mint-sepa",
|
||||
"WARNING",
|
||||
NULL));
|
||||
|
||||
if (GNUNET_GETOPT_run ("taler-mint-sepa",
|
||||
options,
|
||||
argc, argv) < 0)
|
||||
return 1;
|
||||
if (NULL == masterkeyfile)
|
||||
{
|
||||
fprintf (stderr,
|
||||
"Master key file not given\n");
|
||||
return 1;
|
||||
}
|
||||
eddsa_priv = GNUNET_CRYPTO_eddsa_key_create_from_file (masterkeyfile);
|
||||
if (NULL == eddsa_priv)
|
||||
{
|
||||
fprintf (stderr,
|
||||
"Failed to initialize master key from file `%s'\n",
|
||||
masterkeyfile);
|
||||
return 1;
|
||||
}
|
||||
/* FIXME: do real work! */
|
||||
GNUNET_free (eddsa_priv);
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* end of taler-mint-sepa.c */
|
@ -19,6 +19,8 @@
|
||||
* @author Christian Grothoff
|
||||
*/
|
||||
#include "platform.h"
|
||||
#include "taler-mint-httpd_keystate.h"
|
||||
#include "taler-mint-httpd_responses.h"
|
||||
#include "taler-mint-httpd_wire.h"
|
||||
|
||||
|
||||
@ -39,8 +41,27 @@ TMH_WIRE_handler_wire (struct TMH_RequestHandler *rh,
|
||||
const char *upload_data,
|
||||
size_t *upload_data_size)
|
||||
{
|
||||
GNUNET_break (0); // FIXME: not implemented (#3477)
|
||||
return MHD_NO;
|
||||
struct TALER_MintWireSupportMethodsPS wsm;
|
||||
struct TALER_MintPublicKeyP pub;
|
||||
struct TALER_MintSignatureP sig;
|
||||
|
||||
wsm.purpose.size = htonl (sizeof (wsm));
|
||||
wsm.purpose.purpose = htonl (TALER_SIGNATURE_MINT_WIRE_TYPES);
|
||||
GNUNET_CRYPTO_hash (TMH_expected_wire_format,
|
||||
strlen (TMH_expected_wire_format) + 1,
|
||||
&wsm.h_wire_types);
|
||||
TMH_KS_sign (&wsm.purpose,
|
||||
&pub,
|
||||
&sig);
|
||||
/* FIXME: check against spec! */
|
||||
return TMH_RESPONSE_reply_json_pack (connection,
|
||||
MHD_HTTP_OK,
|
||||
"{s:s, s:o, s:o}",
|
||||
"wire", TMH_expected_wire_format,
|
||||
"sig", TALER_json_from_data (&sig,
|
||||
sizeof (sig)),
|
||||
"pub", TALER_json_from_data (&pub,
|
||||
sizeof (pub)));
|
||||
}
|
||||
|
||||
|
||||
@ -61,8 +82,42 @@ TMH_WIRE_handler_wire_test (struct TMH_RequestHandler *rh,
|
||||
const char *upload_data,
|
||||
size_t *upload_data_size)
|
||||
{
|
||||
GNUNET_break (0); // FIXME: not implemented (#3477)
|
||||
struct MHD_Response *response;
|
||||
int ret;
|
||||
char *wire_test_redirect;
|
||||
|
||||
response = MHD_create_response_from_buffer (0, NULL,
|
||||
MHD_RESPMEM_PERSISTENT);
|
||||
if (NULL == response)
|
||||
{
|
||||
GNUNET_break (0);
|
||||
return MHD_NO;
|
||||
}
|
||||
if (GNUNET_OK !=
|
||||
GNUNET_CONFIGURATION_get_value_string (cfg,
|
||||
"mint-wire-test",
|
||||
"REDIRECT_URL",
|
||||
&wire_test_redirect))
|
||||
{
|
||||
ret = MHD_queue_response (connection,
|
||||
MHD_HTTP_NOT_IMPLEMENTED,
|
||||
response);
|
||||
MHD_destroy_response (response);
|
||||
return ret;
|
||||
}
|
||||
MHD_add_response_header (response,
|
||||
MHD_HTTP_HEADER_LOCATION,
|
||||
wire_test_redirect);
|
||||
GNUNET_free (wire_test_redirect);
|
||||
if (NULL != rh->mime_type)
|
||||
(void) MHD_add_response_header (response,
|
||||
MHD_HTTP_HEADER_CONTENT_TYPE,
|
||||
rh->mime_type);
|
||||
ret = MHD_queue_response (connection,
|
||||
rh->response_code,
|
||||
response);
|
||||
MHD_destroy_response (response);
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
@ -83,8 +138,63 @@ TMH_WIRE_handler_wire_sepa (struct TMH_RequestHandler *rh,
|
||||
const char *upload_data,
|
||||
size_t *upload_data_size)
|
||||
{
|
||||
GNUNET_break (0); // FIXME: not implemented (#3477)
|
||||
struct MHD_Response *response;
|
||||
int ret;
|
||||
char *sepa_wire_file;
|
||||
int fd;
|
||||
struct stat sbuf;
|
||||
|
||||
if (GNUNET_OK !=
|
||||
GNUNET_CONFIGURATION_get_value_string (cfg,
|
||||
"mint-wire-sepa",
|
||||
"SEPA_RESPONSE_FILE",
|
||||
&sepa_wire_file))
|
||||
{
|
||||
ret = MHD_queue_response (connection,
|
||||
MHD_HTTP_NOT_IMPLEMENTED,
|
||||
response);
|
||||
MHD_destroy_response (response);
|
||||
return ret;
|
||||
}
|
||||
fd = open (sepa_wire_file,
|
||||
O_RDONLY);
|
||||
if (-1 == fd)
|
||||
{
|
||||
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
|
||||
"open",
|
||||
sepa_wire_file);
|
||||
GNUNET_free (sepa_wire_file);
|
||||
return TMH_RESPONSE_reply_internal_error (connection,
|
||||
"Failed to open SEPA_RESPONSE_FILE");
|
||||
}
|
||||
if (0 != fstat (fd, &sbuf))
|
||||
{
|
||||
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
|
||||
"fstat",
|
||||
sepa_wire_file);
|
||||
(void) close (fd);
|
||||
GNUNET_free (sepa_wire_file);
|
||||
return TMH_RESPONSE_reply_internal_error (connection,
|
||||
"Failed to open SEPA_RESPONSE_FILE");
|
||||
}
|
||||
response = MHD_create_response_from_fd ((size_t) sbuf.st_size,
|
||||
fd);
|
||||
GNUNET_free (sepa_wire_file);
|
||||
if (NULL == response)
|
||||
{
|
||||
(void) close (fd);
|
||||
GNUNET_break (0);
|
||||
return MHD_NO;
|
||||
}
|
||||
if (NULL != rh->mime_type)
|
||||
(void) MHD_add_response_header (response,
|
||||
MHD_HTTP_HEADER_CONTENT_TYPE,
|
||||
rh->mime_type);
|
||||
ret = MHD_queue_response (connection,
|
||||
rh->response_code,
|
||||
response);
|
||||
MHD_destroy_response (response);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* end of taler-mint-httpd_wire.c */
|
||||
|
Loading…
Reference in New Issue
Block a user