From 7ad57d7a6708eb451395a78b4c88797844d78d62 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Mon, 6 Jul 2015 09:10:36 +0200 Subject: [PATCH] starting with auditor signing tool --- src/mint-tools/taler-auditor-sign.c | 192 ++++++++++++++++++++++++++++ 1 file changed, 192 insertions(+) create mode 100644 src/mint-tools/taler-auditor-sign.c diff --git a/src/mint-tools/taler-auditor-sign.c b/src/mint-tools/taler-auditor-sign.c new file mode 100644 index 000000000..a2457a2fd --- /dev/null +++ b/src/mint-tools/taler-auditor-sign.c @@ -0,0 +1,192 @@ +/* + This file is part of TALER + Copyright (C) 2014, 2015 Christian Grothoff (and other contributing authors) + + TALER is free software; you can redistribute it and/or modify it under the + terms of the GNU General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along with + TALER; see the file COPYING. If not, If not, see +*/ +/** + * @file taler-auditor-sign.c + * @brief Tool used by the auditor to sign the mint's master key and the + * denomination key(s). + * @author Christian Grothoff + */ +#include +#include "taler_mintdb_lib.h" + + +/** + * Filename of the auditor's private key. + */ +static char *auditor_key_file; + +/** + * Mint's public key (in Crockford base32 encoding). + */ +static char *mint_public_key; + +/** + * File with the Mint's denomination keys to sign, itself + * signed by the Mint's public key. + */ +static char *mint_request_file; + +/** + * Where should we write the auditor's signature? + */ +static char *output_file; + +/** + * Handle to the auditor's configuration + */ +static struct GNUNET_CONFIGURATION_Handle *kcfg; + +/** + * Master public key of the mint. + */ +static struct TALER_MasterPublicKeyP master_public_key; + + + +/** + * The main function of the taler-auditor-sign tool. This tool is used + * to sign a mint's master and denomination keys, affirming that the + * auditor is aware of them and will validate the mint's database with + * respect to these keys. + * + * @param argc number of arguments from the command line + * @param argv command line arguments + * @return 0 ok, 1 on error + */ +int +main (int argc, + char *const *argv) +{ + static const struct GNUNET_GETOPT_CommandLineOption options[] = { + {'a', "auditor-key", "FILE", + "file containing the private key of the auditor", 1, + &GNUNET_GETOPT_set_filename, &auditor_key_file}, + TALER_GETOPT_OPTION_HELP ("Private key of the auditor to use for signing"), + {'m', "mint-key", "KEY", + "public key of the mint (Crockford base32 encoded)", 1, + &GNUNET_GETOPT_set_filename, &mint_public_key}, + {'r', "mint-request", "FILE", + "set of keys the mint requested the auditor to sign", 0, + &GNUNET_GETOPT_set_string, &mint_request_file}, + {'o', "output", "FILE", + "where to write our signature", 0, + &GNUNET_GETOPT_set_string, &output_file}, + GNUNET_GETOPT_OPTION_VERSION (VERSION "-" VCS_VERSION), + GNUNET_GETOPT_OPTION_END + }; + struct GNUNET_CRYPTO_EddsaPrivateKey *eddsa_priv; + struct GNUNET_DISK_FileHandle *fh; + struct GNUNET_DISK_FileHandle *fout; + off_t in_size; + + GNUNET_assert (GNUNET_OK == + GNUNET_log_setup ("taler-mint-keyup", + "WARNING", + NULL)); + if (GNUNET_GETOPT_run ("taler-mint-keyup", + options, + argc, argv) < 0) + return 1; + if (NULL == auditor_key_file) + { + fprintf (stderr, + "Auditor key file not given\n"); + return 1; + } + eddsa_priv = GNUNET_CRYPTO_eddsa_key_create_from_file (auditor_key_file); + if (NULL == eddsa_priv) + { + fprintf (stderr, + "Failed to initialize auditor key from file `%s'\n", + auditor_key_file); + return 1; + } + if (NULL == mint_public_key) + { + fprintf (stderr, + "Mint public key not given\n"); + return 1; + } + if (GNUNET_OK != + GNUNET_STRINGS_string_to_data (mint_public_key, + strlen (mint_public_key), + &master_public_key, + sizeof (master_public_key))) + { + fprintf (stderr, + "Public key `%s' malformed\n", + mint_public_key); + return 1; + } + if (NULL == mint_request_file) + { + fprintf (stderr, + "Mint signing request not given\n"); + return 1; + } + fh = GNUNET_DISK_file_open (mint_request_file, + GNUNET_DISK_OPEN_READ, + GNUNET_DISK_PERM_NONE); + if (NULL == fh) + { + fprintf (stderr, + "Failed to open file `%s': %s\n", + mint_request_file, + STRERROR (errno)); + return 1; + } + if (GNUNET_OK != + GNUNET_DISK_file_handle_size (fh, + &in_size)) + { + fprintf (stderr, + "Failed to obtain input file size `%s': %s\n", + mint_request_file, + STRERROR (errno)); + GNUNET_DISK_file_close (fh); + return 1; + } + if (NULL == output_file) + { + fprintf (stderr, + "Output file not given\n"); + GNUNET_DISK_file_close (fh); + return 1; + } + fout = GNUNET_DISK_file_open (output_file, + GNUNET_DISK_OPEN_READ | + GNUNET_DISK_OPEN_TRUNCATE | + GNUNET_DISK_OPEN_CREATE, + GNUNET_DISK_PERM_USER_READ | + GNUNET_DISK_PERM_USER_WRITE | + GNUNET_DISK_PERM_GROUP_READ | + GNUNET_DISK_PERM_OTHER_READ); + if (NULL == fout) + { + fprintf (stderr, + "Failed to open file `%s': %s\n", + output_file, + STRERROR (errno)); + GNUNET_DISK_file_close (fh); + return 1; + } + /* FIXME: finally do real work... */ + + GNUNET_free (eddsa_priv); + return 0; +} + +/* end of taler-auditor-sign.c */