starting with auditor signing tool

This commit is contained in:
Christian Grothoff 2015-07-06 09:10:36 +02:00
parent b8c264656c
commit 7ad57d7a67

View File

@ -0,0 +1,192 @@
/*
This file is part of TALER
Copyright (C) 2014, 2015 Christian Grothoff (and other contributing authors)
TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU General Public License as published by the Free Software
Foundation; either version 3, or (at your option) any later version.
TALER is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with
TALER; see the file COPYING. If not, If not, see <http://www.gnu.org/licenses/>
*/
/**
* @file taler-auditor-sign.c
* @brief Tool used by the auditor to sign the mint's master key and the
* denomination key(s).
* @author Christian Grothoff
*/
#include <platform.h>
#include "taler_mintdb_lib.h"
/**
* Filename of the auditor's private key.
*/
static char *auditor_key_file;
/**
* Mint's public key (in Crockford base32 encoding).
*/
static char *mint_public_key;
/**
* File with the Mint's denomination keys to sign, itself
* signed by the Mint's public key.
*/
static char *mint_request_file;
/**
* Where should we write the auditor's signature?
*/
static char *output_file;
/**
* Handle to the auditor's configuration
*/
static struct GNUNET_CONFIGURATION_Handle *kcfg;
/**
* Master public key of the mint.
*/
static struct TALER_MasterPublicKeyP master_public_key;
/**
* The main function of the taler-auditor-sign tool. This tool is used
* to sign a mint's master and denomination keys, affirming that the
* auditor is aware of them and will validate the mint's database with
* respect to these keys.
*
* @param argc number of arguments from the command line
* @param argv command line arguments
* @return 0 ok, 1 on error
*/
int
main (int argc,
char *const *argv)
{
static const struct GNUNET_GETOPT_CommandLineOption options[] = {
{'a', "auditor-key", "FILE",
"file containing the private key of the auditor", 1,
&GNUNET_GETOPT_set_filename, &auditor_key_file},
TALER_GETOPT_OPTION_HELP ("Private key of the auditor to use for signing"),
{'m', "mint-key", "KEY",
"public key of the mint (Crockford base32 encoded)", 1,
&GNUNET_GETOPT_set_filename, &mint_public_key},
{'r', "mint-request", "FILE",
"set of keys the mint requested the auditor to sign", 0,
&GNUNET_GETOPT_set_string, &mint_request_file},
{'o', "output", "FILE",
"where to write our signature", 0,
&GNUNET_GETOPT_set_string, &output_file},
GNUNET_GETOPT_OPTION_VERSION (VERSION "-" VCS_VERSION),
GNUNET_GETOPT_OPTION_END
};
struct GNUNET_CRYPTO_EddsaPrivateKey *eddsa_priv;
struct GNUNET_DISK_FileHandle *fh;
struct GNUNET_DISK_FileHandle *fout;
off_t in_size;
GNUNET_assert (GNUNET_OK ==
GNUNET_log_setup ("taler-mint-keyup",
"WARNING",
NULL));
if (GNUNET_GETOPT_run ("taler-mint-keyup",
options,
argc, argv) < 0)
return 1;
if (NULL == auditor_key_file)
{
fprintf (stderr,
"Auditor key file not given\n");
return 1;
}
eddsa_priv = GNUNET_CRYPTO_eddsa_key_create_from_file (auditor_key_file);
if (NULL == eddsa_priv)
{
fprintf (stderr,
"Failed to initialize auditor key from file `%s'\n",
auditor_key_file);
return 1;
}
if (NULL == mint_public_key)
{
fprintf (stderr,
"Mint public key not given\n");
return 1;
}
if (GNUNET_OK !=
GNUNET_STRINGS_string_to_data (mint_public_key,
strlen (mint_public_key),
&master_public_key,
sizeof (master_public_key)))
{
fprintf (stderr,
"Public key `%s' malformed\n",
mint_public_key);
return 1;
}
if (NULL == mint_request_file)
{
fprintf (stderr,
"Mint signing request not given\n");
return 1;
}
fh = GNUNET_DISK_file_open (mint_request_file,
GNUNET_DISK_OPEN_READ,
GNUNET_DISK_PERM_NONE);
if (NULL == fh)
{
fprintf (stderr,
"Failed to open file `%s': %s\n",
mint_request_file,
STRERROR (errno));
return 1;
}
if (GNUNET_OK !=
GNUNET_DISK_file_handle_size (fh,
&in_size))
{
fprintf (stderr,
"Failed to obtain input file size `%s': %s\n",
mint_request_file,
STRERROR (errno));
GNUNET_DISK_file_close (fh);
return 1;
}
if (NULL == output_file)
{
fprintf (stderr,
"Output file not given\n");
GNUNET_DISK_file_close (fh);
return 1;
}
fout = GNUNET_DISK_file_open (output_file,
GNUNET_DISK_OPEN_READ |
GNUNET_DISK_OPEN_TRUNCATE |
GNUNET_DISK_OPEN_CREATE,
GNUNET_DISK_PERM_USER_READ |
GNUNET_DISK_PERM_USER_WRITE |
GNUNET_DISK_PERM_GROUP_READ |
GNUNET_DISK_PERM_OTHER_READ);
if (NULL == fout)
{
fprintf (stderr,
"Failed to open file `%s': %s\n",
output_file,
STRERROR (errno));
GNUNET_DISK_file_close (fh);
return 1;
}
/* FIXME: finally do real work... */
GNUNET_free (eddsa_priv);
return 0;
}
/* end of taler-auditor-sign.c */