diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h index 90d772441..d80b267cf 100644 --- a/src/include/taler_signatures.h +++ b/src/include/taler_signatures.h @@ -1204,6 +1204,24 @@ struct TALER_MasterDenominationKeyRevocationPS }; +/** + * @brief Message confirming that an exchange online signing key was revoked. + */ +struct TALER_MasterSigningKeyRevocationPS +{ + /** + * Purpose is #TALER_SIGNATURE_MASTER_SIGNING_KEY_REVOKED. + */ + struct GNUNET_CRYPTO_EccSignaturePurpose purpose; + + /** + * The exchange's public key. + */ + struct TALER_ExchangePublicKeyP exchange_pub; + +}; + + /** * @brief Format used to generate the signature on a request to obtain * the wire transfer identifier associated with a deposit. diff --git a/src/include/taler_testing_lib.h b/src/include/taler_testing_lib.h index 9ddc28a3b..65df94945 100644 --- a/src/include/taler_testing_lib.h +++ b/src/include/taler_testing_lib.h @@ -2112,13 +2112,32 @@ TALER_TESTING_cmd_offline_sign_keys (const char *label, * @return the command */ struct TALER_TESTING_Command -TALER_TESTING_cmd_revoke_denomination ( +TALER_TESTING_cmd_revoke_denom_key ( const char *label, unsigned int expected_response_code, bool bad_sig, const char *denom_ref); +/** + * Revoke an exchange online signing key. + * + * @param label command label. + * @param expected_http_status expected HTTP status from exchange + * @param bad_sig should we use a bogus signature? + * @param signkey_ref reference to a command that identifies + * a signing key (i.e. because it was used to + * sign a deposit confirmation). + * @return the command + */ +struct TALER_TESTING_Command +TALER_TESTING_cmd_revoke_sign_key ( + const char *label, + unsigned int expected_response_code, + bool bad_sig, + const char *signkey_ref); + + /** * Have the auditor affirm that it is auditing the given * denomination key and upload the auditor's signature to @@ -2134,20 +2153,6 @@ struct TALER_TESTING_Command TALER_TESTING_cmd_auditor_add_denom_key (const char *denom_ref); -/** - * Revoke an exchange signing key. - * - * @param label command label. - * @param denom_ref reference to a command that identifies - * a signing key (i.e. because it was used to - * sign a deposit confirmation). - * @return the command - */ -struct TALER_TESTING_Command -TALER_TESTING_cmd_revoke_denom_key (const char *label, - const char *signkey_ref); - - /* *** Generic trait logic for implementing traits ********* */ /** diff --git a/src/testing/Makefile.am b/src/testing/Makefile.am index a2a016acf..7539cecc3 100644 --- a/src/testing/Makefile.am +++ b/src/testing/Makefile.am @@ -65,6 +65,7 @@ libtalertesting_la_SOURCES = \ testing_api_cmd_refresh.c \ testing_api_cmd_revoke.c \ testing_api_cmd_revoke_denom_key.c \ + testing_api_cmd_revoke_sign_key.c \ testing_api_cmd_rewind.c \ testing_api_cmd_serialize_keys.c \ testing_api_cmd_signal.c \ diff --git a/src/testing/testing_api_cmd_revoke_denom_key.c b/src/testing/testing_api_cmd_revoke_denom_key.c index 133838e38..2e524338c 100644 --- a/src/testing/testing_api_cmd_revoke_denom_key.c +++ b/src/testing/testing_api_cmd_revoke_denom_key.c @@ -271,7 +271,7 @@ revoke_run (void *cls, struct TALER_TESTING_Command -TALER_TESTING_cmd_revoke_denomination ( +TALER_TESTING_cmd_revoke_denom_key ( const char *label, unsigned int expected_response_code, bool bad_sig, diff --git a/src/testing/testing_api_cmd_revoke_sign_key.c b/src/testing/testing_api_cmd_revoke_sign_key.c new file mode 100644 index 000000000..72f288d78 --- /dev/null +++ b/src/testing/testing_api_cmd_revoke_sign_key.c @@ -0,0 +1,297 @@ +/* + This file is part of TALER + Copyright (C) 2014-2020 Taler Systems SA + + TALER is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as + published by the Free Software Foundation; either version 3, or + (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public + License along with TALER; see the file COPYING. If not, see + +*/ +/** + * @file testing/testing_api_cmd_revoke_sign_key.c + * @brief Implement the revoke test command. + * @author Christian Grothoff + */ +#include "platform.h" +#include "taler_json_lib.h" +#include +#include "taler_signatures.h" +#include "taler_testing_lib.h" + + +/** + * State for a "revoke" CMD. + */ +struct RevokeState +{ + /** + * Expected HTTP status code. + */ + unsigned int expected_response_code; + + /** + * Command that offers a signination to revoke. + */ + const char *coin_reference; + + /** + * The interpreter state. + */ + struct TALER_TESTING_Interpreter *is; + + /** + * Handle for the operation. + */ + struct TALER_EXCHANGE_ManagementRevokeSigningKeyHandle *kh; + + /** + * Should we use a bogus signature? + */ + bool bad_sig; + +}; + + +/** + * Function called with information about the post revocation operation result. + * + * @param cls closure with a `struct RevokeState *` + * @param hr HTTP response data + */ +static void +success_cb ( + void *cls, + const struct TALER_EXCHANGE_HttpResponse *hr) +{ + struct RevokeState *rs = cls; + + rs->kh = NULL; + if (rs->expected_response_code != hr->http_status) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Unexpected response code %u to command %s in %s:%u\n", + hr->http_status, + rs->is->commands[rs->is->ip].label, + __FILE__, + __LINE__); + json_dumpf (hr->reply, + stderr, + 0); + TALER_TESTING_interpreter_fail (rs->is); + return; + } + TALER_TESTING_interpreter_next (rs->is); +} + + +/** + * Cleanup the state. + * + * @param cls closure, must be a `struct RevokeState`. + * @param cmd the command which is being cleaned up. + */ +static void +revoke_cleanup (void *cls, + const struct TALER_TESTING_Command *cmd) +{ + struct RevokeState *rs = cls; + + if (NULL != rs->kh) + { + TALER_EXCHANGE_management_revoke_signing_key_cancel (rs->kh); + rs->kh = NULL; + } + GNUNET_free (rs); +} + + +/** + * Offer internal data from a "revoke" CMD to other CMDs. + * + * @param cls closure + * @param[out] ret result (could be anything) + * @param trait name of the trait + * @param index index number of the object to offer. + * @return #GNUNET_OK on success + */ +static int +revoke_traits (void *cls, + const void **ret, + const char *trait, + unsigned int index) +{ + struct RevokeState *rs = cls; + struct TALER_TESTING_Trait traits[] = { + TALER_TESTING_trait_end () + }; + + (void) rs; + return TALER_TESTING_get_trait (traits, + ret, + trait, + index); +} + + +/** + * Run the "revoke" command. The core of the function + * is to call the "keyup" utility passing it the base32 + * encoding of the signination to revoke. + * + * @param cls closure. + * @param cmd the command to execute. + * @param is the interpreter state. + */ +static void +revoke_run (void *cls, + const struct TALER_TESTING_Command *cmd, + struct TALER_TESTING_Interpreter *is) +{ + struct RevokeState *rs = cls; + const struct TALER_TESTING_Command *coin_cmd; + const struct TALER_ExchangePublicKeyP *exchange_pub; + char *exchange_url; + struct TALER_MasterSignatureP master_sig; + + rs->is = is; + /* Get sign pub from trait */ + coin_cmd = TALER_TESTING_interpreter_lookup_command (is, + rs->coin_reference); + + if (NULL == coin_cmd) + { + GNUNET_break (0); + TALER_TESTING_interpreter_fail (is); + return; + } + GNUNET_assert (GNUNET_OK == + TALER_TESTING_get_trait_exchange_pub (coin_cmd, + 0, + &exchange_pub)); + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "Trying to revoke sign '%s..'\n", + TALER_B2S (exchange_pub)); + if (rs->bad_sig) + { + memset (&master_sig, + 42, + sizeof (master_sig)); + } + else + { + char *fn; + struct TALER_MasterPrivateKeyP master_priv; + + if (GNUNET_OK != + GNUNET_CONFIGURATION_get_value_filename (is->cfg, + "exchange-offline", + "MASTER_PRIV_FILE", + &fn)) + { + GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, + "exchange-offline", + "MASTER_PRIV_FILE"); + TALER_TESTING_interpreter_next (rs->is); + return; + } + if (GNUNET_SYSERR == + GNUNET_DISK_directory_create_for_file (fn)) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Could not setup directory for master private key file `%s'\n", + fn); + GNUNET_free (fn); + TALER_TESTING_interpreter_next (rs->is); + return; + } + if (GNUNET_OK != + GNUNET_CRYPTO_eddsa_key_from_file (fn, + GNUNET_YES, + &master_priv.eddsa_priv)) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Could not load master private key from `%s'\n", + fn); + GNUNET_free (fn); + TALER_TESTING_interpreter_next (rs->is); + return; + } + GNUNET_free (fn); + + /* now sign */ + { + struct TALER_MasterSigningKeyRevocationPS kv = { + .purpose.purpose = htonl ( + TALER_SIGNATURE_MASTER_SIGNING_KEY_REVOKED), + .purpose.size = htonl (sizeof (kv)), + .exchange_pub = *exchange_pub + }; + + GNUNET_CRYPTO_eddsa_sign (&master_priv.eddsa_priv, + &kv, + &master_sig.eddsa_signature); + } + } + if (GNUNET_OK != + GNUNET_CONFIGURATION_get_value_string (is->cfg, + "exchange", + "BASE_URL", + &exchange_url)) + { + GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, + "exchange", + "BASE_URL"); + TALER_TESTING_interpreter_next (rs->is); + return; + } + rs->kh = TALER_EXCHANGE_management_revoke_signing_key ( + is->ctx, + exchange_url, + exchange_pub, + &master_sig, + &success_cb, + rs); + GNUNET_free (exchange_url); + if (NULL == rs->kh) + { + GNUNET_break (0); + TALER_TESTING_interpreter_fail (is); + return; + } +} + + +struct TALER_TESTING_Command +TALER_TESTING_cmd_revoke_sign_key ( + const char *label, + unsigned int expected_response_code, + bool bad_sig, + const char *sign_ref) +{ + struct RevokeState *rs; + + rs = GNUNET_new (struct RevokeState); + rs->expected_response_code = expected_response_code; + rs->coin_reference = sign_ref; + rs->bad_sig = bad_sig; + { + struct TALER_TESTING_Command cmd = { + .cls = rs, + .label = label, + .run = &revoke_run, + .cleanup = &revoke_cleanup, + .traits = &revoke_traits + }; + + return cmd; + } +}