From b314f07431e28e4d44fac66f667ad3589f0a5dad Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Tue, 17 Mar 2015 14:34:55 +0100 Subject: [PATCH] make keyup configuration structure more logical --- contrib/mint-template/config/mint-keyup.conf | 99 ++++++++------------ src/mint/taler-mint-keyup.c | 86 +++++++++-------- 2 files changed, 82 insertions(+), 103 deletions(-) diff --git a/contrib/mint-template/config/mint-keyup.conf b/contrib/mint-template/config/mint-keyup.conf index 1542d1a63..b96ae4b95 100644 --- a/contrib/mint-template/config/mint-keyup.conf +++ b/contrib/mint-template/config/mint-keyup.conf @@ -15,65 +15,46 @@ lookahead_provide = 4 weeks 1 day coin_types = default_eur_ct_10 default_eur_5 default_eur_10 default_eur_1000 +[default_eur_ct_10] +value = EUR:0.10 +duration_overlap = 5 minutes +duration_withdraw = 7 days +duration_spend = 2 years +fee_withdraw = EUR:0.01 +fee_deposit = EUR:0.01 +fee_refresh = EUR:0.01 +rsa_keysize = 1024 +kappa = 3 -[mint_denom_duration_overlap] -default_eur_ct_10 = 5 minutes -default_eur_5 = 5 minutes -default_eur_10 = 5 minutes -default_eur_1000 = 5 minutes +[default_eur_5] +value = EUR:5 +duration_overlap = 5 minutes +duration_withdraw = 7 days +duration_spend = 2 years +fee_withdraw = EUR:0.01 +fee_deposit = EUR:0.01 +fee_refresh = EUR:0.01 +rsa_keysize = 1024 +kappa = 3 +[default_eur_10] +value = EUR:10 +duration_overlap = 5 minutes +duration_withdraw = 7 days +duration_spend = 2 years +fee_withdraw = EUR:0.01 +fee_deposit = EUR:0.01 +fee_refresh = EUR:0.01 +rsa_keysize = 1024 +kappa = 3 - -[mint_denom_value] -default_eur_ct_10 = EUR:0.10 -default_eur_5 = EUR:5 -default_eur_10 = EUR:10 -default_eur_1000 = EUR:1000 - - - -[mint_denom_duration_withdraw] -default_eur_ct_10 = 7 days -default_eur_5 = 7 days -default_eur_10 = 7 days -default_eur_1000 = 1 day - - - -[mint_denom_duration_spend] -default_eur_ct_10 = 30 days -default_eur_5 = 30 days -default_eur_10 = 30 days -default_eur_1000 = 30 day - - - -[mint_denom_fee_withdraw] -default_eur_ct_10 = EUR:0.01 -default_eur_5 = EUR:0.01 -default_eur_10 = EUR:0.01 -default_eur_1000 = EUR:0.01 - - -[mint_denom_fee_deposit] -default_eur_ct_10 = EUR:0.01 -default_eur_5 = EUR:0.01 -default_eur_10 = EUR:0.01 -default_eur_1000 = EUR:0.01 - - - -[mint_denom_fee_refresh] -default_eur_ct_10 = EUR:0.01 -default_eur_5 = EUR:0.01 -default_eur_10 = EUR:0.01 -default_eur_1000 = EUR:0.01 - - - -[mint_denom_kappa] -default_eur_ct_10 = 3 -default_eur_5 = 3 -default_eur_10 = 3 -default_eur_1000 = 5 - +[default_eur_1000] +value = EUR:1000 +duration_overlap = 5 minutes +duration_withdraw = 7 days +duration_spend = 2 years +fee_withdraw = EUR:0.01 +fee_deposit = EUR:0.01 +fee_refresh = EUR:0.01 +rsa_keysize = 2048 +kappa = 5 diff --git a/src/mint/taler-mint-keyup.c b/src/mint/taler-mint-keyup.c index 9c42e1489..222e0f4d7 100644 --- a/src/mint/taler-mint-keyup.c +++ b/src/mint/taler-mint-keyup.c @@ -321,7 +321,9 @@ get_cointype_file (const struct CoinTypeParams *p, /** * Get the latest key file from a past run of the key generation * tool. Used to calculate the starting time for the keys we - * generate during this invocation. + * generate during this invocation. This function is used to + * handle both signing keys and coin keys, as in both cases + * the filenames correspond to the timestamps we need. * * @param cls closure, a `struct GNUNET_TIME_Absolute *`, updated * to contain the highest timestamp (below #now) @@ -349,7 +351,6 @@ get_anchor_iter (void *cls, filename); return GNUNET_OK; } - // TODO: check if it's actually a valid key file? if (stamp.abs_value_us <= now.abs_value_us) *anchor = GNUNET_TIME_absolute_max (stamp, *anchor); @@ -456,7 +457,8 @@ create_signkey_issue_priv (struct GNUNET_TIME_Absolute start, /** - * + * Generate signing keys starting from the last key found to + * the lookahead time. * * @return #GNUNET_OK on success, #GNUNET_SYSERR on error */ @@ -483,7 +485,7 @@ mint_keys_update_signkeys () GNUNET_asprintf (&signkey_dir, "%s" DIR_SEPARATOR_STR DIR_SIGNKEYS, mintdir); - // make sure the directory exists + /* make sure the directory exists */ if (GNUNET_OK != GNUNET_DISK_directory_create (signkey_dir)) { @@ -494,38 +496,35 @@ mint_keys_update_signkeys () get_anchor (signkey_dir, signkey_duration, - GNUNET_TIME_UNIT_ZERO, + GNUNET_TIME_UNIT_ZERO /* no overlap for signing keys */, &anchor); while (anchor.abs_value_us < lookahead_sign_stamp.abs_value_us) { const char *skf; + struct TALER_MINT_SignKeyIssuePriv signkey_issue; + ssize_t nwrite; skf = get_signkey_file (anchor); - if (GNUNET_YES != - GNUNET_DISK_file_test (skf)) + GNUNET_break (GNUNET_YES != + GNUNET_DISK_file_test (skf)); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Generating signing key for %s.\n", + GNUNET_STRINGS_absolute_time_to_string (anchor)); + create_signkey_issue_priv (anchor, + signkey_duration, + &signkey_issue); + nwrite = GNUNET_DISK_fn_write (skf, + &signkey_issue, + sizeof (struct TALER_MINT_SignKeyIssue), + GNUNET_DISK_PERM_USER_WRITE | GNUNET_DISK_PERM_USER_READ); + if (nwrite != sizeof (struct TALER_MINT_SignKeyIssue)) { - struct TALER_MINT_SignKeyIssuePriv signkey_issue; - ssize_t nwrite; - - GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, - "Generating signing key for %s.\n", - GNUNET_STRINGS_absolute_time_to_string (anchor)); - create_signkey_issue_priv (anchor, - signkey_duration, - &signkey_issue); - nwrite = GNUNET_DISK_fn_write (skf, - &signkey_issue, - sizeof (struct TALER_MINT_SignKeyIssue), - GNUNET_DISK_PERM_USER_WRITE | GNUNET_DISK_PERM_USER_READ); - if (nwrite != sizeof (struct TALER_MINT_SignKeyIssue)) - { - fprintf (stderr, - "Failed to write to file `%s': %s\n", - skf, - STRERROR (errno)); - return GNUNET_SYSERR; - } + fprintf (stderr, + "Failed to write to file `%s': %s\n", + skf, + STRERROR (errno)); + return GNUNET_SYSERR; } anchor = GNUNET_TIME_absolute_add (anchor, signkey_duration); @@ -549,37 +548,36 @@ get_cointype_params (const char *ct, const char *dir; unsigned long long rsa_keysize; - /* FIXME: is 'ct' option or section name? */ if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_time (kcfg, - "mint_denom_duration_withdraw", ct, + "duration_withdraw", ¶ms->duration_withdraw)) { GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, ct, - "mint_denom_duration_withdraw"); + "duration_withdraw"); return GNUNET_SYSERR; } ROUND_TO_SECS (params->duration_withdraw, rel_value_us); if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_time (kcfg, - "mint_denom_duration_spend", ct, + "duration_spend", ¶ms->duration_spend)) { GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, ct, - "mint_denom_duration_spend"); + "duration_spend"); return GNUNET_SYSERR; } ROUND_TO_SECS (params->duration_spend, rel_value_us); if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_time (kcfg, - "mint_denom_duration_overlap", ct, + "duration_overlap", ¶ms->duration_overlap)) { GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, @@ -591,13 +589,13 @@ get_cointype_params (const char *ct, rel_value_us); if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_number (kcfg, - "mint_denom_rsa_keysize", ct, + "rsa_keysize", &rsa_keysize)) { GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, ct, - "mint_denom_rsa_keysize"); + "rsa_keysize"); return GNUNET_SYSERR; } if ( (rsa_keysize > 4 * 2048) || @@ -611,46 +609,46 @@ get_cointype_params (const char *ct, params->rsa_keysize = (unsigned int) rsa_keysize; if (GNUNET_OK != TALER_config_get_denom (kcfg, - "mint_denom_value", ct, + "value", ¶ms->value)) { GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, ct, - "mint_denom_value"); + "value"); return GNUNET_SYSERR; } if (GNUNET_OK != TALER_config_get_denom (kcfg, - "mint_denom_fee_withdraw", ct, + "fee_withdraw", ¶ms->fee_withdraw)) { GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, ct, - "mint_denom_fee_withdraw"); + "fee_withdraw"); return GNUNET_SYSERR; } if (GNUNET_OK != TALER_config_get_denom (kcfg, - "mint_denom_fee_deposit", ct, + "fee_deposit", ¶ms->fee_deposit)) { GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, ct, - "mint_denom_fee_deposit"); + "fee_deposit"); return GNUNET_SYSERR; } if (GNUNET_OK != TALER_config_get_denom (kcfg, - "mint_denom_fee_refresh", ct, + "fee_refresh", ¶ms->fee_refresh)) { GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, ct, - "mint_denom_fee_refresh"); + "fee_refresh"); return GNUNET_SYSERR; }