taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix comments, naming consistency issues

Browse Source
This commit is contained in:
Christian Grothoff 2020-03-07 14:35:32 +01:00
parent 962990c7ce
commit c20078010b
No known key found for this signature in database
GPG Key ID: 939E6BE1E29FC3CC
5 changed files with 156 additions and 146 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

286
src/exchange-tools/taler-exchange-keyup.c
View File

@ -14,8 +14,8 @@
TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/> TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
*/ */
/** /**
* @file taler-exchange-keyup.c * @file taler-exchange-gyp.c
* @brief Update the exchange's keys for coins and signatures, * @brief Update the exchange's keys for coins and online signing keys,
* using the exchange's offline master key. * using the exchange's offline master key.
* @author Florian Dold * @author Florian Dold
* @author Benedikt Mueller * @author Benedikt Mueller
@ -26,12 +26,11 @@
/** /**
* When generating filenames from a cryptographic hash, we do not use * When generating filenames from a cryptographic hash, we do not use all 512
* all 512 bits but cut off after this number of characters (in * bits but cut off after this number of characters (in base32-encoding).
* base32-encoding). Base32 is 5 bit per character, and given that we * Base32 is 5 bit per character, and given that we have very few coin types,
* have very few coin types we hash, at 100 bits the chance of * at 100 bits the chance of collision (by accident over such a tiny set) is
* collision (by accident over tiny set -- birthday paradox does not * negligible. (Also, some file-systems do not support very long file names.)
* apply here!) is negligible.
*/ */
#define HASH_CUTOFF 20 #define HASH_CUTOFF 20
@ -39,10 +38,10 @@
GNUNET_NETWORK_STRUCT_BEGIN GNUNET_NETWORK_STRUCT_BEGIN
/** /**
* Struct with all of the key information for a kind of coin. Hashed * Struct with all of the meta data about a denomination. Hashed
* to generate a unique directory name per coin type. * to generate a unique directory name per coin type.
*/ */
struct CoinTypeNBOP struct DenominationNBOP
{ {
/** /**
* How long are the signatures legally valid? * How long are the signatures legally valid?
@ -50,22 +49,22 @@ struct CoinTypeNBOP
struct GNUNET_TIME_RelativeNBO duration_legal; struct GNUNET_TIME_RelativeNBO duration_legal;
/** /**
* How long can the coin be spend? * How long can the coins be spend?
*/ */
struct GNUNET_TIME_RelativeNBO duration_spend; struct GNUNET_TIME_RelativeNBO duration_spend;
/** /**
* How long can the coin be withdrawn (generated)? * How long can coins be withdrawn (generated)?
*/ */
struct GNUNET_TIME_RelativeNBO duration_withdraw; struct GNUNET_TIME_RelativeNBO duration_withdraw;
/** /**
* What is the value of the coin? * What is the value of each coin?
*/ */
struct TALER_AmountNBO value; struct TALER_AmountNBO value;
/** /**
* What is the fee charged for withdrawl? * What is the fee charged for withdrawal?
*/ */
struct TALER_AmountNBO fee_withdraw; struct TALER_AmountNBO fee_withdraw;
@ -85,7 +84,7 @@ struct CoinTypeNBOP
struct TALER_AmountNBO fee_refund; struct TALER_AmountNBO fee_refund;
/** /**
* Key size in NBO. * Key size (in NBO).
*/ */
uint32_t rsa_keysize; uint32_t rsa_keysize;
}; };
@ -93,9 +92,9 @@ struct CoinTypeNBOP
GNUNET_NETWORK_STRUCT_END GNUNET_NETWORK_STRUCT_END
/** /**
* Set of all of the parameters that chracterize a coin. * Set of all of the parameters that characterize a denomination.
*/ */
struct CoinTypeParams struct DenominationParameters
{ {
/** /**
@ -104,15 +103,14 @@ struct CoinTypeParams
*/ */
struct GNUNET_TIME_Relative duration_legal; struct GNUNET_TIME_Relative duration_legal;
/** /**
* How long can the coin be spend? Should be significantly * How long can the coins be spend? Should be significantly
* larger than @e duration_withdraw (i.e. years). * larger than @e duration_withdraw (i.e. years).
*/ */
struct GNUNET_TIME_Relative duration_spend; struct GNUNET_TIME_Relative duration_spend;
/** /**
* How long can the coin be withdrawn (generated)? Should be small * How long can coins be withdrawn (generated)? Should be small
* enough to limit how many coins will be signed into existence with * enough to limit how many coins will be signed into existence with
* the same key, but large enough to still provide a reasonable * the same key, but large enough to still provide a reasonable
* anonymity set. * anonymity set.
@ -120,19 +118,19 @@ struct CoinTypeParams
struct GNUNET_TIME_Relative duration_withdraw; struct GNUNET_TIME_Relative duration_withdraw;
/** /**
* How much should coin creation (@e duration_withdraw) duration * How much should coin creation (@e duration_withdraw) duration overlap
* overlap with the next coin? Basically, the starting time of two * with the next denomination? Basically, the starting time of two
* coins is always @e duration_withdraw - @e duration_overlap apart. * denominations is always @e duration_withdraw - @e duration_overlap apart.
*/ */
struct GNUNET_TIME_Relative duration_overlap; struct GNUNET_TIME_Relative duration_overlap;
/** /**
* What is the value of the coin? * What is the value of each coin?
*/ */
struct TALER_Amount value; struct TALER_Amount value;
/** /**
* What is the fee charged for withdrawl? * What is the fee charged for withdrawal?
*/ */
struct TALER_Amount fee_withdraw; struct TALER_Amount fee_withdraw;
@ -157,7 +155,7 @@ struct CoinTypeParams
struct GNUNET_TIME_Absolute anchor; struct GNUNET_TIME_Absolute anchor;
/** /**
* Length of the RSA key in bits. * Length of the RSA key (in bits).
*/ */
uint32_t rsa_keysize; uint32_t rsa_keysize;
}; };
@ -245,22 +243,22 @@ static int global_ret;
#include "key-helper.c" #include "key-helper.c"
/** /**
* Hash the data defining the coin type. Exclude information that may * Hash the data defining a denomination type. Exclude information that may
* not be the same for all instances of the coin type (i.e. the * not be the same for all instances of the denomination's type (i.e. the
* anchor, overlap). * anchor, overlap).
* *
* @param p coin parameters to convert to a hash * @param p denomination parameters to convert to a hash
* @param[out] hash set to the hash matching @a p * @param[out] hash set to the hash matching @a p
*/ */
static void static void
hash_coin_type (const struct CoinTypeParams *p, hash_denomination_parameters (const struct DenominationParameters *p,
struct GNUNET_HashCode *hash) struct GNUNET_HashCode *hash)
{ {
struct CoinTypeNBOP p_nbo; struct DenominationNBOP p_nbo;
memset (&p_nbo, memset (&p_nbo,
0, 0,
sizeof (struct CoinTypeNBOP)); sizeof (struct DenominationNBOP));
p_nbo.duration_spend = GNUNET_TIME_relative_hton (p->duration_spend); p_nbo.duration_spend = GNUNET_TIME_relative_hton (p->duration_spend);
p_nbo.duration_legal = GNUNET_TIME_relative_hton (p->duration_legal); p_nbo.duration_legal = GNUNET_TIME_relative_hton (p->duration_legal);
p_nbo.duration_withdraw = GNUNET_TIME_relative_hton (p->duration_withdraw); p_nbo.duration_withdraw = GNUNET_TIME_relative_hton (p->duration_withdraw);
@ -276,33 +274,34 @@ hash_coin_type (const struct CoinTypeParams *p,
&p->fee_refund); &p->fee_refund);
p_nbo.rsa_keysize = htonl (p->rsa_keysize); p_nbo.rsa_keysize = htonl (p->rsa_keysize);
GNUNET_CRYPTO_hash (&p_nbo, GNUNET_CRYPTO_hash (&p_nbo,
sizeof (struct CoinTypeNBOP), sizeof (struct DenominationNBOP),
hash); hash);
} }
/** /**
* Obtain the name of the directory we should use to store coins of * Obtain the name of the directory we should use to store denominations of
* the given type. The directory name has the format * the given type. The directory name has the format
* "$EXCHANGEDIR/$VALUE/$HASH/" where "$VALUE" represents the value of the * "$EXCHANGEDIR/$VALUE/$HASH/" where "$VALUE" represents the value of the
* coin and "$HASH" encodes all of the coin's parameters, generating a * coins and "$HASH" encodes all of the denomination's parameters, generating
* unique string for each type of coin. Note that the "$HASH" * a unique string for each type of denomination. Note that the "$HASH"
* includes neither the absolute creation time nor the key of the * includes neither the absolute creation time nor the key of the
* coin, thus the files in the subdirectory really just refer to the * denomination, thus the files in the subdirectory really just refer to the
* same type of coins, not the same coin. * same type of denominations, not the same denomination.
* *
* @param p coin parameters to convert to a directory name * @param p denomination parameters to convert to a directory name
* @return directory name (valid until next call to this function) * @return directory name (valid until next call to this function)
*/ */
static const char * static const char *
get_cointype_dir (const struct CoinTypeParams *p) get_denomination_dir (const struct DenominationParameters *p)
{ {
static char dir[4096]; static char dir[4096];
struct GNUNET_HashCode hash; struct GNUNET_HashCode hash;
char *hash_str; char *hash_str;
char *val_str; char *val_str;
hash_coin_type (p, &hash); hash_denomination_parameters (p,
&hash);
hash_str = GNUNET_STRINGS_data_to_string_alloc (&hash, hash_str = GNUNET_STRINGS_data_to_string_alloc (&hash,
sizeof (struct sizeof (struct
GNUNET_HashCode)); GNUNET_HashCode));
@ -332,22 +331,22 @@ get_cointype_dir (const struct CoinTypeParams *p)
/** /**
* Obtain the name of the file we would use to store the key * Obtain the name of the file we would use to store the key
* information for a coin of the given type @a p and validity * information for a denomination of the given type @a p and validity
* start time @a start * start time @a start
* *
* @param p parameters for the coin * @param p parameters for the denomination
* @param start when would the coin begin to be issued * @param start when would the denomination begin to be issued
* @return name of the file to use for this coin * @return name of the file to use for this denomination
* (valid until next call to this function) * (valid until next call to this function)
*/ */
static const char * static const char *
get_cointype_file (const struct CoinTypeParams *p, get_denomination_type_file (const struct DenominationParameters *p,
struct GNUNET_TIME_Absolute start) struct GNUNET_TIME_Absolute start)
{ {
static char filename[4096]; static char filename[4096];
const char *dir; const char *dir;
dir = get_cointype_dir (p); dir = get_denomination_dir (p);
GNUNET_snprintf (filename, GNUNET_snprintf (filename,
sizeof (filename), sizeof (filename),
"%s" DIR_SEPARATOR_STR "%llu", "%s" DIR_SEPARATOR_STR "%llu",
@ -361,7 +360,7 @@ get_cointype_file (const struct CoinTypeParams *p,
* Get the latest key file from a past run of the key generation * Get the latest key file from a past run of the key generation
* tool. Used to calculate the starting time for the keys we * tool. Used to calculate the starting time for the keys we
* generate during this invocation. This function is used to * generate during this invocation. This function is used to
* handle both signing keys and coin keys, as in both cases * handle both signing keys and denomination keys, as in both cases
* the filenames correspond to the timestamps we need. * the filenames correspond to the timestamps we need.
* *
* @param cls closure, a `struct GNUNET_TIME_Absolute *`, updated * @param cls closure, a `struct GNUNET_TIME_Absolute *`, updated
@ -459,8 +458,9 @@ get_anchor (const char *dir,
/** /**
* Create a exchange signing key (for signing exchange messages, not for coins) * Create a exchange signing key (for signing exchange messages, not for
* and assert its correctness by signing it with the master key. * signing coins) and assert its correctness by signing it with the master
* key.
* *
* @param start start time of the validity period for the key * @param start start time of the validity period for the key
* @param duration how long should the key be valid * @param duration how long should the key be valid
@ -468,11 +468,11 @@ get_anchor (const char *dir,
* @param[out] pi set to the signing key information * @param[out] pi set to the signing key information
*/ */
static void static void
create_signkey_issue_priv (struct GNUNET_TIME_Absolute start, create_signkey_issue_priv (
struct GNUNET_TIME_Relative duration, struct GNUNET_TIME_Absolute start,
struct GNUNET_TIME_Absolute end, struct GNUNET_TIME_Relative duration,
struct TALER_EXCHANGEDB_PrivateSigningKeyInformationP struct GNUNET_TIME_Absolute end,
*pi) struct TALER_EXCHANGEDB_PrivateSigningKeyInformationP *pi)
{ {
struct GNUNET_CRYPTO_EddsaPrivateKey *priv; struct GNUNET_CRYPTO_EddsaPrivateKey *priv;
struct TALER_ExchangeSigningKeyValidityPS *issue = &pi->issue; struct TALER_ExchangeSigningKeyValidityPS *issue = &pi->issue;
@ -504,7 +504,7 @@ create_signkey_issue_priv (struct GNUNET_TIME_Absolute start,
* @return #GNUNET_OK on success, #GNUNET_SYSERR on error * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
*/ */
static int static int
exchange_keys_update_signkeys () exchange_keys_update_signkeys (void)
{ {
struct GNUNET_TIME_Relative signkey_duration; struct GNUNET_TIME_Relative signkey_duration;
struct GNUNET_TIME_Relative legal_duration; struct GNUNET_TIME_Relative legal_duration;
@ -514,23 +514,23 @@ exchange_keys_update_signkeys ()
if (GNUNET_OK != if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_time (kcfg, GNUNET_CONFIGURATION_get_value_time (kcfg,
"exchange", "exchange",
"signkey_duration", "SIGNKEY_DURATION",
&signkey_duration)) &signkey_duration))
{ {
GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
"exchange", "exchange",
"signkey_duration"); "SIGNKEY_DURATION");
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
if (GNUNET_OK != if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_time (kcfg, GNUNET_CONFIGURATION_get_value_time (kcfg,
"exchange", "exchange",
"legal_duration", "LEGAL_DURATION",
&legal_duration)) &legal_duration))
{ {
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"exchange", "exchange",
"legal_duration", "LEGAL_DURATION",
"fails to specify valid timeframe"); "fails to specify valid timeframe");
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
@ -538,8 +538,8 @@ exchange_keys_update_signkeys ()
{ {
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"exchange", "exchange",
"legal_duration", "LEGAL_DURATION",
"must be longer than signkey_duration"); "Value given for LEGAL_DURATION must be longer than value for SIGNKEY_DURATION");
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
GNUNET_TIME_round_rel (&signkey_duration); GNUNET_TIME_round_rel (&signkey_duration);
@ -589,16 +589,16 @@ exchange_keys_update_signkeys ()
/** /**
* Parse configuration for coin type parameters. Also determines * Parse configuration for denomination type parameters. Also determines
* our anchor by looking at the existing coins of the same type. * our anchor by looking at the existing denominations of the same type.
* *
* @param ct section in the configuration file giving the coin type parameters * @param ct section in the configuration file giving the denomination type parameters
* @param[out] params set to the coin parameters from the configuration * @param[out] params set to the denomination parameters from the configuration
* @return #GNUNET_OK on success, #GNUNET_SYSERR if the configuration is invalid * @return #GNUNET_OK on success, #GNUNET_SYSERR if the configuration is invalid
*/ */
static int static int
get_cointype_params (const char *ct, get_denomination_type_params (const char *ct,
struct CoinTypeParams *params) struct DenominationParameters *params)
{ {
const char *dir; const char *dir;
unsigned long long rsa_keysize; unsigned long long rsa_keysize;
@ -606,24 +606,24 @@ get_cointype_params (const char *ct,
if (GNUNET_OK != if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_time (kcfg, GNUNET_CONFIGURATION_get_value_time (kcfg,
ct, ct,
"duration_withdraw", "DURATION_WIDHTRAW",
&params->duration_withdraw)) &params->duration_withdraw))
{ {
GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
ct, ct,
"duration_withdraw"); "DURATION_WITHDRAW");
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
GNUNET_TIME_round_rel (&params->duration_withdraw); GNUNET_TIME_round_rel (&params->duration_withdraw);
if (GNUNET_OK != if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_time (kcfg, GNUNET_CONFIGURATION_get_value_time (kcfg,
ct, ct,
"duration_spend", "DURATION_SPEND",
&params->duration_spend)) &params->duration_spend))
{ {
GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
ct, ct,
"duration_spend"); "DURATION_SPEND");
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
GNUNET_TIME_round_rel (&params->duration_spend); GNUNET_TIME_round_rel (&params->duration_spend);
@ -632,24 +632,24 @@ get_cointype_params (const char *ct,
if (GNUNET_OK != if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_time (kcfg, GNUNET_CONFIGURATION_get_value_time (kcfg,
ct, ct,
"duration_legal", "DURATION_LEGAL",
&params->duration_legal)) &params->duration_legal))
{ {
GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
ct, ct,
"duration_legal"); "DURATION_LEGAL");
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
GNUNET_TIME_round_rel (&params->duration_legal); GNUNET_TIME_round_rel (&params->duration_legal);
if (GNUNET_OK != if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_time (kcfg, GNUNET_CONFIGURATION_get_value_time (kcfg,
ct, ct,
"duration_overlap", "DURATION_OVERLAP",
&params->duration_overlap)) &params->duration_overlap))
{ {
GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
ct, ct,
"exchange_denom_duration_overlap"); "DURATION_OVERLAP");
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
GNUNET_TIME_round_rel (&params->duration_overlap); GNUNET_TIME_round_rel (&params->duration_overlap);
@ -658,8 +658,8 @@ get_cointype_params (const char *ct,
{ {
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
ct, ct,
"duration_overlap", "DURATION_OVERLAP",
"duration_overlap must be smaller than duration_withdraw!"); "Value given for DURATION_OVERLAP must be smaller than value for DURATION_WITHDRAW!");
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
if (GNUNET_OK != if (GNUNET_OK !=
@ -685,45 +685,45 @@ get_cointype_params (const char *ct,
if (GNUNET_OK != if (GNUNET_OK !=
TALER_config_get_amount (kcfg, TALER_config_get_amount (kcfg,
ct, ct,
"value", "VALUE",
&params->value)) &params->value))
{ {
GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
ct, ct,
"value"); "VALUE");
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
if (GNUNET_OK != if (GNUNET_OK !=
TALER_config_get_amount (kcfg, TALER_config_get_amount (kcfg,
ct, ct,
"fee_withdraw", "FEE_WITHDRAW",
&params->fee_withdraw)) &params->fee_withdraw))
{ {
GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
ct, ct,
"fee_withdraw"); "FEE_WITHDRAW");
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
if (GNUNET_OK != if (GNUNET_OK !=
TALER_config_get_amount (kcfg, TALER_config_get_amount (kcfg,
ct, ct,
"fee_deposit", "FEE_DEPOSIT",
&params->fee_deposit)) &params->fee_deposit))
{ {
GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
ct, ct,
"fee_deposit"); "FEE_DEPOSIT");
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
if (GNUNET_OK != if (GNUNET_OK !=
TALER_config_get_amount (kcfg, TALER_config_get_amount (kcfg,
ct, ct,
"fee_refresh", "FEE_REFRESH",
&params->fee_refresh)) &params->fee_refresh))
{ {
GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
ct, ct,
"fee_refresh"); "FEE_REFRESH");
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
if (GNUNET_OK != if (GNUNET_OK !=
@ -734,11 +734,11 @@ get_cointype_params (const char *ct,
{ {
GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
ct, ct,
"fee_refund"); "FEE_REFUND");
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
dir = get_cointype_dir (params); dir = get_denomination_dir (params);
get_anchor (dir, get_anchor (dir,
params->duration_withdraw, params->duration_withdraw,
params->duration_overlap, params->duration_overlap,
@ -746,7 +746,7 @@ get_cointype_params (const char *ct,
/** /**
* The "anchor" is merely the latest denom key filename * The "anchor" is merely the latest denom key filename
* converted to a GNUnet absolute date. * converted to a GNUnet absolute time.
*/ */
return GNUNET_OK; return GNUNET_OK;
@ -756,16 +756,16 @@ get_cointype_params (const char *ct,
/** /**
* Initialize the private and public key information structure for * Initialize the private and public key information structure for
* signing coins into existence. Generates the private signing key * signing coins into existence. Generates the private signing key
* and signes it together with the coin's meta data using the master * and signes it together with the denomination's meta data using the master
* signing key. * signing key.
* *
* @param params parameters used to initialize the @a dki * @param params parameters used to initialize the @a dki
* @param[out] dki initialized according to @a params * @param[out] dki initialized according to @a params
*/ */
static void static void
create_denomkey_issue (const struct CoinTypeParams *params, create_denomkey_issue (
struct TALER_EXCHANGEDB_DenominationKey * const struct DenominationParameters *params,
dki) struct TALER_EXCHANGEDB_DenominationKey *dki)
{ {
dki->denom_priv.rsa_private_key dki->denom_priv.rsa_private_key
= GNUNET_CRYPTO_rsa_private_key_create (params->rsa_keysize); = GNUNET_CRYPTO_rsa_private_key_create (params->rsa_keysize);
@ -809,35 +809,35 @@ create_denomkey_issue (const struct CoinTypeParams *params,
/** /**
* Generate new coin signing keys for the coin type of the given @a * Generate new denomination signing keys for the denomination type of the given @a
* coin_alias. * denomination_alias.
* *
* @param cls a `int *`, to be set to #GNUNET_SYSERR on failure * @param cls a `int *`, to be set to #GNUNET_SYSERR on failure
* @param coin_alias name of the coin's section in the configuration * @param denomination_alias name of the denomination's section in the configuration
*/ */
static void static void
exchange_keys_update_cointype (void *cls, exchange_keys_update_denominationtype (void *cls,
const char *coin_alias) const char *denomination_alias)
{ {
int *ret = cls; int *ret = cls;
struct CoinTypeParams p; struct DenominationParameters p;
const char *dkf; const char *dkf;
struct TALER_EXCHANGEDB_DenominationKey denomkey_issue; struct TALER_EXCHANGEDB_DenominationKey denomkey_issue;
if (0 != strncasecmp (coin_alias, if (0 != strncasecmp (denomination_alias,
"coin_", "coin_",
strlen ("coin_"))) strlen ("coin_")))
return; /* not a coin definition */ return; /* not a denomination type definition */
if (GNUNET_OK != if (GNUNET_OK !=
get_cointype_params (coin_alias, get_denomination_type_params (denomination_alias,
&p)) &p))
{ {
*ret = GNUNET_SYSERR; *ret = GNUNET_SYSERR;
return; return;
} }
/* p has the right anchor now = latest denom filename converted to time. */ /* p has the right anchor now = latest denom filename converted to time. */
if (GNUNET_OK != if (GNUNET_OK !=
GNUNET_DISK_directory_create (get_cointype_dir (&p))) GNUNET_DISK_directory_create (get_denomination_dir (&p)))
{ {
*ret = GNUNET_SYSERR; *ret = GNUNET_SYSERR;
return; return;
@ -847,19 +847,19 @@ exchange_keys_update_cointype (void *cls,
{ {
GNUNET_log (GNUNET_ERROR_TYPE_INFO, GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Future time not covered yet for type `%s': %s\n", "Future time not covered yet for type `%s': %s\n",
coin_alias, denomination_alias,
GNUNET_STRINGS_relative_time_to_string GNUNET_STRINGS_relative_time_to_string
(GNUNET_TIME_absolute_get_difference (p.anchor, (GNUNET_TIME_absolute_get_difference (p.anchor,
lookahead_sign_stamp), lookahead_sign_stamp),
GNUNET_NO)); GNUNET_NO));
dkf = get_cointype_file (&p, dkf = get_denomination_type_file (&p,
p.anchor); p.anchor);
GNUNET_break (GNUNET_YES != GNUNET_break (GNUNET_YES !=
GNUNET_DISK_file_test (dkf)); GNUNET_DISK_file_test (dkf));
GNUNET_log (GNUNET_ERROR_TYPE_INFO, GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Generating denomination key for type `%s', start %s at %s\n", "Generating denomination key for type `%s', start %s at %s\n",
coin_alias, denomination_alias,
GNUNET_STRINGS_absolute_time_to_string (p.anchor), GNUNET_STRINGS_absolute_time_to_string (p.anchor),
dkf); dkf);
@ -914,13 +914,13 @@ exchange_keys_update_cointype (void *cls,
* @return #GNUNET_OK on success, #GNUNET_SYSERR on error * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
*/ */
static int static int
exchange_keys_update_denomkeys () exchange_keys_update_denomkeys (void)
{ {
int ok; int ok;
ok = GNUNET_OK; ok = GNUNET_OK;
GNUNET_CONFIGURATION_iterate_sections (kcfg, GNUNET_CONFIGURATION_iterate_sections (kcfg,
&exchange_keys_update_cointype, &exchange_keys_update_denominationtype,
&ok); &ok);
return ok; return ok;
} }
@ -1102,7 +1102,7 @@ create_wire_fee_by_account (void *cls,
* @return #GNUNET_OK on success, #GNUNET_SYSERR on error * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
*/ */
static int static int
create_wire_fees () create_wire_fees (void)
{ {
int ret; int ret;
@ -1173,7 +1173,6 @@ run (void *cls,
(void) args; (void) args;
(void) cfgfile; (void) cfgfile;
kcfg = cfg; kcfg = cfg;
if (GNUNET_OK != if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_string (cfg, GNUNET_CONFIGURATION_get_value_string (cfg,
"taler", "taler",
@ -1202,7 +1201,7 @@ run (void *cls,
&feedir)) &feedir))
{ {
fprintf (stderr, fprintf (stderr,
"Wire fee directory not given in neither configuration nor command-line\n"); "Wire fee directory given neither in configuration nor on command-line\n");
global_ret = 1; global_ret = 1;
return; return;
} }
@ -1244,10 +1243,9 @@ run (void *cls,
"w"); "w");
if (NULL == auditor_output_file) if (NULL == auditor_output_file)
{ {
fprintf (stderr, GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
"Failed to open `%s' for writing: %s\n", "open (w)",
auditorrequestfile, auditorrequestfile);
strerror (errno));
global_ret = 1; global_ret = 1;
return; return;
} }
@ -1256,12 +1254,12 @@ run (void *cls,
if (GNUNET_OK != if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_time (kcfg, GNUNET_CONFIGURATION_get_value_time (kcfg,
"exchange", "exchange",
"lookahead_sign", "LOOKAHEAD_SIGN",
&lookahead_sign)) &lookahead_sign))
{ {
GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
"exchange", "exchange",
"lookahead_sign"); "LOOKAHEAD_SIGN");
global_ret = 1; global_ret = 1;
return; return;
} }
@ -1269,7 +1267,7 @@ run (void *cls,
{ {
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"exchange", "exchange",
"lookahead_sign", "LOOKAHEAD_SIGN",
_ ("must not be zero")); _ ("must not be zero"));
global_ret = 1; global_ret = 1;
return; return;
@ -1280,6 +1278,22 @@ run (void *cls,
/* finally, do actual work */ /* finally, do actual work */
if (0 != GNUNET_is_zero (&revoke_dkh))
{
if (GNUNET_OK != revoke_denomination (&revoke_dkh))
{
global_ret = 1;
return;
}
/* if we were invoked to revoke a key, let's not also generate
new keys, as that might not be desired. */
return;
}
if (NULL == auditor_output_file)
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
"Option `-o' missing. Hence, you will NOT be able to use an auditor with the generated keys!\n");
if (GNUNET_OK != exchange_keys_update_signkeys ()) if (GNUNET_OK != exchange_keys_update_signkeys ())
{ {
global_ret = 1; global_ret = 1;
@ -1295,24 +1309,16 @@ run (void *cls,
global_ret = 1; global_ret = 1;
return; return;
} }
if ( (0 != GNUNET_is_zero (&revoke_dkh)) &&
(GNUNET_OK !=
revoke_denomination (&revoke_dkh)) )
{
global_ret = 1;
return;
}
} }
/** /**
* The main function of the taler-exchange-keyup tool. This tool is used * The main function of the taler-exchange-keyup tool. This tool is used to
* to create the signing and denomination keys for the exchange. It uses * create the signing and denomination keys for the exchange. It uses the
* the long-term offline private key and writes the (additional) key * long-term offline private key and writes the (additional) key files to the
* files to the respective exchange directory (from where they can then be * respective exchange directory (from where they can then be copied to the
* copied to the online server). Note that we need (at least) the * online server). Note that we need (at least) the most recent generated
* most recent generated previous keys so as to align the validity * previous keys to align the validity periods.
* periods.
* *
* @param argc number of arguments from the command line * @param argc number of arguments from the command line
* @param argv command line arguments * @param argv command line arguments
@ -1341,7 +1347,7 @@ main (int argc,
GNUNET_GETOPT_option_base32_auto ('r', GNUNET_GETOPT_option_base32_auto ('r',
"revoke", "revoke",
"DKH", "DKH",
"revoke denomination key hash (DKH) and request wallets to initiate /recoup", "revoke denomination key hash (DKH) and request wallets to initiate recoup",
&revoke_dkh), &revoke_dkh),
GNUNET_GETOPT_option_timetravel ('T', GNUNET_GETOPT_option_timetravel ('T',
"timetravel"), "timetravel"),
@ -1353,6 +1359,10 @@ main (int argc,
GNUNET_GETOPT_OPTION_END GNUNET_GETOPT_OPTION_END
}; };
/* force linker to link against libtalerutil; if we do
not do this, the linker may "optimize" libtalerutil
away and skip #TALER_OS_init(), which we do need */
(void) TALER_project_data_default ();
GNUNET_assert (GNUNET_OK == GNUNET_assert (GNUNET_OK ==
GNUNET_log_setup ("taler-exchange-keyup", GNUNET_log_setup ("taler-exchange-keyup",
"WARNING", "WARNING",
@ -1367,7 +1377,7 @@ main (int argc,
return 1; return 1;
if (NULL != auditor_output_file) if (NULL != auditor_output_file)
{ {
fclose (auditor_output_file); GNUNET_assert (0 == fclose (auditor_output_file));
auditor_output_file = NULL; auditor_output_file = NULL;
} }
return global_ret; return global_ret;

2
src/exchange/taler-exchange-httpd_withdraw.c
View File

@ -340,7 +340,7 @@ withdraw_transaction (void *cls,
* specifies the key/value of the coin to be withdrawn, and checks that the * specifies the key/value of the coin to be withdrawn, and checks that the
* signature "reserve_sig" makes this a valid withdrawal request from the * signature "reserve_sig" makes this a valid withdrawal request from the
* specified reserve. If so, the envelope with the blinded coin "coin_ev" is * specified reserve. If so, the envelope with the blinded coin "coin_ev" is
* passed down to execute the withdrawl operation. * passed down to execute the withdrawal operation.
* *
* @param rh context of the handler * @param rh context of the handler
* @param connection the MHD connection to handle * @param connection the MHD connection to handle

4
src/exchange/taler-exchange-httpd_withdraw.h
View File

@ -31,9 +31,9 @@
* Handle a "/reserves/$RESERVE_PUB/withdraw" request. Parses the * Handle a "/reserves/$RESERVE_PUB/withdraw" request. Parses the
* "reserve_pub" EdDSA key of the reserve and the requested "denom_pub" which * "reserve_pub" EdDSA key of the reserve and the requested "denom_pub" which
* specifies the key/value of the coin to be withdrawn, and checks that the * specifies the key/value of the coin to be withdrawn, and checks that the
* signature "reserve_sig" makes this a valid withdrawl request from the * signature "reserve_sig" makes this a valid withdrawal request from the
* specified reserve. If so, the envelope with the blinded coin "coin_ev" is * specified reserve. If so, the envelope with the blinded coin "coin_ev" is
* passed down to execute the withdrawl operation. * passed down to execute the withdrawal operation.
* *
* @param rh context of the handler * @param rh context of the handler
* @param connection the MHD connection to handle * @param connection the MHD connection to handle

6
src/include/taler_exchangedb_plugin.h
View File

@ -244,8 +244,8 @@ struct TALER_EXCHANGEDB_CollectableBlindcoin
/** /**
* Withdrawl fee charged by the exchange. This must match the Exchange's * Withdrawl fee charged by the exchange. This must match the Exchange's
* denomination key's withdrawl fee. If the client puts in an * denomination key's withdrawal fee. If the client puts in an
* invalid withdrawl fee (too high or too low) that does not match * invalid withdrawal fee (too high or too low) that does not match
* the Exchange's denomination key, the withdraw operation is invalid * the Exchange's denomination key, the withdraw operation is invalid
* and will be rejected by the exchange. The @e amount_with_fee minus * and will be rejected by the exchange. The @e amount_with_fee minus
* the @e withdraw_fee is must match the value of the generated * the @e withdraw_fee is must match the value of the generated
@ -267,7 +267,7 @@ struct TALER_EXCHANGEDB_CollectableBlindcoin
struct GNUNET_HashCode h_coin_envelope; struct GNUNET_HashCode h_coin_envelope;
/** /**
* Signature confirming the withdrawl, matching @e reserve_pub, * Signature confirming the withdrawal, matching @e reserve_pub,
* @e denom_pub and @e h_coin_envelope. * @e denom_pub and @e h_coin_envelope.
*/ */
struct TALER_ReserveSignatureP reserve_sig; struct TALER_ReserveSignatureP reserve_sig;

4
src/include/taler_signatures.h
View File

@ -323,8 +323,8 @@ struct TALER_WithdrawRequestPS
/** /**
* Withdrawl fee charged by the exchange. This must match the Exchange's * Withdrawl fee charged by the exchange. This must match the Exchange's
* denomination key's withdrawl fee. If the client puts in an * denomination key's withdrawal fee. If the client puts in an
* invalid withdrawl fee (too high or too low) that does not match * invalid withdrawal fee (too high or too low) that does not match
* the Exchange's denomination key, the withdraw operation is invalid * the Exchange's denomination key, the withdraw operation is invalid
* and will be rejected by the exchange. The @e amount_with_fee minus * and will be rejected by the exchange. The @e amount_with_fee minus
* the @e withdraw_fee is must match the value of the generated * the @e withdraw_fee is must match the value of the generated