conclude taler-mint-keyup initial review

This commit is contained in:
Christian Grothoff 2015-03-17 14:45:31 +01:00
parent b314f07431
commit e0ae4e1290
2 changed files with 69 additions and 73 deletions

View File

@ -11,11 +11,12 @@ lookahead_sign = 32 weeks 1 day
# ahead of time? # ahead of time?
lookahead_provide = 4 weeks 1 day lookahead_provide = 4 weeks 1 day
# what coin types do we have available?
coin_types = default_eur_ct_10 default_eur_5 default_eur_10 default_eur_1000
# Coin definitions are detected because the section
[default_eur_ct_10] # name begins with "coin_". The rest of the
# name is free, but of course following the convention
# of "coin_$CURRENCY[_$SUBUNIT]_$VALUE" make sense.
[coin_eur_ct_10]
value = EUR:0.10 value = EUR:0.10
duration_overlap = 5 minutes duration_overlap = 5 minutes
duration_withdraw = 7 days duration_withdraw = 7 days
@ -26,7 +27,7 @@ fee_refresh = EUR:0.01
rsa_keysize = 1024 rsa_keysize = 1024
kappa = 3 kappa = 3
[default_eur_5] [coin_eur_5]
value = EUR:5 value = EUR:5
duration_overlap = 5 minutes duration_overlap = 5 minutes
duration_withdraw = 7 days duration_withdraw = 7 days
@ -37,7 +38,7 @@ fee_refresh = EUR:0.01
rsa_keysize = 1024 rsa_keysize = 1024
kappa = 3 kappa = 3
[default_eur_10] [coin_eur_10]
value = EUR:10 value = EUR:10
duration_overlap = 5 minutes duration_overlap = 5 minutes
duration_withdraw = 7 days duration_withdraw = 7 days
@ -48,7 +49,7 @@ fee_refresh = EUR:0.01
rsa_keysize = 1024 rsa_keysize = 1024
kappa = 3 kappa = 3
[default_eur_1000] [coin_eur_1000]
value = EUR:1000 value = EUR:1000
duration_overlap = 5 minutes duration_overlap = 5 minutes
duration_withdraw = 7 days duration_withdraw = 7 days

View File

@ -707,99 +707,94 @@ create_denomkey_issue (const struct CoinTypeParams *params,
* Generate new coin signing keys for the coin type of the given @a * Generate new coin signing keys for the coin type of the given @a
* coin_alias. * coin_alias.
* *
* @param cls a `int *`, to be set to #GNUNET_SYSERR on failure
* @param coin_alias name of the coin's section in the configuration * @param coin_alias name of the coin's section in the configuration
* @return #GNUNET_OK on success, #GNUNET_SYSERR on failure
*/ */
static int static void
mint_keys_update_cointype (const char *coin_alias) mint_keys_update_cointype (void *cls,
const char *coin_alias)
{ {
int *ret = cls;
struct CoinTypeParams p; struct CoinTypeParams p;
const char *cointype_dir; const char *dkf;
struct TALER_MINT_DenomKeyIssuePriv denomkey_issue;
if (GNUNET_OK != get_cointype_params (coin_alias, &p)) if (0 != strncasecmp (coin_alias,
return GNUNET_SYSERR; "coin_",
strlen ("coin_")))
cointype_dir = get_cointype_dir (&p); return; /* not a coin definition */
if (GNUNET_OK != GNUNET_DISK_directory_create (cointype_dir)) if (GNUNET_OK !=
return GNUNET_SYSERR; get_cointype_params (coin_alias,
&p))
{
*ret = GNUNET_SYSERR;
return;
}
if (GNUNET_OK !=
GNUNET_DISK_directory_create (get_cointype_dir (&p)))
{
*ret = GNUNET_SYSERR;
return;
}
while (p.anchor.abs_value_us < lookahead_sign_stamp.abs_value_us) while (p.anchor.abs_value_us < lookahead_sign_stamp.abs_value_us)
{ {
const char *dkf; dkf = get_cointype_file (&p,
p.anchor);
dkf = get_cointype_file (&p, p.anchor); GNUNET_break (GNUNET_YES != GNUNET_DISK_file_test (dkf));
if (GNUNET_YES != GNUNET_DISK_file_test (dkf))
{
struct TALER_MINT_DenomKeyIssuePriv denomkey_issue;
int ret;
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Generating denomination key for type '%s', start %s at %s\n", "Generating denomination key for type `%s', start %s at %s\n",
coin_alias, coin_alias,
GNUNET_STRINGS_absolute_time_to_string (p.anchor), GNUNET_STRINGS_absolute_time_to_string (p.anchor),
dkf); dkf);
create_denomkey_issue (&p, create_denomkey_issue (&p,
&denomkey_issue); &denomkey_issue);
ret = TALER_MINT_write_denom_key (dkf, if (GNUNET_OK !=
&denomkey_issue); TALER_MINT_write_denom_key (dkf,
GNUNET_CRYPTO_rsa_private_key_free (denomkey_issue.denom_priv); &denomkey_issue))
if (GNUNET_OK != ret)
{ {
fprintf (stderr, fprintf (stderr,
"Failed to write to file `%s'\n", "Failed to write denomination key information to file `%s'.\n",
dkf); dkf);
return GNUNET_SYSERR; *ret = GNUNET_SYSERR;
GNUNET_CRYPTO_rsa_private_key_free (denomkey_issue.denom_priv);
return;
} }
GNUNET_CRYPTO_rsa_private_key_free (denomkey_issue.denom_priv);
p.anchor = GNUNET_TIME_absolute_add (p.anchor,
p.duration_spend);
p.anchor = GNUNET_TIME_absolute_subtract (p.anchor,
p.duration_overlap);
} }
p.anchor = GNUNET_TIME_absolute_add (p.anchor, p.duration_spend);
p.anchor = GNUNET_TIME_absolute_subtract (p.anchor, p.duration_overlap);
}
return GNUNET_OK;
} }
/** /**
* * Update all of the denomination keys of the mint.
* *
* @return #GNUNET_OK on success, #GNUNET_SYSERR on error * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
*/ */
static int static int
mint_keys_update_denomkeys () mint_keys_update_denomkeys ()
{ {
char *coin_types; int ok;
char *ct;
char *tok_ctx;
if (GNUNET_OK != ok = GNUNET_OK;
GNUNET_CONFIGURATION_get_value_string (kcfg, GNUNET_CONFIGURATION_iterate_sections (kcfg,
"mint_keys", &mint_keys_update_cointype,
"coin_types", &ok);
&coin_types)) return ok;
{
GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
"mint_keys",
"coin_types");
return GNUNET_SYSERR;
}
for (ct = strtok_r (coin_types, " ", &tok_ctx);
ct != NULL;
ct = strtok_r (NULL, " ", &tok_ctx))
{
if (GNUNET_OK != mint_keys_update_cointype (ct))
{
GNUNET_free (coin_types);
return GNUNET_SYSERR;
}
}
GNUNET_free (coin_types);
return GNUNET_OK;
} }
/** /**
* The main function of the keyup tool * The main function of the taler-mint-keyup tool. This tool is used
* to create the signing and denomination keys for the mint. It uses
* the long-term offline private key and writes the (additional) key
* files to the respective mint directory (from where they can then be
* copied to the online server). Note that we need (at least) the
* most recent generated previous keys so as to align the validity
* periods.
* *
* @param argc number of arguments from the command line * @param argc number of arguments from the command line
* @param argv command line arguments * @param argv command line arguments