conclude taler-mint-keyup initial review
This commit is contained in:
parent
b314f07431
commit
e0ae4e1290
@ -11,11 +11,12 @@ lookahead_sign = 32 weeks 1 day
|
|||||||
# ahead of time?
|
# ahead of time?
|
||||||
lookahead_provide = 4 weeks 1 day
|
lookahead_provide = 4 weeks 1 day
|
||||||
|
|
||||||
# what coin types do we have available?
|
|
||||||
coin_types = default_eur_ct_10 default_eur_5 default_eur_10 default_eur_1000
|
|
||||||
|
|
||||||
|
# Coin definitions are detected because the section
|
||||||
[default_eur_ct_10]
|
# name begins with "coin_". The rest of the
|
||||||
|
# name is free, but of course following the convention
|
||||||
|
# of "coin_$CURRENCY[_$SUBUNIT]_$VALUE" make sense.
|
||||||
|
[coin_eur_ct_10]
|
||||||
value = EUR:0.10
|
value = EUR:0.10
|
||||||
duration_overlap = 5 minutes
|
duration_overlap = 5 minutes
|
||||||
duration_withdraw = 7 days
|
duration_withdraw = 7 days
|
||||||
@ -26,7 +27,7 @@ fee_refresh = EUR:0.01
|
|||||||
rsa_keysize = 1024
|
rsa_keysize = 1024
|
||||||
kappa = 3
|
kappa = 3
|
||||||
|
|
||||||
[default_eur_5]
|
[coin_eur_5]
|
||||||
value = EUR:5
|
value = EUR:5
|
||||||
duration_overlap = 5 minutes
|
duration_overlap = 5 minutes
|
||||||
duration_withdraw = 7 days
|
duration_withdraw = 7 days
|
||||||
@ -37,7 +38,7 @@ fee_refresh = EUR:0.01
|
|||||||
rsa_keysize = 1024
|
rsa_keysize = 1024
|
||||||
kappa = 3
|
kappa = 3
|
||||||
|
|
||||||
[default_eur_10]
|
[coin_eur_10]
|
||||||
value = EUR:10
|
value = EUR:10
|
||||||
duration_overlap = 5 minutes
|
duration_overlap = 5 minutes
|
||||||
duration_withdraw = 7 days
|
duration_withdraw = 7 days
|
||||||
@ -48,7 +49,7 @@ fee_refresh = EUR:0.01
|
|||||||
rsa_keysize = 1024
|
rsa_keysize = 1024
|
||||||
kappa = 3
|
kappa = 3
|
||||||
|
|
||||||
[default_eur_1000]
|
[coin_eur_1000]
|
||||||
value = EUR:1000
|
value = EUR:1000
|
||||||
duration_overlap = 5 minutes
|
duration_overlap = 5 minutes
|
||||||
duration_withdraw = 7 days
|
duration_withdraw = 7 days
|
||||||
|
@ -707,99 +707,94 @@ create_denomkey_issue (const struct CoinTypeParams *params,
|
|||||||
* Generate new coin signing keys for the coin type of the given @a
|
* Generate new coin signing keys for the coin type of the given @a
|
||||||
* coin_alias.
|
* coin_alias.
|
||||||
*
|
*
|
||||||
|
* @param cls a `int *`, to be set to #GNUNET_SYSERR on failure
|
||||||
* @param coin_alias name of the coin's section in the configuration
|
* @param coin_alias name of the coin's section in the configuration
|
||||||
* @return #GNUNET_OK on success, #GNUNET_SYSERR on failure
|
|
||||||
*/
|
*/
|
||||||
static int
|
static void
|
||||||
mint_keys_update_cointype (const char *coin_alias)
|
mint_keys_update_cointype (void *cls,
|
||||||
|
const char *coin_alias)
|
||||||
{
|
{
|
||||||
|
int *ret = cls;
|
||||||
struct CoinTypeParams p;
|
struct CoinTypeParams p;
|
||||||
const char *cointype_dir;
|
const char *dkf;
|
||||||
|
struct TALER_MINT_DenomKeyIssuePriv denomkey_issue;
|
||||||
|
|
||||||
if (GNUNET_OK != get_cointype_params (coin_alias, &p))
|
if (0 != strncasecmp (coin_alias,
|
||||||
return GNUNET_SYSERR;
|
"coin_",
|
||||||
|
strlen ("coin_")))
|
||||||
cointype_dir = get_cointype_dir (&p);
|
return; /* not a coin definition */
|
||||||
if (GNUNET_OK != GNUNET_DISK_directory_create (cointype_dir))
|
if (GNUNET_OK !=
|
||||||
return GNUNET_SYSERR;
|
get_cointype_params (coin_alias,
|
||||||
|
&p))
|
||||||
|
{
|
||||||
|
*ret = GNUNET_SYSERR;
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
if (GNUNET_OK !=
|
||||||
|
GNUNET_DISK_directory_create (get_cointype_dir (&p)))
|
||||||
|
{
|
||||||
|
*ret = GNUNET_SYSERR;
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
while (p.anchor.abs_value_us < lookahead_sign_stamp.abs_value_us)
|
while (p.anchor.abs_value_us < lookahead_sign_stamp.abs_value_us)
|
||||||
{
|
{
|
||||||
const char *dkf;
|
dkf = get_cointype_file (&p,
|
||||||
|
p.anchor);
|
||||||
dkf = get_cointype_file (&p, p.anchor);
|
GNUNET_break (GNUNET_YES != GNUNET_DISK_file_test (dkf));
|
||||||
|
|
||||||
if (GNUNET_YES != GNUNET_DISK_file_test (dkf))
|
|
||||||
{
|
|
||||||
struct TALER_MINT_DenomKeyIssuePriv denomkey_issue;
|
|
||||||
int ret;
|
|
||||||
|
|
||||||
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
|
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
|
||||||
"Generating denomination key for type '%s', start %s at %s\n",
|
"Generating denomination key for type `%s', start %s at %s\n",
|
||||||
coin_alias,
|
coin_alias,
|
||||||
GNUNET_STRINGS_absolute_time_to_string (p.anchor),
|
GNUNET_STRINGS_absolute_time_to_string (p.anchor),
|
||||||
dkf);
|
dkf);
|
||||||
create_denomkey_issue (&p,
|
create_denomkey_issue (&p,
|
||||||
&denomkey_issue);
|
&denomkey_issue);
|
||||||
ret = TALER_MINT_write_denom_key (dkf,
|
if (GNUNET_OK !=
|
||||||
&denomkey_issue);
|
TALER_MINT_write_denom_key (dkf,
|
||||||
GNUNET_CRYPTO_rsa_private_key_free (denomkey_issue.denom_priv);
|
&denomkey_issue))
|
||||||
if (GNUNET_OK != ret)
|
|
||||||
{
|
{
|
||||||
fprintf (stderr,
|
fprintf (stderr,
|
||||||
"Failed to write to file `%s'\n",
|
"Failed to write denomination key information to file `%s'.\n",
|
||||||
dkf);
|
dkf);
|
||||||
return GNUNET_SYSERR;
|
*ret = GNUNET_SYSERR;
|
||||||
|
GNUNET_CRYPTO_rsa_private_key_free (denomkey_issue.denom_priv);
|
||||||
|
return;
|
||||||
}
|
}
|
||||||
|
GNUNET_CRYPTO_rsa_private_key_free (denomkey_issue.denom_priv);
|
||||||
|
p.anchor = GNUNET_TIME_absolute_add (p.anchor,
|
||||||
|
p.duration_spend);
|
||||||
|
p.anchor = GNUNET_TIME_absolute_subtract (p.anchor,
|
||||||
|
p.duration_overlap);
|
||||||
}
|
}
|
||||||
p.anchor = GNUNET_TIME_absolute_add (p.anchor, p.duration_spend);
|
|
||||||
p.anchor = GNUNET_TIME_absolute_subtract (p.anchor, p.duration_overlap);
|
|
||||||
}
|
|
||||||
return GNUNET_OK;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
* Update all of the denomination keys of the mint.
|
||||||
*
|
*
|
||||||
* @return #GNUNET_OK on success, #GNUNET_SYSERR on error
|
* @return #GNUNET_OK on success, #GNUNET_SYSERR on error
|
||||||
*/
|
*/
|
||||||
static int
|
static int
|
||||||
mint_keys_update_denomkeys ()
|
mint_keys_update_denomkeys ()
|
||||||
{
|
{
|
||||||
char *coin_types;
|
int ok;
|
||||||
char *ct;
|
|
||||||
char *tok_ctx;
|
|
||||||
|
|
||||||
if (GNUNET_OK !=
|
ok = GNUNET_OK;
|
||||||
GNUNET_CONFIGURATION_get_value_string (kcfg,
|
GNUNET_CONFIGURATION_iterate_sections (kcfg,
|
||||||
"mint_keys",
|
&mint_keys_update_cointype,
|
||||||
"coin_types",
|
&ok);
|
||||||
&coin_types))
|
return ok;
|
||||||
{
|
|
||||||
GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
|
|
||||||
"mint_keys",
|
|
||||||
"coin_types");
|
|
||||||
return GNUNET_SYSERR;
|
|
||||||
}
|
|
||||||
|
|
||||||
for (ct = strtok_r (coin_types, " ", &tok_ctx);
|
|
||||||
ct != NULL;
|
|
||||||
ct = strtok_r (NULL, " ", &tok_ctx))
|
|
||||||
{
|
|
||||||
if (GNUNET_OK != mint_keys_update_cointype (ct))
|
|
||||||
{
|
|
||||||
GNUNET_free (coin_types);
|
|
||||||
return GNUNET_SYSERR;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
GNUNET_free (coin_types);
|
|
||||||
return GNUNET_OK;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The main function of the keyup tool
|
* The main function of the taler-mint-keyup tool. This tool is used
|
||||||
|
* to create the signing and denomination keys for the mint. It uses
|
||||||
|
* the long-term offline private key and writes the (additional) key
|
||||||
|
* files to the respective mint directory (from where they can then be
|
||||||
|
* copied to the online server). Note that we need (at least) the
|
||||||
|
* most recent generated previous keys so as to align the validity
|
||||||
|
* periods.
|
||||||
*
|
*
|
||||||
* @param argc number of arguments from the command line
|
* @param argc number of arguments from the command line
|
||||||
* @param argv command line arguments
|
* @param argv command line arguments
|
||||||
|
Loading…
Reference in New Issue
Block a user