diff options
authorAntoine A <>2024-03-26 01:54:12 +0100
committerAntoine A <>2024-03-26 01:54:12 +0100
commit24e174e9da6c1ba05f251650eaed079e2225f743 (patch)
parent56174c4dc7f0b8b3ec02fc165e473fd489ac66b2 (diff)
-rwxr-xr-xregional-currency/ (renamed from regional-currency/
5 files changed, 127 insertions, 33 deletions
diff --git a/regional-currency/ b/regional-currency/
index 7b9b9b8..6ba71c8 100755
--- a/regional-currency/
+++ b/regional-currency/
@@ -7,8 +7,15 @@ import re
import subprocess
import urllib.parse
import uuid
+from base64 import b64decode, b64encode
from typing import Callable, Dict, TypeVar
+import argon2
+from Crypto.Cipher import ChaCha20_Poly1305
+from Crypto.Hash import SHA512
+from Crypto.Protocol.KDF import PBKDF2
+from Crypto.Random import get_random_bytes
log = open("setup.log", "ab", buffering=0)
CONFIG_FILE = "config/user.conf"
BIC_PATTERN = re.compile("[A-Z0-9]{4}[A-Z]{2}[A-Z0-9]{2}(?:[A-Z0-9]{3})?")
@@ -27,11 +34,13 @@ def load_conf() -> Dict[str, str]:
conf = load_conf()
+result_conf = {}
def add_conf(name: str, value: str):
"""Update a user configuration value and update the configuration file"""
conf[name] = value
+ result_conf[name] = value
content = ""
for key, value in conf.items():
escaped = value.replace('"', '\\"')
@@ -90,7 +99,7 @@ def conf_value(
# Fetch current value
if name is not None:
- curr = conf.get(name, None)
+ curr = conf.get(name)
if curr is not None:
# Check the current value and ask again if invalid
value = check(curr)
@@ -244,51 +253,129 @@ def ask_yes_no(name: str | None, msg: str, default: bool | None = None) -> bool:
return ask(name, msg, default, check_yes_no, lambda it: "y" if it else "n")
+# ----- Crypto ----- #
+def ask_config_password() -> str:
+ "Prompt the user to configure a password stored hashed with argon2id"
+ ph = argon2.PasswordHasher()
+ hash = conf.get("CONFIG_PASSWORD")
+ passwd = None
+ if hash is not None:
+ passwd = os.environ.get("CONFIG_PASSWORD")
+ if passwd is not None:
+ try:
+ ph.verify(hash, passwd)
+ return passwd
+ except argon2.exceptions.VerifyMismatchError:
+ pass
+ while True:
+ passwd = ask_str(None, "Enter the config password : ")
+ try:
+ ph.verify(hash, passwd)
+ break
+ except argon2.exceptions.VerifyMismatchError:
+ print("invalid password")
+ else:
+ passwd = ask_str(None, "1.1 Choose a config password : ")
+ if hash is None or ph.check_needs_rehash(hash):
+ add_conf("CONFIG_PASSWORD", ph.hash(passwd))
+ result_conf["CONFIG_PASSWORD"] = passwd
+ return passwd
+def ask_secret(
+ name: str, msg: str, passwd: str | None, default: str | None = None
+) -> str:
+ "Prompt the user to configure a string stored encryped using pbkdf2_sha512 and chacha20_poly1305"
+ if passwd is None:
+ return ask_str(name, msg, default)
+ else:
+ raw = conf.get(name)
+ plaintext = None
+ if raw is not None:
+ method = "$pbkdf2_sha512_chacha20_poly1305$1000000$"
+ assert raw.startswith(method)
+ salt, nonce, tag, ciphertext = [
+ b64decode(it) for it in raw.removeprefix(method).split("$", 3)
+ ]
+ key = PBKDF2(passwd, salt, 32, count=1000000, hmac_hash_module=SHA512)
+ cipher =, nonce=nonce)
+ cipher.update(name.encode())
+ plaintext = cipher.decrypt_and_verify(ciphertext, tag).decode()
+ else:
+ plaintext = ask_str(None, msg, default)
+ salt = get_random_bytes(16)
+ key = PBKDF2(passwd, salt, 32, count=1000000, hmac_hash_module=SHA512)
+ cipher =
+ cipher.update(name.encode())
+ ciphertext, tag = cipher.encrypt_and_digest(plaintext.encode())
+ add_conf(
+ name,
+ f"$pbkdf2_sha512_chacha20_poly1305$1000000${base64.b64encode(salt).decode()}${base64.b64encode(cipher.nonce).decode()}${base64.b64encode(tag).decode()}${base64.b64encode(ciphertext).decode()}",
+ )
+ result_conf[name] = plaintext
+ return plaintext
+# ----- Prompt ----- #
+config_passwd = (
+ ask_config_password()
+ if ask_yes_no(
+ "1. Do you want to encrypt sensitive config values (Y/n): ",
+ True,
+ )
+ else None
- "1. Enter the name of the regional currency (e.g. 'NETZBON'): ",
+ "2. Enter the name of the regional currency (e.g. 'NETZBON'): ",
do_conversion = ask_yes_no(
- "2. Do you want setup regional currency conversion to fiat currency (Y/n): ",
+ "3. Do you want setup regional currency conversion to fiat currency (Y/n): ",
if do_conversion:
- "2.1. Enter the name of the fiat currency (e.g. 'CHF'): ",
+ "3.1. Enter the name of the fiat currency (e.g. 'CHF'): ",
iban = ask_iban(
- "2.2. Enter the IBAN of your fiat bank account (e.g. 'CH7789144474425692816'): ",
+ "3.2. Enter the IBAN of your fiat bank account (e.g. 'CH7789144474425692816'): ",
bic = ask_bic(
- "2.3. Enter the BIC of your fiat bank account (e.g. 'POFICHBEXXX'): ",
+ "3.3. Enter the BIC of your fiat bank account (e.g. 'POFICHBEXXX'): ",
name = ask_str(
- "FIAT_ACCOUNT_NAME", "2.4. Enter the legal name of your fiat bank account: "
+ "FIAT_ACCOUNT_NAME", "3.4. Enter the legal name of your fiat bank account: "
params = urllib.parse.urlencode({"receiver-name": name})
add_conf("CONVERSION_PAYTO", f"payto://iban/{bic}/{iban}?{params}")
bank_name = ask_str(
- "3. Enter the human-readable name of the bank (e.g. 'Taler Bank'): ",
+ "4. Enter the human-readable name of the bank (e.g. 'Taler Bank'): ",
"Taler Bank",
-ask_host("DOMAIN_NAME", "4. Enter the domain name (e.g. ''): ")
-if ask_yes_no("ENABLE_TLS", "5. Setup TLS using Let's Encrypt? (Y/n): ", True):
- ask_str("TLS_EMAIL", "5.1. Enter an email address for Let's Encrypt: ")
+ask_host("DOMAIN_NAME", "5. Enter the domain name (e.g. ''): ")
+if ask_yes_no("ENABLE_TLS", "6. Setup TLS using Let's Encrypt? (Y/n): ", True):
+ ask_str("TLS_EMAIL", "6.1. Enter an email address for Let's Encrypt: ")
def ask_tos():
- "5.2. Please read the Terms of Service at"
+ "6.2. Please read the Terms of Service at"
if not ask_yes_no(
- "5.2. You must agree in order to register with the ACME server. Do you agree? (y/n): ",
+ "6.2. You must agree in order to register with the ACME server. Do you agree? (y/n): ",
print("You must agree in order to register with the ACME server")
@@ -307,13 +394,13 @@ add_conf(
if ask_yes_no(
- "6. Setup SMS two-factor authentication using Telesign (Y/n): ",
+ "7. Setup SMS two-factor authentication using Telesign (Y/n): ",
def ask_telesign():
- customer_id = ask_str(None, "6.1. Enter your Telesign Customer ID: ")
- api_key = ask_str(None, "6.2. Enter your Telesign API Key: ")
+ customer_id = ask_str(None, "7.1. Enter your Telesign Customer ID: ")
+ api_key = ask_str(None, "7.2. Enter your Telesign API Key: ")
phone_number = ask_str(
"6.3. Enter a phone number to test your API key (e.g. '+447911123456'): ",
@@ -328,7 +415,7 @@ if ask_yes_no(
"Failed to send an SMS using Telesign API, check your credentials and phone number"
return None
- code = ask_str(None, f"6.4. Enter the code received by {phone_number} : ")
+ code = ask_str(None, f"7.4. Enter the code received by {phone_number} : ")
if code != "12345" and code != "T-12345":
f"Wrong code got '{code}' expected '12345', check your credentials and phone number"
@@ -337,30 +424,40 @@ if ask_yes_no(
return auth_token
conf_value("TELESIGN_AUTH_TOKEN", ask_telesign)
- "7. Enter the admin password for the bank (or press enter to autogenerate password): ",
+ "8. Enter the admin password for the bank (or press enter to autogenerate password): ",
+ config_passwd,
if ask_yes_no(
- "8. Do you wish to configure terms of service (ToS) for the exchange? (Y/n): ",
+ "9. Do you wish to configure terms of service (ToS) for the exchange? (Y/n): ",
- "8.1. Enter the filename of the ToS. Some available options are:\n",
+ "9.1. Enter the filename of the ToS. Some available options are:\n",
if ask_yes_no(
- "9. Do you wish to configure a privacy policy for the exchange? (Y/n): ",
+ "10. Do you wish to configure a privacy policy for the exchange? (Y/n): ",
- "9.1. Enter the filename of the privacy policy. Some available options are:\n",
+ "10.1. Enter the filename of the privacy policy. Some available options are:\n",
+# ----- Return conf ----- #
+content = ""
+for key, value in result_conf.items():
+ escaped = value.replace('"', '\\"')
+ content += f'{key}="{escaped}"\n'
+with os.fdopen(3, "w") as f:
+ f.write(content)
diff --git a/regional-currency/ b/regional-currency/
index 466f6d7..44e4377 100755
--- a/regional-currency/
+++ b/regional-currency/
@@ -4,8 +4,6 @@
set -eu
-source config/user.conf
-source config/internal.conf
@@ -38,7 +36,9 @@ apt install \
pip3 install --break-system-packages \
sphinx-markdown-builder \
- htmlark &>> setup.log
+ htmlark \
+ argon2-cffi \
+ pycryptodome &>> setup.log
## Add GNU Taler to /etc/apt/sources.list
@@ -48,6 +48,7 @@ say "Detected distro $DISTRO"
case $DISTRO in
if test ${APT_NIGHTLY:-n} == y; then
+ say "Setup nightly packages"
echo "deb [trusted=yes] bookworm main" >/etc/apt/sources.list.d/taler.list
echo "deb [signed-by=/etc/apt/keyrings/taler-systems.gpg] bookworm main" >/etc/apt/sources.list.d/taler.list
diff --git a/regional-currency/ b/regional-currency/
index 725549a..15a37ae 100755
--- a/regional-currency/
+++ b/regional-currency/
@@ -18,8 +18,6 @@ source
# include variables from configuration
mkdir -p config/
touch config/user.conf config/internal.conf
-# Values supplied by user
-source config/user.conf
# Values we generated
source config/internal.conf
@@ -44,8 +42,8 @@ say "Installing packages (step 1 of 6)"
say ""
say "Interactive configuration (step 2 of 6)"
-source config/user.conf
+{ source <(./ 3>&1 >&4 4>&-); } 4>&1
# Remove when libeufin currencies.conf is in sync with exchange
cat >>/usr/share/libeufin/config.d/netzbon.conf <<EOF
diff --git a/regional-currency/ b/regional-currency/
index 9b563e3..efbd714 100755
--- a/regional-currency/
+++ b/regional-currency/
@@ -7,7 +7,7 @@
set -eu
-source config/user.conf
+{ source <(./ 3>&1 >&4 4>&-); } 4>&1
source config/internal.conf
say "Beginning LibEuFin setup"
diff --git a/regional-currency/ b/regional-currency/
index a892b7a..78af3c9 100755
--- a/regional-currency/
+++ b/regional-currency/
@@ -3,8 +3,6 @@
set -eu
-source config/user.conf
-source config/internal.conf
say "Setting up merchant database"
taler-merchant-dbconfig &>> setup.log