#!/usr/bin/env bash # Generate denomination keys and get them # signed by the auditor. set -eu if test -z $TALER_CONFIG_ENV; then echo Please run 'source $HOME/activate' first. exit 1 fi if ! test -f $HOME/.config/taler.conf; then echo "Please generate config file first (taler-deployment-config-generate)" exit 1 fi DATESALT=$(date +%s%N) AUDITOR_REQUEST_DIR=$(taler-config -s exchangedb -o auditor_inputs -f) AUDITOR_BASE_DIR=$(taler-config -s exchangedb -o auditor_base_dir -f) AUDITOR_PRIV=$(taler-config -s auditor -o auditor_priv_file -f) EXCHANGE_PUB=$(taler-config -s exchange -o master_public_key) EXCHANGE_URL=$(taler-config -s exchange -o base_url) EXCHANGE_LIVE_KEYS=$(taler-config -s exchange -o keydir -f) EXCHANGE_WIREFEES=$(taler-config -s exchangedb -o wirefee_base_dir -f) EXCHANGE_PRIV=$(taler-config -s exchange -o master_priv_file -f) MERCHANT_TIP_RESERVE_PRIV=$(taler-config -s instance-default -o tip_reserve_priv_filename -f) MERCHANT_DEFAULT_PRIV=$(taler-config -s instance-default -o keyfile -f) MERCHANT_TUTORIAL_PRIV=$(taler-config -s instance-Tutorial -o keyfile -f) MERCHANT_TOR_PRIV=$(taler-config -s instance-Tor -o keyfile -f) MERCHANT_TALER_PRIV=$(taler-config -s instance-Taler -o keyfile -f) MERCHANT_FSF_PRIV=$(taler-config -s instance-FSF -o keyfile -f) MERCHANT_GNUNET_PRIV=$(taler-config -s instance-GNUnet -o keyfile -f) # Deploying merchant tip-reserve priv. if ! test -f $MERCHANT_TIP_RESERVE_PRIV ; then mkdir -p $(dirname $MERCHANT_TIP_RESERVE_PRIV) cp $HOME/deployment/private-keys/default-tip.priv $MERCHANT_TIP_RESERVE_PRIV chmod 770 $MERCHANT_TIP_RESERVE_PRIV fi # Deploying merchant default priv. if ! test -f $MERCHANT_DEFAULT_PRIV ; then mkdir -p $(dirname $MERCHANT_DEFAULT_PRIV) cp $HOME/deployment/private-keys/default.priv $MERCHANT_DEFAULT_PRIV chmod 770 $MERCHANT_DEFAULT_PRIV fi # Deploying merchant tutorial priv. if ! test -f $MERCHANT_TUTORIAL_PRIV ; then mkdir -p $(dirname $MERCHANT_TUTORIAL_PRIV) cp $HOME/deployment/private-keys/tutorial.priv $MERCHANT_TUTORIAL_PRIV chmod 770 $MERCHANT_TUTORIAL_PRIV fi # Deploying merchant Tor priv. if ! test -f $MERCHANT_TOR_PRIV ; then mkdir -p $(dirname $MERCHANT_TOR_PRIV) cp $HOME/deployment/private-keys/tor.priv $MERCHANT_TOR_PRIV chmod 770 $MERCHANT_TOR_PRIV fi # Deploying merchant Taler priv. if ! test -f $MERCHANT_TALER_PRIV ; then mkdir -p $(dirname $MERCHANT_TALER_PRIV) cp $HOME/deployment/private-keys/taler.priv $MERCHANT_TALER_PRIV chmod 770 $MERCHANT_TALER_PRIV fi # Deploying merchant FSF priv. if ! test -f $MERCHANT_FSF_PRIV ; then mkdir -p $(dirname $MERCHANT_FSF_PRIV) cp $HOME/deployment/private-keys/fsf.priv $MERCHANT_FSF_PRIV chmod 770 $MERCHANT_FSF_PRIV fi # Deploying merchant GNUnet priv. if ! test -f $MERCHANT_GNUNET_PRIV ; then mkdir -p $(dirname $MERCHANT_GNUNET_PRIV) cp $HOME/deployment/private-keys/gnunet.priv $MERCHANT_GNUNET_PRIV chmod 770 $MERCHANT_GNUNET_PRIV fi # Deploying Exchange's priv. if ! test -f $EXCHANGE_PRIV ; then mkdir -p $(dirname $EXCHANGE_PRIV) cp $HOME/deployment/private-keys/${TALER_CONFIG_ENV}-exchange-master.priv $EXCHANGE_PRIV chmod 770 $EXCHANGE_PRIV fi # Deploying Auditor's priv. if ! test -f $AUDITOR_PRIV; then mkdir -p $(dirname $AUDITOR_PRIV) cp $HOME/deployment/private-keys/auditor.priv $AUDITOR_PRIV chmod 770 $AUDITOR_PRIV fi mkdir -p $AUDITOR_REQUEST_DIR taler-exchange-keyup \ -m $EXCHANGE_PRIV \ -o $AUDITOR_REQUEST_DIR/auditor_request-${DATESALT} # or-ing with true as user A won't be able to # change permissions for user B's files. chmod -R 770 $EXCHANGE_LIVE_KEYS/* || true chmod -R 770 $EXCHANGE_WIREFEES/* || true taler-auditor-exchange \ -m $EXCHANGE_PUB \ -u $EXCHANGE_URL # Checks whether any denom key was generated, and # only sign it if so. if [[ -s $AUDITOR_REQUEST_DIR/auditor_request-${DATESALT} ]]; then echo "Signing key material by auditor.." taler-auditor-sign \ -u $TALER_ENV_URL_AUDITOR \ -m $EXCHANGE_PUB \ -r "$AUDITOR_REQUEST_DIR/auditor_request-${DATESALT}" \ -o "$AUDITOR_BASE_DIR/$DATESALT" \ -c ${HOME}/.config/taler.conf fi # or-ing with true as user A won't be able to # change permissions for user B's files. chmod -R 770 $AUDITOR_BASE_DIR/* || true