#!/usr/bin/env bash

# Generate denomination keys and get them
# signed by the auditor.

set -eu

if test -z $TALER_CONFIG_ENV; then
  echo Please run 'source $HOME/activate' first.
  exit 1
fi

if ! test -f $HOME/.config/taler.conf; then
  echo "Please generate config file first (taler-deployment-config-generate)"
  exit 1
fi

if ! test -f $(taler-config -s paths -o taler_deployment_shared -f)/hier.lock; then
  echo "shared-data/ hier not made yet, please run 'taler-deployment-hier' first"
  exit 1
fi

DATESALT=$(date +%s%N)
AUDITOR_REQUEST_DIR=$(taler-config -s exchangedb -o auditor_inputs -f)
AUDITOR_BASE_DIR=$(taler-config -s exchangedb -o auditor_base_dir -f)
AUDITOR_PRIV=$(taler-config -s auditor -o auditor_priv_file -f)
EXCHANGE_PUB=$(taler-config -s exchange -o master_public_key)
EXCHANGE_URL=$(taler-config -s exchange -o base_url)
EXCHANGE_LIVE_KEYS=$(taler-config -s exchange -o keydir -f)
EXCHANGE_WIREFEES=$(taler-config -s exchangedb -o wirefee_base_dir -f)
EXCHANGE_PRIV=$(taler-config -s exchange -o master_priv_file -f)

# Deploying Exchange's priv.
if ! test -f $EXCHANGE_PRIV ; then
  mkdir -p $(dirname $EXCHANGE_PRIV)
  cp $HOME/deployment/private-keys/${TALER_CONFIG_ENV}-exchange-master.priv $EXCHANGE_PRIV
  chmod g+rx $EXCHANGE_PRIV
fi

# Deploying Auditor's priv.
if ! test -f $AUDITOR_PRIV; then
  mkdir -p $(dirname $AUDITOR_PRIV)
  cp $HOME/deployment/private-keys/auditor.priv $AUDITOR_PRIV
  chmod g+rx $AUDITOR_PRIV
fi

mkdir -p $AUDITOR_REQUEST_DIR
taler-exchange-keyup \
  -m $EXCHANGE_PRIV \
  -o $AUDITOR_REQUEST_DIR/auditor_request-${DATESALT}

# or-ing with true as user A won't be able to
# change permissions for user B's files.
chmod -R 770 $EXCHANGE_LIVE_KEYS/* || true

chmod -R 770 $EXCHANGE_WIREFEES/* || true

taler-auditor-exchange \
  -m $EXCHANGE_PUB \
  -u $EXCHANGE_URL

# Checks whether any denom key was generated, and
# only sign it if so.
if [[ -s $AUDITOR_REQUEST_DIR/auditor_request-${DATESALT} ]]; then
  echo "Signing key material by auditor.."
  taler-auditor-sign \
    -u $TALER_ENV_URL_AUDITOR \
    -m $EXCHANGE_PUB \
    -r "$AUDITOR_REQUEST_DIR/auditor_request-${DATESALT}" \
    -o "$AUDITOR_BASE_DIR/$DATESALT" \
    -c ${HOME}/.config/taler.conf
fi

# or-ing with true as user A won't be able to
# change permissions for user B's files.
chmod -R 770 $AUDITOR_BASE_DIR/* || true