blob: ecf52485bc7a517e51b2de12545e6ad55c332eb5 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
|
#!/usr/bin/env bash
# Generate denomination keys and get them
# signed by the auditor.
set -eu
if test -z $TALER_CONFIG_ENV; then
echo Please run 'source $HOME/activate' first.
exit 1
fi
if ! test -f $HOME/.config/taler.conf; then
echo "Please generate config file first (taler-deployment-config-generate)"
exit 1
fi
if ! test -f $(taler-config -s paths -o taler_deployment_shared -f)/hier.lock; then
echo "shared-data/ hier not made yet, please run 'taler-deployment-hier' first"
exit 1
fi
DATESALT=$(date +%s%N)
AUDITOR_REQUEST_DIR=$(taler-config -s exchangedb -o auditor_inputs -f)
AUDITOR_BASE_DIR=$(taler-config -s exchangedb -o auditor_base_dir -f)
AUDITOR_PRIV=$(taler-config -s auditor -o auditor_priv_file -f)
EXCHANGE_PUB=$(taler-config -s exchange -o master_public_key)
EXCHANGE_URL=$(taler-config -s exchange -o base_url)
EXCHANGE_LIVE_KEYS=$(taler-config -s exchange -o keydir -f)
EXCHANGE_WIREFEES=$(taler-config -s exchangedb -o wirefee_base_dir -f)
EXCHANGE_PRIV=$(taler-config -s exchange -o master_priv_file -f)
# Deploying Exchange's priv.
if ! test -f $EXCHANGE_PRIV ; then
mkdir -p $(dirname $EXCHANGE_PRIV)
cp $HOME/deployment/private-keys/${TALER_CONFIG_ENV}-exchange-master.priv $EXCHANGE_PRIV
chmod g+rx $EXCHANGE_PRIV
fi
# Deploying Auditor's priv.
if ! test -f $AUDITOR_PRIV; then
mkdir -p $(dirname $AUDITOR_PRIV)
cp $HOME/deployment/private-keys/auditor.priv $AUDITOR_PRIV
chmod g+rx $AUDITOR_PRIV
fi
mkdir -p $AUDITOR_REQUEST_DIR
taler-exchange-keyup \
-m $EXCHANGE_PRIV \
-o $AUDITOR_REQUEST_DIR/auditor_request-${DATESALT}
# or-ing with true as user A won't be able to
# change permissions for user B's files.
chmod -R 770 $EXCHANGE_LIVE_KEYS/* || true
chmod -R 770 $EXCHANGE_WIREFEES/* || true
taler-auditor-exchange \
-m $EXCHANGE_PUB \
-u $EXCHANGE_URL
# Checks whether any denom key was generated, and
# only sign it if so.
if [[ -s $AUDITOR_REQUEST_DIR/auditor_request-${DATESALT} ]]; then
echo "Signing key material by auditor.."
taler-auditor-sign \
-u $TALER_ENV_URL_AUDITOR \
-m $EXCHANGE_PUB \
-r "$AUDITOR_REQUEST_DIR/auditor_request-${DATESALT}" \
-o "$AUDITOR_BASE_DIR/$DATESALT" \
-c ${HOME}/.config/taler.conf
fi
# or-ing with true as user A won't be able to
# change permissions for user B's files.
chmod -R 770 $AUDITOR_BASE_DIR/* || true
|
