summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2021-01-26 21:45:37 +0100
committerChristian Grothoff <christian@grothoff.org>2021-01-26 21:45:37 +0100
commit9e910cb1b967c72faae0cdd97014a6be8641fed3 (patch)
tree89903ee344d3ccd873d6c4f21cb52d40037c5914
parent556a7f36b840e18924e6cb74742f8a89301d2ddd (diff)
downloadexchange-9e910cb1b967c72faae0cdd97014a6be8641fed3.tar.gz
exchange-9e910cb1b967c72faae0cdd97014a6be8641fed3.tar.bz2
exchange-9e910cb1b967c72faae0cdd97014a6be8641fed3.zip
implement #6724
-rw-r--r--src/exchange-tools/taler-auditor-offline.c60
-rw-r--r--src/exchange-tools/taler-exchange-offline.c77
2 files changed, 122 insertions, 15 deletions
diff --git a/src/exchange-tools/taler-auditor-offline.c b/src/exchange-tools/taler-auditor-offline.c
index aa9ed33e..d3a50f99 100644
--- a/src/exchange-tools/taler-auditor-offline.c
+++ b/src/exchange-tools/taler-auditor-offline.c
@@ -41,6 +41,12 @@
*/
#define OP_INPUT_KEYS "auditor-keys-0"
+/**
+ * Show the offline signing key.
+ * The last component --by convention-- identifies the protocol version
+ * and should be incremented whenever the JSON format of the 'argument' changes.
+ */
+#define OP_SETUP "auditor-setup-0"
/**
* Our private key, initialized in #load_offline_key().
@@ -323,10 +329,11 @@ struct UploadHandler
/**
* Load the offline key (if not yet done). Triggers shutdown on failure.
*
+ * @param do_create #GNUNET_YES if the key may be created
* @return #GNUNET_OK on success
*/
static int
-load_offline_key (void)
+load_offline_key (int do_create)
{
static bool done;
int ret;
@@ -352,7 +359,7 @@ load_offline_key (void)
"Auditor private key `%s' does not exist yet, creating it!\n",
fn);
ret = GNUNET_CRYPTO_eddsa_key_from_file (fn,
- GNUNET_YES,
+ do_create,
&auditor_priv.eddsa_priv);
if (GNUNET_SYSERR == ret)
{
@@ -1114,7 +1121,7 @@ do_sign (char *const *args)
if (NULL == keys)
return;
if (GNUNET_OK !=
- load_offline_key ())
+ load_offline_key (GNUNET_NO))
{
json_decref (keys);
return;
@@ -1162,12 +1169,59 @@ do_sign (char *const *args)
}
+/**
+ * Setup and output offline signing key.
+ *
+ * @param args the array of command-line arguments to process next
+ */
+static void
+do_setup (char *const *args)
+{
+ if (GNUNET_OK !=
+ load_offline_key (GNUNET_YES))
+ {
+ global_ret = 1;
+ return;
+ }
+ if (NULL != *args)
+ {
+ output_operation (OP_SETUP,
+ json_pack ("{s:o}",
+ "auditor_pub",
+ GNUNET_JSON_from_data_auto (&auditor_pub)));
+ }
+
+ else
+ {
+ char *pub_s;
+
+ pub_s = GNUNET_STRINGS_data_to_string_alloc (&auditor_pub,
+ sizeof (auditor_pub));
+ fprintf (stdout,
+ "%s\n",
+ pub_s);
+ GNUNET_free (pub_s);
+ }
+ if ( (NULL != *args) &&
+ (0 == strcmp (*args,
+ "-")) )
+ args++;
+ next (args);
+}
+
+
static void
work (void *cls)
{
char *const *args = cls;
struct SubCommand cmds[] = {
{
+ .name = "setup",
+ .help =
+ "setup auditor offline private key and show the public key",
+ .cb = &do_setup
+ },
+ {
.name = "download",
.help =
"obtain keys from exchange (to be performed online!)",
diff --git a/src/exchange-tools/taler-exchange-offline.c b/src/exchange-tools/taler-exchange-offline.c
index 18c8a7b1..cf59fcb5 100644
--- a/src/exchange-tools/taler-exchange-offline.c
+++ b/src/exchange-tools/taler-exchange-offline.c
@@ -1,6 +1,6 @@
/*
This file is part of TALER
- Copyright (C) 2020 Taler Systems SA
+ Copyright (C) 2020, 2021 Taler Systems SA
TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU General Public License as published by the Free Software
@@ -86,6 +86,11 @@
*/
#define OP_REVOKE_SIGNKEY "exchange-revoke-signkey-0"
+/**
+ * Show the offline signing key.
+ */
+#define OP_SETUP "exchange-setup"
+
/**
* Our private key, initialized in #load_offline_key().
@@ -738,10 +743,11 @@ struct UploadHandler
/**
* Load the offline key (if not yet done). Triggers shutdown on failure.
*
+ * @param do_create #GNUNET_YES if the key may be created
* @return #GNUNET_OK on success
*/
static int
-load_offline_key (void)
+load_offline_key (int do_create)
{
static bool done;
int ret;
@@ -767,7 +773,7 @@ load_offline_key (void)
"Exchange master private key `%s' does not exist yet, creating it!\n",
fn);
ret = GNUNET_CRYPTO_eddsa_key_from_file (fn,
- GNUNET_YES,
+ do_create,
&master_priv.eddsa_priv);
if (GNUNET_SYSERR == ret)
{
@@ -1828,7 +1834,7 @@ do_revoke_denomination_key (char *const *args)
return;
}
if (GNUNET_OK !=
- load_offline_key ())
+ load_offline_key (GNUNET_NO))
return;
TALER_exchange_offline_denomination_revoke_sign (&h_denom_pub,
&master_priv,
@@ -1877,7 +1883,7 @@ do_revoke_signkey (char *const *args)
return;
}
if (GNUNET_OK !=
- load_offline_key ())
+ load_offline_key (GNUNET_NO))
return;
TALER_exchange_offline_signkey_revoke_sign (&exchange_pub,
&master_priv,
@@ -1941,7 +1947,7 @@ do_add_auditor (char *const *args)
return;
}
if (GNUNET_OK !=
- load_offline_key ())
+ load_offline_key (GNUNET_NO))
return;
now = GNUNET_TIME_absolute_get ();
(void) GNUNET_TIME_round_abs (&now);
@@ -2002,7 +2008,7 @@ do_del_auditor (char *const *args)
return;
}
if (GNUNET_OK !=
- load_offline_key ())
+ load_offline_key (GNUNET_NO))
return;
now = GNUNET_TIME_absolute_get ();
(void) GNUNET_TIME_round_abs (&now);
@@ -2053,7 +2059,7 @@ do_add_wire (char *const *args)
return;
}
if (GNUNET_OK !=
- load_offline_key ())
+ load_offline_key (GNUNET_NO))
return;
now = GNUNET_TIME_absolute_get ();
(void) GNUNET_TIME_round_abs (&now);
@@ -2123,7 +2129,7 @@ do_del_wire (char *const *args)
return;
}
if (GNUNET_OK !=
- load_offline_key ())
+ load_offline_key (GNUNET_NO))
return;
now = GNUNET_TIME_absolute_get ();
(void) GNUNET_TIME_round_abs (&now);
@@ -2197,7 +2203,7 @@ do_set_wire_fee (char *const *args)
args[0]))
year = GNUNET_TIME_get_current_year ();
if (GNUNET_OK !=
- load_offline_key ())
+ load_offline_key (GNUNET_NO))
return;
start_time = GNUNET_TIME_year_to_time (year);
end_time = GNUNET_TIME_year_to_time (year + 1);
@@ -2801,7 +2807,7 @@ do_show (char *const *args)
if (NULL == keys)
return;
if (GNUNET_OK !=
- load_offline_key ())
+ load_offline_key (GNUNET_NO))
return;
if (GNUNET_OK !=
GNUNET_JSON_parse (keys,
@@ -3125,7 +3131,7 @@ do_sign (char *const *args)
if (NULL == keys)
return;
if (GNUNET_OK !=
- load_offline_key ())
+ load_offline_key (GNUNET_NO))
{
json_decref (keys);
return;
@@ -3208,12 +3214,59 @@ do_sign (char *const *args)
}
+/**
+ * Setup and output offline signing key.
+ *
+ * @param args the array of command-line arguments to process next
+ */
+static void
+do_setup (char *const *args)
+{
+ if (GNUNET_OK !=
+ load_offline_key (GNUNET_YES))
+ {
+ global_ret = 1;
+ return;
+ }
+ if (NULL != *args)
+ {
+ output_operation (OP_SETUP,
+ json_pack ("{s:o}",
+ "exchange_offline_pub",
+ GNUNET_JSON_from_data_auto (&master_pub)));
+ }
+
+ else
+ {
+ char *pub_s;
+
+ pub_s = GNUNET_STRINGS_data_to_string_alloc (&master_pub,
+ sizeof (master_pub));
+ fprintf (stdout,
+ "%s\n",
+ pub_s);
+ GNUNET_free (pub_s);
+ }
+ if ( (NULL != *args) &&
+ (0 == strcmp (*args,
+ "-")) )
+ args++;
+ next (args);
+}
+
+
static void
work (void *cls)
{
char *const *args = cls;
struct SubCommand cmds[] = {
{
+ .name = "setup",
+ .help =
+ "initialize offline key signing material and display public offline key",
+ .cb = &do_setup
+ },
+ {
.name = "download",
.help =
"obtain future public keys from exchange (to be performed online!)",