summaryrefslogtreecommitdiff
path: root/src/exchange-tools/taler-exchange-wire.c
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2020-03-07 12:58:40 +0100
committerChristian Grothoff <christian@grothoff.org>2020-03-07 12:58:40 +0100
commit962990c7ceb405639f6e5284234abef473bc07b3 (patch)
tree697543d44693815c45e06ba8ac718493c099cebf /src/exchange-tools/taler-exchange-wire.c
parent20a7d8fc081c71d83d77b39c681dbfd9337aa97a (diff)
downloadexchange-962990c7ceb405639f6e5284234abef473bc07b3.tar.gz
exchange-962990c7ceb405639f6e5284234abef473bc07b3.tar.bz2
exchange-962990c7ceb405639f6e5284234abef473bc07b3.zip
share master private key verification logic between taler-exchange-wire and taler-exchange-keyup
Diffstat (limited to 'src/exchange-tools/taler-exchange-wire.c')
-rw-r--r--src/exchange-tools/taler-exchange-wire.c130
1 files changed, 41 insertions, 89 deletions
diff --git a/src/exchange-tools/taler-exchange-wire.c b/src/exchange-tools/taler-exchange-wire.c
index d69f61ed2..2f6b4ad73 100644
--- a/src/exchange-tools/taler-exchange-wire.c
+++ b/src/exchange-tools/taler-exchange-wire.c
@@ -44,6 +44,9 @@ static struct TALER_MasterPrivateKeyP master_priv;
static int global_ret;
+#include "key-helper.c"
+
+
/**
* Function called with information about a wire account. Signs
* the account's wire details and writes out the JSON file to disk.
@@ -55,7 +58,6 @@ static void
sign_account_data (void *cls,
const struct TALER_EXCHANGEDB_AccountInfo *ai)
{
- json_t *wire;
char *json_out;
FILE *out;
int ret;
@@ -72,20 +74,24 @@ sign_account_data (void *cls,
return;
}
- wire = TALER_JSON_exchange_wire_signature_make (ai->payto_uri,
- &master_priv);
- if (NULL == wire)
{
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- "Could not sign wire account `%s'. Is the URI well-formed?\n",
- ai->payto_uri);
- global_ret = 1;
- return;
+ json_t *wire;
+
+ wire = TALER_JSON_exchange_wire_signature_make (ai->payto_uri,
+ &master_priv);
+ if (NULL == wire)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Could not sign wire account `%s'. Is the URI well-formed?\n",
+ ai->payto_uri);
+ global_ret = 1;
+ return;
+ }
+ GNUNET_assert (NULL != wire);
+ json_out = json_dumps (wire,
+ JSON_INDENT (2));
+ json_decref (wire);
}
- GNUNET_assert (NULL != wire);
- json_out = json_dumps (wire,
- JSON_INDENT (2));
- json_decref (wire);
GNUNET_assert (NULL != json_out);
if (GNUNET_OK !=
GNUNET_DISK_directory_create_for_file (ai->wire_response_filename))
@@ -99,11 +105,11 @@ sign_account_data (void *cls,
}
out = fopen (ai->wire_response_filename,
- "w+");
+ "w+"); /* create, if exists, truncate */
if (NULL == out)
{
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
- "fopen",
+ "fopen(w+)",
ai->wire_response_filename);
global_ret = 1;
free (json_out);
@@ -112,16 +118,25 @@ sign_account_data (void *cls,
ret = fprintf (out,
"%s",
json_out);
- if ( (0 == fclose (out)) &&
- (-1 != ret) )
- fprintf (stdout,
- "Created wire account file `%s'\n",
- ai->wire_response_filename);
- else
+ if ( (0 != fclose (out)) ||
+ (-1 == ret) )
+ {
fprintf (stderr,
"Failure creating wire account file `%s': %s\n",
ai->wire_response_filename,
strerror (errno));
+ /* attempt to remove malformed file */
+ if (0 != unlink (ai->wire_response_filename))
+ GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
+ "unlink",
+ ai->wire_response_filename);
+ }
+ else
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ "Created wire account file `%s'\n",
+ ai->wire_response_filename);
+ }
free (json_out);
}
@@ -140,86 +155,23 @@ run (void *cls,
const char *cfgfile,
const struct GNUNET_CONFIGURATION_Handle *cfg)
{
- struct GNUNET_CRYPTO_EddsaPrivateKey *eddsa_priv;
- char *masters;
- struct GNUNET_CRYPTO_EddsaPublicKey mpub;
- struct GNUNET_CRYPTO_EddsaPublicKey mpub_cfg;
-
(void) cls;
(void) args;
(void) cfgfile;
- if ( (NULL == masterkeyfile) &&
- (GNUNET_OK !=
- GNUNET_CONFIGURATION_get_value_filename (cfg,
- "exchange",
- "MASTER_PRIV_FILE",
- &masterkeyfile)) )
- {
- fprintf (stderr,
- "Master key file not given in neither configuration nor command-line\n");
- global_ret = 1;
- return;
- }
- if (GNUNET_YES !=
- GNUNET_DISK_file_test (masterkeyfile))
- GNUNET_log (GNUNET_ERROR_TYPE_INFO,
- "Exchange master private key `%s' does not exist yet, creating it!\n",
- masterkeyfile);
- eddsa_priv = GNUNET_CRYPTO_eddsa_key_create_from_file (masterkeyfile);
- if (NULL == eddsa_priv)
- {
- fprintf (stderr,
- "Failed to initialize master key from file `%s'\n",
- masterkeyfile);
- global_ret = 1;
- return;
- }
- master_priv.eddsa_priv = *eddsa_priv;
- if (GNUNET_OK !=
- GNUNET_CONFIGURATION_get_value_string (cfg,
- "exchange",
- "MASTER_PUBLIC_KEY",
- &masters))
- {
- fprintf (stderr,
- "Master public key option missing in configuration\n");
- global_ret = 1;
- return;
- }
- GNUNET_CRYPTO_eddsa_key_get_public (eddsa_priv,
- &mpub);
+
if (GNUNET_OK !=
- GNUNET_STRINGS_string_to_data (masters,
- strlen (masters),
- &mpub_cfg,
- sizeof (mpub_cfg)))
+ get_and_check_master_key (cfg,
+ masterkeyfile,
+ &master_priv))
{
- fprintf (stderr,
- "Master public key `%s' in configuration is not a valid key\n",
- masters);
- GNUNET_free (masters);
- global_ret = 1;
- return;
- }
- if (0 != GNUNET_memcmp (&mpub,
- &mpub_cfg))
- {
- fprintf (stderr,
- "Master public key `%s' in configuration does not match our master private key from `%s'!\n",
- masters,
- masterkeyfile);
- GNUNET_free (masters);
global_ret = 1;
return;
}
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
- "Signing /wire response with private key matching public key `%s'\n",
- masters);
- GNUNET_free (masters);
+ "Signing /wire responses\n");
TALER_EXCHANGEDB_find_accounts (cfg,
&sign_account_data,
NULL);
- GNUNET_free (eddsa_priv);
}