diff options
Diffstat (limited to 'src/exchange-tools/taler-auditor-offline.c')
-rw-r--r-- | src/exchange-tools/taler-auditor-offline.c | 486 |
1 files changed, 251 insertions, 235 deletions
diff --git a/src/exchange-tools/taler-auditor-offline.c b/src/exchange-tools/taler-auditor-offline.c index 45bf271b4..8c280d46b 100644 --- a/src/exchange-tools/taler-auditor-offline.c +++ b/src/exchange-tools/taler-auditor-offline.c @@ -1,6 +1,6 @@ /* This file is part of TALER - Copyright (C) 2020-2021 Taler Systems SA + Copyright (C) 2020-2023 Taler Systems SA TALER is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software @@ -174,7 +174,7 @@ static struct DenominationAddRequest *dar_tail; /** * Handle to the exchange, used to request /keys. */ -static struct TALER_EXCHANGE_Handle *exchange; +static struct TALER_EXCHANGE_GetKeysHandle *exchange; /** @@ -219,7 +219,7 @@ do_shutdown (void *cls) } if (NULL != exchange) { - TALER_EXCHANGE_disconnect (exchange); + TALER_EXCHANGE_get_keys_cancel (exchange); exchange = NULL; } if (NULL != nxt) @@ -388,14 +388,15 @@ load_offline_key (int do_create) * add operation result. * * @param cls closure with a `struct DenominationAddRequest` - * @param hr HTTP response data + * @param adr response data */ static void denomination_add_cb ( void *cls, - const struct TALER_EXCHANGE_HttpResponse *hr) + const struct TALER_EXCHANGE_AuditorAddDenominationResponse *adr) { struct DenominationAddRequest *dar = cls; + const struct TALER_EXCHANGE_HttpResponse *hr = &adr->hr; if (MHD_HTTP_NO_CONTENT != hr->http_status) { @@ -430,7 +431,7 @@ upload_denomination_add (const char *exchange_url, const json_t *value) { struct TALER_AuditorSignatureP auditor_sig; - struct GNUNET_HashCode h_denom_pub; + struct TALER_DenominationHashP h_denom_pub; struct DenominationAddRequest *dar; const char *err_name; unsigned int err_line; @@ -547,6 +548,7 @@ do_upload (char *const *args) { char *exchange_url; + (void) args; if (GNUNET_YES == GNUNET_is_zero (&auditor_pub)) { /* private key not available, try configuration for public key */ @@ -643,28 +645,24 @@ do_upload (char *const *args) * a particular exchange and what keys the exchange is using. * * @param cls closure with the `char **` remaining args - * @param hr HTTP response data - * @param keys information about the various keys used - * by the exchange, NULL if /keys failed - * @param compat protocol compatibility information + * @param kr response data + * @param keys key data from the exchange */ static void keys_cb ( void *cls, - const struct TALER_EXCHANGE_HttpResponse *hr, - const struct TALER_EXCHANGE_Keys *keys, - enum TALER_EXCHANGE_VersionCompatibility compat) + const struct TALER_EXCHANGE_KeysResponse *kr, + struct TALER_EXCHANGE_Keys *keys) { char *const *args = cls; - switch (hr->http_status) + exchange = NULL; + switch (kr->hr.http_status) { case MHD_HTTP_OK: - if (! json_is_object (hr->reply)) + if (NULL == kr->hr.reply) { GNUNET_break (0); - TALER_EXCHANGE_disconnect (exchange); - exchange = NULL; test_shutdown (); global_ret = EXIT_FAILURE; return; @@ -673,11 +671,9 @@ keys_cb ( default: fprintf (stderr, "Failed to download keys: %s (HTTP status: %u/%u)\n", - hr->hint, - hr->http_status, - (unsigned int) hr->ec); - TALER_EXCHANGE_disconnect (exchange); - exchange = NULL; + kr->hr.hint, + kr->hr.http_status, + (unsigned int) kr->hr.ec); test_shutdown (); global_ret = EXIT_FAILURE; return; @@ -686,7 +682,7 @@ keys_cb ( GNUNET_JSON_pack_string ("operation", OP_INPUT_KEYS), GNUNET_JSON_pack_object_incref ("arguments", - (json_t *) hr->reply)); + (json_t *) kr->hr.reply)); if (NULL == args[0]) { json_dumpf (in, @@ -695,9 +691,8 @@ keys_cb ( json_decref (in); in = NULL; } - TALER_EXCHANGE_disconnect (exchange); - exchange = NULL; next (args); + TALER_EXCHANGE_keys_decref (keys); } @@ -724,11 +719,11 @@ do_download (char *const *args) global_ret = EXIT_NOTCONFIGURED; return; } - exchange = TALER_EXCHANGE_connect (ctx, - exchange_url, - &keys_cb, - (void *) args, - TALER_EXCHANGE_OPTION_END); + exchange = TALER_EXCHANGE_get_keys (ctx, + exchange_url, + NULL, + &keys_cb, + (void *) args); GNUNET_free (exchange_url); } @@ -739,58 +734,27 @@ do_download (char *const *args) * @param denomkeys keys to output * @return #GNUNET_OK on success */ -static int +static enum GNUNET_GenericReturnValue show_denomkeys (const json_t *denomkeys) { size_t index; json_t *value; json_array_foreach (denomkeys, index, value) { + struct TALER_DenominationGroup group; + const json_t *denoms; const char *err_name; unsigned int err_line; - struct TALER_DenominationPublicKey denom_pub; - struct GNUNET_TIME_Absolute stamp_start; - struct GNUNET_TIME_Absolute stamp_expire_withdraw; - struct GNUNET_TIME_Absolute stamp_expire_deposit; - struct GNUNET_TIME_Absolute stamp_expire_legal; - struct TALER_Amount coin_value; - struct TALER_Amount fee_withdraw; - struct TALER_Amount fee_deposit; - struct TALER_Amount fee_refresh; - struct TALER_Amount fee_refund; - struct TALER_MasterSignatureP master_sig; struct GNUNET_JSON_Specification spec[] = { - GNUNET_JSON_spec_rsa_public_key ("denom_pub", - &denom_pub.rsa_public_key), - TALER_JSON_spec_amount ("value", - currency, - &coin_value), - TALER_JSON_spec_amount ("fee_withdraw", - currency, - &fee_withdraw), - TALER_JSON_spec_amount ("fee_deposit", - currency, - &fee_deposit), - TALER_JSON_spec_amount ("fee_refresh", - currency, - &fee_refresh), - TALER_JSON_spec_amount ("fee_refund", - currency, - &fee_refund), - GNUNET_JSON_spec_absolute_time ("stamp_start", - &stamp_start), - GNUNET_JSON_spec_absolute_time ("stamp_expire_withdraw", - &stamp_expire_withdraw), - GNUNET_JSON_spec_absolute_time ("stamp_expire_deposit", - &stamp_expire_deposit), - GNUNET_JSON_spec_absolute_time ("stamp_expire_legal", - &stamp_expire_legal), - GNUNET_JSON_spec_fixed_auto ("master_sig", - &master_sig), + TALER_JSON_spec_denomination_group (NULL, + currency, + &group), + GNUNET_JSON_spec_array_const ("denoms", + &denoms), GNUNET_JSON_spec_end () }; - struct GNUNET_TIME_Relative duration; - struct GNUNET_HashCode h_denom_pub; + size_t index2; + json_t *value2; if (GNUNET_OK != GNUNET_JSON_parse (value, @@ -808,72 +772,116 @@ show_denomkeys (const json_t *denomkeys) test_shutdown (); return GNUNET_SYSERR; } - duration = GNUNET_TIME_absolute_get_difference (stamp_start, - stamp_expire_withdraw); - GNUNET_CRYPTO_rsa_public_key_hash (denom_pub.rsa_public_key, - &h_denom_pub); - if (GNUNET_OK != - TALER_exchange_offline_denom_validity_verify ( - &h_denom_pub, - stamp_start, - stamp_expire_withdraw, - stamp_expire_deposit, - stamp_expire_legal, - &coin_value, - &fee_withdraw, - &fee_deposit, - &fee_refresh, - &fee_refund, - &master_pub, - &master_sig)) - { - fprintf (stderr, - "Invalid master signature for key %s (aborting)\n", - TALER_B2S (&h_denom_pub)); - global_ret = EXIT_FAILURE; - test_shutdown (); - return GNUNET_SYSERR; - } + json_array_foreach (denoms, index2, value2) { + struct GNUNET_TIME_Timestamp stamp_start; + struct GNUNET_TIME_Timestamp stamp_expire_withdraw; + struct GNUNET_TIME_Timestamp stamp_expire_deposit; + struct GNUNET_TIME_Timestamp stamp_expire_legal; + struct TALER_DenominationPublicKey denom_pub; + struct TALER_MasterSignatureP master_sig; + struct GNUNET_JSON_Specification ispec[] = { + TALER_JSON_spec_denom_pub_cipher (NULL, + group.cipher, + &denom_pub), + GNUNET_JSON_spec_timestamp ("stamp_start", + &stamp_start), + GNUNET_JSON_spec_timestamp ("stamp_expire_withdraw", + &stamp_expire_withdraw), + GNUNET_JSON_spec_timestamp ("stamp_expire_deposit", + &stamp_expire_deposit), + GNUNET_JSON_spec_timestamp ("stamp_expire_legal", + &stamp_expire_legal), + GNUNET_JSON_spec_fixed_auto ("master_sig", + &master_sig), + GNUNET_JSON_spec_end () + }; + struct GNUNET_TIME_Relative duration; + struct TALER_DenominationHashP h_denom_pub; + + if (GNUNET_OK != + GNUNET_JSON_parse (value2, + ispec, + &err_name, + &err_line)) + { + fprintf (stderr, + "Invalid input for denomination key to 'show': %s#%u at %u/%u (skipping)\n", + err_name, + err_line, + (unsigned int) index, + (unsigned int) index2); + GNUNET_JSON_parse_free (spec); + global_ret = EXIT_FAILURE; + test_shutdown (); + return GNUNET_SYSERR; + } + duration = GNUNET_TIME_absolute_get_difference ( + stamp_start.abs_time, + stamp_expire_withdraw.abs_time); + TALER_denom_pub_hash (&denom_pub, + &h_denom_pub); + if (GNUNET_OK != + TALER_exchange_offline_denom_validity_verify ( + &h_denom_pub, + stamp_start, + stamp_expire_withdraw, + stamp_expire_deposit, + stamp_expire_legal, + &group.value, + &group.fees, + &master_pub, + &master_sig)) + { + fprintf (stderr, + "Invalid master signature for key %s (aborting)\n", + TALER_B2S (&h_denom_pub)); + global_ret = EXIT_FAILURE; + GNUNET_JSON_parse_free (ispec); + GNUNET_JSON_parse_free (spec); + test_shutdown (); + return GNUNET_SYSERR; + } - { - char *withdraw_fee_s; - char *deposit_fee_s; - char *refresh_fee_s; - char *refund_fee_s; - char *deposit_s; - char *legal_s; - - withdraw_fee_s = TALER_amount_to_string (&fee_withdraw); - deposit_fee_s = TALER_amount_to_string (&fee_deposit); - refresh_fee_s = TALER_amount_to_string (&fee_refresh); - refund_fee_s = TALER_amount_to_string (&fee_refund); - deposit_s = GNUNET_strdup ( - GNUNET_STRINGS_absolute_time_to_string (stamp_expire_deposit)); - legal_s = GNUNET_strdup ( - GNUNET_STRINGS_absolute_time_to_string (stamp_expire_legal)); - - printf ( - "DENOMINATION-KEY %s of value %s starting at %s " - "(used for: %s, deposit until: %s legal end: %s) with fees %s/%s/%s/%s\n", - TALER_B2S (&h_denom_pub), - TALER_amount2s (&coin_value), - GNUNET_STRINGS_absolute_time_to_string (stamp_start), - GNUNET_STRINGS_relative_time_to_string (duration, - GNUNET_NO), - deposit_s, - legal_s, - withdraw_fee_s, - deposit_fee_s, - refresh_fee_s, - refund_fee_s); - GNUNET_free (withdraw_fee_s); - GNUNET_free (deposit_fee_s); - GNUNET_free (refresh_fee_s); - GNUNET_free (refund_fee_s); - GNUNET_free (deposit_s); - GNUNET_free (legal_s); + { + char *withdraw_fee_s; + char *deposit_fee_s; + char *refresh_fee_s; + char *refund_fee_s; + char *deposit_s; + char *legal_s; + + withdraw_fee_s = TALER_amount_to_string (&group.fees.withdraw); + deposit_fee_s = TALER_amount_to_string (&group.fees.deposit); + refresh_fee_s = TALER_amount_to_string (&group.fees.refresh); + refund_fee_s = TALER_amount_to_string (&group.fees.refund); + deposit_s = GNUNET_strdup ( + GNUNET_TIME_timestamp2s (stamp_expire_deposit)); + legal_s = GNUNET_strdup ( + GNUNET_TIME_timestamp2s (stamp_expire_legal)); + + printf ( + "DENOMINATION-KEY %s of value %s starting at %s " + "(used for: %s, deposit until: %s legal end: %s) with fees %s/%s/%s/%s\n", + TALER_B2S (&h_denom_pub), + TALER_amount2s (&group.value), + GNUNET_TIME_timestamp2s (stamp_start), + GNUNET_TIME_relative2s (duration, + false), + deposit_s, + legal_s, + withdraw_fee_s, + deposit_fee_s, + refresh_fee_s, + refund_fee_s); + GNUNET_free (withdraw_fee_s); + GNUNET_free (deposit_fee_s); + GNUNET_free (refresh_fee_s); + GNUNET_free (refund_fee_s); + GNUNET_free (deposit_s); + GNUNET_free (legal_s); + } + GNUNET_JSON_parse_free (ispec); } - GNUNET_JSON_parse_free (spec); } return GNUNET_OK; @@ -967,11 +975,11 @@ do_show (char *const *args) json_t *keys; const char *err_name; unsigned int err_line; - json_t *denomkeys; + const json_t *denomkeys; struct TALER_MasterPublicKeyP mpub; struct GNUNET_JSON_Specification spec[] = { - GNUNET_JSON_spec_json ("denoms", - &denomkeys), + GNUNET_JSON_spec_array_const ("denominations", + &denomkeys), GNUNET_JSON_spec_fixed_auto ("master_public_key", &mpub), GNUNET_JSON_spec_end () @@ -1015,11 +1023,9 @@ do_show (char *const *args) { global_ret = EXIT_FAILURE; test_shutdown (); - GNUNET_JSON_parse_free (spec); json_decref (keys); return; } - GNUNET_JSON_parse_free (spec); json_decref (keys); /* do NOT consume input if next argument is '-' */ if ( (NULL != args[0]) && @@ -1039,57 +1045,27 @@ do_show (char *const *args) * @param denomkeys keys to output * @return #GNUNET_OK on success */ -static int +static enum GNUNET_GenericReturnValue sign_denomkeys (const json_t *denomkeys) { - size_t index; + size_t group_idx; json_t *value; - json_array_foreach (denomkeys, index, value) { + json_array_foreach (denomkeys, group_idx, value) { + struct TALER_DenominationGroup group = { 0 }; + const json_t *denom_keys_array; const char *err_name; unsigned int err_line; - struct TALER_DenominationPublicKey denom_pub; - struct GNUNET_TIME_Absolute stamp_start; - struct GNUNET_TIME_Absolute stamp_expire_withdraw; - struct GNUNET_TIME_Absolute stamp_expire_deposit; - struct GNUNET_TIME_Absolute stamp_expire_legal; - struct TALER_Amount coin_value; - struct TALER_Amount fee_withdraw; - struct TALER_Amount fee_deposit; - struct TALER_Amount fee_refresh; - struct TALER_Amount fee_refund; - struct TALER_MasterSignatureP master_sig; struct GNUNET_JSON_Specification spec[] = { - GNUNET_JSON_spec_rsa_public_key ("denom_pub", - &denom_pub.rsa_public_key), - TALER_JSON_spec_amount ("value", - currency, - &coin_value), - TALER_JSON_spec_amount ("fee_withdraw", - currency, - &fee_withdraw), - TALER_JSON_spec_amount ("fee_deposit", - currency, - &fee_deposit), - TALER_JSON_spec_amount ("fee_refresh", - currency, - &fee_refresh), - TALER_JSON_spec_amount ("fee_refund", - currency, - &fee_refund), - GNUNET_JSON_spec_absolute_time ("stamp_start", - &stamp_start), - GNUNET_JSON_spec_absolute_time ("stamp_expire_withdraw", - &stamp_expire_withdraw), - GNUNET_JSON_spec_absolute_time ("stamp_expire_deposit", - &stamp_expire_deposit), - GNUNET_JSON_spec_absolute_time ("stamp_expire_legal", - &stamp_expire_legal), - GNUNET_JSON_spec_fixed_auto ("master_sig", - &master_sig), + TALER_JSON_spec_denomination_group (NULL, + currency, + &group), + GNUNET_JSON_spec_array_const ("denoms", + &denom_keys_array), GNUNET_JSON_spec_end () }; - struct GNUNET_HashCode h_denom_pub; + size_t index; + json_t *denom_key_obj; if (GNUNET_OK != GNUNET_JSON_parse (value, @@ -1101,60 +1077,100 @@ sign_denomkeys (const json_t *denomkeys) "Invalid input for denomination key to 'sign': %s#%u at %u (skipping)\n", err_name, err_line, - (unsigned int) index); + (unsigned int) group_idx); GNUNET_JSON_parse_free (spec); global_ret = EXIT_FAILURE; test_shutdown (); return GNUNET_SYSERR; } - GNUNET_CRYPTO_rsa_public_key_hash (denom_pub.rsa_public_key, - &h_denom_pub); - if (GNUNET_OK != - TALER_exchange_offline_denom_validity_verify ( - &h_denom_pub, - stamp_start, - stamp_expire_withdraw, - stamp_expire_deposit, - stamp_expire_legal, - &coin_value, - &fee_withdraw, - &fee_deposit, - &fee_refresh, - &fee_refund, - &master_pub, - &master_sig)) - { - fprintf (stderr, - "Invalid master signature for key %s (aborting)\n", - TALER_B2S (&h_denom_pub)); - global_ret = EXIT_FAILURE; - test_shutdown (); - return GNUNET_SYSERR; - } + json_array_foreach (denom_keys_array, index, denom_key_obj) { + struct GNUNET_TIME_Timestamp stamp_start; + struct GNUNET_TIME_Timestamp stamp_expire_withdraw; + struct GNUNET_TIME_Timestamp stamp_expire_deposit; + struct GNUNET_TIME_Timestamp stamp_expire_legal; + struct TALER_DenominationPublicKey denom_pub = { + .age_mask = group.age_mask + }; + struct TALER_MasterSignatureP master_sig; + struct GNUNET_JSON_Specification ispec[] = { + TALER_JSON_spec_denom_pub_cipher (NULL, + group.cipher, + &denom_pub), + GNUNET_JSON_spec_timestamp ("stamp_start", + &stamp_start), + GNUNET_JSON_spec_timestamp ("stamp_expire_withdraw", + &stamp_expire_withdraw), + GNUNET_JSON_spec_timestamp ("stamp_expire_deposit", + &stamp_expire_deposit), + GNUNET_JSON_spec_timestamp ("stamp_expire_legal", + &stamp_expire_legal), + GNUNET_JSON_spec_fixed_auto ("master_sig", + &master_sig), + GNUNET_JSON_spec_end () + }; + struct TALER_DenominationHashP h_denom_pub; + + if (GNUNET_OK != + GNUNET_JSON_parse (denom_key_obj, + ispec, + &err_name, + &err_line)) + { + fprintf (stderr, + "Invalid input for denomination key to 'show': %s#%u at %u/%u (skipping)\n", + err_name, + err_line, + (unsigned int) group_idx, + (unsigned int) index); + GNUNET_JSON_parse_free (spec); + global_ret = EXIT_FAILURE; + test_shutdown (); + return GNUNET_SYSERR; + } + TALER_denom_pub_hash (&denom_pub, + &h_denom_pub); + if (GNUNET_OK != + TALER_exchange_offline_denom_validity_verify ( + &h_denom_pub, + stamp_start, + stamp_expire_withdraw, + stamp_expire_deposit, + stamp_expire_legal, + &group.value, + &group.fees, + &master_pub, + &master_sig)) + { + fprintf (stderr, + "Invalid master signature for key %s (aborting)\n", + TALER_B2S (&h_denom_pub)); + global_ret = EXIT_FAILURE; + test_shutdown (); + return GNUNET_SYSERR; + } - { - struct TALER_AuditorSignatureP auditor_sig; - - TALER_auditor_denom_validity_sign (auditor_url, - &h_denom_pub, - &master_pub, - stamp_start, - stamp_expire_withdraw, - stamp_expire_deposit, - stamp_expire_legal, - &coin_value, - &fee_withdraw, - &fee_deposit, - &fee_refresh, - &fee_refund, - &auditor_priv, - &auditor_sig); - output_operation (OP_SIGN_DENOMINATION, - GNUNET_JSON_PACK ( - GNUNET_JSON_pack_data_auto ("h_denom_pub", - &h_denom_pub), - GNUNET_JSON_pack_data_auto ("auditor_sig", - &auditor_sig))); + { + struct TALER_AuditorSignatureP auditor_sig; + + TALER_auditor_denom_validity_sign (auditor_url, + &h_denom_pub, + &master_pub, + stamp_start, + stamp_expire_withdraw, + stamp_expire_deposit, + stamp_expire_legal, + &group.value, + &group.fees, + &auditor_priv, + &auditor_sig); + output_operation (OP_SIGN_DENOMINATION, + GNUNET_JSON_PACK ( + GNUNET_JSON_pack_data_auto ("h_denom_pub", + &h_denom_pub), + GNUNET_JSON_pack_data_auto ("auditor_sig", + &auditor_sig))); + } + GNUNET_JSON_parse_free (ispec); } GNUNET_JSON_parse_free (spec); } @@ -1174,10 +1190,10 @@ do_sign (char *const *args) const char *err_name; unsigned int err_line; struct TALER_MasterPublicKeyP mpub; - json_t *denomkeys; + const json_t *denomkeys; struct GNUNET_JSON_Specification spec[] = { - GNUNET_JSON_spec_json ("denoms", - &denomkeys), + GNUNET_JSON_spec_array_const ("denominations", + &denomkeys), GNUNET_JSON_spec_fixed_auto ("master_public_key", &mpub), GNUNET_JSON_spec_end () @@ -1232,11 +1248,9 @@ do_sign (char *const *args) { global_ret = EXIT_FAILURE; test_shutdown (); - GNUNET_JSON_parse_free (spec); json_decref (keys); return; } - GNUNET_JSON_parse_free (spec); json_decref (keys); next (args); } @@ -1375,6 +1389,8 @@ run (void *cls, const char *cfgfile, const struct GNUNET_CONFIGURATION_Handle *cfg) { + (void) cls; + (void) cfgfile; kcfg = cfg; if (GNUNET_OK != TALER_config_get_currency (kcfg, |