diff options
Diffstat (limited to 'src/mint/taler-mint-httpd_keystate.h')
-rw-r--r-- | src/mint/taler-mint-httpd_keystate.h | 129 |
1 files changed, 129 insertions, 0 deletions
diff --git a/src/mint/taler-mint-httpd_keystate.h b/src/mint/taler-mint-httpd_keystate.h new file mode 100644 index 000000000..6f83b0861 --- /dev/null +++ b/src/mint/taler-mint-httpd_keystate.h | |||
@@ -0,0 +1,129 @@ | |||
1 | /* | ||
2 | This file is part of TALER | ||
3 | (C) 2014 GNUnet e.V. | ||
4 | |||
5 | TALER is free software; you can redistribute it and/or modify it under the | ||
6 | terms of the GNU Affero General Public License as published by the Free Software | ||
7 | Foundation; either version 3, or (at your option) any later version. | ||
8 | |||
9 | TALER is distributed in the hope that it will be useful, but WITHOUT ANY | ||
10 | WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR | ||
11 | A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. | ||
12 | |||
13 | You should have received a copy of the GNU Affero General Public License along with | ||
14 | TALER; see the file COPYING. If not, If not, see <http://www.gnu.org/licenses/> | ||
15 | */ | ||
16 | /** | ||
17 | * @file taler-mint-httpd_keystate.h | ||
18 | * @brief management of our private signing keys (denomination keys) | ||
19 | * @author Florian Dold | ||
20 | * @author Benedikt Mueller | ||
21 | * @author Christian Grothoff | ||
22 | */ | ||
23 | #ifndef TALER_MINT_HTTPD_KEYSTATE_H | ||
24 | #define TALER_MINT_HTTPD_KEYSTATE_H | ||
25 | |||
26 | |||
27 | #include <gnunet/gnunet_util_lib.h> | ||
28 | #include <microhttpd.h> | ||
29 | #include <jansson.h> | ||
30 | #include "taler-mint-httpd.h" | ||
31 | #include "mint.h" | ||
32 | #include "key_io.h" | ||
33 | |||
34 | |||
35 | /** | ||
36 | * Snapshot of the (coin and signing) | ||
37 | * keys (including private keys) of the mint. | ||
38 | */ | ||
39 | struct MintKeyState | ||
40 | { | ||
41 | /** | ||
42 | * When did we initiate the key reloading? | ||
43 | */ | ||
44 | struct GNUNET_TIME_Absolute reload_time; | ||
45 | |||
46 | /** | ||
47 | * JSON array with denomination keys. | ||
48 | */ | ||
49 | json_t *denom_keys_array; | ||
50 | |||
51 | /** | ||
52 | * JSON array with signing keys. | ||
53 | */ | ||
54 | json_t *sign_keys_array; | ||
55 | |||
56 | /** | ||
57 | * Mapping from denomination keys to denomination key issue struct. | ||
58 | */ | ||
59 | struct GNUNET_CONTAINER_MultiHashMap *denomkey_map; | ||
60 | |||
61 | /** | ||
62 | * When is the next key invalid and we have to reload? | ||
63 | */ | ||
64 | struct GNUNET_TIME_Absolute next_reload; | ||
65 | |||
66 | /** | ||
67 | * Mint signing key that should be used currently. | ||
68 | */ | ||
69 | struct TALER_MINT_SignKeyIssuePriv current_sign_key_issue; | ||
70 | |||
71 | /** | ||
72 | * Cached JSON text that the mint will send for | ||
73 | * a /keys request. | ||
74 | */ | ||
75 | char *keys_json; | ||
76 | |||
77 | /** | ||
78 | * Reference count. | ||
79 | */ | ||
80 | unsigned int refcnt; | ||
81 | }; | ||
82 | |||
83 | |||
84 | /** | ||
85 | * Acquire the key state of the mint. Updates keys if necessary. | ||
86 | * For every call to #TALER_MINT_key_state_acquire(), a matching call | ||
87 | * to #TALER_MINT_key_state_release() must be made. | ||
88 | * | ||
89 | * @return the key state | ||
90 | */ | ||
91 | struct MintKeyState * | ||
92 | TALER_MINT_key_state_acquire (void); | ||
93 | |||
94 | |||
95 | /** | ||
96 | * Release key state, free if necessary (if reference count gets to zero). | ||
97 | * | ||
98 | * @param key_state the key state to release | ||
99 | */ | ||
100 | void | ||
101 | TALER_MINT_key_state_release (struct MintKeyState *key_state); | ||
102 | |||
103 | |||
104 | /** | ||
105 | * Look up the issue for a denom public key. | ||
106 | * | ||
107 | * @param key state to look in | ||
108 | * @param denom_pub denomination public key | ||
109 | * @return the denomination key issue, | ||
110 | * or NULL if denom_pub could not be found | ||
111 | */ | ||
112 | struct TALER_MINT_DenomKeyIssuePriv * | ||
113 | TALER_MINT_get_denom_key (const struct MintKeyState *key_state, | ||
114 | const struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub); | ||
115 | |||
116 | |||
117 | /** | ||
118 | * Read signals from a pipe in a loop, and reload keys from disk if | ||
119 | * SIGUSR1 is read from the pipe. | ||
120 | * | ||
121 | * @return #GNUNET_OK if we terminated normally, #GNUNET_SYSERR on error | ||
122 | */ | ||
123 | int | ||
124 | TALER_MINT_key_reload_loop (void); | ||
125 | |||
126 | |||
127 | |||
128 | |||
129 | #endif | ||