generate-revoke-basedb.sh (9070B)
1 #!/bin/bash 2 # Script to test revocation. 3 # 4 # Requires the wallet CLI to be installed and in the path. Furthermore, the 5 # user running this script must be Postgres superuser and be allowed to 6 # create/drop databases. 7 # 8 set -eu 9 # set -x 10 11 . setup.sh 12 13 echo -n "Testing for curl ..." 14 curl --help >/dev/null </dev/null || exit_skip " MISSING" 15 echo " FOUND" 16 17 # reset database 18 echo -n "Reset 'auditor-basedb' database ..." 19 dropdb "auditor-basedb" >/dev/null 2>/dev/null || true 20 createdb "auditor-basedb" || exit_skip "Could not create database '$BASEDB'" 21 echo " DONE" 22 23 # Launch exchange, merchant and bank. 24 setup -c generate-auditor-basedb.conf \ 25 -abemw \ 26 -d "iban" 27 CONF="generate-auditor-basedb.conf.edited" 28 29 # obtain key configuration data 30 EXCHANGE_URL=$(taler-exchange-config -c "$CONF" -s EXCHANGE -o BASE_URL) 31 MERCHANT_PORT=$(taler-merchant-config -c "$CONF" -s MERCHANT -o PORT) 32 MERCHANT_URL="http://localhost:${MERCHANT_PORT}/" 33 BANK_PORT=$(taler-exchange-config -c "$CONF" -s BANK -o HTTP_PORT) 34 BANK_URL="http://localhost:${BANK_PORT}/" 35 36 37 # Setup merchant 38 echo -n "Setting up merchant ..." 39 curl -H "Content-Type: application/json" -X POST -d '{"auth": {"method": "external"}, "accounts":[{"payto_uri":"payto://iban/SANDBOXX/DE474361?receiver-name=Merchant43"}],"id":"admin","name":"admin","address":{},"jurisdiction":{},"default_max_wire_fee":"TESTKUDOS:1", "default_max_deposit_fee":"TESTKUDOS:1","default_wire_fee_amortization":1,"default_wire_transfer_delay":{"d_us" : 3600000000},"default_pay_delay":{"d_us": 3600000000},"use_stefan":true}' "${MERCHANT_URL}management/instances" 40 echo " DONE" 41 42 43 # run wallet CLI 44 echo "Running wallet" 45 46 export WALLET_DB="wallet.wdb" 47 rm -f "$WALLET_DB" 48 49 wlog="taler-wallet-cli-withdraw.log" 50 taler-wallet-cli \ 51 --no-throttle \ 52 --wallet-db="$WALLET_DB" \ 53 api \ 54 --expect-success 'withdrawTestBalance' \ 55 "$(jq -n ' 56 { 57 amount: "TESTKUDOS:8", 58 corebankApiBaseUrl: $BANK_URL, 59 exchangeBaseUrl: $EXCHANGE_URL, 60 }' \ 61 --arg BANK_URL "$BANK_URL" \ 62 --arg EXCHANGE_URL "$EXCHANGE_URL" 63 )" &> $wlog || { 64 echo " FAILED(withdraw)! Last entries in $wlog:" 65 tail $wlog 66 exit 2 67 } 68 69 taler-wallet-cli \ 70 --no-throttle \ 71 --wallet-db="$WALLET_DB" \ 72 run-until-done \ 73 &> taler-wallet-cli-withdraw-finish.log 74 75 export COINS=$(taler-wallet-cli --wallet-db="$WALLET_DB" advanced dump-coins) 76 77 echo -n "COINS are:" 78 echo "$COINS" 79 80 export COINS 81 # Find coin we want to revoke 82 export rc=$(echo "$COINS" | jq -r '[.coins[] | select((.denomValue == "TESTKUDOS:2"))][0] | .coinPub') 83 # Find the denom 84 export rd=$(echo "$COINS" | jq -r '[.coins[] | select((.denomValue == "TESTKUDOS:2"))][0] | .denomPubHash') 85 echo -n "Revoking denomination ${rd} (to affect coin ${rc}) ..." 86 # Find all other coins, which will be suspended 87 export susp=$(echo "$COINS" | jq --arg rc "$rc" '[.coins[] | select(.coinPub != $rc) | .coinPub]') 88 89 # Do the revocation 90 taler-exchange-offline \ 91 -c "$CONF" \ 92 revoke-denomination "${rd}" \ 93 upload \ 94 &> taler-exchange-offline-revoke.log 95 echo "DONE" 96 97 echo -n "Signing replacement keys ..." 98 sleep 1 # Give exchange time to create replacmenent key 99 100 # Re-sign replacement keys 101 taler-auditor-offline \ 102 -c "$CONF" \ 103 download \ 104 sign \ 105 upload \ 106 &> taler-auditor-offline-reinit.log 107 echo " DONE" 108 109 # Now we suspend the other coins, so later we will pay with the recouped coin 110 taler-wallet-cli \ 111 --wallet-db="$WALLET_DB" \ 112 advanced \ 113 suspend-coins "$susp" 114 115 # Update exchange /keys so recoup gets scheduled 116 taler-wallet-cli \ 117 --wallet-db="$WALLET_DB" \ 118 exchanges \ 119 update \ 120 -f "$EXCHANGE_URL" 121 122 # Block until scheduled operations are done 123 taler-wallet-cli \ 124 --wallet-db="$WALLET_DB"\ 125 run-until-done 126 127 # Now we buy something, only the coins resulting from recoup will be 128 # used, as other ones are suspended 129 taler-wallet-cli \ 130 --no-throttle \ 131 --wallet-db="$WALLET_DB" \ 132 api \ 133 'testPay' \ 134 "$(jq -n ' 135 { 136 amount: "TESTKUDOS:1", 137 merchantBaseUrl: $MERCHANT_URL, 138 summary: "foo", 139 }' \ 140 --arg MERCHANT_URL "$MERCHANT_URL" 141 )" 142 143 taler-wallet-cli \ 144 --wallet-db="$WALLET_DB" \ 145 run-until-done 146 147 echo "Purchase with recoup'ed coin (via reserve) done" 148 149 # Find coin we want to refresh, then revoke 150 export rrc=$(echo "$coins" | jq -r '[.coins[] | select((.denomValue == "TESTKUDOS:5"))][0] | .coinPub') 151 # Find the denom 152 export zombie_denom=$(echo "$coins" | jq -r '[.coins[] | select((.denomValue == "TESTKUDOS:5"))][0] | .denomPubHash') 153 154 echo "Will refresh coin ${rrc} of denomination ${zombie_denom}" 155 # Find all other coins, which will be suspended 156 export susp=$(echo "$coins" | jq --arg rrc "$rrc" '[.coins[] | select(.coinPub != $rrc) | .coinPub]') 157 158 # Travel into the future! (must match DURATION_WITHDRAW option) 159 export TIMETRAVEL="--timetravel=604800000000" 160 161 echo "Launching exchange 1 week in the future" 162 kill -TERM "$EXCHANGE_PID" 163 kill -TERM "$RSA_DENOM_HELPER_PID" 164 kill -TERM "$CS_DENOM_HELPER_PID" 165 kill -TERM "$SIGNKEY_HELPER_PID" 166 taler-exchange-secmod-eddsa $TIMETRAVEL -c "$CONF" 2> "${MY_TMP_DIR}/taler-exchange-secmod-eddsa.log" & 167 SIGNKEY_HELPER_PID=$! 168 taler-exchange-secmod-rsa $TIMETRAVEL -c "$CONF" 2> "${MY_TMP_DIR}/taler-exchange-secmod-rsa.log" & 169 RSA_DENOM_HELPER_PID=$! 170 taler-exchange-secmod-cs $TIMETRAVEL -c "$CONF" 2> "${MY_TMP_DIR}/taler-exchange-secmod-cs.log" & 171 CS_DENOM_HELPER_PID=$! 172 taler-exchange-httpd $TIMETRAVEL -c "$CONF" 2> "${MY_TMP_DIR}/taler-exchange-httpd.log" & 173 export EXCHANGE_PID=$! 174 175 # Wait for exchange to be available 176 for n in `seq 1 50` 177 do 178 echo -n "." 179 sleep 0.1 180 OK=0 181 # exchange 182 wget http://localhost:8081/ -o /dev/null -O /dev/null >/dev/null || continue 183 OK=1 184 break 185 done 186 187 echo "Refreshing coin $rrc" 188 taler-wallet-cli \ 189 "$TIMETRAVEL" \ 190 --wallet-db="$WALLET_DB" \ 191 advanced force-refresh \ 192 "$rrc" 193 taler-wallet-cli \ 194 "$TIMETRAVEL" \ 195 --wallet-db="$WALLET_DB" \ 196 run-until-done 197 198 # Update our list of the coins 199 export coins=$(taler-wallet-cli "$TIMETRAVEL" --wallet-db="$WALLET_DB" advanced dump-coins) 200 201 # Find resulting refreshed coin 202 export freshc=$(echo "$coins" | jq -r --arg rrc "$rrc" \ 203 '[.coins[] | select((.refreshParentCoinPub == $rrc) and .denomValue == "TESTKUDOS:0.1")][0] | .coinPub' 204 ) 205 206 # Find the denom of freshc 207 export fresh_denom=$(echo "$coins" | jq -r --arg rrc "$rrc" \ 208 '[.coins[] | select((.refreshParentCoinPub == $rrc) and .denomValue == "TESTKUDOS:0.1")][0] | .denomPubHash' 209 ) 210 211 echo "Coin ${freshc} of denomination ${fresh_denom} is the result of the refresh" 212 213 # Find all other coins, which will be suspended 214 export susp=$(echo "$coins" | jq --arg freshc "$freshc" '[.coins[] | select(.coinPub != $freshc) | .coinPub]') 215 216 217 # Do the revocation of freshc 218 echo "Revoking ${fresh_denom} (to affect coin ${freshc})" 219 taler-exchange-offline \ 220 -c "$CONF" \ 221 revoke-denomination \ 222 "${fresh_denom}" \ 223 upload &> taler-exchange-offline-revoke-2.log 224 225 sleep 1 # Give exchange time to create replacmenent key 226 227 # Re-sign replacement keys 228 taler-auditor-offline \ 229 -c "$CONF" \ 230 download \ 231 sign \ 232 upload &> taler-auditor-offline.log 233 234 # Now we suspend the other coins, so later we will pay with the recouped coin 235 taler-wallet-cli \ 236 "$TIMETRAVEL" \ 237 --wallet-db="$WALLET_DB" \ 238 advanced \ 239 suspend-coins "$susp" 240 241 # Update exchange /keys so recoup gets scheduled 242 taler-wallet-cli \ 243 "$TIMETRAVEL"\ 244 --wallet-db="$WALLET_DB" \ 245 exchanges update \ 246 -f "$EXCHANGE_URL" 247 248 # Block until scheduled operations are done 249 taler-wallet-cli \ 250 "$TIMETRAVEL" \ 251 --wallet-db="$WALLET_DB" \ 252 run-until-done 253 254 echo "Restarting merchant (so new keys are known)" 255 kill -TERM $MERCHANT_PID 256 taler-merchant-httpd \ 257 -c "$CONF" \ 258 -L INFO \ 259 2> ${MY_TMP_DIR}/taler-merchant-httpd.log & 260 MERCHANT_PID=$! 261 262 # Wait for merchant to be again available 263 for n in `seq 1 50` 264 do 265 echo -n "." 266 sleep 0.1 267 OK=0 268 # merchant 269 wget http://localhost:9966/ -o /dev/null -O /dev/null >/dev/null || continue 270 OK=1 271 break 272 done 273 274 # Now we buy something, only the coins resulting from recoup+refresh will be 275 # used, as other ones are suspended 276 taler-wallet-cli $TIMETRAVEL --no-throttle --wallet-db=$WALLET_DB api 'testPay' \ 277 "$(jq -n ' 278 { 279 amount: "TESTKUDOS:0.02", 280 merchantBaseUrl: $MERCHANT_URL, 281 summary: "bar", 282 }' \ 283 --arg MERCHANT_URL $MERCHANT_URL 284 )" 285 taler-wallet-cli \ 286 "$TIMETRAVEL" \ 287 --wallet-db="$WALLET_DB" \ 288 run-until-done 289 290 echo "Bought something with refresh-recouped coin" 291 292 echo "Shutting down services" 293 exit_cleanup 294 295 296 # Where do we write the result? 297 export BASEDB=${1:-"revoke-basedb"} 298 299 300 # Dump database 301 echo "Dumping database ${BASEDB}.sql" 302 pg_dump -O "auditor-basedb" | sed -e '/AS integer/d' > "${BASEDB}.sql" 303 304 # clean up 305 echo -n "Final clean up ..." 306 kill -TERM "$SETUP_PID" 307 wait 308 unset SETUP_PID 309 dropdb "auditor-basedb" 310 echo " DONE" 311 312 echo "=====================================" 313 echo "Finished generation of ${BASEDB}.sql" 314 echo "=====================================" 315 316 exit 0