exchange

Base system with REST service to issue digital coins, run by the payment service provider
Log | Files | Refs | Submodules | README | LICENSE

taler-exchange-secmod-eddsa.c (2914B)

      1 /*
      2   This file is part of TALER
      3   Copyright (C) 2014-2024 Taler Systems SA
      4 
      5   TALER is free software; you can redistribute it and/or modify it under the
      6   terms of the GNU General Public License as published by the Free Software
      7   Foundation; either version 3, or (at your option) any later version.
      8 
      9   TALER is distributed in the hope that it will be useful, but WITHOUT ANY
     10   WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
     11   A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
     12 
     13   You should have received a copy of the GNU General Public License along with
     14   TALER; see the file COPYING.  If not, see <http://www.gnu.org/licenses/>
     15 */
     16 /**
     17  * @file util/taler-exchange-secmod-eddsa.c
     18  * @brief Standalone process to perform private key EDDSA operations
     19  * @author Christian Grothoff
     20  *
     21  * Key design points:
     22  * - EVERY thread of the exchange will have its own pair of connections to the
     23  *   crypto helpers.  This way, every threat will also have its own /keys state
     24  *   and avoid the need to synchronize on those.
     25  * - auditor signatures and master signatures are to be kept in the exchange DB,
     26  *   and merged with the public keys of the helper by the exchange HTTPD!
     27  * - the main loop of the helper is SINGLE-THREADED, but there are
     28  *   threads for crypto-workers which (only) do the signing in parallel,
     29  *   one per client.
     30  * - thread-safety: signing happens in parallel, thus when REMOVING private keys,
     31  *   we must ensure that all signers are done before we fully free() the
     32  *   private key. This is done by reference counting (as work is always
     33  *   assigned and collected by the main thread).
     34  */
     35 #include "taler/platform.h"
     36 #include "taler/taler_util.h"
     37 
     38 
     39 /**
     40  * The entry point.
     41  *
     42  * @param argc number of arguments in @a argv
     43  * @param argv command-line arguments
     44  * @return 0 on normal termination
     45  */
     46 int
     47 main (int argc,
     48       char **argv)
     49 {
     50   struct TALER_SECMOD_Options opts = {
     51     .max_workers = 16,
     52     .section = "taler-exchange"
     53   };
     54   struct GNUNET_GETOPT_CommandLineOption options[] = {
     55     TALER_SECMOD_OPTIONS (&opts),
     56     GNUNET_GETOPT_OPTION_END
     57   };
     58   enum GNUNET_GenericReturnValue ret;
     59 
     60   /* Restrict permissions for the key files that we create. */
     61   (void) umask (S_IWGRP | S_IROTH | S_IWOTH | S_IXOTH);
     62   opts.global_now_tmp
     63     = opts.global_now = GNUNET_TIME_timestamp_get ();
     64   ret = GNUNET_PROGRAM_run (TALER_EXCHANGE_project_data (),
     65                             argc,
     66                             argv,
     67                             "taler-exchange-secmod-eddsa",
     68                             "Handle private EDDSA key operations for a Taler exchange",
     69                             options,
     70                             &TALER_SECMOD_eddsa_run,
     71                             &opts);
     72   if (GNUNET_NO == ret)
     73     return EXIT_SUCCESS;
     74   if (GNUNET_SYSERR == ret)
     75     return EXIT_INVALIDARGUMENT;
     76   return opts.global_ret;
     77 }