aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2015-09-16 19:18:48 +0200
committerChristian Grothoff <christian@grothoff.org>2015-09-16 19:18:48 +0200
commita8755be2b768c5896479c75f0fff5ebfe31dd34a (patch)
tree4bc42497675cbba3ce1c96216cb872df30385615
parent2fa65141a67559090e348289a8e957487c1243db (diff)
implement auditor signing tool
-rw-r--r--src/include/taler_crypto_lib.h12
-rw-r--r--src/mint-tools/taler-auditor-sign.c125
2 files changed, 134 insertions, 3 deletions
diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h
index 0f25ea3c4..a3c21b386 100644
--- a/src/include/taler_crypto_lib.h
+++ b/src/include/taler_crypto_lib.h
@@ -190,6 +190,18 @@ struct TALER_AuditorPublicKeyP
/**
+ * @brief Type of the public key used by the auditor.
+ */
+struct TALER_AuditorSignatureP
+{
+ /**
+ * Taler uses EdDSA signatures for auditors.
+ */
+ struct GNUNET_CRYPTO_EddsaSignature eddsa_sig;
+};
+
+
+/**
* @brief Type of the offline master public keys used by the mint.
*/
struct TALER_MasterPrivateKeyP
diff --git a/src/mint-tools/taler-auditor-sign.c b/src/mint-tools/taler-auditor-sign.c
index d8cc20546..47ada94ed 100644
--- a/src/mint-tools/taler-auditor-sign.c
+++ b/src/mint-tools/taler-auditor-sign.c
@@ -24,6 +24,11 @@
/**
+ * Are we running in verbose mode?
+ */
+static int verbose;
+
+/**
* Filename of the auditor's private key.
*/
static char *auditor_key_file;
@@ -55,6 +60,62 @@ static struct GNUNET_CONFIGURATION_Handle *kcfg;
static struct TALER_MasterPublicKeyP master_public_key;
+/**
+ * Print denomination key details for diagnostics.
+ *
+ * @param dk denomination key to print
+ */
+static void
+print_dk (const struct TALER_DenominationKeyValidityPS *dk)
+{
+ struct TALER_Amount a;
+ char *s;
+
+ fprintf (stdout,
+ "Denomination key hash: %s\n",
+ GNUNET_h2s_full (&dk->denom_hash));
+ TALER_amount_ntoh (&a,
+ &dk->value);
+ fprintf (stdout,
+ "Value: %s\n",
+ s = TALER_amount_to_string (&a));
+ GNUNET_free (s);
+ TALER_amount_ntoh (&a,
+ &dk->fee_withdraw);
+ fprintf (stdout,
+ "Withdraw fee: %s\n",
+ s = TALER_amount_to_string (&a));
+ GNUNET_free (s);
+ TALER_amount_ntoh (&a,
+ &dk->fee_deposit);
+ fprintf (stdout,
+ "Deposit fee: %s\n",
+ s = TALER_amount_to_string (&a));
+ GNUNET_free (s);
+ TALER_amount_ntoh (&a,
+ &dk->fee_refresh);
+ fprintf (stdout,
+ "Refresh fee: %s\n",
+ s = TALER_amount_to_string (&a));
+ GNUNET_free (s);
+
+ fprintf (stdout,
+ "Validity start time: %s\n",
+ GNUNET_TIME_absolute_to_string (GNUNET_TIME_absolute_ntoh (dk->start)));
+ fprintf (stdout,
+ "Withdraw end time: %s\n",
+ GNUNET_TIME_absolute_to_string (GNUNET_TIME_absolute_ntoh (dk->expire_withdraw)));
+ fprintf (stdout,
+ "Deposit end time: %s\n",
+ GNUNET_TIME_absolute_to_string (GNUNET_TIME_absolute_ntoh (dk->expire_spend)));
+ fprintf (stdout,
+ "Legal dispute end time: %s\n",
+ GNUNET_TIME_absolute_to_string (GNUNET_TIME_absolute_ntoh (dk->expire_legal)));
+
+ fprintf (stdout,
+ "\n");
+}
+
/**
* The main function of the taler-auditor-sign tool. This tool is used
@@ -85,12 +146,17 @@ main (int argc,
"where to write our signature", 1,
&GNUNET_GETOPT_set_string, &output_file},
GNUNET_GETOPT_OPTION_VERSION (VERSION "-" VCS_VERSION),
+ GNUNET_GETOPT_OPTION_VERBOSE (&verbose),
GNUNET_GETOPT_OPTION_END
};
struct GNUNET_CRYPTO_EddsaPrivateKey *eddsa_priv;
+ struct TALER_AuditorSignatureP sig;
struct GNUNET_DISK_FileHandle *fh;
struct GNUNET_DISK_FileHandle *fout;
+ struct TALER_DenominationKeyValidityPS *dks;
+ struct TALER_MintKeyValidityPS *ap;
off_t in_size;
+ unsigned int i;
GNUNET_assert (GNUNET_OK ==
GNUNET_log_setup ("taler-mint-keyup",
@@ -159,11 +225,46 @@ main (int argc,
GNUNET_DISK_file_close (fh);
return 1;
}
+ if (0 != (in_size % sizeof (struct TALER_DenominationKeyValidityPS)))
+ {
+ fprintf (stderr,
+ "Input file size of file `%s' is invalid\n",
+ mint_request_file);
+ GNUNET_DISK_file_close (fh);
+ return 1;
+ }
+ ap = GNUNET_malloc (sizeof (struct TALER_MintKeyValidityPS) +
+ in_size);
+ ap.purpose.purpose = htonl (TALER_SIGNATURE_AUDITOR_MINT_KEYS);
+ ap.purpose.size = htonl (sizeof (struct TALER_MintKeyValidityPS) +
+ in_size);
+ ap.master = master_public_key;
+ dks = (struct TALER_DenominationKeyValidityPS *) &ap[1];
+ if (in_size !=
+ GNUNET_DISK_file_read (fh,
+ dks,
+ in_size))
+ {
+ fprintf (stderr,
+ "Failed to read input file `%s': %s\n",
+ mint_request_file,
+ STRERROR (errno));
+ GNUNET_DISK_file_close (fh);
+ GNUNET_free (ap);
+ return 1;
+ }
+ GNUNET_DISK_file_close (fh);
+ if (verbose)
+ {
+ for (i=0;i<in_size / sizeof (struct TALER_DenominationKeyValidityPS);i++)
+ print_dk (&dks[i]);
+ }
+
if (NULL == output_file)
{
fprintf (stderr,
"Output file not given\n");
- GNUNET_DISK_file_close (fh);
+ GNUNET_free (ap);
return 1;
}
fout = GNUNET_DISK_file_open (output_file,
@@ -180,11 +281,29 @@ main (int argc,
"Failed to open file `%s': %s\n",
output_file,
STRERROR (errno));
- GNUNET_DISK_file_close (fh);
+ GNUNET_free (ap);
return 1;
}
- /* FIXME: finally do real work... */
+ /* Finally sign ... */
+ GNUNET_CRYPTO_eddsa_sign (eddsa_priv,
+ &ap->purpose,
+ &sig.eddsa_sig);
+ if (sizeof (struct TALER_AuditorSignatureP) !=
+ GNUNET_DISK_file_write (out,
+ &sig,
+ sizeof (sig)))
+ {
+ fprintf (stderr,
+ "Failed to write to file `%s': %s\n",
+ output_file,
+ STRERROR (errno));
+ GNUNET_free (ap);
+ GNUNET_DISK_file_close (output_file);
+ return 1;
+ }
+ GNUNET_free (ap);
+ GNUNET_DISK_file_close (out);
GNUNET_free (eddsa_priv);
return 0;
}