aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2020-11-23 21:10:55 +0100
committerChristian Grothoff <christian@grothoff.org>2020-11-23 21:10:55 +0100
commitd5656ec46e47d49d16b21b5cbc1c34caf5ea4b83 (patch)
treed2c6cecb321e6468ba4ce97f51f4cfddda1769c7 /src
parent77dbb8327618ada8fd112209e54a7bf05d2958f0 (diff)
finish helper test cases
Diffstat (limited to 'src')
-rw-r--r--src/util/Makefile.am8
-rw-r--r--src/util/crypto_helper_denom.c3
-rw-r--r--src/util/taler-helper-crypto-eddsa.c32
-rw-r--r--src/util/taler-helper-crypto-rsa.c8
-rw-r--r--src/util/test_helper_eddsa.c447
-rw-r--r--src/util/test_helper_eddsa.conf8
-rw-r--r--src/util/test_helper_rsa.c14
-rw-r--r--src/util/test_helper_rsa.conf8
8 files changed, 516 insertions, 12 deletions
diff --git a/src/util/Makefile.am b/src/util/Makefile.am
index 5840fb8ae..95ac60a96 100644
--- a/src/util/Makefile.am
+++ b/src/util/Makefile.am
@@ -18,6 +18,7 @@ pkgcfg_DATA = \
EXTRA_DIST = \
paths.conf \
taler-config.in \
+ test_helper_eddsa.conf \
test_helper_rsa.conf
libexec_PROGRAMS = \
@@ -89,6 +90,7 @@ AM_TESTS_ENVIRONMENT=export TALER_PREFIX=$${TALER_PREFIX:-@libdir@};export PATH=
check_PROGRAMS = \
test_amount \
test_crypto \
+ test_helper_eddsa \
test_helper_rsa \
test_payto \
test_url
@@ -115,6 +117,12 @@ test_payto_LDADD = \
-lgnunetutil \
libtalerutil.la
+test_helper_eddsa_SOURCES = \
+ test_helper_eddsa.c
+test_helper_eddsa_LDADD = \
+ -lgnunetutil \
+ libtalerutil.la
+
test_helper_rsa_SOURCES = \
test_helper_rsa.c
test_helper_rsa_LDADD = \
diff --git a/src/util/crypto_helper_denom.c b/src/util/crypto_helper_denom.c
index 219995b51..547336e7c 100644
--- a/src/util/crypto_helper_denom.c
+++ b/src/util/crypto_helper_denom.c
@@ -294,6 +294,9 @@ handle_mt_avail (struct TALER_CRYPTO_DenominationHelper *dh,
}
GNUNET_CRYPTO_rsa_public_key_hash (denom_pub.rsa_public_key,
&dka.h_denom_pub);
+ GNUNET_CRYPTO_hash (section_name,
+ strlen (section_name) + 1,
+ &dka.h_section_name);
if (GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_SM_DENOMINATION_KEY,
&dka,
diff --git a/src/util/taler-helper-crypto-eddsa.c b/src/util/taler-helper-crypto-eddsa.c
index 58460447d..f4bf47655 100644
--- a/src/util/taler-helper-crypto-eddsa.c
+++ b/src/util/taler-helper-crypto-eddsa.c
@@ -180,6 +180,11 @@ struct WorkItem
static struct TALER_SecurityModulePrivateKeyP smpriv;
/**
+ * Public key of this security module.
+ */
+static struct TALER_SecurityModulePublicKeyP smpub;
+
+/**
* Head of DLL of actual keys, sorted by anchor.
*/
static struct Key *keys_head;
@@ -613,7 +618,8 @@ notify_client_key_add (struct Client *client,
.header.type = htons (TALER_HELPER_EDDSA_MT_AVAIL),
.anchor_time = GNUNET_TIME_absolute_hton (key->anchor),
.duration = GNUNET_TIME_relative_hton (duration),
- .exchange_pub = key->exchange_pub
+ .exchange_pub = key->exchange_pub,
+ .secm_pub = smpub
};
GNUNET_CRYPTO_eddsa_sign (&smpriv.eddsa_priv,
@@ -944,6 +950,7 @@ create_key (void)
setup_key (key,
keys_tail))
{
+ GNUNET_break (0);
GNUNET_free (key);
GNUNET_SCHEDULER_shutdown ();
global_ret = 42;
@@ -1043,8 +1050,13 @@ update_keys (void *cls)
duration),
lookahead_sign),
overlap_duration)).rel_value_us) )
- GNUNET_assert (GNUNET_OK ==
- create_key ());
+ if (GNUNET_OK !=
+ create_key ())
+ {
+ GNUNET_break (0);
+ GNUNET_SCHEDULER_shutdown ();
+ return;
+ }
/* remove expired keys */
while ( (NULL != keys_head) &&
(0 ==
@@ -1281,6 +1293,17 @@ load_durations (void)
"OVERLAP_DURATION");
return GNUNET_SYSERR;
}
+ if (GNUNET_OK !=
+ GNUNET_CONFIGURATION_get_value_time (kcfg,
+ "taler-helper-crypto-eddsa",
+ "DURATION",
+ &duration))
+ {
+ GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
+ "taler-helper-crypto-eddsa",
+ "DURATION");
+ return GNUNET_SYSERR;
+ }
GNUNET_TIME_round_rel (&overlap_duration);
if (GNUNET_OK !=
@@ -1412,6 +1435,8 @@ run (void *cls,
return;
}
GNUNET_free (pfn);
+ GNUNET_CRYPTO_eddsa_key_get_public (&smpriv.eddsa_priv,
+ &smpub.eddsa_pub);
}
if (GNUNET_OK !=
@@ -1507,7 +1532,6 @@ run (void *cls,
GNUNET_DISK_directory_scan (keydir,
&import_key,
NULL);
- update_keys (NULL);
if (NULL == keys_head)
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
diff --git a/src/util/taler-helper-crypto-rsa.c b/src/util/taler-helper-crypto-rsa.c
index af9c76ef2..140a0a8fc 100644
--- a/src/util/taler-helper-crypto-rsa.c
+++ b/src/util/taler-helper-crypto-rsa.c
@@ -252,6 +252,11 @@ static int global_ret;
static struct TALER_SecurityModulePrivateKeyP smpriv;
/**
+ * Public key of this security module.
+ */
+static struct TALER_SecurityModulePublicKeyP smpub;
+
+/**
* Number of worker threads to use. Default (0) is to use one per CPU core
* available.
* Length of the #workers array.
@@ -735,6 +740,7 @@ notify_client_dk_add (struct Client *client,
GNUNET_CRYPTO_eddsa_sign (&smpriv.eddsa_priv,
&dka,
&an->secm_sig.eddsa_signature);
+ an->secm_pub = smpub;
p = (void *) &an[1];
memcpy (p,
buf,
@@ -1793,6 +1799,8 @@ run (void *cls,
return;
}
GNUNET_free (pfn);
+ GNUNET_CRYPTO_eddsa_key_get_public (&smpriv.eddsa_priv,
+ &smpub.eddsa_pub);
}
if (GNUNET_OK !=
diff --git a/src/util/test_helper_eddsa.c b/src/util/test_helper_eddsa.c
new file mode 100644
index 000000000..c2a3af744
--- /dev/null
+++ b/src/util/test_helper_eddsa.c
@@ -0,0 +1,447 @@
+/*
+ This file is part of TALER
+ (C) 2020 Taler Systems SA
+
+ TALER is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+*/
+/**
+ * @file util/test_helper_eddsa.c
+ * @brief Tests for EDDSA crypto helper
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include "taler_util.h"
+#include <gnunet/gnunet_signatures.h>
+
+/**
+ * Configuration has 1 minute duration and 5 minutes lookahead, so
+ * we should never have more than 6 active keys, plus for during
+ * key expiration / revocation.
+ */
+#define MAX_KEYS 7
+
+/**
+ * How many random key revocations should we test?
+ */
+#define NUM_REVOKES 3
+
+/**
+ * How many iterations of the successful signing test should we run?
+ */
+#define NUM_SIGN_TESTS 100
+
+
+/**
+ * Number of keys currently in #keys.
+ */
+static unsigned int num_keys;
+
+/**
+ * Keys currently managed by the helper.
+ */
+struct KeyData
+{
+ /**
+ * Validity start point.
+ */
+ struct GNUNET_TIME_Absolute start_time;
+
+ /**
+ * Key expires for signing at @e start_time plus this value.
+ */
+ struct GNUNET_TIME_Relative validity_duration;
+
+ /**
+ * Full public key.
+ */
+ struct TALER_ExchangePublicKeyP exchange_pub;
+
+ /**
+ * Is this key currently valid?
+ */
+ bool valid;
+
+ /**
+ * Did the test driver revoke this key?
+ */
+ bool revoked;
+};
+
+/**
+ * Array of all the keys we got from the helper.
+ */
+static struct KeyData keys[MAX_KEYS];
+
+
+/**
+ * Function called with information about available keys for signing. Usually
+ * only called once per key upon connect. Also called again in case a key is
+ * being revoked, in that case with an @a end_time of zero. Stores the keys
+ * status in #keys.
+ *
+ * @param cls closure, NULL
+ * @param start_time when does the key become available for signing;
+ * zero if the key has been revoked or purged
+ * @param validity_duration how long does the key remain available for signing;
+ * zero if the key has been revoked or purged
+ * @param exchange_pub the public key itself
+ * @param sm_pub public key of the security module, NULL if the key was revoked or purged
+ * @param sm_sig signature from the security module, NULL if the key was revoked or purged
+ * The signature was already verified against @a sm_pub.
+ */
+static void
+key_cb (void *cls,
+ struct GNUNET_TIME_Absolute start_time,
+ struct GNUNET_TIME_Relative validity_duration,
+ const struct TALER_ExchangePublicKeyP *exchange_pub,
+ const struct TALER_SecurityModulePublicKeyP *sm_pub,
+ const struct TALER_SecurityModuleSignatureP *sm_sig)
+{
+ (void) sm_pub;
+ (void) sm_sig;
+ if (0 == validity_duration.rel_value_us)
+ {
+ bool found = false;
+
+ for (unsigned int i = 0; i<MAX_KEYS; i++)
+ if (0 == GNUNET_memcmp (exchange_pub,
+ &keys[i].exchange_pub))
+ {
+ keys[i].valid = false;
+ keys[i].revoked = false;
+ GNUNET_assert (num_keys > 0);
+ num_keys--;
+ found = true;
+ break;
+ }
+ if (! found)
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Error: helper announced expiration of unknown key!\n");
+
+ return;
+ }
+ for (unsigned int i = 0; i<MAX_KEYS; i++)
+ if (! keys[i].valid)
+ {
+ keys[i].valid = true;
+ keys[i].exchange_pub = *exchange_pub;
+ keys[i].start_time = start_time;
+ keys[i].validity_duration = validity_duration;
+ num_keys++;
+ return;
+ }
+ /* too many keys! */
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Error: received %d live keys from the service!\n",
+ MAX_KEYS + 1);
+}
+
+
+/**
+ * Test key revocation logic.
+ *
+ * @param esh handle to the helper
+ * @return 0 on success
+ */
+static int
+test_revocation (struct TALER_CRYPTO_ExchangeSignHelper *esh)
+{
+ struct timespec req = {
+ .tv_nsec = 250000000
+ };
+
+ for (unsigned int i = 0; i<NUM_REVOKES; i++)
+ {
+ uint32_t off;
+
+ off = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK,
+ num_keys);
+ /* find index of key to revoke */
+ for (unsigned int j = 0; j < MAX_KEYS; j++)
+ {
+ if (! keys[j].valid)
+ continue;
+ if (0 != off)
+ {
+ off--;
+ continue;
+ }
+ keys[j].revoked = true;
+ fprintf (stderr,
+ "Revoking key ...");
+ TALER_CRYPTO_helper_esign_revoke (esh,
+ &keys[j].exchange_pub);
+ for (unsigned int k = 0; k<1000; k++)
+ {
+ TALER_CRYPTO_helper_esign_poll (esh);
+ if (! keys[j].revoked)
+ break;
+ nanosleep (&req, NULL);
+ fprintf (stderr, ".");
+ }
+ if (keys[j].revoked)
+ {
+ fprintf (stderr,
+ "\nFAILED: timeout trying to revoke key %u\n",
+ j);
+ TALER_CRYPTO_helper_esign_disconnect (esh);
+ return 2;
+ }
+ fprintf (stderr, "\n");
+ break;
+ }
+ }
+ return 0;
+}
+
+
+/**
+ * Test signing logic.
+ *
+ * @param esh handle to the helper
+ * @return 0 on success
+ */
+static int
+test_signing (struct TALER_CRYPTO_ExchangeSignHelper *esh)
+{
+ struct GNUNET_CRYPTO_EccSignaturePurpose purpose = {
+ .purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TEST),
+ .size = htonl (sizeof (purpose)),
+ };
+
+ for (unsigned int i = 0; i<2; i++)
+ {
+ struct TALER_ExchangePublicKeyP exchange_pub;
+ struct TALER_ExchangeSignatureP exchange_sig;
+ enum TALER_ErrorCode ec;
+
+ ec = TALER_CRYPTO_helper_esign_sign_ (esh,
+ &purpose,
+ &exchange_pub,
+ &exchange_sig);
+ switch (ec)
+ {
+ case TALER_EC_NONE:
+ if (GNUNET_OK !=
+ GNUNET_CRYPTO_eddsa_verify_ (GNUNET_SIGNATURE_PURPOSE_TEST,
+ &purpose,
+ &exchange_sig.eddsa_signature,
+ &exchange_pub.eddsa_pub))
+ {
+ /* signature invalid */
+ GNUNET_break (0);
+ return 17;
+ }
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ "Received valid signature\n");
+ break;
+ default:
+ /* unexpected error */
+ GNUNET_break (0);
+ return 7;
+ }
+ }
+ return 0;
+}
+
+
+/**
+ * Benchmark signing logic.
+ *
+ * @param esh handle to the helper
+ * @return 0 on success
+ */
+static int
+perf_signing (struct TALER_CRYPTO_ExchangeSignHelper *esh)
+{
+ struct GNUNET_CRYPTO_EccSignaturePurpose purpose = {
+ .purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TEST),
+ .size = htonl (sizeof (purpose)),
+ };
+ struct GNUNET_TIME_Relative duration;
+
+ duration = GNUNET_TIME_UNIT_ZERO;
+ for (unsigned int j = 0; j<NUM_SIGN_TESTS;)
+ {
+ struct GNUNET_TIME_Relative delay;
+ struct TALER_ExchangePublicKeyP exchange_pub;
+ struct TALER_ExchangeSignatureP exchange_sig;
+ enum TALER_ErrorCode ec;
+ struct GNUNET_TIME_Absolute start;
+
+ TALER_CRYPTO_helper_esign_poll (esh);
+ start = GNUNET_TIME_absolute_get ();
+ ec = TALER_CRYPTO_helper_esign_sign_ (esh,
+ &purpose,
+ &exchange_pub,
+ &exchange_sig);
+ if (TALER_EC_NONE != ec)
+ {
+ GNUNET_break (0);
+ return 42;
+ }
+ delay = GNUNET_TIME_absolute_get_duration (start);
+ duration = GNUNET_TIME_relative_add (duration,
+ delay);
+ j++;
+ } /* for j */
+ fprintf (stderr,
+ "%u (sequential) signature operations took %s\n",
+ (unsigned int) NUM_SIGN_TESTS,
+ GNUNET_STRINGS_relative_time_to_string (duration,
+ GNUNET_YES));
+ return 0;
+}
+
+
+/**
+ * Main entry point into the test logic with the helper already running.
+ */
+static int
+run_test (void)
+{
+ struct GNUNET_CONFIGURATION_Handle *cfg;
+ struct TALER_CRYPTO_ExchangeSignHelper *esh;
+ struct timespec req = {
+ .tv_nsec = 250000000
+ };
+ int ret;
+
+ cfg = GNUNET_CONFIGURATION_create ();
+ if (GNUNET_OK !=
+ GNUNET_CONFIGURATION_load (cfg,
+ "test_helper_eddsa.conf"))
+ {
+ GNUNET_break (0);
+ return 77;
+ }
+ esh = TALER_CRYPTO_helper_esign_connect (cfg,
+ &key_cb,
+ NULL);
+ GNUNET_CONFIGURATION_destroy (cfg);
+ if (NULL == esh)
+ {
+ GNUNET_break (0);
+ return 1;
+ }
+ /* wait for helper to start and give us keys */
+ fprintf (stderr, "Waiting for helper to start ");
+ for (unsigned int i = 0; i<1000; i++)
+ {
+ TALER_CRYPTO_helper_esign_poll (esh);
+ if (0 != num_keys)
+ break;
+ nanosleep (&req, NULL);
+ fprintf (stderr, ".");
+ }
+ if (0 == num_keys)
+ {
+ fprintf (stderr,
+ "\nFAILED: timeout trying to connect to helper\n");
+ TALER_CRYPTO_helper_esign_disconnect (esh);
+ return 1;
+ }
+ fprintf (stderr,
+ "\nOK: Helper ready (%u keys)\n",
+ num_keys);
+
+ ret = 0;
+ if (0 == ret)
+ ret = test_revocation (esh);
+ if (0 == ret)
+ ret = test_signing (esh);
+ if (0 == ret)
+ ret = perf_signing (esh);
+ TALER_CRYPTO_helper_esign_disconnect (esh);
+ /* clean up our state */
+ for (unsigned int i = 0; i<MAX_KEYS; i++)
+ if (keys[i].valid)
+ {
+ keys[i].valid = false;
+ GNUNET_assert (num_keys > 0);
+ num_keys--;
+ }
+ return ret;
+}
+
+
+int
+main (int argc,
+ const char *const argv[])
+{
+ struct GNUNET_OS_Process *helper;
+ char *libexec_dir;
+ char *binary_name;
+ int ret;
+ enum GNUNET_OS_ProcessStatusType type;
+ unsigned long code;
+
+ (void) argc;
+ (void) argv;
+ GNUNET_log_setup ("test-helper-eddsa",
+ "WARNING",
+ NULL);
+ GNUNET_OS_init (TALER_project_data_default ());
+ libexec_dir = GNUNET_OS_installation_get_path (GNUNET_OS_IPK_LIBEXECDIR);
+ GNUNET_asprintf (&binary_name,
+ "%s/%s",
+ libexec_dir,
+ "taler-helper-crypto-eddsa");
+ GNUNET_free (libexec_dir);
+ helper = GNUNET_OS_start_process (GNUNET_OS_INHERIT_STD_ERR,
+ NULL, NULL, NULL,
+ binary_name,
+ binary_name,
+ "-c",
+ "test_helper_eddsa.conf",
+ "-L",
+ "WARNING",
+ NULL);
+ if (NULL == helper)
+ {
+ GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
+ "exec",
+ binary_name);
+ GNUNET_free (binary_name);
+ return 77;
+ }
+ GNUNET_free (binary_name);
+ ret = run_test ();
+
+ GNUNET_OS_process_kill (helper,
+ SIGTERM);
+ if (GNUNET_OK !=
+ GNUNET_OS_process_wait_status (helper,
+ &type,
+ &code))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Helper process did not die voluntarily, killing hard\n");
+ GNUNET_OS_process_kill (helper,
+ SIGKILL);
+ ret = 4;
+ }
+ else if ( (GNUNET_OS_PROCESS_EXITED != type) ||
+ (0 != code) )
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Helper died with unexpected status %d/%d\n",
+ (int) type,
+ (int) code);
+ ret = 5;
+ }
+ GNUNET_OS_process_destroy (helper);
+ return ret;
+}
+
+
+/* end of test_helper_eddsa.c */
diff --git a/src/util/test_helper_eddsa.conf b/src/util/test_helper_eddsa.conf
new file mode 100644
index 000000000..bdb72a853
--- /dev/null
+++ b/src/util/test_helper_eddsa.conf
@@ -0,0 +1,8 @@
+[taler-helper-crypto-eddsa]
+LOOKAHEAD_SIGN = 5 minutes
+OVERLAP_DURATION = 1 s
+DURATION = 1 minute
+KEY_DIR = ${TALER_RUNTIME_DIR}/test_helper_eddsa/
+UNIXPATH = ${TALER_RUNTIME_DIR}test_helper_eddsa.unix
+
+SM_PRIV_KEY = ${TALER_DATA_HOME}/taler-helper-crypto-eddsa/.private-key
diff --git a/src/util/test_helper_rsa.c b/src/util/test_helper_rsa.c
index 3c7ae443b..f291f27e4 100644
--- a/src/util/test_helper_rsa.c
+++ b/src/util/test_helper_rsa.c
@@ -31,12 +31,12 @@
/**
* How many random key revocations should we test?
*/
-#define NUM_REVOKES 10
+#define NUM_REVOKES 3
/**
* How many iterations of the successful signing test should we run?
*/
-#define NUM_SIGN_TESTS 100
+#define NUM_SIGN_TESTS 5
/**
@@ -101,6 +101,9 @@ static struct KeyData keys[MAX_KEYS];
* zero if the key has been revoked or purged
* @param h_denom_pub hash of the @a denom_pub that is available (or was purged)
* @param denom_pub the public key itself, NULL if the key was revoked or purged
+ * @param sm_pub public key of the security module, NULL if the key was revoked or purged
+ * @param sm_sig signature from the security module, NULL if the key was revoked or purged
+ * The signature was already verified against @a sm_pub.
*/
static void
key_cb (void *cls,
@@ -108,8 +111,12 @@ key_cb (void *cls,
struct GNUNET_TIME_Absolute start_time,
struct GNUNET_TIME_Relative validity_duration,
const struct GNUNET_HashCode *h_denom_pub,
- const struct TALER_DenominationPublicKey *denom_pub)
+ const struct TALER_DenominationPublicKey *denom_pub,
+ const struct TALER_SecurityModulePublicKeyP *sm_pub,
+ const struct TALER_SecurityModuleSignatureP *sm_sig)
{
+ (void) sm_pub;
+ (void) sm_sig;
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Key notification about key %s in `%s'\n",
GNUNET_h2s (h_denom_pub),
@@ -373,7 +380,6 @@ perf_signing (struct TALER_CRYPTO_DenominationHelper *dh)
{
struct TALER_DenominationSignature ds;
enum TALER_ErrorCode ec;
- bool success = false;
struct GNUNET_HashCode m_hash;
struct GNUNET_CRYPTO_RsaBlindingKeySecret bks;
struct GNUNET_TIME_Relative duration;
diff --git a/src/util/test_helper_rsa.conf b/src/util/test_helper_rsa.conf
index 2bce81122..e3b3d0895 100644
--- a/src/util/test_helper_rsa.conf
+++ b/src/util/test_helper_rsa.conf
@@ -1,10 +1,10 @@
[coin_1]
-duration_withdraw = 1 minute
-rsa_keysize = 2048
+DURATION_WITHDRAW = 1 minute
+RSA_KEYSIZE = 2048
[taler-helper-crypto-rsa]
-lookahead_sign = 5 minutes
-overlap_duration = 1 s
+LOOKAHEAD_SIGN = 5 minutes
+OVERLAP_DURATION = 1 s
KEY_DIR = ${TALER_RUNTIME_DIR}/test_helper_rsa/
UNIXPATH = ${TALER_RUNTIME_DIR}test_helper_rsa.unix