From 9cbc31afc495ebdfe7b24535ca2eee54b5a17ab7 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Wed, 28 Jan 2015 15:03:47 +0100 Subject: move key IO routines into aptly named files --- src/mint/Makefile.am | 2 +- src/mint/key_io.c | 241 +++++++++++++++++++++++++++++++++++++++ src/mint/key_io.h | 137 ++++++++++++++++++++++ src/mint/mint.h | 102 +---------------- src/mint/mint_common.c | 235 -------------------------------------- src/mint/taler-mint-httpd_keys.h | 2 + src/mint/taler-mint-keycheck.c | 1 + src/mint/taler-mint-keyup.c | 1 + 8 files changed, 385 insertions(+), 336 deletions(-) create mode 100644 src/mint/key_io.c create mode 100644 src/mint/key_io.h delete mode 100644 src/mint/mint_common.c (limited to 'src') diff --git a/src/mint/Makefile.am b/src/mint/Makefile.am index c0fd6949b..17b82dc51 100644 --- a/src/mint/Makefile.am +++ b/src/mint/Makefile.am @@ -4,7 +4,7 @@ lib_LTLIBRARIES = \ libtalermint_common.la libtalermint_common_la_SOURCES = \ - mint_common.c \ + key_io.c key_io.h \ mint_db.c libtalermint_common_la_LIBADD = \ diff --git a/src/mint/key_io.c b/src/mint/key_io.c new file mode 100644 index 000000000..f401a1268 --- /dev/null +++ b/src/mint/key_io.c @@ -0,0 +1,241 @@ +/* + This file is part of TALER + (C) 2014 Christian Grothoff (and other contributing authors) + + TALER is free software; you can redistribute it and/or modify it under the + terms of the GNU General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along with + TALER; see the file COPYING. If not, If not, see +*/ + +/** + * @file key_io.c + * @brief I/O operations for the Mint's private keys + * @author Florian Dold + * @author Benedikt Mueller + * @author Sree Harsha Totakura + * @author Christian Grothoff + */ +#include "platform.h" +#include "mint.h" +#include "key_io.h" + + +struct SignkeysIterateContext +{ + TALER_MINT_SignkeyIterator it; + void *it_cls; +}; + + +struct DenomkeysIterateContext +{ + const char *alias; + TALER_MINT_DenomkeyIterator it; + void *it_cls; +}; + + +static int +signkeys_iterate_dir_iter (void *cls, + const char *filename) +{ + + struct SignkeysIterateContext *skc = cls; + ssize_t nread; + struct TALER_MINT_SignKeyIssuePriv issue; + + nread = GNUNET_DISK_fn_read (filename, + &issue, + sizeof (struct TALER_MINT_SignKeyIssuePriv)); + if (nread != sizeof (struct TALER_MINT_SignKeyIssuePriv)) + { + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "Invalid signkey file: '%s'\n", filename); + return GNUNET_OK; + } + return skc->it (skc->it_cls, &issue); +} + + +int +TALER_MINT_signkeys_iterate (const char *mint_base_dir, + TALER_MINT_SignkeyIterator it, void *cls) +{ + char *signkey_dir; + size_t len; + struct SignkeysIterateContext skc; + + len = GNUNET_asprintf (&signkey_dir, ("%s" DIR_SEPARATOR_STR DIR_SIGNKEYS), mint_base_dir); + GNUNET_assert (len > 0); + + skc.it = it; + skc.it_cls = cls; + + return GNUNET_DISK_directory_scan (signkey_dir, &signkeys_iterate_dir_iter, &skc); +} + + +/** + * Import a denomination key from the given file + * + * @param filename the file to import the key from + * @param dki pointer to return the imported denomination key + * @return #GNUNET_OK upon success; #GNUNET_SYSERR upon failure + */ +int +TALER_MINT_read_denom_key (const char *filename, + struct TALER_MINT_DenomKeyIssuePriv *dki) +{ + uint64_t size; + size_t offset; + void *data; + struct GNUNET_CRYPTO_rsa_PrivateKey *priv; + int ret; + + ret = GNUNET_SYSERR; + data = NULL; + offset = sizeof (struct TALER_MINT_DenomKeyIssuePriv) + - offsetof (struct TALER_MINT_DenomKeyIssuePriv, issue.signature); + if (GNUNET_OK != GNUNET_DISK_file_size (filename, + &size, + GNUNET_YES, + GNUNET_YES)) + goto cleanup; + if (size <= offset) + { + GNUNET_break (0); + goto cleanup; + } + data = GNUNET_malloc (size); + if (size != GNUNET_DISK_fn_read (filename, + data, + size)) + goto cleanup; + if (NULL == (priv = GNUNET_CRYPTO_rsa_private_key_decode (data + offset, + size - offset))) + goto cleanup; + dki->denom_priv = priv; + memcpy (&dki->issue.signature, data, offset); + ret = GNUNET_OK; + + cleanup: + GNUNET_free_non_null (data); + return ret; +} + + +/** + * Exports a denomination key to the given file + * + * @param filename the file where to write the denomination key + * @param dki the denomination key + * @return #GNUNET_OK upon success; #GNUNET_SYSERR upon failure. + */ +int +TALER_MINT_write_denom_key (const char *filename, + const struct TALER_MINT_DenomKeyIssuePriv *dki) +{ + char *priv_enc; + size_t priv_enc_size; + struct GNUNET_DISK_FileHandle *fh; + ssize_t wrote; + size_t wsize; + int ret; + + fh = NULL; + priv_enc_size = GNUNET_CRYPTO_rsa_private_key_encode (dki->denom_priv, + &priv_enc); + ret = GNUNET_SYSERR; + if (NULL == (fh = GNUNET_DISK_file_open + (filename, + GNUNET_DISK_OPEN_WRITE | GNUNET_DISK_OPEN_CREATE | GNUNET_DISK_OPEN_TRUNCATE, + GNUNET_DISK_PERM_USER_READ | GNUNET_DISK_PERM_USER_WRITE))) + goto cleanup; + wsize = sizeof (struct TALER_MINT_DenomKeyIssuePriv) + - offsetof (struct TALER_MINT_DenomKeyIssuePriv, issue.signature); + if (GNUNET_SYSERR == (wrote = GNUNET_DISK_file_write (fh, + &dki->issue.signature, + wsize))) + goto cleanup; + if (wrote != wsize) + goto cleanup; + if (GNUNET_SYSERR == (wrote = GNUNET_DISK_file_write (fh, + priv_enc, + priv_enc_size))) + goto cleanup; + if (wrote != priv_enc_size) + goto cleanup; + ret = GNUNET_OK; + cleanup: + GNUNET_free_non_null (priv_enc); + if (NULL != fh) + (void) GNUNET_DISK_file_close (fh); + return ret; +} + + +static int +denomkeys_iterate_keydir_iter (void *cls, + const char *filename) +{ + + struct DenomkeysIterateContext *dic = cls; + struct TALER_MINT_DenomKeyIssuePriv issue; + + if (GNUNET_OK != TALER_MINT_read_denom_key (filename, &issue)) + { + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, + "Invalid denomkey file: '%s'\n", + filename); + return GNUNET_OK; + } + return dic->it (dic->it_cls, dic->alias, &issue); +} + + +static int +denomkeys_iterate_topdir_iter (void *cls, + const char *filename) +{ + struct DenomkeysIterateContext *dic = cls; + + dic->alias = GNUNET_STRINGS_get_short_name (filename); + + // FIXME: differentiate between error case and normal iteration abortion + if (0 > GNUNET_DISK_directory_scan (filename, &denomkeys_iterate_keydir_iter, dic)) + return GNUNET_SYSERR; + return GNUNET_OK; +} + + +int +TALER_MINT_denomkeys_iterate (const char *mint_base_dir, + TALER_MINT_DenomkeyIterator it, void *cls) +{ + char *dir; + size_t len; + struct DenomkeysIterateContext dic; + + len = GNUNET_asprintf (&dir, + "%s" DIR_SEPARATOR_STR DIR_DENOMKEYS, + mint_base_dir); + GNUNET_assert (len > 0); + + dic.it = it; + dic.it_cls = cls; + + // scan over alias dirs + return GNUNET_DISK_directory_scan (dir, + &denomkeys_iterate_topdir_iter, + &dic); +} + + + +/* end of mint_common.c */ diff --git a/src/mint/key_io.h b/src/mint/key_io.h new file mode 100644 index 000000000..44665e379 --- /dev/null +++ b/src/mint/key_io.h @@ -0,0 +1,137 @@ +/* + This file is part of TALER + (C) 2014 Christian Grothoff (and other contributing authors) + + TALER is free software; you can redistribute it and/or modify it under the + terms of the GNU General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along with + TALER; see the file COPYING. If not, If not, see +*/ +/** + * @file key_io.h + * @brief IO operations for the mint's private keys + * @author Florian Dold + * @author Benedikt Mueller + * @author Christian Grothoff + * + * TODO: + * - document better + */ +#ifndef KEY_IO_H +#define KEY_IO_H + +#include +#include +#include "taler_util.h" +#include "taler_signatures.h" + +#define DIR_SIGNKEYS "signkeys" +#define DIR_DENOMKEYS "denomkeys" + +/** + * On disk format used for a mint signing key. + * Includes the private key followed by the signed + * issue message. + */ +struct TALER_MINT_SignKeyIssuePriv +{ + struct GNUNET_CRYPTO_EddsaPrivateKey signkey_priv; + struct TALER_MINT_SignKeyIssue issue; +}; + + + +struct TALER_MINT_DenomKeyIssuePriv +{ + /** + * The private key of the denomination. Will be NULL if the private key is + * not available. + */ + struct GNUNET_CRYPTO_rsa_PrivateKey *denom_priv; + + struct TALER_MINT_DenomKeyIssue issue; +}; + + + + +/** + * Iterator for sign keys. + * + * @param cls closure + * @param ski the sign key issue + * @return #GNUNET_OK to continue to iterate, + * #GNUNET_NO to stop iteration with no error, + * #GNUNET_SYSERR to abort iteration with error! + */ +typedef int +(*TALER_MINT_SignkeyIterator)(void *cls, + const struct TALER_MINT_SignKeyIssuePriv *ski); + +/** + * Iterator for denomination keys. + * + * @param cls closure + * @param dki the denomination key issue + * @param alias coin alias + * @return #GNUNET_OK to continue to iterate, + * #GNUNET_NO to stop iteration with no error, + * #GNUNET_SYSERR to abort iteration with error! + */ +typedef int +(*TALER_MINT_DenomkeyIterator)(void *cls, + const char *alias, + const struct TALER_MINT_DenomKeyIssuePriv *dki); + + + +/** + * FIXME + */ +int +TALER_MINT_signkeys_iterate (const char *mint_base_dir, + TALER_MINT_SignkeyIterator it, void *cls); + + +/** + * FIXME + */ +int +TALER_MINT_denomkeys_iterate (const char *mint_base_dir, + TALER_MINT_DenomkeyIterator it, void *cls); + + +/** + * Exports a denomination key to the given file + * + * @param filename the file where to write the denomination key + * @param dki the denomination key + * @return #GNUNET_OK upon success; #GNUNET_SYSERR upon failure. + */ +int +TALER_MINT_write_denom_key (const char *filename, + const struct TALER_MINT_DenomKeyIssuePriv *dki); + + +/** + * Import a denomination key from the given file + * + * @param filename the file to import the key from + * @param dki pointer to return the imported denomination key + * @return #GNUNET_OK upon success; #GNUNET_SYSERR upon failure + */ +int +TALER_MINT_read_denom_key (const char *filename, + struct TALER_MINT_DenomKeyIssuePriv *dki); + + + + + +#endif diff --git a/src/mint/mint.h b/src/mint/mint.h index 0a0e00d04..1c5e9802e 100644 --- a/src/mint/mint.h +++ b/src/mint/mint.h @@ -20,20 +20,18 @@ * @author Benedikt Mueller * * TODO: - * - revisit and document `struct Deposit` members. + * - move DB functions to mint_db.h */ #ifndef _MINT_H #define _MINT_H #include #include -#include #include +#include #include "taler_util.h" #include "taler_signatures.h" -#define DIR_SIGNKEYS "signkeys" -#define DIR_DENOMKEYS "denomkeys" /** * For now, we just do EUR. Should become configurable @@ -41,31 +39,6 @@ */ #define MINT_CURRENCY "EUR" -/** - * On disk format used for a mint signing key. - * Includes the private key followed by the signed - * issue message. - */ -struct TALER_MINT_SignKeyIssuePriv -{ - struct GNUNET_CRYPTO_EddsaPrivateKey signkey_priv; - struct TALER_MINT_SignKeyIssue issue; -}; - - - -struct TALER_MINT_DenomKeyIssuePriv -{ - /** - * The private key of the denomination. Will be NULL if the private key is - * not available. - */ - struct GNUNET_CRYPTO_rsa_PrivateKey *denom_priv; - - struct TALER_MINT_DenomKeyIssue issue; -}; - - /** * Public information about a coin (including the public key @@ -357,77 +330,6 @@ struct Reserve -/** - * Iterator for sign keys. - * - * @param cls closure - * @param ski the sign key issue - * @return #GNUNET_OK to continue to iterate, - * #GNUNET_NO to stop iteration with no error, - * #GNUNET_SYSERR to abort iteration with error! - */ -typedef int -(*TALER_MINT_SignkeyIterator)(void *cls, - const struct TALER_MINT_SignKeyIssuePriv *ski); - -/** - * Iterator for denomination keys. - * - * @param cls closure - * @param dki the denomination key issue - * @param alias coin alias - * @return #GNUNET_OK to continue to iterate, - * #GNUNET_NO to stop iteration with no error, - * #GNUNET_SYSERR to abort iteration with error! - */ -typedef int -(*TALER_MINT_DenomkeyIterator)(void *cls, - const char *alias, - const struct TALER_MINT_DenomKeyIssuePriv *dki); - - - -/** - * FIXME - */ -int -TALER_MINT_signkeys_iterate (const char *mint_base_dir, - TALER_MINT_SignkeyIterator it, void *cls); - - -/** - * FIXME - */ -int -TALER_MINT_denomkeys_iterate (const char *mint_base_dir, - TALER_MINT_DenomkeyIterator it, void *cls); - - -/** - * Exports a denomination key to the given file - * - * @param filename the file where to write the denomination key - * @param dki the denomination key - * @return #GNUNET_OK upon success; #GNUNET_SYSERR upon failure. - */ -int -TALER_MINT_write_denom_key (const char *filename, - const struct TALER_MINT_DenomKeyIssuePriv *dki); - - -/** - * Import a denomination key from the given file - * - * @param filename the file to import the key from - * @param dki pointer to return the imported denomination key - * @return #GNUNET_OK upon success; #GNUNET_SYSERR upon failure - */ -int -TALER_MINT_read_denom_key (const char *filename, - struct TALER_MINT_DenomKeyIssuePriv *dki); - - - int TALER_TALER_DB_extract_amount (PGresult *result, unsigned int row, diff --git a/src/mint/mint_common.c b/src/mint/mint_common.c deleted file mode 100644 index 41b9d6ed5..000000000 --- a/src/mint/mint_common.c +++ /dev/null @@ -1,235 +0,0 @@ -/* - This file is part of TALER - (C) 2014 Christian Grothoff (and other contributing authors) - - TALER is free software; you can redistribute it and/or modify it under the - terms of the GNU General Public License as published by the Free Software - Foundation; either version 3, or (at your option) any later version. - - TALER is distributed in the hope that it will be useful, but WITHOUT ANY - WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR - A PARTICULAR PURPOSE. See the GNU General Public License for more details. - - You should have received a copy of the GNU General Public License along with - TALER; see the file COPYING. If not, If not, see -*/ - -/** - * @file mint_common.c - * @brief Common functionality for the mint - * @author Florian Dold - * @author Benedikt Mueller - * @author Sree Harsha Totakura - */ - -#include "platform.h" -#include "mint.h" - -struct SignkeysIterateContext -{ - TALER_MINT_SignkeyIterator it; - void *it_cls; -}; - - -struct DenomkeysIterateContext -{ - const char *alias; - TALER_MINT_DenomkeyIterator it; - void *it_cls; -}; - - -static int -signkeys_iterate_dir_iter (void *cls, - const char *filename) -{ - - struct SignkeysIterateContext *skc = cls; - ssize_t nread; - struct TALER_MINT_SignKeyIssuePriv issue; - - nread = GNUNET_DISK_fn_read (filename, - &issue, - sizeof (struct TALER_MINT_SignKeyIssuePriv)); - if (nread != sizeof (struct TALER_MINT_SignKeyIssuePriv)) - { - GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "Invalid signkey file: '%s'\n", filename); - return GNUNET_OK; - } - return skc->it (skc->it_cls, &issue); -} - - -int -TALER_MINT_signkeys_iterate (const char *mint_base_dir, - TALER_MINT_SignkeyIterator it, void *cls) -{ - char *signkey_dir; - size_t len; - struct SignkeysIterateContext skc; - - len = GNUNET_asprintf (&signkey_dir, ("%s" DIR_SEPARATOR_STR DIR_SIGNKEYS), mint_base_dir); - GNUNET_assert (len > 0); - - skc.it = it; - skc.it_cls = cls; - - return GNUNET_DISK_directory_scan (signkey_dir, &signkeys_iterate_dir_iter, &skc); -} - - -/** - * Import a denomination key from the given file - * - * @param filename the file to import the key from - * @param dki pointer to return the imported denomination key - * @return #GNUNET_OK upon success; #GNUNET_SYSERR upon failure - */ -int -TALER_MINT_read_denom_key (const char *filename, - struct TALER_MINT_DenomKeyIssuePriv *dki) -{ - uint64_t size; - size_t offset; - void *data; - struct GNUNET_CRYPTO_rsa_PrivateKey *priv; - int ret; - - ret = GNUNET_SYSERR; - data = NULL; - offset = sizeof (struct TALER_MINT_DenomKeyIssuePriv) - - offsetof (struct TALER_MINT_DenomKeyIssuePriv, issue.signature); - if (GNUNET_OK != GNUNET_DISK_file_size (filename, - &size, - GNUNET_YES, - GNUNET_YES)) - goto cleanup; - if (size <= offset) - { - GNUNET_break (0); - goto cleanup; - } - data = GNUNET_malloc (size); - if (size != GNUNET_DISK_fn_read (filename, - data, - size)) - goto cleanup; - if (NULL == (priv = GNUNET_CRYPTO_rsa_private_key_decode (data + offset, - size - offset))) - goto cleanup; - dki->denom_priv = priv; - memcpy (&dki->issue.signature, data, offset); - ret = GNUNET_OK; - - cleanup: - GNUNET_free_non_null (data); - return ret; -} - - -/** - * Exports a denomination key to the given file - * - * @param filename the file where to write the denomination key - * @param dki the denomination key - * @return #GNUNET_OK upon success; #GNUNET_SYSERR upon failure. - */ -int -TALER_MINT_write_denom_key (const char *filename, - const struct TALER_MINT_DenomKeyIssuePriv *dki) -{ - char *priv_enc; - size_t priv_enc_size; - struct GNUNET_DISK_FileHandle *fh; - ssize_t wrote; - size_t wsize; - int ret; - - fh = NULL; - priv_enc_size = GNUNET_CRYPTO_rsa_private_key_encode (dki->denom_priv, - &priv_enc); - ret = GNUNET_SYSERR; - if (NULL == (fh = GNUNET_DISK_file_open - (filename, - GNUNET_DISK_OPEN_WRITE | GNUNET_DISK_OPEN_CREATE | GNUNET_DISK_OPEN_TRUNCATE, - GNUNET_DISK_PERM_USER_READ | GNUNET_DISK_PERM_USER_WRITE))) - goto cleanup; - wsize = sizeof (struct TALER_MINT_DenomKeyIssuePriv) - - offsetof (struct TALER_MINT_DenomKeyIssuePriv, issue.signature); - if (GNUNET_SYSERR == (wrote = GNUNET_DISK_file_write (fh, - &dki->issue.signature, - wsize))) - goto cleanup; - if (wrote != wsize) - goto cleanup; - if (GNUNET_SYSERR == (wrote = GNUNET_DISK_file_write (fh, - priv_enc, - priv_enc_size))) - goto cleanup; - if (wrote != priv_enc_size) - goto cleanup; - ret = GNUNET_OK; - cleanup: - GNUNET_free_non_null (priv_enc); - if (NULL != fh) - (void) GNUNET_DISK_file_close (fh); - return ret; -} - - -static int -denomkeys_iterate_keydir_iter (void *cls, - const char *filename) -{ - - struct DenomkeysIterateContext *dic = cls; - struct TALER_MINT_DenomKeyIssuePriv issue; - - if (GNUNET_OK != TALER_MINT_read_denom_key (filename, &issue)) - { - GNUNET_log (GNUNET_ERROR_TYPE_WARNING, - "Invalid denomkey file: '%s'\n", - filename); - return GNUNET_OK; - } - return dic->it (dic->it_cls, dic->alias, &issue); -} - - -static int -denomkeys_iterate_topdir_iter (void *cls, - const char *filename) -{ - - struct DenomkeysIterateContext *dic = cls; - dic->alias = GNUNET_STRINGS_get_short_name (filename); - - // FIXME: differentiate between error case and normal iteration abortion - if (0 > GNUNET_DISK_directory_scan (filename, &denomkeys_iterate_keydir_iter, dic)) - return GNUNET_SYSERR; - return GNUNET_OK; -} - - -int -TALER_MINT_denomkeys_iterate (const char *mint_base_dir, - TALER_MINT_DenomkeyIterator it, void *cls) -{ - char *dir; - size_t len; - struct DenomkeysIterateContext dic; - len = GNUNET_asprintf (&dir, ("%s" DIR_SEPARATOR_STR DIR_DENOMKEYS), - mint_base_dir); - GNUNET_assert (len > 0); - - dic.it = it; - dic.it_cls = cls; - - // scan over alias dirs - return GNUNET_DISK_directory_scan (dir, &denomkeys_iterate_topdir_iter, &dic); -} - - - -/* end of mint_common.c */ diff --git a/src/mint/taler-mint-httpd_keys.h b/src/mint/taler-mint-httpd_keys.h index 4182c25ea..eeeb21ef3 100644 --- a/src/mint/taler-mint-httpd_keys.h +++ b/src/mint/taler-mint-httpd_keys.h @@ -28,6 +28,8 @@ #include #include "taler-mint-httpd.h" #include "mint.h" +#include "key_io.h" + /** * Snapshot of the (coin and signing) diff --git a/src/mint/taler-mint-keycheck.c b/src/mint/taler-mint-keycheck.c index 09f59ab2f..c2deec0c2 100644 --- a/src/mint/taler-mint-keycheck.c +++ b/src/mint/taler-mint-keycheck.c @@ -25,6 +25,7 @@ #include #include "mint.h" #include "taler_signatures.h" +#include "key_io.h" static char *mintdir; diff --git a/src/mint/taler-mint-keyup.c b/src/mint/taler-mint-keyup.c index f8670eb97..03c66216b 100644 --- a/src/mint/taler-mint-keyup.c +++ b/src/mint/taler-mint-keyup.c @@ -27,6 +27,7 @@ #include "taler_util.h" #include "taler_signatures.h" #include "mint.h" +#include "key_io.h" /** * FIXME: allow user to specify (within reason). -- cgit v1.2.3