1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
|
/*
This file is part of TALER
Copyright (C) 2014, 2015 GNUnet e.V.
TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU General Public License as published by the Free Software
Foundation; either version 3, or (at your option) any later version.
TALER is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with
TALER; see the file COPYING. If not, If not, see <http://www.gnu.org/licenses/>
*/
/**
* @file include/taler_mintdb_lib.h
* @brief IO operations for the mint's private keys
* @author Florian Dold
* @author Benedikt Mueller
* @author Christian Grothoff
*/
#ifndef TALER_MINTDB_LIB_H
#define TALER_MINTDB_LIB_H
#include "taler_signatures.h"
/**
* Subdirectroy under the mint's base directory which contains
* the mint's signing keys.
*/
#define TALER_MINTDB_DIR_SIGNING_KEYS "signkeys"
/**
* Subdirectory under the mint's base directory which contains
* the mint's denomination keys.
*/
#define TALER_MINTDB_DIR_DENOMINATION_KEYS "denomkeys"
/**
* Subdirectory under the mint's base directory which contains
* the mint's auditing information.
*/
#define TALER_MINTDB_DIR_AUDITORS "auditors"
GNUNET_NETWORK_STRUCT_BEGIN
/**
* @brief On disk format used for a mint signing key. Signing keys are used
* by the mint to affirm its messages, but not to create coins.
* Includes the private key followed by the public information about
* the signing key.
*/
struct TALER_MINTDB_PrivateSigningKeyInformationP
{
/**
* Private key part of the mint's signing key.
*/
struct TALER_MintPrivateKeyP signkey_priv;
/**
* Public information about a mint signing key.
*/
struct TALER_MintSigningKeyValidityPS issue;
};
/**
* Information about a denomination key.
*/
struct TALER_MINTDB_DenominationKeyInformationP
{
/**
* Signature over this struct to affirm the validity of the key.
*/
struct TALER_MasterSignatureP signature;
/**
* Signed properties of the denomination key.
*/
struct TALER_DenominationKeyValidityPS properties;
};
GNUNET_NETWORK_STRUCT_END
/**
* @brief All information about a denomination key (which is used to
* sign coins into existence).
*/
struct TALER_MINTDB_DenominationKeyIssueInformation
{
/**
* The private key of the denomination. Will be NULL if the private
* key is not available (this is the case after the key has expired
* for signing coins, but is still valid for depositing coins).
*/
struct TALER_DenominationPrivateKey denom_priv;
/**
* Decoded denomination public key (the hash of it is in
* @e issue, but we sometimes need the full public key as well).
*/
struct TALER_DenominationPublicKey denom_pub;
/**
* Signed public information about a denomination key.
*/
struct TALER_MINTDB_DenominationKeyInformationP issue;
};
/**
* @brief Iterator over signing keys.
*
* @param cls closure
* @param filename name of the file the key came from
* @param ski the sign key
* @return #GNUNET_OK to continue to iterate,
* #GNUNET_NO to stop iteration with no error,
* #GNUNET_SYSERR to abort iteration with error!
*/
typedef int
(*TALER_MINTDB_SigningKeyIterator)(void *cls,
const char *filename,
const struct TALER_MINTDB_PrivateSigningKeyInformationP *ski);
/**
* Call @a it for each signing key found in the @a mint_base_dir.
*
* @param mint_base_dir base directory for the mint,
* the signing keys must be in the #TALER_MINTDB_DIR_SIGNING_KEYS
* subdirectory
* @param it function to call on each signing key
* @param it_cls closure for @a it
* @return number of files found (may not match
* number of keys given to @a it as malformed
* files are simply skipped), -1 on error
*/
int
TALER_MINTDB_signing_keys_iterate (const char *mint_base_dir,
TALER_MINTDB_SigningKeyIterator it,
void *it_cls);
/**
* @brief Iterator over denomination keys.
*
* @param cls closure
* @param dki the denomination key
* @param alias coin alias
* @return #GNUNET_OK to continue to iterate,
* #GNUNET_NO to stop iteration with no error,
* #GNUNET_SYSERR to abort iteration with error!
*/
typedef int
(*TALER_MINTDB_DenominationKeyIterator)(void *cls,
const char *alias,
const struct TALER_MINTDB_DenominationKeyIssueInformation *dki);
/**
* Call @a it for each denomination key found in the @a mint_base_dir.
*
* @param mint_base_dir base directory for the mint,
* the signing keys must be in the #TALER_MINTDB_DIR_DENOMINATION_KEYS
* subdirectory
* @param it function to call on each denomination key found
* @param it_cls closure for @a it
* @return -1 on error, 0 if no files were found, otherwise
* a positive number (however, even with a positive
* number it is possible that @a it was never called
* as maybe none of the files were well-formed)
*/
int
TALER_MINTDB_denomination_keys_iterate (const char *mint_base_dir,
TALER_MINTDB_DenominationKeyIterator it,
void *it_cls);
/**
* Exports a denomination key to the given file.
*
* @param filename the file where to write the denomination key
* @param dki the denomination key
* @return #GNUNET_OK upon success; #GNUNET_SYSERR upon failure.
*/
int
TALER_MINTDB_denomination_key_write (const char *filename,
const struct TALER_MINTDB_DenominationKeyIssueInformation *dki);
/**
* Import a denomination key from the given file.
*
* @param filename the file to import the key from
* @param[out] dki set to the imported denomination key
* @return #GNUNET_OK upon success; #GNUNET_SYSERR upon failure
*/
int
TALER_MINTDB_denomination_key_read (const char *filename,
struct TALER_MINTDB_DenominationKeyIssueInformation *dki);
/**
* @brief Iterator over auditor information.
*
* @param cls closure
* @param apub the auditor's public key
* @param mpub the mint's public key (as expected by the auditor)
* @param dki_len length of @a asig and @a dki arrays
* @param asigs array of the auditor's signatures over the @a dks, of length @a dki_len
* @param dki array of denomination coin data signed by the auditor, of length @a dki_len
* @return #GNUNET_OK to continue to iterate,
* #GNUNET_NO to stop iteration with no error,
* #GNUNET_SYSERR to abort iteration with error!
*/
typedef int
(*TALER_MINTDB_AuditorIterator)(void *cls,
const struct TALER_AuditorPublicKeyP *apub,
const struct TALER_MasterPublicKeyP *mpub,
unsigned int dki_len,
const struct TALER_AuditorSignatureP *asigs,
const struct TALER_DenominationKeyValidityPS *dki);
/**
* Call @a it with information for each auditor found in the @a mint_base_dir.
*
* @param mint_base_dir base directory for the mint,
* the signing keys must be in the #TALER_MINTDB_DIR_DENOMINATION_KEYS
* subdirectory
* @param it function to call with auditor information
* @param it_cls closure for @a it
* @return -1 on error, 0 if no files were found, otherwise
* a positive number (however, even with a positive
* number it is possible that @a it was never called
* as maybe none of the files were well-formed)
*/
int
TALER_MINTDB_auditor_iterate (const char *mint_base_dir,
TALER_MINTDB_AuditorIterator it,
void *it_cls);
/**
* Write auditor information to the given file.
*
* @param filename the file where to write the auditor information to
* @param apub the auditor's public key
* @param asigs the auditor's signatures, array of length @a dki_len
* @param mpub the mint's public key (as expected by the auditor)
* @param dki_len length of @a dki and @a asigs arrays
* @param dki array of denomination coin data signed by the auditor
* @return #GNUNET_OK upon success; #GNUNET_SYSERR upon failure.
*/
int
TALER_MINTDB_auditor_write (const char *filename,
const struct TALER_AuditorPublicKeyP *apub,
const struct TALER_AuditorSignatureP *asigs,
const struct TALER_MasterPublicKeyP *mpub,
unsigned int dki_len,
const struct TALER_DenominationKeyValidityPS *dki);
/**
* Initialize the plugin.
*
* @param cfg configuration to use
* @return NULL on failure
*/
struct TALER_MINTDB_Plugin *
TALER_MINTDB_plugin_load (const struct GNUNET_CONFIGURATION_Handle *cfg);
/**
* Shutdown the plugin.
*
* @param plugin plugin to unload
*/
void
TALER_MINTDB_plugin_unload (struct TALER_MINTDB_Plugin *plugin);
#endif
|