Line data Source code
1 : /* 2 : This file is part of TALER 3 : Copyright (C) 2014-2024 Taler Systems SA 4 : 5 : TALER is free software; you can redistribute it and/or modify it under the 6 : terms of the GNU General Public License as published by the Free Software 7 : Foundation; either version 3, or (at your option) any later version. 8 : 9 : TALER is distributed in the hope that it will be useful, but WITHOUT ANY 10 : WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR 11 : A PARTICULAR PURPOSE. See the GNU General Public License for more details. 12 : 13 : You should have received a copy of the GNU General Public License along with 14 : TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/> 15 : */ 16 : /** 17 : * @file util/taler-exchange-secmod-eddsa.c 18 : * @brief Standalone process to perform private key EDDSA operations 19 : * @author Christian Grothoff 20 : * 21 : * Key design points: 22 : * - EVERY thread of the exchange will have its own pair of connections to the 23 : * crypto helpers. This way, every threat will also have its own /keys state 24 : * and avoid the need to synchronize on those. 25 : * - auditor signatures and master signatures are to be kept in the exchange DB, 26 : * and merged with the public keys of the helper by the exchange HTTPD! 27 : * - the main loop of the helper is SINGLE-THREADED, but there are 28 : * threads for crypto-workers which (only) do the signing in parallel, 29 : * one per client. 30 : * - thread-safety: signing happens in parallel, thus when REMOVING private keys, 31 : * we must ensure that all signers are done before we fully free() the 32 : * private key. This is done by reference counting (as work is always 33 : * assigned and collected by the main thread). 34 : */ 35 : #include "platform.h" 36 : #include "taler_util.h" 37 : 38 : 39 : /** 40 : * The entry point. 41 : * 42 : * @param argc number of arguments in @a argv 43 : * @param argv command-line arguments 44 : * @return 0 on normal termination 45 : */ 46 : int 47 20 : main (int argc, 48 : char **argv) 49 : { 50 20 : struct TALER_SECMOD_Options opts = { 51 : .max_workers = 16, 52 : .section = "taler-exchange" 53 : }; 54 20 : struct GNUNET_GETOPT_CommandLineOption options[] = { 55 20 : TALER_SECMOD_OPTIONS (&opts), 56 : GNUNET_GETOPT_OPTION_END 57 : }; 58 : enum GNUNET_GenericReturnValue ret; 59 : 60 : /* Restrict permissions for the key files that we create. */ 61 20 : (void) umask (S_IWGRP | S_IROTH | S_IWOTH | S_IXOTH); 62 : opts.global_now_tmp 63 20 : = opts.global_now = GNUNET_TIME_timestamp_get (); 64 20 : ret = GNUNET_PROGRAM_run (TALER_EXCHANGE_project_data (), 65 : argc, 66 : argv, 67 : "taler-exchange-secmod-eddsa", 68 : "Handle private EDDSA key operations for a Taler exchange", 69 : options, 70 : &TALER_SECMOD_eddsa_run, 71 : &opts); 72 20 : if (GNUNET_NO == ret) 73 0 : return EXIT_SUCCESS; 74 20 : if (GNUNET_SYSERR == ret) 75 0 : return EXIT_INVALIDARGUMENT; 76 20 : return opts.global_ret; 77 : }