Line data Source code
1 : /*
2 : This file is part of TALER
3 : Copyright (C) 2014-2024 Taler Systems SA
4 :
5 : TALER is free software; you can redistribute it and/or modify it under the
6 : terms of the GNU General Public License as published by the Free Software
7 : Foundation; either version 3, or (at your option) any later version.
8 :
9 : TALER is distributed in the hope that it will be useful, but WITHOUT ANY
10 : WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
11 : A PARTICULAR PURPOSE. See the GNU General Public License for more details.
12 :
13 : You should have received a copy of the GNU General Public License along with
14 : TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
15 : */
16 : /**
17 : * @file util/taler-exchange-secmod-rsa.c
18 : * @brief Standalone process to perform private key RSA operations
19 : * @author Christian Grothoff
20 : *
21 : * Key design points:
22 : * - EVERY thread of the exchange will have its own pair of connections to the
23 : * crypto helpers. This way, every thread will also have its own /keys state
24 : * and avoid the need to synchronize on those.
25 : * - auditor signatures and master signatures are to be kept in the exchange DB,
26 : * and merged with the public keys of the helper by the exchange HTTPD!
27 : * - the main loop of the helper is SINGLE-THREADED, but there are
28 : * threads for crypto-workers which do the signing in parallel, one per client.
29 : * - thread-safety: signing happens in parallel, thus when REMOVING private keys,
30 : * we must ensure that all signers are done before we fully free() the
31 : * private key. This is done by reference counting (as work is always
32 : * assigned and collected by the main thread).
33 : */
34 : #include "taler/platform.h"
35 : #include "taler/taler_util.h"
36 :
37 :
38 : /**
39 : * The entry point.
40 : *
41 : * @param argc number of arguments in @a argv
42 : * @param argv command-line arguments
43 : * @return 0 on normal termination
44 : */
45 : int
46 18 : main (int argc,
47 : char **argv)
48 : {
49 18 : struct TALER_SECMOD_Options opts = {
50 : .max_workers = 16,
51 : .section = "taler-exchange",
52 : .cprefix = "coin_"
53 : };
54 18 : struct GNUNET_GETOPT_CommandLineOption options[] = {
55 18 : TALER_SECMOD_OPTIONS (&opts),
56 : GNUNET_GETOPT_OPTION_END
57 : };
58 : enum GNUNET_GenericReturnValue ret;
59 :
60 : /* Restrict permissions for the key files that we create. */
61 18 : (void) umask (S_IWGRP | S_IROTH | S_IWOTH | S_IXOTH);
62 : opts.global_now_tmp
63 18 : = opts.global_now
64 18 : = GNUNET_TIME_timestamp_get ();
65 18 : ret = GNUNET_PROGRAM_run (TALER_EXCHANGE_project_data (),
66 : argc, argv,
67 : "taler-exchange-secmod-rsa",
68 : "Handle private RSA key operations for a Taler exchange",
69 : options,
70 : &TALER_SECMOD_rsa_run,
71 : &opts);
72 18 : if (GNUNET_NO == ret)
73 0 : return EXIT_SUCCESS;
74 18 : if (GNUNET_SYSERR == ret)
75 0 : return EXIT_INVALIDARGUMENT;
76 18 : return opts.global_ret;
77 : }
|
