Line data Source code
1 : /* 2 : This file is part of TALER 3 : Copyright (C) 2014-2024 Taler Systems SA 4 : 5 : TALER is free software; you can redistribute it and/or modify it under the 6 : terms of the GNU General Public License as published by the Free Software 7 : Foundation; either version 3, or (at your option) any later version. 8 : 9 : TALER is distributed in the hope that it will be useful, but WITHOUT ANY 10 : WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR 11 : A PARTICULAR PURPOSE. See the GNU General Public License for more details. 12 : 13 : You should have received a copy of the GNU General Public License along with 14 : TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/> 15 : */ 16 : /** 17 : * @file util/taler-exchange-secmod-rsa.c 18 : * @brief Standalone process to perform private key RSA operations 19 : * @author Christian Grothoff 20 : * 21 : * Key design points: 22 : * - EVERY thread of the exchange will have its own pair of connections to the 23 : * crypto helpers. This way, every thread will also have its own /keys state 24 : * and avoid the need to synchronize on those. 25 : * - auditor signatures and master signatures are to be kept in the exchange DB, 26 : * and merged with the public keys of the helper by the exchange HTTPD! 27 : * - the main loop of the helper is SINGLE-THREADED, but there are 28 : * threads for crypto-workers which do the signing in parallel, one per client. 29 : * - thread-safety: signing happens in parallel, thus when REMOVING private keys, 30 : * we must ensure that all signers are done before we fully free() the 31 : * private key. This is done by reference counting (as work is always 32 : * assigned and collected by the main thread). 33 : */ 34 : #include "platform.h" 35 : #include "taler_util.h" 36 : 37 : 38 : /** 39 : * The entry point. 40 : * 41 : * @param argc number of arguments in @a argv 42 : * @param argv command-line arguments 43 : * @return 0 on normal termination 44 : */ 45 : int 46 20 : main (int argc, 47 : char **argv) 48 : { 49 20 : struct TALER_SECMOD_Options opts = { 50 : .max_workers = 16, 51 : .section = "taler-exchange" 52 : }; 53 20 : struct GNUNET_GETOPT_CommandLineOption options[] = { 54 20 : TALER_SECMOD_OPTIONS (&opts), 55 : GNUNET_GETOPT_OPTION_END 56 : }; 57 : enum GNUNET_GenericReturnValue ret; 58 : 59 : /* Restrict permissions for the key files that we create. */ 60 20 : (void) umask (S_IWGRP | S_IROTH | S_IWOTH | S_IXOTH); 61 : opts.global_now_tmp 62 20 : = opts.global_now 63 20 : = GNUNET_TIME_timestamp_get (); 64 20 : ret = GNUNET_PROGRAM_run (TALER_EXCHANGE_project_data (), 65 : argc, argv, 66 : "taler-exchange-secmod-rsa", 67 : "Handle private RSA key operations for a Taler exchange", 68 : options, 69 : &TALER_SECMOD_rsa_run, 70 : &opts); 71 20 : if (GNUNET_NO == ret) 72 0 : return EXIT_SUCCESS; 73 20 : if (GNUNET_SYSERR == ret) 74 0 : return EXIT_INVALIDARGUMENT; 75 20 : return opts.global_ret; 76 : }