command line tool to access command line Credential service More...

#include "gnunet_error_codes.h"
#include "platform.h"
#include <gnunet_util_lib.h>
#include <gnunet_abd_service.h>
#include <gnunet_gnsrecord_lib.h>
#include <gnunet_namestore_service.h>
#include "delegate_misc.h"
#include "abd_serialization.h"

Include dependency graph for gnunet-abd.c:

Functions
static void	do_shutdown (void *cls)
	Task run on shutdown.

static void	do_timeout (void *cls)
	Task run on timeout.

static void	handle_intermediate_result (void cls, struct GNUNET_ABD_Delegation dd, bool is_bw)

static void	handle_collect_result (void cls, unsigned int d_count, struct GNUNET_ABD_Delegation dc, unsigned int c_count, struct GNUNET_ABD_Delegate *dele)

static void	handle_verify_result (void cls, unsigned int d_count, struct GNUNET_ABD_Delegation dc, unsigned int c_count, struct GNUNET_ABD_Delegate *dele)

static void	identity_cb (void cls, struct GNUNET_IDENTITY_Ego ego)
	Callback invoked from identity service with ego information.

static int	parse_expiration (const char expirationstring, int etime_is_rel_, uint64_t *etime_)
	Parse expiration time.

static void	error_cb (void *cls)
	Function called if lookup fails.

static void	add_continuation (void *cls, enum GNUNET_ErrorCode ec)

static void	get_existing_record (void cls, const struct GNUNET_CRYPTO_BlindablePrivateKey zone_key, const char rec_name, unsigned int rd_count, const struct GNUNET_GNSRECORD_Data rd)

static void	store_cb (void cls, struct GNUNET_IDENTITY_Ego ego)

static void	sign_cb (void cls, struct GNUNET_IDENTITY_Ego ego)

static void	run (void cls, char const args, const char cfgfile, const struct GNUNET_CONFIGURATION_Handle *c)
	Main function that will be run.

int	main (int argc, char const argv)
	The main function for gnunet-gns.

Variables
static const struct GNUNET_CONFIGURATION_Handle *	cfg
	Configuration we are using.

static struct GNUNET_NAMESTORE_Handle *	ns
	Handle to the namestore.

static struct GNUNET_CRYPTO_BlindablePrivateKey	zone_pkey
	Private key for the our zone.

static struct GNUNET_IDENTITY_EgoLookup *	el
	EgoLookup.

static struct GNUNET_ABD_Handle *	abd
	Handle to Credential service.

static struct GNUNET_TIME_Relative	timeout
	Desired timeout for the lookup (default is no timeout).

static struct GNUNET_ABD_Request *	verify_request
	Handle to verify request.

static struct GNUNET_ABD_Request *	collect_request
	Handle to collect request.

static struct GNUNET_SCHEDULER_Task *	tt
	Task scheduled to handle timeout.

static int	ret = 0
	Return value of the commandline.

static char *	subject
	Subject pubkey string.

static char *	subject_delegate
	Subject delegate string.

static char *	expiration
	Credential TTL.

struct GNUNET_CRYPTO_BlindablePublicKey	subject_pkey
	Subject key.

struct GNUNET_CRYPTO_BlindablePublicKey	issuer_pkey
	Issuer key.

static char *	issuer_key
	Issuer pubkey string.

static char *	ego_name
	ego

static char *	issuer_attr
	Issuer attribute.

static int	verify
	Verify mode.

static int	collect
	Collect mode.

static int	create_is
	Create mode.

static int	create_ss
	Create mode.

static int	sign_ss
	Create mode.

static char *	import
	Signed issue credentials.

static int	is_private
	Is record private.

static int	forward
	Search direction: forward.

static int	backward
	Search direction: backward.

enum GNUNET_ABD_AlgoDirectionFlags	direction = 0
	API enum, filled and passed for collect/verify.

static struct GNUNET_NAMESTORE_QueueEntry *	add_qe
	Queue entry for the 'add' operation.

static void *	data
	Value in binary format.

static size_t	data_size
	Number of bytes in data.

static uint32_t	type
	Type string converted to DNS type value.

static char *	typestring
	Type of the record to add/remove, NULL to remove all.

static uint64_t	etime
	Expiration string converted to numeric value.

static int	etime_is_rel = GNUNET_SYSERR
	Is expiration time relative or absolute time?

static const char *	record_label
	Record label for storing delegations.

Detailed Description

command line tool to access command line Credential service

Author: Martin Schanzenbach

Definition in file gnunet-abd.c.

Function Documentation

◆ do_shutdown()

static void do_shutdown ( void * cls )

static

Task run on shutdown.

Cleans up everything.

Parameters

cls unused

Definition at line 220 of file gnunet-abd.c.

{
  if (NULL != verify_request)
  {
    GNUNET_ABD_request_cancel (verify_request);
    verify_request = NULL;
  }
  if (NULL != abd)
  {
    GNUNET_ABD_disconnect (abd);
    abd = NULL;
  }
  if (NULL != tt)
  {
    GNUNET_SCHEDULER_cancel (tt);
    tt = NULL;
  }
  if (NULL != el)
  {
    GNUNET_IDENTITY_ego_lookup_cancel (el);
    el = NULL;
  }
  if (NULL != add_qe)
  {
    GNUNET_NAMESTORE_cancel (add_qe);
    add_qe = NULL;
  }
  if (NULL != ns)
  {
    GNUNET_NAMESTORE_disconnect (ns);
    ns = NULL;
  }
}

References abd, add_qe, el, GNUNET_ABD_disconnect(), GNUNET_ABD_request_cancel(), GNUNET_IDENTITY_ego_lookup_cancel(), GNUNET_NAMESTORE_cancel(), GNUNET_NAMESTORE_disconnect(), GNUNET_SCHEDULER_cancel(), ns, tt, and verify_request.

Here is the call graph for this function:

◆ do_timeout()

static void do_timeout ( void * cls )

static

Task run on timeout.

Triggers shutdown.

Parameters

cls unused

Definition at line 261 of file gnunet-abd.c.

{
  tt = NULL;
  GNUNET_SCHEDULER_shutdown ();
}

References GNUNET_SCHEDULER_shutdown(), and tt.

Referenced by run().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ handle_intermediate_result()

static void handle_intermediate_result	(	void *	cls,
		struct GNUNET_ABD_Delegation *	dd,
		bool	is_bw
	)

static

Definition at line 269 of file gnunet-abd.c.

{
  const char *prefix = "";
  if (is_bw)
    prefix = "Backward -";
  else
    prefix = "Forward -";
 
  printf ("%s Intermediate result: %s.%s <- %s.%s\n",
          prefix,
          GNUNET_CRYPTO_blindable_public_key_to_string (&dd->issuer_key),
          dd->issuer_attribute,
          GNUNET_CRYPTO_blindable_public_key_to_string (&dd->subject_key),
          dd->subject_attribute);
}

References GNUNET_CRYPTO_blindable_public_key_to_string(), GNUNET_ABD_Delegation::issuer_attribute, GNUNET_ABD_Delegation::issuer_key, prefix, GNUNET_ABD_Delegation::subject_attribute, and GNUNET_ABD_Delegation::subject_key.

Referenced by identity_cb(), and run().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ handle_collect_result()

static void handle_collect_result	(	void *	cls,
		unsigned int	d_count,
		struct GNUNET_ABD_Delegation *	dc,
		unsigned int	c_count,
		struct GNUNET_ABD_Delegate *	dele
	)

static

Definition at line 289 of file gnunet-abd.c.

{
  int i;
  char *line;
 
  verify_request = NULL;
  if (NULL != dele)
  {
    for (i = 0; i < c_count; i++)
    {
      line = GNUNET_ABD_delegate_to_string (&dele[i]);
      printf ("%s\n", line);
      GNUNET_free (line);
    }
  }
  else
  {
    printf ("Received NULL\n");
  }
 
  GNUNET_SCHEDULER_shutdown ();
}

References GNUNET_ABD_delegate_to_string(), GNUNET_free, GNUNET_SCHEDULER_shutdown(), line, and verify_request.

Referenced by identity_cb().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ handle_verify_result()

static void handle_verify_result	(	void *	cls,
		unsigned int	d_count,
		struct GNUNET_ABD_Delegation *	dc,
		unsigned int	c_count,
		struct GNUNET_ABD_Delegate *	dele
	)

static

Definition at line 318 of file gnunet-abd.c.

{
  int i;
  char *iss_key;
  char *sub_key;
 
  verify_request = NULL;
  if (NULL == dele)
    ret = 1;
  else
  {
    printf ("Delegation Chain:\n");
    for (i = 0; i < d_count; i++)
    {
      iss_key = GNUNET_CRYPTO_blindable_public_key_to_string (&dc[i].issuer_key)
      ;
      sub_key = GNUNET_CRYPTO_blindable_public_key_to_string (&dc[i].subject_key
                                                              );
 
      if (0 != dc[i].subject_attribute_len)
      {
        printf ("(%d) %s.%s <- %s.%s\n",
                i,
                iss_key,
                dc[i].issuer_attribute,
                sub_key,
                dc[i].subject_attribute);
      }
      else
      {
        printf ("(%d) %s.%s <- %s\n",
                i,
                iss_key,
                dc[i].issuer_attribute,
                sub_key);
      }
      GNUNET_free (iss_key);
      GNUNET_free (sub_key);
    }
    printf ("\nDelegate(s):\n");
    for (i = 0; i < c_count; i++)
    {
      iss_key = GNUNET_CRYPTO_blindable_public_key_to_string (&dele[i].
                                                              issuer_key);
      sub_key = GNUNET_CRYPTO_blindable_public_key_to_string (&dele[i].
                                                              subject_key);
      printf ("%s.%s <- %s\n", iss_key, dele[i].issuer_attribute, sub_key);
      GNUNET_free (iss_key);
      GNUNET_free (sub_key);
    }
    printf ("Successful.\n");
  }
 
  GNUNET_SCHEDULER_shutdown ();
}

References dc, GNUNET_CRYPTO_blindable_public_key_to_string(), GNUNET_free, GNUNET_SCHEDULER_shutdown(), issuer_key, ret, and verify_request.

Referenced by run().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ identity_cb()

static void identity_cb	(	void *	cls,
		struct GNUNET_IDENTITY_Ego *	ego
	)

static

Callback invoked from identity service with ego information.

An ego of NULL means the ego was not found.

Parameters

cls	closure with the configuration
ego	an ego known to identity service, or NULL

Definition at line 387 of file gnunet-abd.c.

{
  const struct GNUNET_CRYPTO_BlindablePrivateKey *privkey;
 
  el = NULL;
  if (NULL == ego)
  {
    if (NULL != ego_name)
    {
      fprintf (stderr,
               _ ("Ego `%s' not known to identity service\n"),
               ego_name);
    }
    GNUNET_SCHEDULER_shutdown ();
    return;
  }
 
  if (GNUNET_YES == collect)
  {
 
    if (GNUNET_OK !=
        GNUNET_CRYPTO_blindable_public_key_from_string (issuer_key,
                                                        &issuer_pkey))
    {
      fprintf (stderr,
               _ ("Issuer public key `%s' is not well-formed\n"),
               issuer_key);
      GNUNET_SCHEDULER_shutdown ();
    }
    privkey = GNUNET_IDENTITY_ego_get_private_key (ego);
 
    collect_request = GNUNET_ABD_collect (abd,
                                          &issuer_pkey,
                                          issuer_attr,
                                          privkey,
                                          direction,
                                          &handle_collect_result,
                                          NULL,
                                          &handle_intermediate_result,
                                          NULL);
    return;
  }
  GNUNET_SCHEDULER_shutdown ();
}

References _, abd, collect, collect_request, direction, ego_name, el, GNUNET_ABD_collect(), GNUNET_CRYPTO_blindable_public_key_from_string(), GNUNET_IDENTITY_ego_get_private_key(), GNUNET_OK, GNUNET_SCHEDULER_shutdown(), GNUNET_YES, handle_collect_result(), handle_intermediate_result(), issuer_attr, issuer_key, and issuer_pkey.

Referenced by run().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ parse_expiration()

static int parse_expiration	(	const char *	expirationstring,
		int *	etime_is_rel_,
		uint64_t *	etime_
	)

static

Parse expiration time.

Parameters

	expirationstring	text to parse
[out]	etime_is_rel	set to GNUNET_YES if time is relative
[out]	etime	set to expiration time (abs or rel)

Returns: GNUNET_OK on success

Definition at line 442 of file gnunet-abd.c.

{
  // copied from namestore/gnunet-namestore.c
  struct GNUNET_TIME_Relative etime_rel;
  struct GNUNET_TIME_Absolute etime_abs;
 
  if (0 == strcmp (expirationstring, "never"))
  {
    *etime_ = GNUNET_TIME_UNIT_FOREVER_ABS.abs_value_us;
    *etime_is_rel_ = GNUNET_NO;
    return GNUNET_OK;
  }
  if (GNUNET_OK ==
      GNUNET_STRINGS_fancy_time_to_relative (expirationstring, &etime_rel))
  {
    *etime_is_rel_ = GNUNET_YES;
    *etime_ = etime_rel.rel_value_us;
    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                "Storing record with relative expiration time of %s\n",
                GNUNET_STRINGS_relative_time_to_string (etime_rel, GNUNET_NO));
    return GNUNET_OK;
  }
  if (GNUNET_OK ==
      GNUNET_STRINGS_fancy_time_to_absolute (expirationstring, &etime_abs))
  {
    *etime_is_rel_ = GNUNET_NO;
    *etime_ = etime_abs.abs_value_us;
    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                "Storing record with absolute expiration time of %s\n",
                GNUNET_STRINGS_absolute_time_to_string (etime_abs));
    return GNUNET_OK;
  }
  return GNUNET_SYSERR;
}

References GNUNET_TIME_Absolute::abs_value_us, expirationstring, GNUNET_ERROR_TYPE_DEBUG, GNUNET_log, GNUNET_NO, GNUNET_OK, GNUNET_STRINGS_absolute_time_to_string(), GNUNET_STRINGS_fancy_time_to_absolute(), GNUNET_STRINGS_fancy_time_to_relative(), GNUNET_STRINGS_relative_time_to_string(), GNUNET_SYSERR, GNUNET_TIME_UNIT_FOREVER_ABS, GNUNET_YES, and GNUNET_TIME_Relative::rel_value_us.

Referenced by store_cb().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ error_cb()

static void error_cb ( void * cls )

static

Function called if lookup fails.

Definition at line 484 of file gnunet-abd.c.

{
  fprintf (stderr, "Error occurred during lookup, shutting down.\n");
  GNUNET_SCHEDULER_shutdown ();
  return;
}

References GNUNET_SCHEDULER_shutdown().

Referenced by GNUNET_NAMESTORE_records_lookup(), GNUNET_NAMESTORE_records_lookup2(), GNUNET_NAMESTORE_zone_iteration_start(), GNUNET_NAMESTORE_zone_iteration_start2(), GNUNET_NAMESTORE_zone_monitor_start(), GNUNET_NAMESTORE_zone_monitor_start2(), GNUNET_NAMESTORE_zone_to_name(), GNUNET_PEERSTORE_monitor_start(), GNUNET_RECLAIM_get_attributes_start(), GNUNET_RECLAIM_get_credentials_start(), GNUNET_RECLAIM_ticket_iteration_start(), records_lookup(), and store_cb().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ add_continuation()

static void add_continuation	(	void *	cls,
		enum GNUNET_ErrorCode	ec
	)

static

Definition at line 493 of file gnunet-abd.c.

{
  struct GNUNET_NAMESTORE_QueueEntry **qe = cls;
  *qe = NULL;
 
  if (GNUNET_EC_NONE == ec)
    printf ("Adding successful.\n");
  else
    fprintf (stderr, "Error: `%s'.\n", GNUNET_ErrorCode_get_hint (ec));
 
  GNUNET_SCHEDULER_shutdown ();
}

References GNUNET_EC_NONE, GNUNET_ErrorCode_get_hint(), GNUNET_SCHEDULER_shutdown(), and qe.

Referenced by get_existing_record().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ get_existing_record()

static void get_existing_record	(	void *	cls,
		const struct GNUNET_CRYPTO_BlindablePrivateKey *	zone_key,
		const char *	rec_name,
		unsigned int	rd_count,
		const struct GNUNET_GNSRECORD_Data *	rd
	)

static

Definition at line 508 of file gnunet-abd.c.

{
  struct GNUNET_GNSRECORD_Data *rde;
  struct GNUNET_GNSRECORD_Data*rdn =
    GNUNET_malloc (sizeof(*rdn) * (rd_count + 1));
 
  memset (rdn, 0, sizeof (struct GNUNET_GNSRECORD_Data));
  GNUNET_memcpy (&rdn[1], rd,
                 rd_count * sizeof (struct GNUNET_GNSRECORD_Data));
  rde = &rdn[0];
  rde->data = data;
  rde->data_size = data_size;
  rde->record_type = type;
 
  // Set flags
  if (GNUNET_YES == is_private)
    rde->flags |= GNUNET_GNSRECORD_RF_PRIVATE;
  rde->expiration_time = etime;
  if (GNUNET_YES == etime_is_rel)
    rde->flags |= GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION;
  else if (GNUNET_NO != etime_is_rel)
    rde->expiration_time = GNUNET_TIME_UNIT_FOREVER_ABS.abs_value_us;
 
  GNUNET_assert (NULL != rec_name);
  add_qe = GNUNET_NAMESTORE_record_set_store (ns,
                                              &zone_pkey,
                                              rec_name,
                                              rd_count + 1,
                                              rde,
                                              &add_continuation,
                                              &add_qe);
  GNUNET_free (rdn);
  return;
}

References add_continuation(), add_qe, data, GNUNET_GNSRECORD_Data::data, data_size, GNUNET_GNSRECORD_Data::data_size, etime, etime_is_rel, GNUNET_GNSRECORD_Data::expiration_time, GNUNET_GNSRECORD_Data::flags, GNUNET_assert, GNUNET_free, GNUNET_GNSRECORD_RF_PRIVATE, GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION, GNUNET_malloc, GNUNET_memcpy, GNUNET_NAMESTORE_record_set_store(), GNUNET_NO, GNUNET_TIME_UNIT_FOREVER_ABS, GNUNET_YES, is_private, ns, rd, rd_count, GNUNET_GNSRECORD_Data::record_type, type, and zone_pkey.

Referenced by store_cb().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ store_cb()

static void store_cb	(	void *	cls,
		struct GNUNET_IDENTITY_Ego *	ego
	)

static

Definition at line 549 of file gnunet-abd.c.

{
  const struct GNUNET_CONFIGURATION_Handle *cfg_ = cls;
  struct GNUNET_ABD_Delegate *cred;
  struct GNUNET_CRYPTO_BlindablePublicKey zone_pubkey;
  char *subject_pubkey_str;
  char *zone_pubkey_str;
 
  el = NULL;
 
  ns = GNUNET_NAMESTORE_connect (cfg_);
  if (NULL == ns)
  {
    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                _ ("Failed to connect to namestore\n"));
    GNUNET_SCHEDULER_shutdown ();
    return;
  }
 
  if (NULL == ego)
  {
    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                _ ("Ego does not exist!\n"));
    GNUNET_SCHEDULER_shutdown ();
    return;
  }
 
  // Key handling
  zone_pkey = *GNUNET_IDENTITY_ego_get_private_key (ego);
 
  if (GNUNET_GNSRECORD_TYPE_DELEGATE == type)
  {
    // Parse import
    cred = GNUNET_ABD_delegate_from_string (import);
 
    if (NULL == cred)
    {
      fprintf (stderr,
               "%s is not a valid credential\n", import);
      GNUNET_SCHEDULER_shutdown ();
      return;
    }
 
    // Get import subject public key string
    subject_pubkey_str =
      GNUNET_CRYPTO_blindable_public_key_to_string (&cred->subject_key);
 
    // Get zone public key string
    GNUNET_IDENTITY_ego_get_public_key (ego, &zone_pubkey);
    zone_pubkey_str =
      GNUNET_CRYPTO_blindable_public_key_to_string (&zone_pubkey);
 
    // Check if the subject key in the signed import matches the zone's key it is issued to
    if (strcmp (zone_pubkey_str, subject_pubkey_str) != 0)
    {
      fprintf (stderr,
               "Import signed delegate does not match this ego's public key.\n")
      ;
      GNUNET_free (cred);
      GNUNET_SCHEDULER_shutdown ();
      return;
    }
 
    // Expiration
    etime = cred->expiration.abs_value_us;
    etime_is_rel = GNUNET_NO;
 
    // Prepare the data to be store in the record
    data_size = GNUNET_ABD_delegate_serialize (cred, (char **) &data);
    GNUNET_free (cred);
  }
  else
  {
    // For all other types e.g. GNUNET_GNSRECORD_TYPE_ATTRIBUTE
    if (GNUNET_OK !=
        GNUNET_GNSRECORD_string_to_value (type, subject, &data, &data_size))
    {
      if (typestring == NULL)
      {
        fputs ("Value for unknown record type not well-formed.\n", stderr);
      }
      else if (subject == NULL)
      {
        fprintf (stderr,
                 "Value for record type `%s' not well-formed.\n",
                 typestring);
      }
      else
      {
        fprintf (stderr,
                 "Value `%s' invalid for record type `%s'\n",
                 subject,
                 typestring);
      }
      GNUNET_SCHEDULER_shutdown ();
      return;
    }
 
    // Take care of expiration
    if (NULL == expiration)
    {
      fprintf (stderr, "Missing option -e for operation 'create'\n");
      GNUNET_SCHEDULER_shutdown ();
      return;
    }
    if (GNUNET_OK != parse_expiration (expiration, &etime_is_rel, &etime))
    {
      fprintf (stderr, "Invalid time format `%s'\n", expiration);
      GNUNET_SCHEDULER_shutdown ();
      return;
    }
  }
 
  // Start lookup
  add_qe = GNUNET_NAMESTORE_records_lookup (ns,
                                            &zone_pkey,
                                            record_label,
                                            &error_cb,
                                            NULL,
                                            &get_existing_record,
                                            NULL);
  return;
}

References _, add_qe, cred, data, data_size, el, error_cb(), etime, etime_is_rel, expiration, get_existing_record(), GNUNET_ABD_delegate_from_string(), GNUNET_ABD_delegate_serialize(), GNUNET_CRYPTO_blindable_public_key_to_string(), GNUNET_ERROR_TYPE_ERROR, GNUNET_free, GNUNET_GNSRECORD_string_to_value(), GNUNET_GNSRECORD_TYPE_DELEGATE, GNUNET_IDENTITY_ego_get_private_key(), GNUNET_IDENTITY_ego_get_public_key(), GNUNET_log, GNUNET_NAMESTORE_connect(), GNUNET_NAMESTORE_records_lookup(), GNUNET_NO, GNUNET_OK, GNUNET_SCHEDULER_shutdown(), ns, parse_expiration(), record_label, subject, type, typestring, and zone_pkey.

Referenced by run().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ sign_cb()

static void sign_cb	(	void *	cls,
		struct GNUNET_IDENTITY_Ego *	ego
	)

static

Definition at line 675 of file gnunet-abd.c.

{
  const struct GNUNET_CRYPTO_BlindablePrivateKey *privkey;
  struct GNUNET_ABD_Delegate *dele;
  struct GNUNET_TIME_Absolute etime_abs;
  char *res;
  char *subject_pubkey_str;
  char *subject_attr = NULL;
  char *token;
 
  el = NULL;
 
  // work on expiration time
  if (NULL == expiration)
  {
    fprintf (stderr, "Please specify a TTL\n");
    GNUNET_SCHEDULER_shutdown ();
    return;
  }
  else if (GNUNET_OK !=
           GNUNET_STRINGS_fancy_time_to_absolute (expiration, &etime_abs))
  {
    fprintf (stderr,
             "%s is not a valid ttl! Only absolute times are accepted!\n",
             expiration);
    GNUNET_SCHEDULER_shutdown ();
    return;
  }
 
  // If contains a space - split it by the first space only - assume first entry is subject followed by attribute(s)
 
  // Subject Public Key
  token = strtok (subject, " ");
  subject_pubkey_str = token;
  // Subject Attribute(s)
  token = strtok (NULL, " ");
  if (NULL != token)
  {
    subject_attr = token;
  }
 
  // work on keys
  privkey = GNUNET_IDENTITY_ego_get_private_key (ego);
 
  if (NULL == subject_pubkey_str)
  {
    fprintf (stderr,
             "Subject pubkey not given\n");
    GNUNET_SCHEDULER_shutdown ();
    return;
  }
  if (GNUNET_OK !=
      GNUNET_CRYPTO_blindable_public_key_from_string (subject_pubkey_str,
                                                      &subject_pkey))
  {
    fprintf (stderr,
             "Subject public key `%s' is not well-formed\n",
             subject_pubkey_str);
    GNUNET_SCHEDULER_shutdown ();
    return;
  }
 
  // Sign delegate
  dele = GNUNET_ABD_delegate_issue (privkey,
                                    &subject_pkey,
                                    issuer_attr,
                                    subject_attr,
                                    &etime_abs);
  res = GNUNET_ABD_delegate_to_string (dele);
  GNUNET_free (dele);
  printf ("%s\n", res);
 
  GNUNET_free (ego_name);
  ego_name = NULL;
 
  GNUNET_SCHEDULER_shutdown ();
}

References ego_name, el, expiration, GNUNET_ABD_delegate_issue(), GNUNET_ABD_delegate_to_string(), GNUNET_CRYPTO_blindable_public_key_from_string(), GNUNET_free, GNUNET_IDENTITY_ego_get_private_key(), GNUNET_OK, GNUNET_SCHEDULER_shutdown(), GNUNET_STRINGS_fancy_time_to_absolute(), issuer_attr, res, subject, and subject_pkey.

Referenced by run().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ run()

static void run	(	void *	cls,
		char const	args,
		const char *	cfgfile,
		const struct GNUNET_CONFIGURATION_Handle *	c
	)

static

Main function that will be run.

Parameters

cls	closure
args	remaining command-line arguments
cfgfile	name of the configuration file used (for saving, can be NULL!)
c	configuration

Definition at line 763 of file gnunet-abd.c.

{
  cfg = c;
 
  tt = GNUNET_SCHEDULER_add_delayed (timeout, &do_timeout, NULL);
  GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL);
 
  // Check relevant cmdline parameters
  if (GNUNET_YES == create_is)
  {
    if (NULL == ego_name)
    {
      fprintf (stderr, "Missing option '-ego'\n");
      GNUNET_SCHEDULER_shutdown ();
      return;
    }
    if (NULL == issuer_attr)
    {
      fprintf (stderr, "Missing option '-attribute' for issuer attribute\n");
      GNUNET_SCHEDULER_shutdown ();
      return;
    }
    if (NULL == subject)
    {
      fprintf (stderr, "Missing option -subject for operation 'create'.'\n");
      GNUNET_SCHEDULER_shutdown ();
      return;
    }
 
    // Lookup ego, on success call store_cb and store as ATTRIBUTE type
    type = GNUNET_GNSRECORD_TYPE_ATTRIBUTE;
    record_label = issuer_attr;
    el = GNUNET_IDENTITY_ego_lookup (cfg, ego_name, &store_cb, (void *) cfg);
    return;
  }
 
  if (GNUNET_YES == create_ss)
  {
 
    // check if signed parameter has been passed in cmd line call
    if (NULL == import)
    {
      fprintf (stderr, "'import' required\n");
      GNUNET_SCHEDULER_shutdown ();
      return;
    }
 
    type = GNUNET_GNSRECORD_TYPE_DELEGATE;
    record_label = GNUNET_GNS_EMPTY_LABEL_AT;
    // Store subject side
    el = GNUNET_IDENTITY_ego_lookup (cfg, ego_name, &store_cb, (void *) cfg);
 
    return;
  }
 
  if (GNUNET_YES == sign_ss)
  {
    if (NULL == ego_name)
    {
      fprintf (stderr, "ego required\n");
      GNUNET_SCHEDULER_shutdown ();
      return;
    }
    if (NULL == subject)
    {
      fprintf (stderr, "Subject public key needed\n");
      GNUNET_SCHEDULER_shutdown ();
      return;
    }
 
    // lookup ego and call function sign_cb on success
    el = GNUNET_IDENTITY_ego_lookup (cfg, ego_name, &sign_cb, (void *) cfg);
    return;
  }
 
  if ((GNUNET_NO == forward) && (GNUNET_NO == backward))
  {
    // set default: bidirectional
    forward = GNUNET_YES;
    backward = GNUNET_YES;
  }
  if (GNUNET_YES == forward)
    direction |= GNUNET_ABD_FLAG_FORWARD;
  if (GNUNET_YES == backward)
    direction |= GNUNET_ABD_FLAG_BACKWARD;
 
  if (GNUNET_YES == collect)
  {
    if (NULL == issuer_key)
    {
      fprintf (stderr, _ ("Issuer public key not well-formed\n"));
      GNUNET_SCHEDULER_shutdown ();
      return;
    }
 
    abd = GNUNET_ABD_connect (cfg);
 
    if (NULL == abd)
    {
      fprintf (stderr, _ ("Failed to connect to ABD\n"));
      GNUNET_SCHEDULER_shutdown ();
      return;
    }
    if (NULL == issuer_attr)
    {
      fprintf (stderr, _ ("You must provide issuer the attribute\n"));
      GNUNET_SCHEDULER_shutdown ();
      return;
    }
 
    if (NULL == ego_name)
    {
      fprintf (stderr, _ ("ego required\n"));
      GNUNET_SCHEDULER_shutdown ();
      return;
    }
    el = GNUNET_IDENTITY_ego_lookup (cfg, ego_name, &identity_cb, (void *) cfg);
    return;
  }
 
  if (NULL == subject)
  {
    fprintf (stderr, _ ("Subject public key needed\n"));
    GNUNET_SCHEDULER_shutdown ();
    return;
  }
  if (GNUNET_OK != GNUNET_CRYPTO_blindable_public_key_from_string (subject,
                                                                   &subject_pkey
                                                                   ))
  {
    fprintf (stderr,
             _ ("Subject public key `%s' is not well-formed\n"),
             subject);
    GNUNET_SCHEDULER_shutdown ();
    return;
  }
 
  if (GNUNET_YES == verify)
  {
    if (NULL == issuer_key)
    {
      fprintf (stderr, _ ("Issuer public key not well-formed\n"));
      GNUNET_SCHEDULER_shutdown ();
      return;
    }
    if (GNUNET_OK !=
        GNUNET_CRYPTO_blindable_public_key_from_string (issuer_key,
                                                        &issuer_pkey))
    {
      fprintf (stderr,
               _ ("Issuer public key `%s' is not well-formed\n"),
               issuer_key);
      GNUNET_SCHEDULER_shutdown ();
      return;
    }
    abd = GNUNET_ABD_connect (cfg);
 
    if (NULL == abd)
    {
      fprintf (stderr, _ ("Failed to connect to ABD\n"));
      GNUNET_SCHEDULER_shutdown ();
      return;
    }
    if ((NULL == issuer_attr) || (NULL == subject_delegate))
    {
      fprintf (stderr, _ ("You must provide issuer and subject attributes\n"));
      GNUNET_SCHEDULER_shutdown ();
      return;
    }
 
    // Subject credentials are comma separated
    {
      struct GNUNET_ABD_Delegate *delegates;
      struct GNUNET_ABD_Delegate *dele;
      char *tmp = GNUNET_strdup (subject_delegate);
      char *tok = strtok (tmp, ",");
      int count = 1;
      int i;
      if (NULL == tok)
      {
        fprintf (stderr, "Invalid subject credentials\n");
        GNUNET_free (tmp);
        GNUNET_SCHEDULER_shutdown ();
        return;
      }
      while (NULL != (tok = strtok (NULL, ",")))
        count++;
      delegates = GNUNET_malloc (sizeof(*delegates) * count);
      GNUNET_free (tmp);
      tmp = GNUNET_strdup (subject_delegate);
      tok = strtok (tmp, ",");
      for (i = 0; i < count; i++)
      {
        dele = GNUNET_ABD_delegate_from_string (tok);
        GNUNET_memcpy (&delegates[i],
                       dele,
                       sizeof (struct GNUNET_ABD_Delegate));
        delegates[i].issuer_attribute = GNUNET_strdup (dele->issuer_attribute);
        tok = strtok (NULL, ",");
        GNUNET_free (dele);
      }
 
      verify_request = GNUNET_ABD_verify (abd,
                                          &issuer_pkey,
                                          issuer_attr,
                                          &subject_pkey,
                                          count,
                                          delegates,
                                          direction,
                                          &handle_verify_result,
                                          NULL,
                                          &handle_intermediate_result,
                                          NULL);
      for (i = 0; i < count; i++)
      {
        GNUNET_free_nz ((char *) delegates[i].issuer_attribute);
        delegates[i].issuer_attribute = NULL;
      }
      GNUNET_free (tmp);
      GNUNET_free (delegates);
    }
  }
  else
  {
    fprintf (stderr,
             _ (
               "Please specify name to lookup, subject key and issuer key!\n"));
    GNUNET_SCHEDULER_shutdown ();
  }
  return;
}

References _, abd, backward, cfg, collect, create_is, create_ss, direction, do_shutdown, do_timeout(), ego_name, el, forward, GNUNET_ABD_connect(), GNUNET_ABD_delegate_from_string(), GNUNET_ABD_FLAG_BACKWARD, GNUNET_ABD_FLAG_FORWARD, GNUNET_ABD_verify(), GNUNET_CRYPTO_blindable_public_key_from_string(), GNUNET_free, GNUNET_free_nz, GNUNET_GNS_EMPTY_LABEL_AT, GNUNET_GNSRECORD_TYPE_ATTRIBUTE, GNUNET_GNSRECORD_TYPE_DELEGATE, GNUNET_IDENTITY_ego_lookup(), GNUNET_malloc, GNUNET_memcpy, GNUNET_NO, GNUNET_OK, GNUNET_SCHEDULER_add_delayed(), GNUNET_SCHEDULER_add_shutdown(), GNUNET_SCHEDULER_shutdown(), GNUNET_strdup, GNUNET_YES, handle_intermediate_result(), handle_verify_result(), identity_cb(), issuer_attr, GNUNET_ABD_Delegate::issuer_attribute, issuer_key, issuer_pkey, record_label, sign_cb(), sign_ss, store_cb(), subject, subject_delegate, subject_pkey, timeout, tt, type, verify, and verify_request.

Referenced by main().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ main()

int main	(	int	argc,
		char const	argv
	)

The main function for gnunet-gns.

Parameters

argc	number of arguments from the command line
argv	command line arguments

Returns: 0 ok, 1 on error

Definition at line 1007 of file gnunet-abd.c.

{
  struct GNUNET_GETOPT_CommandLineOption options[] =
  {GNUNET_GETOPT_option_flag ('V',
                              "verify",
                              gettext_noop (
                                "verify credential against attribute"),
                              &verify),
   GNUNET_GETOPT_option_string (
     's',
     "subject",
     "PKEY",
     gettext_noop (
       "The public key of the subject to lookup the"
       "credential for, or for issuer side storage: subject and its attributes")
     ,
     &subject),
   GNUNET_GETOPT_option_string (
     'd',
     "delegate",
     "DELE",
     gettext_noop ("The private, signed delegate presented by the subject"),
     &subject_delegate),
   GNUNET_GETOPT_option_string (
     'i',
     "issuer",
     "PKEY",
     gettext_noop (
       "The public key of the authority to verify the credential against"),
     &issuer_key),
   GNUNET_GETOPT_option_string ('e',
                                "ego",
                                "EGO",
                                gettext_noop ("The ego/zone name to use"),
                                &ego_name),
   GNUNET_GETOPT_option_string (
     'a',
     "attribute",
     "ATTR",
     gettext_noop ("The issuer attribute to verify against or to issue"),
     &issuer_attr),
   GNUNET_GETOPT_option_string ('T',
                                "ttl",
                                "EXP",
                                gettext_noop (
                                  "The time to live for the credential."
                                  "e.g. 5m, 6h, \"1990-12-30 12:00:00\""),
                                &expiration),
   GNUNET_GETOPT_option_flag ('g',
                              "collect",
                              gettext_noop ("collect credentials"),
                              &collect),
   GNUNET_GETOPT_option_flag ('U',
                              "createIssuerSide",
                              gettext_noop (
                                "Create and issue a credential issuer side."),
                              &create_is),
   GNUNET_GETOPT_option_flag ('C',
                              "createSubjectSide",
                              gettext_noop (
                                "Issue a credential subject side."),
                              &create_ss),
   GNUNET_GETOPT_option_flag (
     'S',
     "signSubjectSide",
     gettext_noop ("Create, sign and return a credential subject side."),
     &sign_ss),
   GNUNET_GETOPT_option_string (
     'x',
     "import",
     "IMP",
     gettext_noop (
       "Import signed credentials that should be issued to a zone/ego"),
     &import),
   GNUNET_GETOPT_option_flag ('P',
                              "private",
                              gettext_noop ("Create private record entry."),
                              &is_private),
   GNUNET_GETOPT_option_flag (
     'F',
     "forward",
     gettext_noop (
       "Indicates that the collect/verify process is done via forward search."),
     &forward),
   GNUNET_GETOPT_option_flag (
     'B',
     "backward",
     gettext_noop (
       "Indicates that the collect/verify process is done via forward search."),
     &backward),
   GNUNET_GETOPT_OPTION_END};
 
 
  timeout = GNUNET_TIME_UNIT_FOREVER_REL;
  GNUNET_log_setup ("gnunet-abd", "WARNING", NULL);
  if (GNUNET_OK != GNUNET_PROGRAM_run (GNUNET_OS_project_data_gnunet (),
                                       argc,
                                       argv,
                                       "gnunet-abd",
                                       _ ("GNUnet abd resolver tool"),
                                       options,
                                       &run,
                                       NULL))
    ret = 1;
  return ret;
}