GNUnet  0.11.x
delegate_misc.c
Go to the documentation of this file.
1 /*
2  This file is part of GNUnet.
3  Copyright (C) 2009-2013, 2016 GNUnet e.V.
4 
5  GNUnet is free software: you can redistribute it and/or modify it
6  under the terms of the GNU Affero General Public License as published
7  by the Free Software Foundation, either version 3 of the License,
8  or (at your option) any later version.
9 
10  GNUnet is distributed in the hope that it will be useful, but
11  WITHOUT ANY WARRANTY; without even the implied warranty of
12  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  Affero General Public License for more details.
14 
15  You should have received a copy of the GNU Affero General Public License
16  along with this program. If not, see <http://www.gnu.org/licenses/>.
17 
18  SPDX-License-Identifier: AGPL3.0-or-later
19 */
20 
21 
28 #include "platform.h"
29 #include "gnunet_util_lib.h"
30 #include "gnunet_constants.h"
31 #include "gnunet_abd_service.h"
32 #include "gnunet_signatures.h"
33 #include "abd.h"
34 #include <inttypes.h>
35 
36 char *
37 GNUNET_ABD_delegate_to_string (
38  const struct GNUNET_ABD_Delegate *cred)
39 {
40  char *cred_str;
41  char *subject_pkey;
42  char *issuer_pkey;
43  char *signature;
44 
45  subject_pkey = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->subject_key);
46  issuer_pkey = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->issuer_key);
47  GNUNET_STRINGS_base64_encode ((char *) &cred->signature,
48  sizeof (struct GNUNET_CRYPTO_EcdsaSignature),
49  &signature);
50  if (0 == cred->subject_attribute_len)
51  {
52  GNUNET_asprintf (&cred_str,
53  "%s.%s -> %s | %s | %" SCNu64,
54  issuer_pkey,
55  cred->issuer_attribute,
56  subject_pkey,
57  signature,
58  cred->expiration.abs_value_us);
59  }
60  else
61  {
62  GNUNET_asprintf (&cred_str,
63  "%s.%s -> %s.%s | %s | %" SCNu64,
64  issuer_pkey,
65  cred->issuer_attribute,
66  subject_pkey,
67  cred->subject_attribute,
68  signature,
69  cred->expiration.abs_value_us);
70  }
71  GNUNET_free (subject_pkey);
72  GNUNET_free (issuer_pkey);
73  GNUNET_free (signature);
74 
75  return cred_str;
76 }
77 
78 struct GNUNET_ABD_Delegate *
79 GNUNET_ABD_delegate_from_string (const char *s)
80 {
81  struct GNUNET_ABD_Delegate *dele;
82  size_t enclen = (sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)) * 8;
83  if (enclen % 5 > 0)
84  enclen += 5 - enclen % 5;
85  enclen /= 5; /* 260/5 = 52 */
86  char subject_pkey[enclen + 1];
87  char issuer_pkey[enclen + 1];
88  char iss_attr[253 + 1];
89  // Needs to be initialized, in case of Type 1 credential (A.a <- B)
90  char sub_attr[253 + 1] = "";
91  char signature[256]; // TODO max payload size
92 
93  struct GNUNET_CRYPTO_EcdsaSignature *sig;
94  struct GNUNET_TIME_Absolute etime_abs;
95 
96  // If it's A.a <- B.b...
97  if (6 != sscanf (s,
98  "%52s.%253s -> %52s.%253s | %s | %" SCNu64,
99  issuer_pkey,
100  iss_attr,
101  subject_pkey,
102  sub_attr,
103  signature,
104  &etime_abs.abs_value_us))
105  {
106  // Try if it's A.a <- B
107  if (5 != sscanf (s,
108  "%52s.%253s -> %52s | %s | %" SCNu64,
109  issuer_pkey,
110  iss_attr,
111  subject_pkey,
112  signature,
113  &etime_abs.abs_value_us))
114  {
115  GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
116  "Unable to parse DEL record string `%s'\n",
117  s);
118  return NULL;
119  }
120  }
121 
122  // +1 for \0
123  int attr_len;
124  if (strcmp (sub_attr, "") == 0)
125  {
126  attr_len = strlen (iss_attr) + 1;
127  }
128  else
129  {
130  attr_len = strlen (iss_attr) + strlen (sub_attr) + 2;
131  }
132  dele = GNUNET_malloc (sizeof (struct GNUNET_ABD_Delegate) + attr_len);
133 
134  char tmp_str[attr_len];
135  GNUNET_memcpy (tmp_str, iss_attr, strlen (iss_attr));
136  if (strcmp (sub_attr, "") != 0)
137  {
138  tmp_str[strlen (iss_attr)] = '\0';
139  GNUNET_memcpy (tmp_str + strlen (iss_attr) + 1,
140  sub_attr,
141  strlen (sub_attr));
142  }
143  tmp_str[attr_len - 1] = '\0';
144 
145  GNUNET_CRYPTO_ecdsa_public_key_from_string (subject_pkey,
146  strlen (subject_pkey),
147  &dele->subject_key);
148  GNUNET_CRYPTO_ecdsa_public_key_from_string (issuer_pkey,
149  strlen (issuer_pkey),
150  &dele->issuer_key);
151  GNUNET_assert (sizeof (struct GNUNET_CRYPTO_EcdsaSignature) ==
152  GNUNET_STRINGS_base64_decode (signature,
153  strlen (signature),
154  (void **) &sig));
155  dele->signature = *sig;
156  dele->expiration = etime_abs;
157  GNUNET_free (sig);
158 
159  GNUNET_memcpy (&dele[1], tmp_str, attr_len);
160 
161  dele->issuer_attribute = (char *) &dele[1];
162  dele->issuer_attribute_len = strlen (iss_attr);
163  if (strcmp (sub_attr, "") == 0)
164  {
165  dele->subject_attribute = NULL;
166  dele->subject_attribute_len = 0;
167  }
168  else
169  {
170  dele->subject_attribute = (char *) &dele[1] + strlen (iss_attr) + 1;
171  dele->subject_attribute_len = strlen (sub_attr);
172  }
173 
174  return dele;
175 }
176 
186 struct GNUNET_ABD_Delegate *
187 GNUNET_ABD_delegate_issue (
188  const struct GNUNET_CRYPTO_EcdsaPrivateKey *issuer,
189  struct GNUNET_CRYPTO_EcdsaPublicKey *subject,
190  const char *iss_attr,
191  const char *sub_attr,
192  struct GNUNET_TIME_Absolute *expiration)
193 {
194  struct DelegateEntry *del;
195  struct GNUNET_ABD_Delegate *dele;
196  size_t size;
197  int attr_len;
198 
199  if (NULL == sub_attr)
200  {
201  // +1 for \0
202  attr_len = strlen (iss_attr) + 1;
203  }
204  else
205  {
206  // +2 for both strings need to be terminated with \0
207  attr_len = strlen (iss_attr) + strlen (sub_attr) + 2;
208  }
209  size = sizeof (struct DelegateEntry) + attr_len;
210 
211  char tmp_str[attr_len];
212  GNUNET_memcpy (tmp_str, iss_attr, strlen (iss_attr));
213  if (NULL != sub_attr)
214  {
215  tmp_str[strlen (iss_attr)] = '\0';
216  GNUNET_memcpy (tmp_str + strlen (iss_attr) + 1,
217  sub_attr,
218  strlen (sub_attr));
219  }
220  tmp_str[attr_len - 1] = '\0';
221 
222  del = GNUNET_malloc (size);
223  del->purpose.size =
224  htonl (size - sizeof (struct GNUNET_CRYPTO_EcdsaSignature));
225  del->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_DELEGATE);
226  GNUNET_CRYPTO_ecdsa_key_get_public (issuer, &del->issuer_key);
227  del->subject_key = *subject;
228  del->expiration = GNUNET_htonll (expiration->abs_value_us);
229  del->issuer_attribute_len = htonl (strlen (iss_attr) + 1);
230  if (NULL == sub_attr)
231  {
232  del->subject_attribute_len = htonl (0);
233  }
234  else
235  {
236  del->subject_attribute_len = htonl (strlen (sub_attr) + 1);
237  }
238 
239  GNUNET_memcpy (&del[1], tmp_str, attr_len);
240 
241  if (GNUNET_OK !=
242  GNUNET_CRYPTO_ecdsa_sign (issuer, &del->purpose, &del->signature))
243  {
244  GNUNET_break (0);
245  GNUNET_free (del);
246  return NULL;
247  }
248 
249  dele = GNUNET_malloc (sizeof (struct GNUNET_ABD_Delegate) + attr_len);
250  dele->signature = del->signature;
251  dele->expiration = *expiration;
252  GNUNET_CRYPTO_ecdsa_key_get_public (issuer, &dele->issuer_key);
253 
254  dele->subject_key = *subject;
255 
256  // Copy the combined string at the part in the memory where the struct ends
257  GNUNET_memcpy (&dele[1], tmp_str, attr_len);
258 
259  dele->issuer_attribute = (char *) &dele[1];
260  dele->issuer_attribute_len = strlen (iss_attr);
261  if (NULL == sub_attr)
262  {
263  dele->subject_attribute = NULL;
264  dele->subject_attribute_len = 0;
265  }
266  else
267  {
268  dele->subject_attribute = (char *) &dele[1] + strlen (iss_attr) + 1;
269  dele->subject_attribute_len = strlen (sub_attr);
270  }
271 
272  GNUNET_free (del);
273  return dele;
274 }
gnunet_constants.h
GNUNET_ABD_Delegate::subject_key
struct GNUNET_CRYPTO_EcdsaPublicKey subject_key
Public key of the subject this credential was issued to.
Definition: gnunet_abd_service.h:183
abd.h
IPC messages between ABD API and ABD service.
gnunet_abd_service.h
GNUNET_ABD_delegate_to_string
char * GNUNET_ABD_delegate_to_string(const struct GNUNET_ABD_Delegate *cred)
Definition: delegate_misc.c:37
GNUNET_CRYPTO_EccSignaturePurpose::purpose
uint32_t purpose
What does this signature vouch for? This must contain a GNUNET_SIGNATURE_PURPOSE_XXX constant (from g...
Definition: gnunet_crypto_lib.h:145
DelegateEntry::issuer_key
struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key
Public key of the issuer.
Definition: abd.h:260
GNUNET_assert
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
Definition: gnunet_common.h:828
GNUNET_ABD_delegate_issue
struct GNUNET_ABD_Delegate * GNUNET_ABD_delegate_issue(const struct GNUNET_CRYPTO_EcdsaPrivateKey *issuer, struct GNUNET_CRYPTO_EcdsaPublicKey *subject, const char *iss_attr, const char *sub_attr, struct GNUNET_TIME_Absolute *expiration)
Issue an attribute to a subject.
Definition: delegate_misc.c:187
GNUNET_memcpy
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
Definition: gnunet_common.h:1100
DelegateEntry::expiration
uint64_t expiration
Expiration time of this credential.
Definition: abd.h:270
issuer_pkey
struct GNUNET_CRYPTO_EcdsaPublicKey issuer_pkey
Issuer key.
Definition: gnunet-abd.c:106
GNUNET_OK
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:75
GNUNET_ABD_Delegate
A delegate.
Definition: gnunet_abd_service.h:173
GNUNET_CRYPTO_EcdsaPrivateKey
Private ECC key encoded for transmission.
Definition: gnunet_crypto_lib.h:253
gnunet_util_lib.h
GNUNET_ABD_Delegate::signature
struct GNUNET_CRYPTO_EcdsaSignature signature
Signature of this credential.
Definition: gnunet_abd_service.h:188
GNUNET_ABD_Delegate::issuer_key
struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key
The issuer of the credential.
Definition: gnunet_abd_service.h:178
GNUNET_TIME_Absolute::abs_value_us
uint64_t abs_value_us
The actual value.
Definition: gnunet_time_lib.h:53
GNUNET_break
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
Definition: gnunet_common.h:887
DelegateEntry::subject_key
struct GNUNET_CRYPTO_EcdsaPublicKey subject_key
Public key of the subject this credential was issued to.
Definition: abd.h:265
GNUNET_CRYPTO_ecdsa_sign
int GNUNET_CRYPTO_ecdsa_sign(const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, struct GNUNET_CRYPTO_EcdsaSignature *sig)
ECDSA Sign a given block.
Definition: crypto_ecc.c:929
GNUNET_asprintf
int GNUNET_asprintf(char **buf, const char *format,...)
Like asprintf, just portable.
Definition: common_allocation.c:451
del
static int del
Desired action is to remove a record.
Definition: gnunet-namestore.c:122
GNUNET_ABD_delegate_from_string
struct GNUNET_ABD_Delegate * GNUNET_ABD_delegate_from_string(const char *s)
Definition: delegate_misc.c:79
GNUNET_ABD_Delegate::subject_attribute_len
uint32_t subject_attribute_len
Length of the subject attribute.
Definition: gnunet_abd_service.h:208
GNUNET_CRYPTO_EcdsaSignature
an ECC signature using ECDSA
Definition: gnunet_crypto_lib.h:170
subject_pkey
struct GNUNET_CRYPTO_EcdsaPublicKey subject_pkey
Subject key.
Definition: gnunet-abd.c:101
gnunet_signatures.h
GNUNET_CRYPTO_EccSignaturePurpose::size
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!)...
Definition: gnunet_crypto_lib.h:137
DelegateEntry::signature
struct GNUNET_CRYPTO_EcdsaSignature signature
The signature for this credential by the issuer.
Definition: abd.h:250
expiration
static char * expiration
Credential TTL.
Definition: gnunet-abd.c:96
GNUNET_STRINGS_base64_decode
size_t GNUNET_STRINGS_base64_decode(const char *data, size_t len, void **output)
Decode from Base64.
Definition: strings.c:1921
GNUNET_STRINGS_base64_encode
size_t GNUNET_STRINGS_base64_encode(const void *in, size_t len, char **output)
Encode into Base64.
Definition: strings.c:1857
GNUNET_CRYPTO_ecdsa_public_key_to_string
char * GNUNET_CRYPTO_ecdsa_public_key_to_string(const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Convert a public key to a string.
Definition: crypto_ecc.c:332
GNUNET_htonll
uint64_t GNUNET_htonll(uint64_t n)
Convert unsigned 64-bit integer to network byte order.
Definition: common_endian.c:35
GNUNET_ABD_Delegate::issuer_attribute_len
uint32_t issuer_attribute_len
Length of the issuer attribute.
Definition: gnunet_abd_service.h:198
size
static unsigned int size
Size of the "table".
Definition: peer.c:67
GNUNET_CRYPTO_ecdsa_key_get_public
void GNUNET_CRYPTO_ecdsa_key_get_public(const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:239
GNUNET_ABD_Delegate::subject_attribute
const char * subject_attribute
The subject attribute.
Definition: gnunet_abd_service.h:213
subject
static char * subject
Subject pubkey string.
Definition: gnunet-abd.c:86
GNUNET_CRYPTO_ecdsa_public_key_from_string
int GNUNET_CRYPTO_ecdsa_public_key_from_string(const char *enc, size_t enclen, struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Convert a string representing a public key to a public key.
Definition: crypto_ecc.c:466
DelegateEntry::subject_attribute_len
uint32_t subject_attribute_len
Issuer attribute length.
Definition: abd.h:280
DelegateEntry::purpose
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Signature meta.
Definition: abd.h:255
GNUNET_CRYPTO_EcdsaPublicKey
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and ECDS...
Definition: gnunet_crypto_lib.h:203
GNUNET_log
#define GNUNET_log(kind,...)
Definition: gnunet_common.h:502
GNUNET_ABD_Delegate::expiration
struct GNUNET_TIME_Absolute expiration
Expiration of this credential.
Definition: gnunet_abd_service.h:193
DelegateEntry::issuer_attribute_len
uint32_t issuer_attribute_len
Issuer subject attribute length.
Definition: abd.h:275
GNUNET_TIME_Absolute
Time for absolute times used by GNUnet, in microseconds.
Definition: gnunet_time_lib.h:48
GNUNET_ERROR_TYPE_ERROR
Definition: gnunet_common.h:374
GNUNET_ABD_Delegate::issuer_attribute
const char * issuer_attribute
The issuer attribute.
Definition: gnunet_abd_service.h:203
GNUNET_malloc
#define GNUNET_malloc(size)
Wrapper around malloc.
Definition: gnunet_common.h:1155
GNUNET_free
#define GNUNET_free(ptr)
Wrapper around free.
Definition: gnunet_common.h:1199
GNUNET_SIGNATURE_PURPOSE_DELEGATE
#define GNUNET_SIGNATURE_PURPOSE_DELEGATE
Signature for a GNUnet credential.
Definition: gnunet_signatures.h:191
Generated by   doxygen 1.8.13