GNUnet  0.11.x
delegate_misc.c
Go to the documentation of this file.
1 /*
2  This file is part of GNUnet.
3  Copyright (C) 2009-2013, 2016 GNUnet e.V.
4 
5  GNUnet is free software: you can redistribute it and/or modify it
6  under the terms of the GNU Affero General Public License as published
7  by the Free Software Foundation, either version 3 of the License,
8  or (at your option) any later version.
9 
10  GNUnet is distributed in the hope that it will be useful, but
11  WITHOUT ANY WARRANTY; without even the implied warranty of
12  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  Affero General Public License for more details.
14 
15  You should have received a copy of the GNU Affero General Public License
16  along with this program. If not, see <http://www.gnu.org/licenses/>.
17 
18  SPDX-License-Identifier: AGPL3.0-or-later
19 */
20 
21 
28 #include "platform.h"
29 #include "gnunet_util_lib.h"
30 #include "gnunet_constants.h"
31 #include "gnunet_abd_service.h"
32 #include "gnunet_signatures.h"
33 #include "abd.h"
34 #include <inttypes.h>
35 
36 char *
37 GNUNET_ABD_delegate_to_string (
38  const struct GNUNET_ABD_Delegate *cred)
39 {
40  char *cred_str;
41  char *subject_pkey;
42  char *issuer_pkey;
43  char *signature;
44 
45  subject_pkey = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->subject_key);
46  issuer_pkey = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->issuer_key);
47  GNUNET_STRINGS_base64_encode ((char *) &cred->signature,
48  sizeof (struct GNUNET_CRYPTO_EcdsaSignature),
49  &signature);
50  if (0 == cred->subject_attribute_len)
51  {
52  GNUNET_asprintf (&cred_str,
53  "%s.%s -> %s | %s | %" SCNu64,
54  issuer_pkey,
55  cred->issuer_attribute,
56  subject_pkey,
57  signature,
58  cred->expiration.abs_value_us);
59  }
60  else
61  {
62  GNUNET_asprintf (&cred_str,
63  "%s.%s -> %s.%s | %s | %" SCNu64,
64  issuer_pkey,
65  cred->issuer_attribute,
66  subject_pkey,
67  cred->subject_attribute,
68  signature,
69  cred->expiration.abs_value_us);
70  }
71  GNUNET_free (subject_pkey);
72  GNUNET_free (issuer_pkey);
73  GNUNET_free (signature);
74 
75  return cred_str;
76 }
77 
78 
79 struct GNUNET_ABD_Delegate *
80 GNUNET_ABD_delegate_from_string (const char *s)
81 {
82  struct GNUNET_ABD_Delegate *dele;
83  size_t enclen = (sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)) * 8;
84  if (enclen % 5 > 0)
85  enclen += 5 - enclen % 5;
86  enclen /= 5; /* 260/5 = 52 */
87  char subject_pkey[enclen + 1];
88  char issuer_pkey[enclen + 1];
89  char iss_attr[253 + 1];
90  // Needs to be initialized, in case of Type 1 credential (A.a <- B)
91  char sub_attr[253 + 1] = "";
92  char signature[256]; // TODO max payload size
93 
94  struct GNUNET_CRYPTO_EcdsaSignature *sig;
95  struct GNUNET_TIME_Absolute etime_abs;
96 
97  // If it's A.a <- B.b...
98  if (6 != sscanf (s,
99  "%52s.%253s -> %52s.%253s | %s | %" SCNu64,
100  issuer_pkey,
101  iss_attr,
102  subject_pkey,
103  sub_attr,
104  signature,
105  &etime_abs.abs_value_us))
106  {
107  // Try if it's A.a <- B
108  if (5 != sscanf (s,
109  "%52s.%253s -> %52s | %s | %" SCNu64,
110  issuer_pkey,
111  iss_attr,
112  subject_pkey,
113  signature,
114  &etime_abs.abs_value_us))
115  {
116  GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
117  "Unable to parse DEL record string `%s'\n",
118  s);
119  return NULL;
120  }
121  }
122 
123  // +1 for \0
124  int attr_len;
125  if (strcmp (sub_attr, "") == 0)
126  {
127  attr_len = strlen (iss_attr) + 1;
128  }
129  else
130  {
131  attr_len = strlen (iss_attr) + strlen (sub_attr) + 2;
132  }
133  dele = GNUNET_malloc (sizeof (struct GNUNET_ABD_Delegate) + attr_len);
134 
135  char tmp_str[attr_len];
136  GNUNET_memcpy (tmp_str, iss_attr, strlen (iss_attr));
137  if (strcmp (sub_attr, "") != 0)
138  {
139  tmp_str[strlen (iss_attr)] = '\0';
140  GNUNET_memcpy (tmp_str + strlen (iss_attr) + 1,
141  sub_attr,
142  strlen (sub_attr));
143  }
144  tmp_str[attr_len - 1] = '\0';
145 
146  GNUNET_CRYPTO_ecdsa_public_key_from_string (subject_pkey,
147  strlen (subject_pkey),
148  &dele->subject_key);
149  GNUNET_CRYPTO_ecdsa_public_key_from_string (issuer_pkey,
150  strlen (issuer_pkey),
151  &dele->issuer_key);
152  GNUNET_assert (sizeof (struct GNUNET_CRYPTO_EcdsaSignature) ==
153  GNUNET_STRINGS_base64_decode (signature,
154  strlen (signature),
155  (void **) &sig));
156  dele->signature = *sig;
157  dele->expiration = etime_abs;
158  GNUNET_free (sig);
159 
160  GNUNET_memcpy (&dele[1], tmp_str, attr_len);
161 
162  dele->issuer_attribute = (char *) &dele[1];
163  dele->issuer_attribute_len = strlen (iss_attr);
164  if (strcmp (sub_attr, "") == 0)
165  {
166  dele->subject_attribute = NULL;
167  dele->subject_attribute_len = 0;
168  }
169  else
170  {
171  dele->subject_attribute = (char *) &dele[1] + strlen (iss_attr) + 1;
172  dele->subject_attribute_len = strlen (sub_attr);
173  }
174 
175  return dele;
176 }
177 
178 
188 struct GNUNET_ABD_Delegate *
189 GNUNET_ABD_delegate_issue (
190  const struct GNUNET_CRYPTO_EcdsaPrivateKey *issuer,
191  struct GNUNET_CRYPTO_EcdsaPublicKey *subject,
192  const char *iss_attr,
193  const char *sub_attr,
194  struct GNUNET_TIME_Absolute *expiration)
195 {
196  struct DelegateEntry *del;
197  struct GNUNET_ABD_Delegate *dele;
198  size_t size;
199  int attr_len;
200 
201  if (NULL == sub_attr)
202  {
203  // +1 for \0
204  attr_len = strlen (iss_attr) + 1;
205  }
206  else
207  {
208  // +2 for both strings need to be terminated with \0
209  attr_len = strlen (iss_attr) + strlen (sub_attr) + 2;
210  }
211  size = sizeof (struct DelegateEntry) + attr_len;
212 
213  char tmp_str[attr_len];
214  GNUNET_memcpy (tmp_str, iss_attr, strlen (iss_attr));
215  if (NULL != sub_attr)
216  {
217  tmp_str[strlen (iss_attr)] = '\0';
218  GNUNET_memcpy (tmp_str + strlen (iss_attr) + 1,
219  sub_attr,
220  strlen (sub_attr));
221  }
222  tmp_str[attr_len - 1] = '\0';
223 
224  del = GNUNET_malloc (size);
225  del->purpose.size =
226  htonl (size - sizeof (struct GNUNET_CRYPTO_EcdsaSignature));
227  del->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_DELEGATE);
228  GNUNET_CRYPTO_ecdsa_key_get_public (issuer, &del->issuer_key);
229  del->subject_key = *subject;
230  del->expiration = GNUNET_htonll (expiration->abs_value_us);
231  del->issuer_attribute_len = htonl (strlen (iss_attr) + 1);
232  if (NULL == sub_attr)
233  {
234  del->subject_attribute_len = htonl (0);
235  }
236  else
237  {
238  del->subject_attribute_len = htonl (strlen (sub_attr) + 1);
239  }
240 
241  GNUNET_memcpy (&del[1], tmp_str, attr_len);
242 
243  if (GNUNET_OK !=
244  GNUNET_CRYPTO_ecdsa_sign (issuer, &del->purpose, &del->signature))
245  {
246  GNUNET_break (0);
247  GNUNET_free (del);
248  return NULL;
249  }
250 
251  dele = GNUNET_malloc (sizeof (struct GNUNET_ABD_Delegate) + attr_len);
252  dele->signature = del->signature;
253  dele->expiration = *expiration;
254  GNUNET_CRYPTO_ecdsa_key_get_public (issuer, &dele->issuer_key);
255 
256  dele->subject_key = *subject;
257 
258  // Copy the combined string at the part in the memory where the struct ends
259  GNUNET_memcpy (&dele[1], tmp_str, attr_len);
260 
261  dele->issuer_attribute = (char *) &dele[1];
262  dele->issuer_attribute_len = strlen (iss_attr);
263  if (NULL == sub_attr)
264  {
265  dele->subject_attribute = NULL;
266  dele->subject_attribute_len = 0;
267  }
268  else
269  {
270  dele->subject_attribute = (char *) &dele[1] + strlen (iss_attr) + 1;
271  dele->subject_attribute_len = strlen (sub_attr);
272  }
273 
274  GNUNET_free (del);
275  return dele;
276 }
gnunet_constants.h
GNUNET_ABD_Delegate::subject_key
struct GNUNET_CRYPTO_EcdsaPublicKey subject_key
Public key of the subject this credential was issued to.
Definition: gnunet_abd_service.h:189
abd.h
IPC messages between ABD API and ABD service.
gnunet_abd_service.h
GNUNET_ABD_delegate_to_string
char * GNUNET_ABD_delegate_to_string(const struct GNUNET_ABD_Delegate *cred)
Definition: delegate_misc.c:37
GNUNET_CRYPTO_EccSignaturePurpose::purpose
uint32_t purpose
What does this signature vouch for? This must contain a GNUNET_SIGNATURE_PURPOSE_XXX constant (from g...
Definition: gnunet_crypto_lib.h:145
DelegateEntry::issuer_key
struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key
Public key of the issuer.
Definition: abd.h:260
GNUNET_assert
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
Definition: gnunet_common.h:829
GNUNET_ABD_delegate_issue
struct GNUNET_ABD_Delegate * GNUNET_ABD_delegate_issue(const struct GNUNET_CRYPTO_EcdsaPrivateKey *issuer, struct GNUNET_CRYPTO_EcdsaPublicKey *subject, const char *iss_attr, const char *sub_attr, struct GNUNET_TIME_Absolute *expiration)
Issue an attribute to a subject.
Definition: delegate_misc.c:189
GNUNET_memcpy
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
Definition: gnunet_common.h:1102
DelegateEntry::expiration
uint64_t expiration
Expiration time of this credential.
Definition: abd.h:270
issuer_pkey
struct GNUNET_CRYPTO_EcdsaPublicKey issuer_pkey
Issuer key.
Definition: gnunet-abd.c:106
GNUNET_OK
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:75
GNUNET_ABD_Delegate
A delegate.
Definition: gnunet_abd_service.h:178
GNUNET_CRYPTO_EcdsaPrivateKey
Private ECC key encoded for transmission.
Definition: gnunet_crypto_lib.h:253
gnunet_util_lib.h
GNUNET_ABD_Delegate::signature
struct GNUNET_CRYPTO_EcdsaSignature signature
Signature of this credential.
Definition: gnunet_abd_service.h:194
GNUNET_ABD_Delegate::issuer_key
struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key
The issuer of the credential.
Definition: gnunet_abd_service.h:184
GNUNET_TIME_Absolute::abs_value_us
uint64_t abs_value_us
The actual value.
Definition: gnunet_time_lib.h:53
GNUNET_break
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
Definition: gnunet_common.h:888
DelegateEntry::subject_key
struct GNUNET_CRYPTO_EcdsaPublicKey subject_key
Public key of the subject this credential was issued to.
Definition: abd.h:265
GNUNET_CRYPTO_ecdsa_sign
int GNUNET_CRYPTO_ecdsa_sign(const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, struct GNUNET_CRYPTO_EcdsaSignature *sig)
ECDSA Sign a given block.
Definition: crypto_ecc.c:701
GNUNET_asprintf
int GNUNET_asprintf(char **buf, const char *format,...)
Like asprintf, just portable.
Definition: common_allocation.c:453
del
static int del
Desired action is to remove a record.
Definition: gnunet-namestore.c:122
GNUNET_ABD_delegate_from_string
struct GNUNET_ABD_Delegate * GNUNET_ABD_delegate_from_string(const char *s)
Definition: delegate_misc.c:80
GNUNET_ABD_Delegate::subject_attribute_len
uint32_t subject_attribute_len
Length of the subject attribute.
Definition: gnunet_abd_service.h:214
GNUNET_CRYPTO_EcdsaSignature
an ECC signature using ECDSA
Definition: gnunet_crypto_lib.h:170
subject_pkey
struct GNUNET_CRYPTO_EcdsaPublicKey subject_pkey
Subject key.
Definition: gnunet-abd.c:101
gnunet_signatures.h
GNUNET_CRYPTO_EccSignaturePurpose::size
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!)...
Definition: gnunet_crypto_lib.h:137
DelegateEntry::signature
struct GNUNET_CRYPTO_EcdsaSignature signature
The signature for this credential by the issuer.
Definition: abd.h:250
expiration
static char * expiration
Credential TTL.
Definition: gnunet-abd.c:96
GNUNET_STRINGS_base64_decode
size_t GNUNET_STRINGS_base64_decode(const char *data, size_t len, void **output)
Decode from Base64.
Definition: strings.c:1920
GNUNET_STRINGS_base64_encode
size_t GNUNET_STRINGS_base64_encode(const void *in, size_t len, char **output)
Encode into Base64.
Definition: strings.c:1855
GNUNET_CRYPTO_ecdsa_public_key_to_string
char * GNUNET_CRYPTO_ecdsa_public_key_to_string(const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Convert a public key to a string.
Definition: crypto_ecc.c:237
GNUNET_htonll
uint64_t GNUNET_htonll(uint64_t n)
Convert unsigned 64-bit integer to network byte order.
Definition: common_endian.c:35
GNUNET_ABD_Delegate::issuer_attribute_len
uint32_t issuer_attribute_len
Length of the issuer attribute.
Definition: gnunet_abd_service.h:204
size
static unsigned int size
Size of the "table".
Definition: peer.c:67
GNUNET_CRYPTO_ecdsa_key_get_public
void GNUNET_CRYPTO_ecdsa_key_get_public(const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:172
GNUNET_ABD_Delegate::subject_attribute
const char * subject_attribute
The subject attribute.
Definition: gnunet_abd_service.h:219
subject
static char * subject
Subject pubkey string.
Definition: gnunet-abd.c:86
GNUNET_CRYPTO_ecdsa_public_key_from_string
int GNUNET_CRYPTO_ecdsa_public_key_from_string(const char *enc, size_t enclen, struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Convert a string representing a public key to a public key.
Definition: crypto_ecc.c:371
DelegateEntry::subject_attribute_len
uint32_t subject_attribute_len
Issuer attribute length.
Definition: abd.h:280
DelegateEntry::purpose
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Signature meta.
Definition: abd.h:255
GNUNET_CRYPTO_EcdsaPublicKey
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and ECDS...
Definition: gnunet_crypto_lib.h:203
GNUNET_log
#define GNUNET_log(kind,...)
Definition: gnunet_common.h:503
GNUNET_ABD_Delegate::expiration
struct GNUNET_TIME_Absolute expiration
Expiration of this credential.
Definition: gnunet_abd_service.h:199
DelegateEntry::issuer_attribute_len
uint32_t issuer_attribute_len
Issuer subject attribute length.
Definition: abd.h:275
GNUNET_TIME_Absolute
Time for absolute times used by GNUnet, in microseconds.
Definition: gnunet_time_lib.h:48
GNUNET_ERROR_TYPE_ERROR
Definition: gnunet_common.h:374
GNUNET_ABD_Delegate::issuer_attribute
const char * issuer_attribute
The issuer attribute.
Definition: gnunet_abd_service.h:209
GNUNET_malloc
#define GNUNET_malloc(size)
Wrapper around malloc.
Definition: gnunet_common.h:1157
GNUNET_free
#define GNUNET_free(ptr)
Wrapper around free.
Definition: gnunet_common.h:1201
GNUNET_SIGNATURE_PURPOSE_DELEGATE
#define GNUNET_SIGNATURE_PURPOSE_DELEGATE
Signature for a GNUnet credential.
Definition: gnunet_signatures.h:191
Generated by   doxygen 1.8.13