GNUnet  0.20.0
Data Structures | Functions | Variables
revocation_api.c File Reference

API to perform and access key revocations. More...

#include "platform.h"
#include "gnunet_revocation_service.h"
#include "gnunet_signatures.h"
#include "gnunet_protocols.h"
#include "revocation.h"
#include <inttypes.h>
Include dependency graph for revocation_api.c:

Go to the source code of this file.

Data Structures

struct  GNUNET_REVOCATION_Query
 Handle for the key revocation query. More...
 
struct  BestPow
 Helper struct that holds a found pow nonce and the corresponding number of leading zeros. More...
 
struct  GNUNET_REVOCATION_PowCalculationHandle
 The handle to a PoW calculation. More...
 
struct  GNUNET_REVOCATION_Handle
 Handle for the key revocation operation. More...
 

Functions

static void query_mq_error_handler (void *cls, enum GNUNET_MQ_Error error)
 Generic error handler, called with the appropriate error code and the same closure specified at the creation of the message queue. More...
 
static void handle_revocation_query_response (void *cls, const struct QueryResponseMessage *qrm)
 Handle response to our revocation query. More...
 
struct GNUNET_REVOCATION_QueryGNUNET_REVOCATION_query (const struct GNUNET_CONFIGURATION_Handle *cfg, const struct GNUNET_IDENTITY_PublicKey *key, GNUNET_REVOCATION_Callback func, void *func_cls)
 Check if a key was revoked. More...
 
void GNUNET_REVOCATION_query_cancel (struct GNUNET_REVOCATION_Query *q)
 Cancel key revocation check. More...
 
static void revocation_mq_error_handler (void *cls, enum GNUNET_MQ_Error error)
 Generic error handler, called with the appropriate error code and the same closure specified at the creation of the message queue. More...
 
static void handle_revocation_response (void *cls, const struct RevocationResponseMessage *rrm)
 Handle response to our revocation query. More...
 
struct GNUNET_REVOCATION_HandleGNUNET_REVOCATION_revoke (const struct GNUNET_CONFIGURATION_Handle *cfg, const struct GNUNET_REVOCATION_PowP *pow, GNUNET_REVOCATION_Callback func, void *func_cls)
 Perform key revocation. More...
 
void GNUNET_REVOCATION_revoke_cancel (struct GNUNET_REVOCATION_Handle *h)
 Cancel key revocation. More...
 
static unsigned int calculate_score (const struct GNUNET_REVOCATION_PowCalculationHandle *ph)
 Calculate the average zeros in the pows. More...
 
struct GNUNET_REVOCATION_SignaturePurposePSREV_create_signature_message (const struct GNUNET_REVOCATION_PowP *pow)
 Create the revocation metadata to sign for a revocation message. More...
 
enum GNUNET_GenericReturnValue check_signature_identity (const struct GNUNET_REVOCATION_PowP *pow, const struct GNUNET_IDENTITY_PublicKey *key)
 
enum GNUNET_GenericReturnValue check_signature (const struct GNUNET_REVOCATION_PowP *pow)
 
enum GNUNET_GenericReturnValue GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_PowP *pow, unsigned int difficulty, struct GNUNET_TIME_Relative epoch_duration)
 Check if the given proof-of-work is valid. More...
 
enum GNUNET_GenericReturnValue sign_pow_identity (const struct GNUNET_IDENTITY_PrivateKey *key, struct GNUNET_REVOCATION_PowP *pow)
 
enum GNUNET_GenericReturnValue sign_pow (const struct GNUNET_IDENTITY_PrivateKey *key, struct GNUNET_REVOCATION_PowP *pow)
 
void GNUNET_REVOCATION_pow_init (const struct GNUNET_IDENTITY_PrivateKey *key, struct GNUNET_REVOCATION_PowP *pow)
 Initializes a fresh PoW computation. More...
 
struct GNUNET_REVOCATION_PowCalculationHandleGNUNET_REVOCATION_pow_start (struct GNUNET_REVOCATION_PowP *pow, int epochs, unsigned int difficulty)
 Starts a proof-of-work calculation given the pow object as well as target epochs and difficulty. More...
 
static int cmp_pow_value (const void *a, const void *b)
 Comparison function for quicksort. More...
 
enum GNUNET_GenericReturnValue GNUNET_REVOCATION_pow_round (struct GNUNET_REVOCATION_PowCalculationHandle *pc)
 Calculate a key revocation valid for broadcasting for a number of epochs. More...
 
void GNUNET_REVOCATION_pow_stop (struct GNUNET_REVOCATION_PowCalculationHandle *pc)
 Stop a PoW calculation. More...
 
size_t GNUNET_REVOCATION_proof_get_size (const struct GNUNET_REVOCATION_PowP *pow)
 

Variables

static struct GNUNET_CRYPTO_PowSalt salt = { "GnsRevocationPow" }
 

Detailed Description

API to perform and access key revocations.

Author
Christian Grothoff

Definition in file revocation_api.c.

Function Documentation

◆ query_mq_error_handler()

static void query_mq_error_handler ( void *  cls,
enum GNUNET_MQ_Error  error 
)
static

Generic error handler, called with the appropriate error code and the same closure specified at the creation of the message queue.

Not every message queue implementation supports an error handler.

Parameters
clsclosure with the struct GNUNET_NSE_Handle *
errorerror code

Definition at line 118 of file revocation_api.c.

120 {
121  struct GNUNET_REVOCATION_Query *q = cls;
122 
123  GNUNET_log (GNUNET_ERROR_TYPE_INFO,
124  "Revocation query MQ error\n");
125  q->func (q->func_cls,
126  GNUNET_SYSERR);
127  GNUNET_REVOCATION_query_cancel (q);
128 }
q
static struct GNUNET_REVOCATION_Query * q
Handle for revocation query.
Definition: gnunet-revocation.c:69
GNUNET_log
#define GNUNET_log(kind,...)
Definition: gnunet_common.h:568
GNUNET_SYSERR
@ GNUNET_SYSERR
Definition: gnunet_common.h:107
GNUNET_ERROR_TYPE_INFO
@ GNUNET_ERROR_TYPE_INFO
Definition: gnunet_common.h:443
GNUNET_REVOCATION_query_cancel
void GNUNET_REVOCATION_query_cancel(struct GNUNET_REVOCATION_Query *q)
Cancel key revocation check.
Definition: revocation_api.c:209
GNUNET_REVOCATION_Query
Handle for the key revocation query.
Definition: revocation_api.c:36
GNUNET_REVOCATION_Query::func_cls
void * func_cls
Closure for func.
Definition: revocation_api.c:50
GNUNET_REVOCATION_Query::func
GNUNET_REVOCATION_Callback func
Function to call with the result.
Definition: revocation_api.c:45

References GNUNET_REVOCATION_Query::func, GNUNET_REVOCATION_Query::func_cls, GNUNET_ERROR_TYPE_INFO, GNUNET_log, GNUNET_REVOCATION_query_cancel(), GNUNET_SYSERR, and q.

Referenced by GNUNET_REVOCATION_query().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ handle_revocation_query_response()

static void handle_revocation_query_response ( void *  cls,
const struct QueryResponseMessage qrm 
)
static

Handle response to our revocation query.

Parameters
clsour struct GNUNET_REVOCATION_Query handle
qrmresponse we got

Definition at line 138 of file revocation_api.c.

140 {
141  struct GNUNET_REVOCATION_Query *q = cls;
142 
143  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
144  "Revocation query result: %d\n",
145  (uint32_t) ntohl (qrm->is_valid));
146  q->func (q->func_cls,
147  ntohl (qrm->is_valid));
148  GNUNET_REVOCATION_query_cancel (q);
149 }
GNUNET_ERROR_TYPE_DEBUG
@ GNUNET_ERROR_TYPE_DEBUG
Definition: gnunet_common.h:444
QueryResponseMessage::is_valid
uint32_t is_valid
GNUNET_NO if revoked, GNUNET_YES if valid.
Definition: revocation.h:68

References GNUNET_REVOCATION_Query::func, GNUNET_REVOCATION_Query::func_cls, GNUNET_ERROR_TYPE_DEBUG, GNUNET_log, GNUNET_REVOCATION_query_cancel(), QueryResponseMessage::is_valid, and q.

Here is the call graph for this function:

◆ revocation_mq_error_handler()

static void revocation_mq_error_handler ( void *  cls,
enum GNUNET_MQ_Error  error 
)
static

Generic error handler, called with the appropriate error code and the same closure specified at the creation of the message queue.

Not every message queue implementation supports an error handler.

Parameters
clsclosure with the struct GNUNET_NSE_Handle *
errorerror code

Definition at line 252 of file revocation_api.c.

254 {
255  struct GNUNET_REVOCATION_Handle *h = cls;
256 
257  GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
258  "Revocation MQ error\n");
259  h->func (h->func_cls,
260  GNUNET_SYSERR);
261  GNUNET_REVOCATION_revoke_cancel (h);
262 }
h
static struct GNUNET_ARM_Handle * h
Connection with ARM.
Definition: gnunet-arm.c:99
GNUNET_ERROR_TYPE_WARNING
@ GNUNET_ERROR_TYPE_WARNING
Definition: gnunet_common.h:438
GNUNET_REVOCATION_revoke_cancel
void GNUNET_REVOCATION_revoke_cancel(struct GNUNET_REVOCATION_Handle *h)
Cancel key revocation.
Definition: revocation_api.c:377
GNUNET_REVOCATION_Handle
Handle for the key revocation operation.
Definition: revocation_api.c:224

References GNUNET_ERROR_TYPE_WARNING, GNUNET_log, GNUNET_REVOCATION_revoke_cancel(), GNUNET_SYSERR, and h.

Referenced by GNUNET_REVOCATION_revoke().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ handle_revocation_response()

static void handle_revocation_response ( void *  cls,
const struct RevocationResponseMessage rrm 
)
static

Handle response to our revocation query.

Parameters
clsour struct GNUNET_REVOCATION_Handle handle
rrmresponse we got

Definition at line 272 of file revocation_api.c.

274 {
275  struct GNUNET_REVOCATION_Handle *h = cls;
276 
277  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
278  "Revocation transmission result: %d\n",
279  (uint32_t) ntohl (rrm->is_valid));
280  h->func (h->func_cls,
281  ntohl (rrm->is_valid));
282  GNUNET_REVOCATION_revoke_cancel (h);
283 }
RevocationResponseMessage::is_valid
uint32_t is_valid
GNUNET_NO if revocation failed for internal reasons (e.g.
Definition: revocation.h:109

References GNUNET_ERROR_TYPE_DEBUG, GNUNET_log, GNUNET_REVOCATION_revoke_cancel(), h, and RevocationResponseMessage::is_valid.

Here is the call graph for this function:

◆ calculate_score()

static unsigned int calculate_score ( const struct GNUNET_REVOCATION_PowCalculationHandle ph)
static

Calculate the average zeros in the pows.

Parameters
phthe PowHandle
Returns
the average number of zeros.

Definition at line 395 of file revocation_api.c.

396 {
397  double sum = 0.0;
398  for (unsigned int j = 0; j<POW_COUNT; j++)
399  sum += ph->best[j].bits;
400  double avg = sum / POW_COUNT;
401  return avg;
402 }
ph
static struct GNUNET_ATS_PerformanceHandle * ph
ATS performance handle used.
Definition: gnunet-ats.c:116
POW_COUNT
#define POW_COUNT
The proof-of-work narrowing factor.
Definition: gnunet_revocation_service.h:70

References ph, POW_COUNT, and consensus-simulation::sum.

◆ REV_create_signature_message()

struct GNUNET_REVOCATION_SignaturePurposePS* REV_create_signature_message ( const struct GNUNET_REVOCATION_PowP pow)

Create the revocation metadata to sign for a revocation message.

Parameters
powthe PoW to sign
Returns
the signature purpose

Definition at line 406 of file revocation_api.c.

407 {
408  struct GNUNET_REVOCATION_SignaturePurposePS *spurp;
409  const struct GNUNET_IDENTITY_PublicKey *pk;
410  size_t ksize;
411 
412  pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1];
413  ksize = GNUNET_IDENTITY_public_key_get_length (pk);
414  spurp = GNUNET_malloc (sizeof (*spurp) + ksize);
415  spurp->timestamp = pow->timestamp;
416  spurp->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_GNS_REVOCATION);
417  spurp->purpose.size = htonl (sizeof(*spurp) + ksize);
418  GNUNET_IDENTITY_write_public_key_to_buffer (pk,
419  (char*) &spurp[1],
420  ksize);
421  return spurp;
422 }
GNUNET_SIGNATURE_PURPOSE_GNS_REVOCATION
#define GNUNET_SIGNATURE_PURPOSE_GNS_REVOCATION
GNS zone key revocation (GNS)
Definition: gnunet_signatures.h:70
pk
struct GNUNET_IDENTITY_PrivateKey pk
Private key from command line option, or NULL.
Definition: gnunet-identity.c:126
GNUNET_IDENTITY_write_public_key_to_buffer
ssize_t GNUNET_IDENTITY_write_public_key_to_buffer(const struct GNUNET_IDENTITY_PublicKey *key, void *buffer, size_t len)
Writes a GNUNET_IDENTITY_PublicKey to a compact buffer.
Definition: identity_api.c:890
GNUNET_IDENTITY_public_key_get_length
ssize_t GNUNET_IDENTITY_public_key_get_length(const struct GNUNET_IDENTITY_PublicKey *key)
Get the compacted length of a GNUNET_IDENTITY_PublicKey.
Definition: identity_api.c:830
GNUNET_malloc
#define GNUNET_malloc(size)
Wrapper around malloc.
Definition: gnunet_common.h:1352
GNUNET_CRYPTO_EccSignaturePurpose::size
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!...
Definition: gnunet_crypto_lib.h:147
GNUNET_CRYPTO_EccSignaturePurpose::purpose
uint32_t purpose
What does this signature vouch for? This must contain a GNUNET_SIGNATURE_PURPOSE_XXX constant (from g...
Definition: gnunet_crypto_lib.h:155
GNUNET_IDENTITY_PublicKey
An identity key as per LSD0001.
Definition: gnunet_identity_service.h:123
GNUNET_REVOCATION_PowP::timestamp
struct GNUNET_TIME_AbsoluteNBO timestamp
The timestamp of the revocation.
Definition: gnunet_revocation_service.h:83
GNUNET_REVOCATION_SignaturePurposePS
The signature object we use for the PoW.
Definition: gnunet_revocation_service.h:103
GNUNET_REVOCATION_SignaturePurposePS::purpose
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
The signature purpose.
Definition: gnunet_revocation_service.h:107
GNUNET_REVOCATION_SignaturePurposePS::timestamp
struct GNUNET_TIME_AbsoluteNBO timestamp
The timestamp of the revocation.
Definition: gnunet_revocation_service.h:112

Referenced by run_with_key().

Here is the caller graph for this function:

◆ check_signature_identity()

enum GNUNET_GenericReturnValue check_signature_identity ( const struct GNUNET_REVOCATION_PowP pow,
const struct GNUNET_IDENTITY_PublicKey key 
)

Definition at line 406 of file revocation_api.c.

428 {
429  struct GNUNET_REVOCATION_SignaturePurposePS *spurp;
430  unsigned char *sig;
431  size_t ksize;
432  int ret;
433 
434  ksize = GNUNET_IDENTITY_public_key_get_length (key);
435  spurp = REV_create_signature_message (pow);
436  sig = ((unsigned char*) &pow[1] + ksize);
437  ret =
438  GNUNET_IDENTITY_signature_verify_raw_ (
439  GNUNET_SIGNATURE_PURPOSE_GNS_REVOCATION,
440  &spurp->purpose,
441  sig,
442  key);
443  GNUNET_free (spurp);
444  return ret == GNUNET_OK ? GNUNET_OK : GNUNET_SYSERR;
445 }
ret
static int ret
Return value of the commandline.
Definition: gnunet-abd.c:81
key
struct GNUNET_HashCode key
The key used in the DHT.
Definition: gnunet-dht-put.c:37
GNUNET_IDENTITY_signature_verify_raw_
enum GNUNET_GenericReturnValue GNUNET_IDENTITY_signature_verify_raw_(uint32_t purpose, const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, const unsigned char *sig, const struct GNUNET_IDENTITY_PublicKey *pub)
Verify a given signature.
Definition: identity_api.c:1108
GNUNET_OK
@ GNUNET_OK
Definition: gnunet_common.h:109
GNUNET_free
#define GNUNET_free(ptr)
Wrapper around free.
Definition: gnunet_common.h:1412
REV_create_signature_message
struct GNUNET_REVOCATION_SignaturePurposePS * REV_create_signature_message(const struct GNUNET_REVOCATION_PowP *pow)
Create the revocation metadata to sign for a revocation message.
Definition: revocation_api.c:406

◆ check_signature()

enum GNUNET_GenericReturnValue check_signature ( const struct GNUNET_REVOCATION_PowP pow)

Definition at line 406 of file revocation_api.c.

450 {
451  const struct GNUNET_IDENTITY_PublicKey *pk;
452 
453  pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1];
454  return check_signature_identity (pow, pk);
455 }
check_signature_identity
enum GNUNET_GenericReturnValue check_signature_identity(const struct GNUNET_REVOCATION_PowP *pow, const struct GNUNET_IDENTITY_PublicKey *key)
Definition: revocation_api.c:426

References GNUNET_IDENTITY_public_key_get_length(), GNUNET_IDENTITY_write_public_key_to_buffer(), GNUNET_malloc, GNUNET_SIGNATURE_PURPOSE_GNS_REVOCATION, pk, GNUNET_CRYPTO_EccSignaturePurpose::purpose, GNUNET_REVOCATION_SignaturePurposePS::purpose, GNUNET_CRYPTO_EccSignaturePurpose::size, GNUNET_REVOCATION_SignaturePurposePS::timestamp, and GNUNET_REVOCATION_PowP::timestamp.

Here is the call graph for this function:

◆ sign_pow_identity()

enum GNUNET_GenericReturnValue sign_pow_identity ( const struct GNUNET_IDENTITY_PrivateKey key,
struct GNUNET_REVOCATION_PowP pow 
)

Predate the validity period to prevent rejections due to unsynchronized clocks

Definition at line 406 of file revocation_api.c.

571 {
572  struct GNUNET_TIME_Absolute ts = GNUNET_TIME_absolute_get ();
573  struct GNUNET_REVOCATION_SignaturePurposePS *rp;
574  const struct GNUNET_IDENTITY_PublicKey *pk;
575  size_t ksize;
576  char *sig;
577 
582  ts = GNUNET_TIME_absolute_subtract (ts,
583  GNUNET_TIME_UNIT_WEEKS);
584  pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1];
585  ksize = GNUNET_IDENTITY_public_key_get_length (pk);
586  pow->timestamp = GNUNET_TIME_absolute_hton (ts);
587  rp = REV_create_signature_message (pow);
588  sig = ((char*) &pow[1]) + ksize;
589  int result = GNUNET_IDENTITY_sign_raw_ (key,
590  &rp->purpose,
591  (void*) sig);
592  GNUNET_free (rp);
593  if (result == GNUNET_SYSERR)
594  return GNUNET_NO;
595  else
596  return result;
597 }
rp
static char * rp
Relying party.
Definition: gnunet-reclaim.c:78
result
static int result
Global testing status.
Definition: gnunet-regex-profiler.c:240
GNUNET_IDENTITY_sign_raw_
enum GNUNET_GenericReturnValue GNUNET_IDENTITY_sign_raw_(const struct GNUNET_IDENTITY_PrivateKey *priv, const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, unsigned char *sig)
Sign a given block.
Definition: identity_api.c:1026
GNUNET_NO
@ GNUNET_NO
Definition: gnunet_common.h:108
GNUNET_TIME_absolute_get
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get(void)
Get the current time.
Definition: time.c:111
GNUNET_TIME_UNIT_WEEKS
#define GNUNET_TIME_UNIT_WEEKS
One week.
Definition: gnunet_time_lib.h:171
GNUNET_TIME_absolute_subtract
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_subtract(struct GNUNET_TIME_Absolute start, struct GNUNET_TIME_Relative duration)
Subtract a given relative duration from the given start time.
Definition: time.c:469
GNUNET_TIME_absolute_hton
struct GNUNET_TIME_AbsoluteNBO GNUNET_TIME_absolute_hton(struct GNUNET_TIME_Absolute a)
Convert absolute time to network byte order.
Definition: time.c:638
GNUNET_TIME_Absolute
Time for absolute times used by GNUnet, in microseconds.
Definition: gnunet_time_lib.h:54

◆ sign_pow()

enum GNUNET_GenericReturnValue sign_pow ( const struct GNUNET_IDENTITY_PrivateKey key,
struct GNUNET_REVOCATION_PowP pow 
)

Definition at line 406 of file revocation_api.c.

603 {
604  struct GNUNET_IDENTITY_PublicKey *pk;
605 
606  pk = (struct GNUNET_IDENTITY_PublicKey *) &pow[1];
607  GNUNET_IDENTITY_key_get_public (key, pk);
608  return sign_pow_identity (key, pow);
609 }
GNUNET_IDENTITY_key_get_public
enum GNUNET_GenericReturnValue GNUNET_IDENTITY_key_get_public(const struct GNUNET_IDENTITY_PrivateKey *privkey, struct GNUNET_IDENTITY_PublicKey *key)
Retrieves the public key representation of a private key.
Definition: identity_api.c:179
sign_pow_identity
enum GNUNET_GenericReturnValue sign_pow_identity(const struct GNUNET_IDENTITY_PrivateKey *key, struct GNUNET_REVOCATION_PowP *pow)
Definition: revocation_api.c:569

Referenced by GNUNET_REVOCATION_pow_init().

Here is the caller graph for this function:

◆ cmp_pow_value()

static int cmp_pow_value ( const void *  a,
const void *  b 
)
static

Comparison function for quicksort.

Parameters
aleft element
bright element
Returns
a-b

Definition at line 656 of file revocation_api.c.

657 {
658  return (GNUNET_ntohll (*(uint64_t*) a) - GNUNET_ntohll (*(uint64_t*) b));
659 }
GNUNET_ntohll
uint64_t GNUNET_ntohll(uint64_t n)
Convert unsigned 64-bit integer to host byte order.
Definition: common_endian.c:54

References GNUNET_ntohll().

Here is the call graph for this function:

Variable Documentation

◆ salt

struct GNUNET_CRYPTO_PowSalt salt = { "GnsRevocationPow" }
static

Definition at line 1 of file revocation_api.c.