GNUnet  0.10.x
Macros | Typedefs | Functions
Revocation service

Perform and access key revocations. More...

Macros

#define GNUNET_REVOCATION_VERSION   0x00000000
 Version of the key revocation API. More...
 

Typedefs

typedef void(* GNUNET_REVOCATION_Callback) (void *cls, int is_valid)
 Callback to call with the result of a key revocation query. More...
 

Functions

struct GNUNET_REVOCATION_QueryGNUNET_REVOCATION_query (const struct GNUNET_CONFIGURATION_Handle *cfg, const struct GNUNET_CRYPTO_EcdsaPublicKey *key, GNUNET_REVOCATION_Callback func, void *func_cls)
 Check if a key was revoked. More...
 
void GNUNET_REVOCATION_query_cancel (struct GNUNET_REVOCATION_Query *q)
 Cancel key revocation check. More...
 
struct GNUNET_REVOCATION_HandleGNUNET_REVOCATION_revoke (const struct GNUNET_CONFIGURATION_Handle *cfg, const struct GNUNET_CRYPTO_EcdsaPublicKey *key, const struct GNUNET_CRYPTO_EcdsaSignature *sig, uint64_t pow, GNUNET_REVOCATION_Callback func, void *func_cls)
 Perform key revocation. More...
 
void GNUNET_REVOCATION_revoke_cancel (struct GNUNET_REVOCATION_Handle *h)
 Cancel key revocation. More...
 
int GNUNET_REVOCATION_check_pow (const struct GNUNET_CRYPTO_EcdsaPublicKey *key, uint64_t pow, unsigned int matching_bits)
 Check if the given proof-of-work value would be acceptable for revoking the given key. More...
 
void GNUNET_REVOCATION_sign_revocation (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, struct GNUNET_CRYPTO_EcdsaSignature *sig)
 Create a revocation signature. More...
 

Detailed Description

Perform and access key revocations.

See also
Documentation

Macro Definition Documentation

◆ GNUNET_REVOCATION_VERSION

#define GNUNET_REVOCATION_VERSION   0x00000000

Version of the key revocation API.

Definition at line 51 of file gnunet_revocation_service.h.

Typedef Documentation

◆ GNUNET_REVOCATION_Callback

typedef void(* GNUNET_REVOCATION_Callback) (void *cls, int is_valid)

Callback to call with the result of a key revocation query.

Parameters
clsclosure
is_validGNUNET_NO of the key is/was revoked, GNUNET_YES if the key is still valid, GNUNET_SYSERR if we had trouble querying the service

Definition at line 67 of file gnunet_revocation_service.h.

Function Documentation

◆ GNUNET_REVOCATION_query()

struct GNUNET_REVOCATION_Query* GNUNET_REVOCATION_query ( const struct GNUNET_CONFIGURATION_Handle cfg,
const struct GNUNET_CRYPTO_EcdsaPublicKey key,
GNUNET_REVOCATION_Callback  func,
void *  func_cls 
)

Check if a key was revoked.

Parameters
cfgthe configuration to use
keykey to check for revocation
funcfuntion to call with the result of the check
func_clsclosure to pass to func
Returns
handle to use in GNUNET_REVOCATION_query_cancel to stop REVOCATION from invoking the callback

Definition at line 111 of file revocation_api.c.

References env, GNUNET_REVOCATION_Query::func, GNUNET_REVOCATION_Query::func_cls, GNUNET_CLIENT_connect(), GNUNET_free, GNUNET_MESSAGE_TYPE_REVOCATION_QUERY, GNUNET_MESSAGE_TYPE_REVOCATION_QUERY_RESPONSE, GNUNET_MQ_handler_end, GNUNET_MQ_hd_fixed_size, GNUNET_MQ_msg, GNUNET_MQ_send(), GNUNET_new, key, QueryMessage::key, GNUNET_REVOCATION_Query::mq, q, query_mq_error_handler(), and QueryMessage::reserved.

Referenced by recursive_gns_resolution_revocation(), and run().

115 {
116  struct GNUNET_REVOCATION_Query *q
119  GNUNET_MQ_hd_fixed_size (revocation_query_response,
121  struct QueryResponseMessage,
122  q),
124  };
125  struct QueryMessage *qm;
126  struct GNUNET_MQ_Envelope *env;
127 
128  q->mq = GNUNET_CLIENT_connect (cfg,
129  "revocation",
130  handlers,
132  q);
133  if (NULL == q->mq)
134  {
135  GNUNET_free (q);
136  return NULL;
137  }
138  q->func = func;
139  q->func_cls = func_cls;
140  env = GNUNET_MQ_msg (qm,
142  qm->reserved = htonl (0);
143  qm->key = *key;
144  GNUNET_MQ_send (q->mq,
145  env);
146  return q;
147 }
#define GNUNET_MESSAGE_TYPE_REVOCATION_QUERY
Client to service: was this key revoked?
struct GNUNET_MQ_Handle * GNUNET_CLIENT_connect(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *service_name, const struct GNUNET_MQ_MessageHandler *handlers, GNUNET_MQ_ErrorHandler error_handler, void *error_handler_cls)
Create a message queue to connect to a GNUnet service.
Definition: client.c:901
struct GNUNET_MQ_Handle * mq
Message queue to the service.
#define GNUNET_MQ_hd_fixed_size(name, code, str, ctx)
#define GNUNET_MQ_msg(mvar, type)
Allocate a GNUNET_MQ_Envelope.
Definition: gnunet_mq_lib.h:67
#define GNUNET_new(type)
Allocate a struct or union of the given type.
Query key revocation status.
Definition: revocation.h:36
#define GNUNET_MESSAGE_TYPE_REVOCATION_QUERY_RESPONSE
Service to client: answer if key was revoked!
static struct GNUNET_CADET_MessageHandler handlers[]
Handlers, for diverse services.
Key revocation response.
Definition: revocation.h:59
void * func_cls
Closure for func.
Message handler for a specific message type.
static struct GNUNET_REVOCATION_Query * q
Handle for revocation query.
struct GNUNET_HashCode key
The key used in the DHT.
uint32_t reserved
For alignment.
Definition: revocation.h:46
struct GNUNET_MQ_Envelope * env
Definition: 005.c:1
Handle for the key revocation query.
struct GNUNET_CRYPTO_EcdsaPublicKey key
Key to check.
Definition: revocation.h:51
static void query_mq_error_handler(void *cls, enum GNUNET_MQ_Error error)
Generic error handler, called with the appropriate error code and the same closure specified at the c...
GNUNET_REVOCATION_Callback func
Function to call with the result.
void GNUNET_MQ_send(struct GNUNET_MQ_Handle *mq, struct GNUNET_MQ_Envelope *ev)
Send a message with the given message queue.
Definition: mq.c:353
#define GNUNET_MQ_handler_end()
End-marker for the handlers array.
#define GNUNET_free(ptr)
Wrapper around free.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GNUNET_REVOCATION_query_cancel()

void GNUNET_REVOCATION_query_cancel ( struct GNUNET_REVOCATION_Query q)

Cancel key revocation check.

Parameters
qquery to cancel

Definition at line 156 of file revocation_api.c.

References GNUNET_free, GNUNET_MQ_destroy(), and GNUNET_REVOCATION_Query::mq.

Referenced by do_shutdown(), GNS_resolver_lookup_cancel(), handle_revocation_query_response(), and query_mq_error_handler().

157 {
158  if (NULL != q->mq)
159  {
160  GNUNET_MQ_destroy (q->mq);
161  q->mq = NULL;
162  }
163  GNUNET_free (q);
164 }
struct GNUNET_MQ_Handle * mq
Message queue to the service.
void GNUNET_MQ_destroy(struct GNUNET_MQ_Handle *mq)
Destroy the message queue.
Definition: mq.c:824
#define GNUNET_free(ptr)
Wrapper around free.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GNUNET_REVOCATION_revoke()

struct GNUNET_REVOCATION_Handle* GNUNET_REVOCATION_revoke ( const struct GNUNET_CONFIGURATION_Handle cfg,
const struct GNUNET_CRYPTO_EcdsaPublicKey key,
const struct GNUNET_CRYPTO_EcdsaSignature sig,
uint64_t  pow,
GNUNET_REVOCATION_Callback  func,
void *  func_cls 
)

Perform key revocation.

Parameters
cfgthe configuration to use
keypublic key of the key to revoke
sigsignature to use on the revocation (should have been created using GNUNET_REVOCATION_sign_revocation).
powproof of work to use (should have been created by iteratively calling GNUNET_REVOCATION_check_pow)
funcfuntion to call with the result of the check (called with is_valid being GNUNET_NO if the revocation worked).
func_clsclosure to pass to func
Returns
handle to use in GNUNET_REVOCATION_revoke_cancel to stop REVOCATION from invoking the callback

Definition at line 251 of file revocation_api.c.

References env, GNUNET_REVOCATION_Query::func, GNUNET_REVOCATION_Handle::func, GNUNET_REVOCATION_Query::func_cls, GNUNET_REVOCATION_Handle::func_cls, GNUNET_break, GNUNET_CLIENT_connect(), GNUNET_CONFIGURATION_get_value_number(), GNUNET_free, GNUNET_MESSAGE_TYPE_REVOCATION_REVOKE, GNUNET_MESSAGE_TYPE_REVOCATION_REVOKE_RESPONSE, GNUNET_MQ_handler_end, GNUNET_MQ_hd_fixed_size, GNUNET_MQ_msg, GNUNET_MQ_send(), GNUNET_new, GNUNET_OK, GNUNET_REVOCATION_check_pow(), GNUNET_SIGNATURE_PURPOSE_REVOCATION, GNUNET_YES, h, key, matching_bits, GNUNET_REVOCATION_Handle::mq, RevokeMessage::proof_of_work, RevokeMessage::public_key, RevokeMessage::purpose, GNUNET_CRYPTO_EccSignaturePurpose::purpose, RevokeMessage::reserved, revocation_mq_error_handler(), RevokeMessage::signature, and GNUNET_CRYPTO_EccSignaturePurpose::size.

Referenced by perform_revocation().

257 {
261  GNUNET_MQ_hd_fixed_size (revocation_response,
264  h),
266  };
267  unsigned long long matching_bits;
268  struct RevokeMessage *rm;
269  struct GNUNET_MQ_Envelope *env;
270 
271  if ( (GNUNET_OK ==
273  "REVOCATION",
274  "WORKBITS",
275  &matching_bits)) &&
276  (GNUNET_YES !=
278  pow,
279  (unsigned int) matching_bits)) )
280  {
281  GNUNET_break (0);
282  GNUNET_free (h);
283  return NULL;
284  }
285 
286  h->mq = GNUNET_CLIENT_connect (cfg,
287  "revocation",
288  handlers,
290  h);
291  if (NULL == h->mq)
292  {
293  GNUNET_free (h);
294  return NULL;
295  }
296  h->func = func;
297  h->func_cls = func_cls;
298  env = GNUNET_MQ_msg (rm,
300  rm->reserved = htonl (0);
301  rm->proof_of_work = pow;
303  rm->purpose.size = htonl (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) +
304  sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
305  rm->public_key = *key;
306  rm->signature = *sig;
307  GNUNET_MQ_send (h->mq,
308  env);
309  return h;
310 }
struct GNUNET_CRYPTO_EcdsaSignature signature
Signature confirming revocation.
Definition: revocation.h:101
int GNUNET_CONFIGURATION_get_value_number(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *section, const char *option, unsigned long long *number)
Get a configuration value that should be a number.
struct GNUNET_MQ_Handle * mq
Message queue to the service.
struct GNUNET_MQ_Handle * GNUNET_CLIENT_connect(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *service_name, const struct GNUNET_MQ_MessageHandler *handlers, GNUNET_MQ_ErrorHandler error_handler, void *error_handler_cls)
Create a message queue to connect to a GNUnet service.
Definition: client.c:901
uint32_t purpose
What does this signature vouch for? This must contain a GNUNET_SIGNATURE_PURPOSE_XXX constant (from g...
static void revocation_mq_error_handler(void *cls, enum GNUNET_MQ_Error error)
Generic error handler, called with the appropriate error code and the same closure specified at the c...
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Must have purpose GNUNET_SIGNATURE_PURPOSE_REVOCATION, size expands over the public key...
Definition: revocation.h:107
#define GNUNET_MQ_hd_fixed_size(name, code, str, ctx)
#define GNUNET_MQ_msg(mvar, type)
Allocate a GNUNET_MQ_Envelope.
Definition: gnunet_mq_lib.h:67
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:78
#define GNUNET_new(type)
Allocate a struct or union of the given type.
#define GNUNET_MESSAGE_TYPE_REVOCATION_REVOKE
Client to service OR peer-to-peer: revoke this key!
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
static struct GNUNET_ARM_Handle * h
Connection with ARM.
Definition: gnunet-arm.c:94
header of what an ECC signature signs this must be followed by "size - 8" bytes of the actual signed ...
void * func_cls
Closure for func.
Revoke key.
Definition: revocation.h:81
static struct GNUNET_CADET_MessageHandler handlers[]
Handlers, for diverse services.
#define GNUNET_MESSAGE_TYPE_REVOCATION_REVOKE_RESPONSE
Service to client: revocation confirmed.
uint64_t proof_of_work
Number that causes a hash collision with the public_key.
Definition: revocation.h:96
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!)...
Message handler for a specific message type.
#define GNUNET_SIGNATURE_PURPOSE_REVOCATION
Signature for confirming a key revocation.
struct GNUNET_HashCode key
The key used in the DHT.
struct GNUNET_MQ_Envelope * env
Definition: 005.c:1
Key revocation response.
Definition: revocation.h:120
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and ECDS...
Handle for the key revocation operation.
struct GNUNET_CRYPTO_EcdsaPublicKey public_key
Key to revoke.
Definition: revocation.h:112
GNUNET_REVOCATION_Callback func
Function to call once we are done.
#define GNUNET_YES
Definition: gnunet_common.h:80
void GNUNET_MQ_send(struct GNUNET_MQ_Handle *mq, struct GNUNET_MQ_Envelope *ev)
Send a message with the given message queue.
Definition: mq.c:353
static unsigned long long matching_bits
Number of matching bits required for revocation.
#define GNUNET_MQ_handler_end()
End-marker for the handlers array.
#define GNUNET_free(ptr)
Wrapper around free.
int GNUNET_REVOCATION_check_pow(const struct GNUNET_CRYPTO_EcdsaPublicKey *key, uint64_t pow, unsigned int matching_bits)
Check if the given proof-of-work value would be acceptable for revoking the given key...
uint32_t reserved
For alignment.
Definition: revocation.h:91
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GNUNET_REVOCATION_revoke_cancel()

void GNUNET_REVOCATION_revoke_cancel ( struct GNUNET_REVOCATION_Handle h)

Cancel key revocation.

Parameters
hoperation to cancel

Definition at line 319 of file revocation_api.c.

References GNUNET_free, GNUNET_MQ_destroy(), and GNUNET_REVOCATION_Handle::mq.

Referenced by do_shutdown(), handle_revocation_response(), and revocation_mq_error_handler().

320 {
321  if (NULL != h->mq)
322  {
323  GNUNET_MQ_destroy (h->mq);
324  h->mq = NULL;
325  }
326  GNUNET_free (h);
327 }
struct GNUNET_MQ_Handle * mq
Message queue to the service.
void GNUNET_MQ_destroy(struct GNUNET_MQ_Handle *mq)
Destroy the message queue.
Definition: mq.c:824
#define GNUNET_free(ptr)
Wrapper around free.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GNUNET_REVOCATION_check_pow()

int GNUNET_REVOCATION_check_pow ( const struct GNUNET_CRYPTO_EcdsaPublicKey key,
uint64_t  pow,
unsigned int  matching_bits 
)

Check if the given proof-of-work value would be acceptable for revoking the given key.

Parameters
keykey to check for
powproof of work value
matching_bitshow many bits must match (configuration)
Returns
GNUNET_YES if the pow is acceptable, GNUNET_NO if not

Definition at line 381 of file revocation_api.c.

References buf, count_leading_zeroes(), GNUNET_memcpy, GNUNET_NO, GNUNET_YES, and pow_hash().

Referenced by block_plugin_revocation_evaluate(), calculate_pow(), ego_callback(), GNUNET_REVOCATION_revoke(), run(), and verify_revoke_message().

384 {
385  char buf[sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey) +
386  sizeof (pow)] GNUNET_ALIGN;
387  struct GNUNET_HashCode result;
388 
389  GNUNET_memcpy (buf, &pow, sizeof (pow));
390  GNUNET_memcpy (&buf[sizeof (pow)], key,
391  sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
392  pow_hash (buf, sizeof (buf), &result);
393  return (count_leading_zeroes (&result) >=
395 }
#define GNUNET_NO
Definition: gnunet_common.h:81
static unsigned int count_leading_zeroes(const struct GNUNET_HashCode *hash)
Count the leading zeroes in hash.
#define GNUNET_memcpy(dst, src, n)
static char buf[2048]
static int result
Global testing status.
A 512-bit hashcode.
#define GNUNET_ALIGN
gcc-ism to force alignment; we use this to align char-arrays that may then be cast to 'struct's...
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and ECDS...
static void pow_hash(const void *buf, size_t buf_len, struct GNUNET_HashCode *result)
Calculate the 'proof-of-work' hash (an expensive hash).
#define GNUNET_YES
Definition: gnunet_common.h:80
static unsigned long long matching_bits
Number of matching bits required for revocation.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GNUNET_REVOCATION_sign_revocation()

void GNUNET_REVOCATION_sign_revocation ( const struct GNUNET_CRYPTO_EcdsaPrivateKey key,
struct GNUNET_CRYPTO_EcdsaSignature sig 
)

Create a revocation signature.

Parameters
keyprivate key of the key to revoke
sigwhere to write the revocation signature

Definition at line 405 of file revocation_api.c.

References GNUNET_assert, GNUNET_CRYPTO_ecdsa_key_get_public(), GNUNET_CRYPTO_ecdsa_sign(), GNUNET_OK, GNUNET_SIGNATURE_PURPOSE_REVOCATION, RevokeMessage::public_key, RevokeMessage::purpose, GNUNET_CRYPTO_EccSignaturePurpose::purpose, and GNUNET_CRYPTO_EccSignaturePurpose::size.

Referenced by ego_callback().

407 {
408  struct RevokeMessage rm;
409 
411  rm.purpose.size = htonl (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) +
412  sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
413  GNUNET_CRYPTO_ecdsa_key_get_public (key, &rm.public_key);
416  &rm.purpose,
417  sig));
418 }
uint32_t purpose
What does this signature vouch for? This must contain a GNUNET_SIGNATURE_PURPOSE_XXX constant (from g...
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Must have purpose GNUNET_SIGNATURE_PURPOSE_REVOCATION, size expands over the public key...
Definition: revocation.h:107
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:78
header of what an ECC signature signs this must be followed by "size - 8" bytes of the actual signed ...
int GNUNET_CRYPTO_ecdsa_sign(const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, struct GNUNET_CRYPTO_EcdsaSignature *sig)
ECDSA Sign a given block.
Definition: crypto_ecc.c:931
Revoke key.
Definition: revocation.h:81
#define GNUNET_SIGNATURE_PURPOSE_REVOCATION
Signature for confirming a key revocation.
void GNUNET_CRYPTO_ecdsa_key_get_public(const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:241
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and ECDS...
Here is the call graph for this function:
Here is the caller graph for this function: