GNUnet  0.11.x
Macros | Typedefs | Functions
Revocation service

Perform and access key revocations. More...

Macros

#define GNUNET_REVOCATION_VERSION   0x00000000
 Version of the key revocation API. More...
 

Typedefs

typedef void(* GNUNET_REVOCATION_Callback) (void *cls, int is_valid)
 Callback to call with the result of a key revocation query. More...
 

Functions

struct GNUNET_REVOCATION_QueryGNUNET_REVOCATION_query (const struct GNUNET_CONFIGURATION_Handle *cfg, const struct GNUNET_CRYPTO_EcdsaPublicKey *key, GNUNET_REVOCATION_Callback func, void *func_cls)
 Check if a key was revoked. More...
 
void GNUNET_REVOCATION_query_cancel (struct GNUNET_REVOCATION_Query *q)
 Cancel key revocation check. More...
 
struct GNUNET_REVOCATION_HandleGNUNET_REVOCATION_revoke (const struct GNUNET_CONFIGURATION_Handle *cfg, const struct GNUNET_CRYPTO_EcdsaPublicKey *key, const struct GNUNET_CRYPTO_EcdsaSignature *sig, uint64_t pow, GNUNET_REVOCATION_Callback func, void *func_cls)
 Perform key revocation. More...
 
void GNUNET_REVOCATION_revoke_cancel (struct GNUNET_REVOCATION_Handle *h)
 Cancel key revocation. More...
 
int GNUNET_REVOCATION_check_pow (const struct GNUNET_CRYPTO_EcdsaPublicKey *key, uint64_t pow, unsigned int matching_bits)
 Check if the given proof-of-work value would be acceptable for revoking the given key. More...
 
void GNUNET_REVOCATION_sign_revocation (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, struct GNUNET_CRYPTO_EcdsaSignature *sig)
 Create a revocation signature. More...
 

Detailed Description

Perform and access key revocations.

See also
Documentation

Macro Definition Documentation

◆ GNUNET_REVOCATION_VERSION

#define GNUNET_REVOCATION_VERSION   0x00000000

Version of the key revocation API.

Definition at line 51 of file gnunet_revocation_service.h.

Typedef Documentation

◆ GNUNET_REVOCATION_Callback

typedef void(* GNUNET_REVOCATION_Callback) (void *cls, int is_valid)

Callback to call with the result of a key revocation query.

Parameters
clsclosure
is_validGNUNET_NO of the key is/was revoked, GNUNET_YES if the key is still valid, GNUNET_SYSERR if we had trouble querying the service

Definition at line 67 of file gnunet_revocation_service.h.

Function Documentation

◆ GNUNET_REVOCATION_query()

struct GNUNET_REVOCATION_Query* GNUNET_REVOCATION_query ( const struct GNUNET_CONFIGURATION_Handle cfg,
const struct GNUNET_CRYPTO_EcdsaPublicKey key,
GNUNET_REVOCATION_Callback  func,
void *  func_cls 
)

Check if a key was revoked.

Parameters
cfgthe configuration to use
keykey to check for revocation
funcfuntion to call with the result of the check
func_clsclosure to pass to func
Returns
handle to use in GNUNET_REVOCATION_query_cancel to stop REVOCATION from invoking the callback

Definition at line 109 of file revocation_api.c.

References env, GNUNET_REVOCATION_Query::func, GNUNET_REVOCATION_Query::func_cls, GNUNET_CLIENT_connect(), GNUNET_free, GNUNET_MESSAGE_TYPE_REVOCATION_QUERY, GNUNET_MESSAGE_TYPE_REVOCATION_QUERY_RESPONSE, GNUNET_MQ_handler_end, GNUNET_MQ_hd_fixed_size, GNUNET_MQ_msg, GNUNET_MQ_send(), GNUNET_new, key, QueryMessage::key, GNUNET_REVOCATION_Query::mq, q, query_mq_error_handler(), and QueryMessage::reserved.

Referenced by recursive_gns_resolution_revocation(), and run().

113 {
114  struct GNUNET_REVOCATION_Query *q
117  GNUNET_MQ_hd_fixed_size (revocation_query_response,
119  struct QueryResponseMessage,
120  q),
122  };
123  struct QueryMessage *qm;
124  struct GNUNET_MQ_Envelope *env;
125 
126  q->mq = GNUNET_CLIENT_connect (cfg,
127  "revocation",
128  handlers,
130  q);
131  if (NULL == q->mq)
132  {
133  GNUNET_free (q);
134  return NULL;
135  }
136  q->func = func;
137  q->func_cls = func_cls;
138  env = GNUNET_MQ_msg (qm,
140  qm->reserved = htonl (0);
141  qm->key = *key;
142  GNUNET_MQ_send (q->mq,
143  env);
144  return q;
145 }
#define GNUNET_MESSAGE_TYPE_REVOCATION_QUERY
Client to service: was this key revoked?
struct GNUNET_MQ_Handle * GNUNET_CLIENT_connect(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *service_name, const struct GNUNET_MQ_MessageHandler *handlers, GNUNET_MQ_ErrorHandler error_handler, void *error_handler_cls)
Create a message queue to connect to a GNUnet service.
Definition: client.c:1057
struct GNUNET_MQ_Handle * mq
Message queue to the service.
#define GNUNET_MQ_hd_fixed_size(name, code, str, ctx)
#define GNUNET_MQ_msg(mvar, type)
Allocate a GNUNET_MQ_Envelope.
Definition: gnunet_mq_lib.h:67
#define GNUNET_new(type)
Allocate a struct or union of the given type.
Query key revocation status.
Definition: revocation.h:36
#define GNUNET_MESSAGE_TYPE_REVOCATION_QUERY_RESPONSE
Service to client: answer if key was revoked!
static struct GNUNET_CADET_MessageHandler handlers[]
Handlers, for diverse services.
Key revocation response.
Definition: revocation.h:58
void * func_cls
Closure for func.
Message handler for a specific message type.
static struct GNUNET_REVOCATION_Query * q
Handle for revocation query.
struct GNUNET_HashCode key
The key used in the DHT.
uint32_t reserved
For alignment.
Definition: revocation.h:46
struct GNUNET_MQ_Envelope * env
Definition: 005.c:1
Handle for the key revocation query.
struct GNUNET_CRYPTO_EcdsaPublicKey key
Key to check.
Definition: revocation.h:51
static void query_mq_error_handler(void *cls, enum GNUNET_MQ_Error error)
Generic error handler, called with the appropriate error code and the same closure specified at the c...
GNUNET_REVOCATION_Callback func
Function to call with the result.
void GNUNET_MQ_send(struct GNUNET_MQ_Handle *mq, struct GNUNET_MQ_Envelope *ev)
Send a message with the given message queue.
Definition: mq.c:353
#define GNUNET_MQ_handler_end()
End-marker for the handlers array.
#define GNUNET_free(ptr)
Wrapper around free.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GNUNET_REVOCATION_query_cancel()

void GNUNET_REVOCATION_query_cancel ( struct GNUNET_REVOCATION_Query q)

Cancel key revocation check.

Parameters
qquery to cancel

Definition at line 154 of file revocation_api.c.

References GNUNET_free, GNUNET_MQ_destroy(), and GNUNET_REVOCATION_Query::mq.

Referenced by do_shutdown(), GNS_resolver_lookup_cancel(), handle_revocation_query_response(), and query_mq_error_handler().

155 {
156  if (NULL != q->mq)
157  {
158  GNUNET_MQ_destroy (q->mq);
159  q->mq = NULL;
160  }
161  GNUNET_free (q);
162 }
struct GNUNET_MQ_Handle * mq
Message queue to the service.
void GNUNET_MQ_destroy(struct GNUNET_MQ_Handle *mq)
Destroy the message queue.
Definition: mq.c:824
#define GNUNET_free(ptr)
Wrapper around free.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GNUNET_REVOCATION_revoke()

struct GNUNET_REVOCATION_Handle* GNUNET_REVOCATION_revoke ( const struct GNUNET_CONFIGURATION_Handle cfg,
const struct GNUNET_CRYPTO_EcdsaPublicKey key,
const struct GNUNET_CRYPTO_EcdsaSignature sig,
uint64_t  pow,
GNUNET_REVOCATION_Callback  func,
void *  func_cls 
)

Perform key revocation.

Parameters
cfgthe configuration to use
keypublic key of the key to revoke
sigsignature to use on the revocation (should have been created using GNUNET_REVOCATION_sign_revocation).
powproof of work to use (should have been created by iteratively calling GNUNET_REVOCATION_check_pow)
funcfuntion to call with the result of the check (called with is_valid being GNUNET_NO if the revocation worked).
func_clsclosure to pass to func
Returns
handle to use in GNUNET_REVOCATION_revoke_cancel to stop REVOCATION from invoking the callback

Definition at line 247 of file revocation_api.c.

References env, GNUNET_REVOCATION_Query::func, GNUNET_REVOCATION_Handle::func, GNUNET_REVOCATION_Query::func_cls, GNUNET_REVOCATION_Handle::func_cls, GNUNET_break, GNUNET_CLIENT_connect(), GNUNET_CONFIGURATION_get_value_number(), GNUNET_free, GNUNET_MESSAGE_TYPE_REVOCATION_REVOKE, GNUNET_MESSAGE_TYPE_REVOCATION_REVOKE_RESPONSE, GNUNET_MQ_handler_end, GNUNET_MQ_hd_fixed_size, GNUNET_MQ_msg, GNUNET_MQ_send(), GNUNET_new, GNUNET_OK, GNUNET_REVOCATION_check_pow(), GNUNET_SIGNATURE_PURPOSE_REVOCATION, GNUNET_YES, h, key, matching_bits, GNUNET_REVOCATION_Handle::mq, RevokeMessage::proof_of_work, RevokeMessage::public_key, RevokeMessage::purpose, GNUNET_CRYPTO_EccSignaturePurpose::purpose, RevokeMessage::reserved, revocation_mq_error_handler(), RevokeMessage::signature, and GNUNET_CRYPTO_EccSignaturePurpose::size.

Referenced by perform_revocation().

253 {
257  GNUNET_MQ_hd_fixed_size (revocation_response,
260  h),
262  };
263  unsigned long long matching_bits;
264  struct RevokeMessage *rm;
265  struct GNUNET_MQ_Envelope *env;
266 
267  if ((GNUNET_OK ==
269  "REVOCATION",
270  "WORKBITS",
271  &matching_bits)) &&
272  (GNUNET_YES !=
274  pow,
275  (unsigned int) matching_bits)))
276  {
277  GNUNET_break (0);
278  GNUNET_free (h);
279  return NULL;
280  }
281 
282  h->mq = GNUNET_CLIENT_connect (cfg,
283  "revocation",
284  handlers,
286  h);
287  if (NULL == h->mq)
288  {
289  GNUNET_free (h);
290  return NULL;
291  }
292  h->func = func;
293  h->func_cls = func_cls;
294  env = GNUNET_MQ_msg (rm,
296  rm->reserved = htonl (0);
297  rm->proof_of_work = pow;
299  rm->purpose.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)
300  + sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey));
301  rm->public_key = *key;
302  rm->signature = *sig;
303  GNUNET_MQ_send (h->mq,
304  env);
305  return h;
306 }
struct GNUNET_CRYPTO_EcdsaSignature signature
Signature confirming revocation.
Definition: revocation.h:99
int GNUNET_CONFIGURATION_get_value_number(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *section, const char *option, unsigned long long *number)
Get a configuration value that should be a number.
struct GNUNET_MQ_Handle * mq
Message queue to the service.
struct GNUNET_MQ_Handle * GNUNET_CLIENT_connect(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *service_name, const struct GNUNET_MQ_MessageHandler *handlers, GNUNET_MQ_ErrorHandler error_handler, void *error_handler_cls)
Create a message queue to connect to a GNUnet service.
Definition: client.c:1057
uint32_t purpose
What does this signature vouch for? This must contain a GNUNET_SIGNATURE_PURPOSE_XXX constant (from g...
static void revocation_mq_error_handler(void *cls, enum GNUNET_MQ_Error error)
Generic error handler, called with the appropriate error code and the same closure specified at the c...
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Must have purpose GNUNET_SIGNATURE_PURPOSE_REVOCATION, size expands over the public key...
Definition: revocation.h:105
#define GNUNET_MQ_hd_fixed_size(name, code, str, ctx)
#define GNUNET_MQ_msg(mvar, type)
Allocate a GNUNET_MQ_Envelope.
Definition: gnunet_mq_lib.h:67
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:75
#define GNUNET_new(type)
Allocate a struct or union of the given type.
#define GNUNET_MESSAGE_TYPE_REVOCATION_REVOKE
Client to service OR peer-to-peer: revoke this key!
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
static struct GNUNET_ARM_Handle * h
Connection with ARM.
Definition: gnunet-arm.c:99
header of what an ECC signature signs this must be followed by "size - 8" bytes of the actual signed ...
void * func_cls
Closure for func.
Revoke key.
Definition: revocation.h:79
static struct GNUNET_CADET_MessageHandler handlers[]
Handlers, for diverse services.
#define GNUNET_MESSAGE_TYPE_REVOCATION_REVOKE_RESPONSE
Service to client: revocation confirmed.
uint64_t proof_of_work
Number that causes a hash collision with the public_key.
Definition: revocation.h:94
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!)...
Message handler for a specific message type.
#define GNUNET_SIGNATURE_PURPOSE_REVOCATION
Signature for confirming a key revocation.
struct GNUNET_HashCode key
The key used in the DHT.
struct GNUNET_MQ_Envelope * env
Definition: 005.c:1
Key revocation response.
Definition: revocation.h:117
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and ECDS...
Handle for the key revocation operation.
struct GNUNET_CRYPTO_EcdsaPublicKey public_key
Key to revoke.
Definition: revocation.h:110
GNUNET_REVOCATION_Callback func
Function to call once we are done.
#define GNUNET_YES
Definition: gnunet_common.h:77
void GNUNET_MQ_send(struct GNUNET_MQ_Handle *mq, struct GNUNET_MQ_Envelope *ev)
Send a message with the given message queue.
Definition: mq.c:353
static unsigned long long matching_bits
Number of matching bits required for revocation.
#define GNUNET_MQ_handler_end()
End-marker for the handlers array.
#define GNUNET_free(ptr)
Wrapper around free.
int GNUNET_REVOCATION_check_pow(const struct GNUNET_CRYPTO_EcdsaPublicKey *key, uint64_t pow, unsigned int matching_bits)
Check if the given proof-of-work value would be acceptable for revoking the given key...
uint32_t reserved
For alignment.
Definition: revocation.h:89
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GNUNET_REVOCATION_revoke_cancel()

void GNUNET_REVOCATION_revoke_cancel ( struct GNUNET_REVOCATION_Handle h)

Cancel key revocation.

Parameters
hoperation to cancel

Definition at line 315 of file revocation_api.c.

References GNUNET_free, GNUNET_MQ_destroy(), and GNUNET_REVOCATION_Handle::mq.

Referenced by do_shutdown(), handle_revocation_response(), and revocation_mq_error_handler().

316 {
317  if (NULL != h->mq)
318  {
319  GNUNET_MQ_destroy (h->mq);
320  h->mq = NULL;
321  }
322  GNUNET_free (h);
323 }
struct GNUNET_MQ_Handle * mq
Message queue to the service.
void GNUNET_MQ_destroy(struct GNUNET_MQ_Handle *mq)
Destroy the message queue.
Definition: mq.c:824
#define GNUNET_free(ptr)
Wrapper around free.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GNUNET_REVOCATION_check_pow()

int GNUNET_REVOCATION_check_pow ( const struct GNUNET_CRYPTO_EcdsaPublicKey key,
uint64_t  pow,
unsigned int  matching_bits 
)

Check if the given proof-of-work value would be acceptable for revoking the given key.

Parameters
keykey to check for
powproof of work value
matching_bitshow many bits must match (configuration)
Returns
GNUNET_YES if the pow is acceptable, GNUNET_NO if not

Definition at line 377 of file revocation_api.c.

References buf, count_leading_zeroes(), GNUNET_memcpy, GNUNET_NO, GNUNET_YES, and pow_hash().

Referenced by block_plugin_revocation_evaluate(), calculate_pow(), ego_callback(), GNUNET_REVOCATION_revoke(), run(), and verify_revoke_message().

380 {
381  char buf[sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)
382  + sizeof(pow)] GNUNET_ALIGN;
383  struct GNUNET_HashCode result;
384 
385  GNUNET_memcpy (buf, &pow, sizeof(pow));
386  GNUNET_memcpy (&buf[sizeof(pow)], key,
387  sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey));
388  pow_hash (buf, sizeof(buf), &result);
389  return (count_leading_zeroes (&result) >=
391 }
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
#define GNUNET_NO
Definition: gnunet_common.h:78
static unsigned int count_leading_zeroes(const struct GNUNET_HashCode *hash)
Count the leading zeroes in hash.
static char buf[2048]
static int result
Global testing status.
A 512-bit hashcode.
#define GNUNET_ALIGN
gcc-ism to force alignment; we use this to align char-arrays that may then be cast to 'struct's...
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and ECDS...
static void pow_hash(const void *buf, size_t buf_len, struct GNUNET_HashCode *result)
Calculate the 'proof-of-work' hash (an expensive hash).
#define GNUNET_YES
Definition: gnunet_common.h:77
static unsigned long long matching_bits
Number of matching bits required for revocation.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GNUNET_REVOCATION_sign_revocation()

void GNUNET_REVOCATION_sign_revocation ( const struct GNUNET_CRYPTO_EcdsaPrivateKey key,
struct GNUNET_CRYPTO_EcdsaSignature sig 
)

Create a revocation signature.

Parameters
keyprivate key of the key to revoke
sigwhere to write the revocation signature

Definition at line 401 of file revocation_api.c.

References GNUNET_assert, GNUNET_CRYPTO_ecdsa_key_get_public(), GNUNET_CRYPTO_ecdsa_sign(), GNUNET_OK, GNUNET_SIGNATURE_PURPOSE_REVOCATION, RevokeMessage::public_key, RevokeMessage::purpose, GNUNET_CRYPTO_EccSignaturePurpose::purpose, and GNUNET_CRYPTO_EccSignaturePurpose::size.

Referenced by ego_callback().

404 {
405  struct RevokeMessage rm;
406 
408  rm.purpose.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)
409  + sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey));
410  GNUNET_CRYPTO_ecdsa_key_get_public (key, &rm.public_key);
413  &rm.purpose,
414  sig));
415 }
uint32_t purpose
What does this signature vouch for? This must contain a GNUNET_SIGNATURE_PURPOSE_XXX constant (from g...
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Must have purpose GNUNET_SIGNATURE_PURPOSE_REVOCATION, size expands over the public key...
Definition: revocation.h:105
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:75
header of what an ECC signature signs this must be followed by "size - 8" bytes of the actual signed ...
int GNUNET_CRYPTO_ecdsa_sign(const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, struct GNUNET_CRYPTO_EcdsaSignature *sig)
ECDSA Sign a given block.
Definition: crypto_ecc.c:929
Revoke key.
Definition: revocation.h:79
#define GNUNET_SIGNATURE_PURPOSE_REVOCATION
Signature for confirming a key revocation.
void GNUNET_CRYPTO_ecdsa_key_get_public(const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:239
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and ECDS...
Here is the call graph for this function:
Here is the caller graph for this function: