tool for revoking public keys More...

#include "platform.h"
#include "gnunet_util_lib.h"
#include "gnunet_revocation_service.h"
#include "gnunet_identity_service.h"

Include dependency graph for gnunet-revocation.c:

Functions
static void	do_shutdown (void *cls)
	Function run if the user aborts with CTRL-C. More...

static void	print_query_result (void *cls, int is_valid)
	Print the result from a revocation query. More...

static void	print_revocation_result (void *cls, int is_valid)
	Print the result from a revocation request. More...

static void	perform_revocation ()
	Perform the revocation. More...

static void	sync_pow ()
	Write the current state of the revocation data to disk. More...

static void	calculate_pow_shutdown (void *cls)
	Perform the proof-of-work calculation. More...

static void	calculate_pow (void *cls)
	Perform the proof-of-work calculation. More...

static void	ego_callback (void cls, struct GNUNET_IDENTITY_Ego ego)
	Function called with the result from the ego lookup. More...

static void	run (void cls, char const args, const char cfgfile, const struct GNUNET_CONFIGURATION_Handle *c)
	Main function that will be run by the scheduler. More...

int	main (int argc, char const argv)
	The main function of gnunet-revocation. More...

Variables
static unsigned int	pow_passes = 1
	Pow passes. More...

static int	ret
	Final status code. More...

static int	perform
	Was "-p" specified? More...

static char *	filename
	-f option. More...

static char *	revoke_ego
	-R option More...

static char *	test_ego
	-t option. More...

static unsigned int	epochs = 1
	-e option. More...

static struct GNUNET_REVOCATION_Query *	q
	Handle for revocation query. More...

static struct GNUNET_REVOCATION_Handle *	h
	Handle for revocation. More...

static struct GNUNET_IDENTITY_EgoLookup *	el
	Handle for our ego lookup. More...

static const struct GNUNET_CONFIGURATION_Handle *	cfg
	Our configuration. More...

static unsigned long long	matching_bits
	Number of matching bits required for revocation. More...

static struct GNUNET_TIME_Relative	epoch_duration
	Epoch length. More...

static struct GNUNET_SCHEDULER_Task *	pow_task
	Task used for proof-of-work calculation. More...

static struct GNUNET_REVOCATION_PowP *	proof_of_work
	Proof-of-work object. More...

Detailed Description

tool for revoking public keys

Author: Christian Grothoff

Definition in file gnunet-revocation.c.

Function Documentation

◆ do_shutdown()

static void do_shutdown ( void * cls )

static

Function run if the user aborts with CTRL-C.

Parameters

cls closure

Definition at line 112 of file gnunet-revocation.c.

 {
   fprintf (stderr, "%s", _ ("Shutting down...\n"));
   if (NULL != el)
   {
     GNUNET_IDENTITY_ego_lookup_cancel (el);
     el = NULL;
   }
   if (NULL != q)
   {
     GNUNET_REVOCATION_query_cancel (q);
     q = NULL;
   }
   if (NULL != h)
   {
     GNUNET_REVOCATION_revoke_cancel (h);
     h = NULL;
   }
 }

References _, el, GNUNET_IDENTITY_ego_lookup_cancel(), GNUNET_REVOCATION_query_cancel(), GNUNET_REVOCATION_revoke_cancel(), h, and q.

Referenced by run().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ print_query_result()

static void print_query_result	(	void *	cls,
		int	is_valid
	)

static

Print the result from a revocation query.

Parameters

cls	NULL
is_valid	GNUNET_YES if the key is still valid, GNUNET_NO if not, GNUNET_SYSERR on error

Definition at line 140 of file gnunet-revocation.c.

 {
   q = NULL;
   switch (is_valid)
   {
   case GNUNET_YES:
     fprintf (stdout, _ ("Key `%s' is valid\n"), test_ego);
     break;
  
   case GNUNET_NO:
     fprintf (stdout, _ ("Key `%s' has been revoked\n"), test_ego);
     break;
  
   case GNUNET_SYSERR:
     fprintf (stdout, "%s", _ ("Internal error\n"));
     break;
  
   default:
     GNUNET_break (0);
     break;
   }
   GNUNET_SCHEDULER_shutdown ();
 }

References _, GNUNET_break, GNUNET_NO, GNUNET_SCHEDULER_shutdown(), GNUNET_SYSERR, GNUNET_YES, q, and test_ego.

Referenced by run().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ print_revocation_result()

static void print_revocation_result	(	void *	cls,
		int	is_valid
	)

static

Print the result from a revocation request.

Parameters

cls	NULL
is_valid	GNUNET_YES if the key is still valid, GNUNET_NO if not, GNUNET_SYSERR on error

Definition at line 172 of file gnunet-revocation.c.

 {
   h = NULL;
   switch (is_valid)
   {
   case GNUNET_YES:
     if (NULL != revoke_ego)
       fprintf (stdout,
                _ ("Key for ego `%s' is still valid, revocation failed (!)\n"),
                revoke_ego);
     else
       fprintf (stdout, "%s", _ ("Revocation failed (!)\n"));
     break;
  
   case GNUNET_NO:
     if (NULL != revoke_ego)
       fprintf (stdout,
                _ ("Key for ego `%s' has been successfully revoked\n"),
                revoke_ego);
     else
       fprintf (stdout, "%s", _ ("Revocation successful.\n"));
     break;
  
   case GNUNET_SYSERR:
     fprintf (stdout,
              "%s",
              _ ("Internal error, key revocation might have failed\n"));
     break;
  
   default:
     GNUNET_break (0);
     break;
   }
   GNUNET_SCHEDULER_shutdown ();
 }

References _, GNUNET_break, GNUNET_NO, GNUNET_SCHEDULER_shutdown(), GNUNET_SYSERR, GNUNET_YES, h, and revoke_ego.

Referenced by perform_revocation().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ perform_revocation()

static void perform_revocation ( )

static

Perform the revocation.

Definition at line 213 of file gnunet-revocation.c.

 {
   h = GNUNET_REVOCATION_revoke (cfg,
                                 proof_of_work,
                                 &print_revocation_result,
                                 NULL);
 }

References cfg, GNUNET_REVOCATION_revoke(), h, print_revocation_result(), and proof_of_work.

Referenced by calculate_pow(), ego_callback(), and run().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ sync_pow()

static void sync_pow ( )

static

Write the current state of the revocation data to disk.

Parameters

rd	data to sync

Definition at line 229 of file gnunet-revocation.c.

 {
   size_t psize = GNUNET_REVOCATION_proof_get_size (proof_of_work);
   if ((NULL != filename) &&
       (GNUNET_OK !=
        GNUNET_DISK_fn_write (filename,
                              proof_of_work,
                              psize,
                              GNUNET_DISK_PERM_USER_READ
                              | GNUNET_DISK_PERM_USER_WRITE)))
     GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, "write", filename);
 }

References filename, GNUNET_DISK_fn_write(), GNUNET_DISK_PERM_USER_READ, GNUNET_DISK_PERM_USER_WRITE, GNUNET_ERROR_TYPE_ERROR, GNUNET_log_strerror_file, GNUNET_OK, GNUNET_REVOCATION_proof_get_size(), and proof_of_work.

Referenced by calculate_pow(), and calculate_pow_shutdown().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ calculate_pow_shutdown()

static void calculate_pow_shutdown ( void * cls )

static

Perform the proof-of-work calculation.

Parameters

cls	the `struct RevocationData`

Definition at line 249 of file gnunet-revocation.c.

 {
   struct GNUNET_REVOCATION_PowCalculationHandle *ph = cls;
   fprintf (stderr, "%s", _ ("Cancelling calculation.\n"));
   sync_pow ();
   if (NULL != pow_task)
   {
     GNUNET_SCHEDULER_cancel (pow_task);
     pow_task = NULL;
   }
   if (NULL != ph)
     GNUNET_REVOCATION_pow_stop (ph);
 }

References _, GNUNET_REVOCATION_pow_stop(), GNUNET_SCHEDULER_cancel(), ph, pow_task, and sync_pow().

Referenced by ego_callback(), and run().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ calculate_pow()

static void calculate_pow ( void * cls )

static

Perform the proof-of-work calculation.

Parameters

cls	the `struct RevocationData`

Definition at line 270 of file gnunet-revocation.c.

 {
   struct GNUNET_REVOCATION_PowCalculationHandle *ph = cls;
   size_t psize;
  
   /* store temporary results */
   pow_task = NULL;
   if (0 == (pow_passes % 128))
     sync_pow ();
   /* actually do POW calculation */
   if (GNUNET_OK == GNUNET_REVOCATION_pow_round (ph))
   {
     psize = GNUNET_REVOCATION_proof_get_size (proof_of_work);
     if (NULL != filename)
     {
       (void) GNUNET_DISK_directory_remove (filename);
       if (GNUNET_OK !=
           GNUNET_DISK_fn_write (filename,
                                 proof_of_work,
                                 psize,
                                 GNUNET_DISK_PERM_USER_READ
                                 | GNUNET_DISK_PERM_USER_WRITE))
         GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, "write", filename);
     }
     if (perform)
     {
       perform_revocation ();
     }
     else
     {
       fprintf (stderr, "%s", "\n");
       fprintf (stderr,
                _ ("Revocation certificate for `%s' stored in `%s'\n"),
                revoke_ego,
                filename);
       GNUNET_SCHEDULER_shutdown ();
     }
     return;
   }
   pow_passes++;
   pow_task = GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_MILLISECONDS,
                                            &calculate_pow,
                                            ph);
  
 }

References _, filename, GNUNET_DISK_directory_remove(), GNUNET_DISK_fn_write(), GNUNET_DISK_PERM_USER_READ, GNUNET_DISK_PERM_USER_WRITE, GNUNET_ERROR_TYPE_ERROR, GNUNET_log_strerror_file, GNUNET_OK, GNUNET_REVOCATION_pow_round(), GNUNET_REVOCATION_proof_get_size(), GNUNET_SCHEDULER_add_delayed(), GNUNET_SCHEDULER_shutdown(), GNUNET_TIME_UNIT_MILLISECONDS, perform, perform_revocation(), ph, pow_passes, pow_task, proof_of_work, revoke_ego, and sync_pow().

Referenced by ego_callback(), and run().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ ego_callback()

static void ego_callback	(	void *	cls,
		struct GNUNET_IDENTITY_Ego *	ego
	)

static

Function called with the result from the ego lookup.

Parameters

cls	closure
ego	the ego, NULL if not found

Certificate not yet ready

Definition at line 324 of file gnunet-revocation.c.

 {
   struct GNUNET_IDENTITY_PublicKey key;
   const struct GNUNET_IDENTITY_PrivateKey *privkey;
   struct GNUNET_REVOCATION_PowCalculationHandle *ph = NULL;
   size_t psize;
  
   el = NULL;
   if (NULL == ego)
   {
     fprintf (stdout, _ ("Ego `%s' not found.\n"), revoke_ego);
     GNUNET_SCHEDULER_shutdown ();
     return;
   }
   GNUNET_IDENTITY_ego_get_public_key (ego, &key);
   privkey = GNUNET_IDENTITY_ego_get_private_key (ego);
   proof_of_work = GNUNET_malloc (GNUNET_REVOCATION_MAX_PROOF_SIZE);
   if ((NULL != filename) && (GNUNET_YES == GNUNET_DISK_file_test (filename)) &&
       (0 < (psize =
               GNUNET_DISK_fn_read (filename, proof_of_work,
                                    GNUNET_REVOCATION_MAX_PROOF_SIZE))))
   {
     ssize_t ksize = GNUNET_IDENTITY_public_key_get_length (&key);
     if (0 > ksize)
     {
       fprintf (stderr,
                _ ("Error: Key is invalid\n"));
       return;
     }
     if (((psize - sizeof (*proof_of_work)) < ksize) || // Key too small
         (0 != memcmp (&proof_of_work[1], &key, ksize))) // Keys do not match
     {
       fprintf (stderr,
                _ ("Error: revocation certificate in `%s' is not for `%s'\n"),
                filename,
                revoke_ego);
       return;
     }
     if (GNUNET_YES ==
         GNUNET_REVOCATION_check_pow (proof_of_work,
                                      (unsigned int) matching_bits,
                                      epoch_duration))
     {
       fprintf (stderr, "%s", _ ("Revocation certificate ready\n"));
       if (perform)
         perform_revocation ();
       else
         GNUNET_SCHEDULER_shutdown ();
       return;
     }
     fprintf (stderr,
              "%s",
              _ ("Continuing calculation where left off...\n"));
     ph = GNUNET_REVOCATION_pow_start (proof_of_work,
                                       epochs,
                                       matching_bits);
   }
   fprintf (stderr,
            "%s",
            _ ("Revocation certificate not ready, calculating proof of work\n"));
   if (NULL == ph)
   {
     GNUNET_REVOCATION_pow_init (privkey,
                                 proof_of_work);
     ph = GNUNET_REVOCATION_pow_start (proof_of_work,
                                       epochs, /* Epochs */
                                       matching_bits);
   }
   pow_task = GNUNET_SCHEDULER_add_now (&calculate_pow, ph);
   GNUNET_SCHEDULER_add_shutdown (&calculate_pow_shutdown, ph);
 }

References _, calculate_pow(), calculate_pow_shutdown(), el, epoch_duration, epochs, filename, GNUNET_DISK_file_test(), GNUNET_DISK_fn_read(), GNUNET_IDENTITY_ego_get_private_key(), GNUNET_IDENTITY_ego_get_public_key(), GNUNET_IDENTITY_public_key_get_length(), GNUNET_malloc, GNUNET_REVOCATION_check_pow(), GNUNET_REVOCATION_MAX_PROOF_SIZE, GNUNET_REVOCATION_pow_init(), GNUNET_REVOCATION_pow_start(), GNUNET_SCHEDULER_add_now(), GNUNET_SCHEDULER_add_shutdown(), GNUNET_SCHEDULER_shutdown(), GNUNET_YES, key, matching_bits, perform, perform_revocation(), ph, pow_task, proof_of_work, and revoke_ego.

Referenced by run().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ run()

static void run	(	void *	cls,
		char const	args,
		const char *	cfgfile,
		const struct GNUNET_CONFIGURATION_Handle *	c
	)

static

Main function that will be run by the scheduler.

Parameters

cls	closure
args	remaining command-line arguments
cfgfile	name of the configuration file used (for saving, can be NULL!)
c	configuration

Definition at line 409 of file gnunet-revocation.c.

 {
   struct GNUNET_IDENTITY_PublicKey pk;
   size_t psize;
  
   cfg = c;
   if (NULL != test_ego)
   {
     if (GNUNET_OK !=
         GNUNET_IDENTITY_public_key_from_string (test_ego,
                                                 &pk))
     {
       fprintf (stderr, _ ("Public key `%s' malformed\n"), test_ego);
       return;
     }
     GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL);
     q = GNUNET_REVOCATION_query (cfg, &pk, &print_query_result, NULL);
     if (NULL != revoke_ego)
       fprintf (
         stderr,
         "%s",
         _ (
           "Testing and revoking at the same time is not allowed, only executing test.\n"));
     return;
   }
   if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_number (cfg,
                                                           "REVOCATION",
                                                           "WORKBITS",
                                                           &matching_bits))
   {
     GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
                                "REVOCATION",
                                "WORKBITS");
     return;
   }
   if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_time (cfg,
                                                         "REVOCATION",
                                                         "EPOCH_DURATION",
                                                         &epoch_duration))
   {
     GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
                                "REVOCATION",
                                "EPOCH_DURATION");
     return;
   }
  
   if (NULL != revoke_ego)
   {
     if (! perform && (NULL == filename))
     {
       fprintf (stderr,
                "%s",
                _ ("No filename to store revocation certificate given.\n"));
       return;
     }
     /* main code here */
     el = GNUNET_IDENTITY_ego_lookup (cfg, revoke_ego, &ego_callback, NULL);
     GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL);
     return;
   }
   if ((NULL != filename) && (perform))
   {
     size_t bread;
     proof_of_work = GNUNET_malloc (GNUNET_REVOCATION_MAX_PROOF_SIZE);
     if (0 < (bread = GNUNET_DISK_fn_read (filename,
                                           proof_of_work,
                                           GNUNET_REVOCATION_MAX_PROOF_SIZE)))
     {
       fprintf (stderr,
                _ ("Failed to read revocation certificate from `%s'\n"),
                filename);
       return;
     }
     psize = GNUNET_REVOCATION_proof_get_size (proof_of_work);
     if (bread != psize)
     {
       fprintf (stderr,
                _ ("Revocation certificate corrupted in `%s'\n"),
                filename);
       return;
     }
     GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL);
     if (GNUNET_YES !=
         GNUNET_REVOCATION_check_pow (proof_of_work,
                                      (unsigned int) matching_bits,
                                      epoch_duration))
     {
       struct GNUNET_REVOCATION_PowCalculationHandle *ph;
       ph = GNUNET_REVOCATION_pow_start (proof_of_work,
                                         epochs, /* Epochs */
                                         matching_bits);
  
       pow_task = GNUNET_SCHEDULER_add_now (&calculate_pow, ph);
       GNUNET_SCHEDULER_add_shutdown (&calculate_pow_shutdown, ph);
       return;
     }
     perform_revocation ();
     return;
   }
   fprintf (stderr, "%s", _ ("No action specified. Nothing to do.\n"));
 }

References _, calculate_pow(), calculate_pow_shutdown(), cfg, do_shutdown(), ego_callback(), el, epoch_duration, epochs, filename, GNUNET_CONFIGURATION_get_value_number(), GNUNET_CONFIGURATION_get_value_time(), GNUNET_DISK_fn_read(), GNUNET_ERROR_TYPE_ERROR, GNUNET_IDENTITY_ego_lookup(), GNUNET_IDENTITY_public_key_from_string(), GNUNET_log_config_missing(), GNUNET_malloc, GNUNET_OK, GNUNET_REVOCATION_check_pow(), GNUNET_REVOCATION_MAX_PROOF_SIZE, GNUNET_REVOCATION_pow_start(), GNUNET_REVOCATION_proof_get_size(), GNUNET_REVOCATION_query(), GNUNET_SCHEDULER_add_now(), GNUNET_SCHEDULER_add_shutdown(), GNUNET_YES, matching_bits, perform, perform_revocation(), ph, pk, pow_task, print_query_result(), proof_of_work, q, revoke_ego, and test_ego.

Referenced by main().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ main()

int main	(	int	argc,
		char const	argv
	)

The main function of gnunet-revocation.

Parameters

argc	number of arguments from the command line
argv	command line arguments

Returns: 0 ok, 1 on error

Definition at line 523 of file gnunet-revocation.c.

 {
   struct GNUNET_GETOPT_CommandLineOption options[] = {
     GNUNET_GETOPT_option_string ('f',
                                  "filename",
                                  "NAME",
                                  gettext_noop (
                                    "use NAME for the name of the revocation file"),
                                  &filename),
  
     GNUNET_GETOPT_option_string (
       'R',
       "revoke",
       "NAME",
       gettext_noop (
         "revoke the private key associated for the the private key associated with the ego NAME "),
       &revoke_ego),
  
     GNUNET_GETOPT_option_flag (
       'p',
       "perform",
       gettext_noop (
         "actually perform revocation, otherwise we just do the precomputation"),
       &perform),
  
     GNUNET_GETOPT_option_string ('t',
                                  "test",
                                  "KEY",
                                  gettext_noop (
                                    "test if the public key KEY has been revoked"),
                                  &test_ego),
     GNUNET_GETOPT_option_uint ('e',
                                "epochs",
                                "EPOCHS",
                                gettext_noop (
                                  "number of epochs to calculate for"),
                                &epochs),
  
     GNUNET_GETOPT_OPTION_END
   };
  
   if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
     return 2;
  
   ret = (GNUNET_OK == GNUNET_PROGRAM_run (argc,
                                           argv,
                                           "gnunet-revocation",
                                           gettext_noop ("help text"),
                                           options,
                                           &run,
                                           NULL))
         ? ret
         : 1;
   GNUNET_free_nz ((void *) argv);
   return ret;
 }