GNUnet  0.11.x
gnunet-revocation.c
Go to the documentation of this file.
1 /*
2  This file is part of GNUnet.
3  Copyright (C) 2013 GNUnet e.V.
4 
5  GNUnet is free software: you can redistribute it and/or modify it
6  under the terms of the GNU Affero General Public License as published
7  by the Free Software Foundation, either version 3 of the License,
8  or (at your option) any later version.
9 
10  GNUnet is distributed in the hope that it will be useful, but
11  WITHOUT ANY WARRANTY; without even the implied warranty of
12  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  Affero General Public License for more details.
14 
15  You should have received a copy of the GNU Affero General Public License
16  along with this program. If not, see <http://www.gnu.org/licenses/>.
17 
18  SPDX-License-Identifier: AGPL3.0-or-later
19  */
20 
26 #include "platform.h"
27 #include "gnunet_util_lib.h"
30 
31 
35 static int ret;
36 
40 static int perform;
41 
45 static char *filename;
46 
50 static char *revoke_ego;
51 
55 static char *test_ego;
56 
60 static struct GNUNET_REVOCATION_Query *q;
61 
65 static struct GNUNET_REVOCATION_Handle *h;
66 
71 
75 static const struct GNUNET_CONFIGURATION_Handle *cfg;
76 
80 static unsigned long long matching_bits;
81 
86 
87 
93 static void
94 do_shutdown (void *cls)
95 {
96  if (NULL != el)
97  {
99  el = NULL;
100  }
101  if (NULL != q)
102  {
104  q = NULL;
105  }
106  if (NULL != h)
107  {
109  h = NULL;
110  }
111 }
112 
113 
120 static void
121 print_query_result (void *cls, int is_valid)
122 {
123  q = NULL;
124  switch (is_valid)
125  {
126  case GNUNET_YES:
127  fprintf (stdout, _ ("Key `%s' is valid\n"), test_ego);
128  break;
129 
130  case GNUNET_NO:
131  fprintf (stdout, _ ("Key `%s' has been revoked\n"), test_ego);
132  break;
133 
134  case GNUNET_SYSERR:
135  fprintf (stdout, "%s", _ ("Internal error\n"));
136  break;
137 
138  default:
139  GNUNET_break (0);
140  break;
141  }
143 }
144 
145 
152 static void
153 print_revocation_result (void *cls, int is_valid)
154 {
155  h = NULL;
156  switch (is_valid)
157  {
158  case GNUNET_YES:
159  if (NULL != revoke_ego)
160  fprintf (stdout,
161  _ ("Key for ego `%s' is still valid, revocation failed (!)\n"),
162  revoke_ego);
163  else
164  fprintf (stdout, "%s", _ ("Revocation failed (!)\n"));
165  break;
166 
167  case GNUNET_NO:
168  if (NULL != revoke_ego)
169  fprintf (stdout,
170  _ ("Key for ego `%s' has been successfully revoked\n"),
171  revoke_ego);
172  else
173  fprintf (stdout, "%s", _ ("Revocation successful.\n"));
174  break;
175 
176  case GNUNET_SYSERR:
177  fprintf (stdout,
178  "%s",
179  _ ("Internal error, key revocation might have failed\n"));
180  break;
181 
182  default:
183  GNUNET_break (0);
184  break;
185  }
187 }
188 
189 
194 {
199 
204 
208  uint64_t pow GNUNET_PACKED;
209 };
210 
211 
215 static void
217 {
218  h = GNUNET_REVOCATION_revoke (cfg,
219  &rd->key,
220  &rd->sig,
221  rd->pow,
223  NULL);
224 }
225 
226 
233 static void
234 sync_rd (const struct RevocationData *rd)
235 {
236  if ((NULL != filename) &&
237  (sizeof(struct RevocationData) ==
239  &rd,
240  sizeof(rd),
244 }
245 
246 
252 static void
254 {
255  struct RevocationData *rd = cls;
256 
257  if (NULL != pow_task)
258  {
259  GNUNET_SCHEDULER_cancel (pow_task);
260  pow_task = NULL;
261  }
262  sync_rd (rd);
263  GNUNET_free (rd);
264 }
265 
266 
272 static void
273 calculate_pow (void *cls)
274 {
275  struct RevocationData *rd = cls;
276 
277  /* store temporary results */
278  pow_task = NULL;
279  if (0 == (rd->pow % 128))
280  sync_rd (rd);
281  /* display progress estimate */
282  if ((0 == ((1 << matching_bits) / 100 / 50)) ||
283  (0 == (rd->pow % ((1 << matching_bits) / 100 / 50))))
284  fprintf (stderr, "%s", ".");
285  if ((0 != rd->pow) && ((0 == ((1 << matching_bits) / 100)) ||
286  (0 == (rd->pow % ((1 << matching_bits) / 100)))))
287  fprintf (stderr,
288  " - @ %3u%% (estimate)\n",
289  (unsigned int) (rd->pow * 100) / (1 << matching_bits));
290  /* actually do POW calculation */
291  rd->pow++;
293  rd->pow,
294  (unsigned int) matching_bits))
295  {
296  if ((NULL != filename) &&
297  (sizeof(struct RevocationData) !=
299  rd,
300  sizeof(struct RevocationData),
304  if (perform)
305  {
306  perform_revocation (rd);
307  }
308  else
309  {
310  fprintf (stderr, "%s", "\n");
311  fprintf (stderr,
312  _ ("Revocation certificate for `%s' stored in `%s'\n"),
313  revoke_ego,
314  filename);
316  }
317  return;
318  }
319  pow_task = GNUNET_SCHEDULER_add_now (&calculate_pow, rd);
320 }
321 
322 
329 static void
330 ego_callback (void *cls, const struct GNUNET_IDENTITY_Ego *ego)
331 {
332  struct RevocationData *rd;
333  struct GNUNET_CRYPTO_EcdsaPublicKey key;
334 
335  el = NULL;
336  if (NULL == ego)
337  {
338  fprintf (stdout, _ ("Ego `%s' not found.\n"), revoke_ego);
340  return;
341  }
343  rd = GNUNET_new (struct RevocationData);
344  if ((NULL != filename) && (GNUNET_YES == GNUNET_DISK_file_test (filename)) &&
345  (sizeof(struct RevocationData) ==
346  GNUNET_DISK_fn_read (filename, rd, sizeof(struct RevocationData))))
347  {
348  if (0 != GNUNET_memcmp (&rd->key, &key))
349  {
350  fprintf (stderr,
351  _ ("Error: revocation certificate in `%s' is not for `%s'\n"),
352  filename,
353  revoke_ego);
354  GNUNET_free (rd);
355  return;
356  }
357  }
358  else
359  {
361  ego),
362  &rd->sig);
363  rd->key = key;
364  }
365  if (GNUNET_YES ==
366  GNUNET_REVOCATION_check_pow (&key, rd->pow, (unsigned int) matching_bits))
367  {
368  fprintf (stderr, "%s", _ ("Revocation certificate ready\n"));
369  if (perform)
370  perform_revocation (rd);
371  else
373  GNUNET_free (rd);
374  return;
375  }
376  fprintf (stderr,
377  "%s",
378  _ ("Revocation certificate not ready, calculating proof of work\n"));
379  pow_task = GNUNET_SCHEDULER_add_now (&calculate_pow, rd);
381 }
382 
383 
392 static void
393 run (void *cls,
394  char *const *args,
395  const char *cfgfile,
396  const struct GNUNET_CONFIGURATION_Handle *c)
397 {
399  struct RevocationData rd;
400 
401  cfg = c;
402  if (NULL != test_ego)
403  {
404  if (GNUNET_OK !=
406  strlen (test_ego),
407  &pk))
408  {
409  fprintf (stderr, _ ("Public key `%s' malformed\n"), test_ego);
410  return;
411  }
413  q = GNUNET_REVOCATION_query (cfg, &pk, &print_query_result, NULL);
414  if (NULL != revoke_ego)
415  fprintf (
416  stderr,
417  "%s",
418  _ (
419  "Testing and revoking at the same time is not allowed, only executing test.\n"));
420  return;
421  }
423  "REVOCATION",
424  "WORKBITS",
425  &matching_bits))
426  {
428  "REVOCATION",
429  "WORKBITS");
430  return;
431  }
432  if (NULL != revoke_ego)
433  {
434  if (! perform && (NULL == filename))
435  {
436  fprintf (stderr,
437  "%s",
438  _ ("No filename to store revocation certificate given.\n"));
439  return;
440  }
441  /* main code here */
444  return;
445  }
446  if ((NULL != filename) && (perform))
447  {
448  if (sizeof(rd) != GNUNET_DISK_fn_read (filename, &rd, sizeof(rd)))
449  {
450  fprintf (stderr,
451  _ ("Failed to read revocation certificate from `%s'\n"),
452  filename);
453  return;
454  }
456  if (GNUNET_YES !=
458  rd.pow,
459  (unsigned int) matching_bits))
460  {
461  struct RevocationData *cp = GNUNET_new (struct RevocationData);
462 
463  *cp = rd;
464  pow_task = GNUNET_SCHEDULER_add_now (&calculate_pow, cp);
466  return;
467  }
468  perform_revocation (&rd);
469  return;
470  }
471  fprintf (stderr, "%s", _ ("No action specified. Nothing to do.\n"));
472 }
473 
474 
482 int
483 main (int argc, char *const *argv)
484 {
485  struct GNUNET_GETOPT_CommandLineOption options[] = {
487  "filename",
488  "NAME",
489  gettext_noop (
490  "use NAME for the name of the revocation file"),
491  &filename),
492 
494  'R',
495  "revoke",
496  "NAME",
497  gettext_noop (
498  "revoke the private key associated for the the private key associated with the ego NAME "),
499  &revoke_ego),
500 
502  'p',
503  "perform",
504  gettext_noop (
505  "actually perform revocation, otherwise we just do the precomputation"),
506  &perform),
507 
509  "test",
510  "KEY",
511  gettext_noop (
512  "test if the public key KEY has been revoked"),
513  &test_ego),
514 
516  };
517 
518  if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
519  return 2;
520 
521  ret = (GNUNET_OK == GNUNET_PROGRAM_run (argc,
522  argv,
523  "gnunet-revocation",
524  gettext_noop ("help text"),
525  options,
526  &run,
527  NULL))
528  ? ret
529  : 1;
530  GNUNET_free ((void *) argv);
531  return ret;
532 }
533 
534 
535 /* end of gnunet-revocation.c */
int GNUNET_DISK_file_test(const char *fil)
Check that fil corresponds to a filename (of a file that exists and that is not a directory)...
Definition: disk.c:544
static struct GNUNET_IDENTITY_EgoLookup * el
Handle for our ego lookup.
static void sync_rd(const struct RevocationData *rd)
Write the current state of the revocation data to disk.
void GNUNET_REVOCATION_query_cancel(struct GNUNET_REVOCATION_Query *q)
Cancel key revocation check.
void GNUNET_IDENTITY_ego_lookup_cancel(struct GNUNET_IDENTITY_EgoLookup *el)
Abort ego lookup attempt.
Handle for ego lookup.
int GNUNET_CONFIGURATION_get_value_number(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *section, const char *option, unsigned long long *number)
Get a configuration value that should be a number.
static const struct GNUNET_CONFIGURATION_Handle * cfg
Our configuration.
struct GNUNET_REVOCATION_Handle * GNUNET_REVOCATION_revoke(const struct GNUNET_CONFIGURATION_Handle *cfg, const struct GNUNET_CRYPTO_EcdsaPublicKey *key, const struct GNUNET_CRYPTO_EcdsaSignature *sig, uint64_t pow, GNUNET_REVOCATION_Callback func, void *func_cls)
Perform key revocation.
static char * filename
-f option.
static int ret
Final status code.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_shutdown(GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run on shutdown, that is when a CTRL-C signal is received, or when GNUNET_SCHEDULER_shutdown() is being invoked.
Definition: scheduler.c:1300
void GNUNET_REVOCATION_sign_revocation(const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, struct GNUNET_CRYPTO_EcdsaSignature *sig)
Create a revocation signature.
int GNUNET_STRINGS_get_utf8_args(int argc, char *const *argv, int *u8argc, char *const **u8argv)
Returns utf-8 encoded arguments.
Definition: strings.c:1438
static void ego_callback(void *cls, const struct GNUNET_IDENTITY_Ego *ego)
Function called with the result from the ego lookup.
const struct GNUNET_CRYPTO_EcdsaPrivateKey * GNUNET_IDENTITY_ego_get_private_key(const struct GNUNET_IDENTITY_Ego *ego)
Obtain the ECC key associated with a ego.
Definition: identity_api.c:555
#define GNUNET_NO
Definition: gnunet_common.h:78
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:75
struct GNUNET_CRYPTO_EcdsaPublicKey key
Public key.
int main(int argc, char *const *argv)
The main function of gnunet-revocation.
#define GNUNET_new(type)
Allocate a struct or union of the given type.
Definition of a command line option.
void GNUNET_SCHEDULER_shutdown(void)
Request the shutdown of a scheduler.
Definition: scheduler.c:526
static void print_query_result(void *cls, int is_valid)
Print the result from a revocation query.
static struct GNUNET_SCHEDULER_Task * pow_task
Task used for proof-of-work calculation.
ssize_t GNUNET_DISK_fn_write(const char *fn, const void *buffer, size_t n, enum GNUNET_DISK_AccessPermissions mode)
Write a buffer to a file.
Definition: disk.c:880
static void run(void *cls, char *const *args, const char *cfgfile, const struct GNUNET_CONFIGURATION_Handle *c)
Main function that will be run by the scheduler.
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
struct GNUNET_GETOPT_CommandLineOption GNUNET_GETOPT_OPTION_END
Definition: 002.c:13
struct GNUNET_GETOPT_CommandLineOption GNUNET_GETOPT_option_string(char shortName, const char *name, const char *argumentHelp, const char *description, char **str)
Allow user to specify a string.
#define _(String)
GNU gettext support macro.
Definition: platform.h:181
Handle for an ego.
Definition: identity.h:245
void GNUNET_log_config_missing(enum GNUNET_ErrorType kind, const char *section, const char *option)
Log error message about missing configuration option.
static void calculate_pow_shutdown(void *cls)
Perform the proof-of-work calculation.
static struct GNUNET_REVOCATION_Handle * h
Handle for revocation.
static void calculate_pow(void *cls)
Perform the proof-of-work calculation.
#define GNUNET_log_strerror_file(level, cmd, filename)
Log an error message at log-level &#39;level&#39; that indicates a failure of the command &#39;cmd&#39; with the mess...
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_now(GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run as soon as possible.
Definition: scheduler.c:1280
an ECC signature using ECDSA
static int perform
Was "-p" specified?
Data needed to perform a revocation.
static void do_shutdown(void *cls)
Function run if the user aborts with CTRL-C.
static struct GNUNET_REVOCATION_Query * q
Handle for revocation query.
static char * test_ego
-t option.
#define GNUNET_SYSERR
Definition: gnunet_common.h:76
Handle for the key revocation query.
void GNUNET_IDENTITY_ego_get_public_key(const struct GNUNET_IDENTITY_Ego *ego, struct GNUNET_CRYPTO_EcdsaPublicKey *pk)
Get the identifier (public key) of an ego.
Definition: identity_api.c:568
#define GNUNET_memcmp(a, b)
Compare memory in a and b, where both must be of the same pointer type.
uint64_t pow
Proof of work (in NBO).
struct GNUNET_IDENTITY_EgoLookup * GNUNET_IDENTITY_ego_lookup(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *name, GNUNET_IDENTITY_EgoCallback cb, void *cb_cls)
Lookup an ego by name.
int GNUNET_CRYPTO_ecdsa_public_key_from_string(const char *enc, size_t enclen, struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Convert a string representing a public key to a public key.
Definition: crypto_ecc.c:466
#define GNUNET_PACKED
gcc-ism to get packed structs.
static char * revoke_ego
-R option
configuration data
Definition: configuration.c:85
static void print_revocation_result(void *cls, int is_valid)
Print the result from a revocation request.
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and ECDS...
struct GNUNET_GETOPT_CommandLineOption GNUNET_GETOPT_option_flag(char shortName, const char *name, const char *description, int *val)
Allow user to specify a flag (which internally means setting an integer to 1/GNUNET_YES/GNUNET_OK.
struct GNUNET_CRYPTO_EcdsaSignature sig
Revocation signature data.
Entry in list of pending tasks.
Definition: scheduler.c:134
struct GNUNET_REVOCATION_Query * GNUNET_REVOCATION_query(const struct GNUNET_CONFIGURATION_Handle *cfg, const struct GNUNET_CRYPTO_EcdsaPublicKey *key, GNUNET_REVOCATION_Callback func, void *func_cls)
Check if a key was revoked.
Handle for the key revocation operation.
int GNUNET_PROGRAM_run(int argc, char *const *argv, const char *binaryName, const char *binaryHelp, const struct GNUNET_GETOPT_CommandLineOption *options, GNUNET_PROGRAM_Main task, void *task_cls)
Run a standard GNUnet command startup sequence (initialize loggers and configuration, parse options).
Definition: program.c:367
static void perform_revocation(const struct RevocationData *rd)
Perform the revocation.
#define GNUNET_YES
Definition: gnunet_common.h:77
void GNUNET_REVOCATION_revoke_cancel(struct GNUNET_REVOCATION_Handle *h)
Cancel key revocation.
static unsigned long long matching_bits
Number of matching bits required for revocation.
ssize_t GNUNET_DISK_fn_read(const char *fn, void *result, size_t len)
Read the contents of a binary file into a buffer.
Definition: disk.c:794
#define GNUNET_free(ptr)
Wrapper around free.
#define gettext_noop(String)
Definition: gettext.h:69
int GNUNET_REVOCATION_check_pow(const struct GNUNET_CRYPTO_EcdsaPublicKey *key, uint64_t pow, unsigned int matching_bits)
Check if the given proof-of-work value would be acceptable for revoking the given key...
void * GNUNET_SCHEDULER_cancel(struct GNUNET_SCHEDULER_Task *task)
Cancel the task with the specified identifier.
Definition: scheduler.c:966