GNUnet  0.10.x
gnunet-revocation.c
Go to the documentation of this file.
1 /*
2  This file is part of GNUnet.
3  Copyright (C) 2013 GNUnet e.V.
4 
5  GNUnet is free software: you can redistribute it and/or modify it
6  under the terms of the GNU Affero General Public License as published
7  by the Free Software Foundation, either version 3 of the License,
8  or (at your option) any later version.
9 
10  GNUnet is distributed in the hope that it will be useful, but
11  WITHOUT ANY WARRANTY; without even the implied warranty of
12  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  Affero General Public License for more details.
14 
15  You should have received a copy of the GNU Affero General Public License
16  along with this program. If not, see <http://www.gnu.org/licenses/>.
17 
18  SPDX-License-Identifier: AGPL3.0-or-later
19 */
20 
26 #include "platform.h"
27 #include "gnunet_util_lib.h"
30 
31 
35 static int ret;
36 
40 static int perform;
41 
45 static char *filename;
46 
50 static char *revoke_ego;
51 
55 static char *test_ego;
56 
60 static struct GNUNET_REVOCATION_Query *q;
61 
65 static struct GNUNET_REVOCATION_Handle *h;
66 
71 
75 static const struct GNUNET_CONFIGURATION_Handle *cfg;
76 
80 static unsigned long long matching_bits;
81 
86 
87 
93 static void
94 do_shutdown (void *cls)
95 {
96  if (NULL != el)
97  {
99  el = NULL;
100  }
101  if (NULL != q)
102  {
104  q = NULL;
105  }
106  if (NULL != h)
107  {
109  h = NULL;
110  }
111 }
112 
113 
120 static void
122  int is_valid)
123 {
124  q = NULL;
125  switch (is_valid)
126  {
127  case GNUNET_YES:
128  FPRINTF (stdout,
129  _("Key `%s' is valid\n"),
130  test_ego);
131  break;
132  case GNUNET_NO:
133  FPRINTF (stdout,
134  _("Key `%s' has been revoked\n"),
135  test_ego);
136  break;
137  case GNUNET_SYSERR:
138  FPRINTF (stdout,
139  "%s",
140  _("Internal error\n"));
141  break;
142  default:
143  GNUNET_break (0);
144  break;
145  }
147 }
148 
149 
156 static void
158  int is_valid)
159 {
160  h = NULL;
161  switch (is_valid)
162  {
163  case GNUNET_YES:
164  if (NULL != revoke_ego)
165  FPRINTF (stdout,
166  _("Key for ego `%s' is still valid, revocation failed (!)\n"),
167  revoke_ego);
168  else
169  FPRINTF (stdout,
170  "%s",
171  _("Revocation failed (!)\n"));
172  break;
173  case GNUNET_NO:
174  if (NULL != revoke_ego)
175  FPRINTF (stdout,
176  _("Key for ego `%s' has been successfully revoked\n"),
177  revoke_ego);
178  else
179  FPRINTF (stdout,
180  "%s",
181  _("Revocation successful.\n"));
182  break;
183  case GNUNET_SYSERR:
184  FPRINTF (stdout,
185  "%s",
186  _("Internal error, key revocation might have failed\n"));
187  break;
188  default:
189  GNUNET_break (0);
190  break;
191  }
193 }
194 
195 
200 {
205 
210 
214  uint64_t pow GNUNET_PACKED;
215 };
216 
217 
221 static void
223 {
224  h = GNUNET_REVOCATION_revoke (cfg,
225  &rd->key,
226  &rd->sig,
227  rd->pow,
229  NULL);
230 }
231 
232 
239 static void
240 sync_rd (const struct RevocationData *rd)
241 {
242  if ( (NULL != filename) &&
243  (sizeof (struct RevocationData) ==
245  &rd,
246  sizeof (rd),
250  "write",
251  filename);
252 }
253 
254 
260 static void
262 {
263  struct RevocationData *rd = cls;
264 
265  if (NULL != pow_task)
266  {
267  GNUNET_SCHEDULER_cancel (pow_task);
268  pow_task = NULL;
269  }
270  sync_rd (rd);
271  GNUNET_free (rd);
272 }
273 
274 
280 static void
281 calculate_pow (void *cls)
282 {
283  struct RevocationData *rd = cls;
284 
285  /* store temporary results */
286  pow_task = NULL;
287  if (0 == (rd->pow % 128))
288  sync_rd (rd);
289  /* display progress estimate */
290  if ( (0 == ((1 << matching_bits) / 100 / 50)) ||
291  (0 == (rd->pow % ((1 << matching_bits) / 100 / 50))) )
292  FPRINTF (stderr, "%s", ".");
293  if ( (0 != rd->pow) &&
294  ( (0 == ((1 << matching_bits) / 100)) ||
295  (0 == (rd->pow % ((1 << matching_bits) / 100))) ) )
296  FPRINTF (stderr, " - @ %3u%% (estimate)\n",
297  (unsigned int) (rd->pow * 100) / (1 << matching_bits));
298  /* actually do POW calculation */
299  rd->pow++;
300  if (GNUNET_OK ==
302  rd->pow,
303  (unsigned int) matching_bits))
304  {
305  if ( (NULL != filename) &&
306  (sizeof (struct RevocationData) !=
308  rd,
309  sizeof (struct RevocationData),
313  "write",
314  filename);
315  if (perform)
316  {
317  perform_revocation (rd);
318  }
319  else
320  {
321  FPRINTF (stderr, "%s", "\n");
322  FPRINTF (stderr,
323  _("Revocation certificate for `%s' stored in `%s'\n"),
324  revoke_ego,
325  filename);
327  }
328  return;
329  }
331  rd);
332 }
333 
334 
341 static void
342 ego_callback (void *cls,
343  const struct GNUNET_IDENTITY_Ego *ego)
344 {
345  struct RevocationData *rd;
346  struct GNUNET_CRYPTO_EcdsaPublicKey key;
347 
348  el = NULL;
349  if (NULL == ego)
350  {
351  FPRINTF (stdout,
352  _("Ego `%s' not found.\n"),
353  revoke_ego);
355  return;
356  }
358  &key);
359  rd = GNUNET_new (struct RevocationData);
360  if ( (NULL != filename) &&
361  (GNUNET_YES ==
363  (sizeof (struct RevocationData) ==
365  rd,
366  sizeof (struct RevocationData))) )
367  {
368  if (0 != GNUNET_memcmp (&rd->key,
369  &key))
370  {
371  fprintf (stderr,
372  _("Error: revocation certificate in `%s' is not for `%s'\n"),
373  filename,
374  revoke_ego);
375  GNUNET_free (rd);
376  return;
377  }
378  }
379  else
380  {
382  &rd->sig);
383  rd->key = key;
384  }
385  if (GNUNET_YES ==
387  rd->pow,
388  (unsigned int) matching_bits))
389  {
390  FPRINTF (stderr,
391  "%s",
392  _("Revocation certificate ready\n"));
393  if (perform)
394  perform_revocation (rd);
395  else
397  GNUNET_free (rd);
398  return;
399  }
400  FPRINTF (stderr,
401  "%s",
402  _("Revocation certificate not ready, calculating proof of work\n"));
404  rd);
406  rd);
407 }
408 
409 
418 static void
419 run (void *cls,
420  char *const *args,
421  const char *cfgfile,
422  const struct GNUNET_CONFIGURATION_Handle *c)
423 {
425  struct RevocationData rd;
426 
427  cfg = c;
428  if (NULL != test_ego)
429  {
430  if (GNUNET_OK !=
432  strlen (test_ego),
433  &pk))
434  {
435  FPRINTF (stderr,
436  _("Public key `%s' malformed\n"),
437  test_ego);
438  return;
439  }
441  NULL);
442  q = GNUNET_REVOCATION_query (cfg,
443  &pk,
445  NULL);
446  if (NULL != revoke_ego)
447  FPRINTF (stderr,
448  "%s",
449  _("Testing and revoking at the same time is not allowed, only executing test.\n"));
450  return;
451  }
452  if (GNUNET_OK !=
454  "REVOCATION",
455  "WORKBITS",
456  &matching_bits))
457  {
459  "REVOCATION",
460  "WORKBITS");
461  return;
462  }
463  if (NULL != revoke_ego)
464  {
465  if ( !perform && (NULL == filename) )
466  {
467  FPRINTF (stderr,
468  "%s",
469  _("No filename to store revocation certificate given.\n"));
470  return;
471  }
472  /* main code here */
473  el = GNUNET_IDENTITY_ego_lookup (cfg,
474  revoke_ego,
475  &ego_callback,
476  NULL);
478  NULL);
479  return;
480  }
481  if ( (NULL != filename) &&
482  (perform) )
483  {
484  if (sizeof (rd) !=
486  &rd,
487  sizeof (rd)))
488  {
489  fprintf (stderr,
490  _("Failed to read revocation certificate from `%s'\n"),
491  filename);
492  return;
493  }
495  NULL);
496  if (GNUNET_YES !=
498  rd.pow,
499  (unsigned int) matching_bits))
500  {
501  struct RevocationData *cp = GNUNET_new (struct RevocationData);
502 
503  *cp = rd;
505  cp);
507  cp);
508  return;
509  }
510  perform_revocation (&rd);
511  return;
512  }
513  FPRINTF (stderr,
514  "%s",
515  _("No action specified. Nothing to do.\n"));
516 }
517 
518 
526 int
527 main (int argc, char *const *argv)
528 {
529  struct GNUNET_GETOPT_CommandLineOption options[] = {
530 
532  "filename",
533  "NAME",
534  gettext_noop ("use NAME for the name of the revocation file"),
535  &filename),
536 
538  "revoke",
539  "NAME",
540  gettext_noop ("revoke the private key associated for the the private key associated with the ego NAME "),
541  &revoke_ego),
542 
544  "perform",
545  gettext_noop ("actually perform revocation, otherwise we just do the precomputation"),
546  &perform),
547 
549  "test",
550  "KEY",
551  gettext_noop ("test if the public key KEY has been revoked"),
552  &test_ego),
553 
555  };
556  if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
557  return 2;
558 
559  ret = (GNUNET_OK ==
560  GNUNET_PROGRAM_run (argc, argv, "gnunet-revocation",
561  gettext_noop ("help text"), options, &run,
562  NULL)) ? ret : 1;
563  GNUNET_free ((void*) argv);
564  return ret;
565 }
566 
567 /* end of gnunet-revocation.c */
int GNUNET_DISK_file_test(const char *fil)
Check that fil corresponds to a filename (of a file that exists and that is not a directory)...
Definition: disk.c:669
static struct GNUNET_IDENTITY_EgoLookup * el
Handle for our ego lookup.
static void sync_rd(const struct RevocationData *rd)
Write the current state of the revocation data to disk.
void GNUNET_REVOCATION_query_cancel(struct GNUNET_REVOCATION_Query *q)
Cancel key revocation check.
void GNUNET_IDENTITY_ego_lookup_cancel(struct GNUNET_IDENTITY_EgoLookup *el)
Abort ego lookup attempt.
Handle for ego lookup.
int GNUNET_CONFIGURATION_get_value_number(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *section, const char *option, unsigned long long *number)
Get a configuration value that should be a number.
static const struct GNUNET_CONFIGURATION_Handle * cfg
Our configuration.
struct GNUNET_REVOCATION_Handle * GNUNET_REVOCATION_revoke(const struct GNUNET_CONFIGURATION_Handle *cfg, const struct GNUNET_CRYPTO_EcdsaPublicKey *key, const struct GNUNET_CRYPTO_EcdsaSignature *sig, uint64_t pow, GNUNET_REVOCATION_Callback func, void *func_cls)
Perform key revocation.
static char * filename
-f option.
static int ret
Final status code.
#define FPRINTF
Definition: plibc.h:683
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_shutdown(GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run on shutdown, that is when a CTRL-C signal is received, or when GNUNET_SCHEDULER_shutdown() is being invoked.
Definition: scheduler.c:1293
void GNUNET_REVOCATION_sign_revocation(const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, struct GNUNET_CRYPTO_EcdsaSignature *sig)
Create a revocation signature.
int GNUNET_STRINGS_get_utf8_args(int argc, char *const *argv, int *u8argc, char *const **u8argv)
Returns utf-8 encoded arguments.
Definition: strings.c:1521
static void ego_callback(void *cls, const struct GNUNET_IDENTITY_Ego *ego)
Function called with the result from the ego lookup.
const struct GNUNET_CRYPTO_EcdsaPrivateKey * GNUNET_IDENTITY_ego_get_private_key(const struct GNUNET_IDENTITY_Ego *ego)
Obtain the ECC key associated with a ego.
Definition: identity_api.c:556
#define GNUNET_NO
Definition: gnunet_common.h:81
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:78
struct GNUNET_CRYPTO_EcdsaPublicKey key
Public key.
int main(int argc, char *const *argv)
The main function of gnunet-revocation.
#define GNUNET_new(type)
Allocate a struct or union of the given type.
Definition of a command line option.
void GNUNET_SCHEDULER_shutdown(void)
Request the shutdown of a scheduler.
Definition: scheduler.c:524
static void print_query_result(void *cls, int is_valid)
Print the result from a revocation query.
static struct GNUNET_SCHEDULER_Task * pow_task
Task used for proof-of-work calculation.
ssize_t GNUNET_DISK_fn_write(const char *fn, const void *buffer, size_t n, enum GNUNET_DISK_AccessPermissions mode)
Write a buffer to a file.
Definition: disk.c:1203
static void run(void *cls, char *const *args, const char *cfgfile, const struct GNUNET_CONFIGURATION_Handle *c)
Main function that will be run by the scheduler.
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
struct GNUNET_GETOPT_CommandLineOption GNUNET_GETOPT_OPTION_END
Definition: 002.c:13
struct GNUNET_GETOPT_CommandLineOption GNUNET_GETOPT_option_string(char shortName, const char *name, const char *argumentHelp, const char *description, char **str)
Allow user to specify a string.
#define _(String)
GNU gettext support macro.
Definition: platform.h:208
Handle for an ego.
Definition: identity.h:245
void GNUNET_log_config_missing(enum GNUNET_ErrorType kind, const char *section, const char *option)
Log error message about missing configuration option.
static void calculate_pow_shutdown(void *cls)
Perform the proof-of-work calculation.
static struct GNUNET_REVOCATION_Handle * h
Handle for revocation.
static void calculate_pow(void *cls)
Perform the proof-of-work calculation.
#define GNUNET_log_strerror_file(level, cmd, filename)
Log an error message at log-level &#39;level&#39; that indicates a failure of the command &#39;cmd&#39; with the mess...
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_now(GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run as soon as possible.
Definition: scheduler.c:1273
an ECC signature using ECDSA
static int perform
Was "-p" specified?
Data needed to perform a revocation.
static void do_shutdown(void *cls)
Function run if the user aborts with CTRL-C.
static struct GNUNET_REVOCATION_Query * q
Handle for revocation query.
static char * test_ego
-t option.
#define GNUNET_SYSERR
Definition: gnunet_common.h:79
Handle for the key revocation query.
void GNUNET_IDENTITY_ego_get_public_key(const struct GNUNET_IDENTITY_Ego *ego, struct GNUNET_CRYPTO_EcdsaPublicKey *pk)
Get the identifier (public key) of an ego.
Definition: identity_api.c:569
#define GNUNET_memcmp(a, b)
Compare memory in a and b, where both must be of the same pointer type.
uint64_t pow
Proof of work (in NBO).
struct GNUNET_IDENTITY_EgoLookup * GNUNET_IDENTITY_ego_lookup(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *name, GNUNET_IDENTITY_EgoCallback cb, void *cb_cls)
Lookup an ego by name.
int GNUNET_CRYPTO_ecdsa_public_key_from_string(const char *enc, size_t enclen, struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Convert a string representing a public key to a public key.
Definition: crypto_ecc.c:468
#define GNUNET_PACKED
gcc-ism to get packed structs.
static char * revoke_ego
-R option
configuration data
Definition: configuration.c:85
static void print_revocation_result(void *cls, int is_valid)
Print the result from a revocation request.
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and ECDS...
struct GNUNET_GETOPT_CommandLineOption GNUNET_GETOPT_option_flag(char shortName, const char *name, const char *description, int *val)
Allow user to specify a flag (which internally means setting an integer to 1/GNUNET_YES/GNUNET_OK.
struct GNUNET_CRYPTO_EcdsaSignature sig
Revocation signature data.
Entry in list of pending tasks.
Definition: scheduler.c:134
struct GNUNET_REVOCATION_Query * GNUNET_REVOCATION_query(const struct GNUNET_CONFIGURATION_Handle *cfg, const struct GNUNET_CRYPTO_EcdsaPublicKey *key, GNUNET_REVOCATION_Callback func, void *func_cls)
Check if a key was revoked.
Handle for the key revocation operation.
int GNUNET_PROGRAM_run(int argc, char *const *argv, const char *binaryName, const char *binaryHelp, const struct GNUNET_GETOPT_CommandLineOption *options, GNUNET_PROGRAM_Main task, void *task_cls)
Run a standard GNUnet command startup sequence (initialize loggers and configuration, parse options).
Definition: program.c:361
static void perform_revocation(const struct RevocationData *rd)
Perform the revocation.
#define GNUNET_YES
Definition: gnunet_common.h:80
void GNUNET_REVOCATION_revoke_cancel(struct GNUNET_REVOCATION_Handle *h)
Cancel key revocation.
static unsigned long long matching_bits
Number of matching bits required for revocation.
ssize_t GNUNET_DISK_fn_read(const char *fn, void *result, size_t len)
Read the contents of a binary file into a buffer.
Definition: disk.c:1019
#define GNUNET_free(ptr)
Wrapper around free.
#define gettext_noop(String)
Definition: gettext.h:69
int GNUNET_REVOCATION_check_pow(const struct GNUNET_CRYPTO_EcdsaPublicKey *key, uint64_t pow, unsigned int matching_bits)
Check if the given proof-of-work value would be acceptable for revoking the given key...
void * GNUNET_SCHEDULER_cancel(struct GNUNET_SCHEDULER_Task *task)
Cancel the task with the specified identifier.
Definition: scheduler.c:965