diff options
author | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2016-12-02 17:29:08 +0100 |
---|---|---|
committer | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2016-12-02 17:29:08 +0100 |
commit | 646723dd495657a184d1f7e439f4958a72bee1df (patch) | |
tree | 77df41a043da4fd8cf1ad5449d11362c427df619 /src/credential/gnunet-credential.c | |
parent | 59f9630b8be3dcde087a4ef6956217704d0dacb4 (diff) | |
download | gnunet-646723dd495657a184d1f7e439f4958a72bee1df.tar.gz gnunet-646723dd495657a184d1f7e439f4958a72bee1df.zip |
- add verify and issue to cli
Diffstat (limited to 'src/credential/gnunet-credential.c')
-rw-r--r-- | src/credential/gnunet-credential.c | 139 |
1 files changed, 122 insertions, 17 deletions
diff --git a/src/credential/gnunet-credential.c b/src/credential/gnunet-credential.c index bfd4223ba..eaad6d5cf 100644 --- a/src/credential/gnunet-credential.c +++ b/src/credential/gnunet-credential.c | |||
@@ -25,6 +25,7 @@ | |||
25 | #include "platform.h" | 25 | #include "platform.h" |
26 | #include <gnunet_util_lib.h> | 26 | #include <gnunet_util_lib.h> |
27 | #include <gnunet_credential_service.h> | 27 | #include <gnunet_credential_service.h> |
28 | #include <gnunet_gnsrecord_lib.h> | ||
28 | 29 | ||
29 | /** | 30 | /** |
30 | * Configuration we are using. | 31 | * Configuration we are using. |
@@ -32,6 +33,11 @@ | |||
32 | static const struct GNUNET_CONFIGURATION_Handle *cfg; | 33 | static const struct GNUNET_CONFIGURATION_Handle *cfg; |
33 | 34 | ||
34 | /** | 35 | /** |
36 | * EgoLookup | ||
37 | */ | ||
38 | static struct GNUNET_IDENTITY_EgoLookup *el; | ||
39 | |||
40 | /** | ||
35 | * Handle to Credential service. | 41 | * Handle to Credential service. |
36 | */ | 42 | */ |
37 | static struct GNUNET_CREDENTIAL_Handle *credential; | 43 | static struct GNUNET_CREDENTIAL_Handle *credential; |
@@ -62,15 +68,41 @@ static char *subject_key; | |||
62 | static char *subject_credential; | 68 | static char *subject_credential; |
63 | 69 | ||
64 | /** | 70 | /** |
71 | * Subject key | ||
72 | */ | ||
73 | struct GNUNET_CRYPTO_EcdsaPublicKey subject_pkey; | ||
74 | |||
75 | /** | ||
76 | * Issuer key | ||
77 | */ | ||
78 | struct GNUNET_CRYPTO_EcdsaPublicKey issuer_pkey; | ||
79 | |||
80 | |||
81 | /** | ||
65 | * Issuer pubkey string | 82 | * Issuer pubkey string |
66 | */ | 83 | */ |
67 | static char *issuer_key; | 84 | static char *issuer_key; |
68 | 85 | ||
69 | /** | 86 | /** |
87 | * Issuer ego | ||
88 | */ | ||
89 | static char *issuer_ego_name; | ||
90 | |||
91 | /** | ||
70 | * Issuer attribute | 92 | * Issuer attribute |
71 | */ | 93 | */ |
72 | static char *issuer_attr; | 94 | static char *issuer_attr; |
73 | 95 | ||
96 | /** | ||
97 | * Verify mode | ||
98 | */ | ||
99 | static uint32_t verify; | ||
100 | |||
101 | /** | ||
102 | * Issue mode | ||
103 | */ | ||
104 | static uint32_t create_cred; | ||
105 | |||
74 | 106 | ||
75 | /** | 107 | /** |
76 | * Task run on shutdown. Cleans up everything. | 108 | * Task run on shutdown. Cleans up everything. |
@@ -135,6 +167,45 @@ handle_verify_result (void *cls, | |||
135 | GNUNET_SCHEDULER_shutdown (); | 167 | GNUNET_SCHEDULER_shutdown (); |
136 | } | 168 | } |
137 | 169 | ||
170 | /** | ||
171 | * Callback invoked from identity service with ego information. | ||
172 | * An @a ego of NULL means the ego was not found. | ||
173 | * | ||
174 | * @param cls closure with the configuration | ||
175 | * @param ego an ego known to identity service, or NULL | ||
176 | */ | ||
177 | static void | ||
178 | identity_cb (void *cls, | ||
179 | const struct GNUNET_IDENTITY_Ego *ego) | ||
180 | { | ||
181 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *privkey; | ||
182 | struct GNUNET_CREDENTIAL_CredentialRecordData *crd; | ||
183 | |||
184 | el = NULL; | ||
185 | if (NULL == ego) | ||
186 | { | ||
187 | if (NULL != issuer_ego_name) | ||
188 | { | ||
189 | fprintf (stderr, | ||
190 | _("Ego `%s' not known to identity service\n"), | ||
191 | issuer_ego_name); | ||
192 | } | ||
193 | GNUNET_SCHEDULER_shutdown (); | ||
194 | return; | ||
195 | } | ||
196 | privkey = GNUNET_IDENTITY_ego_get_private_key (ego); | ||
197 | GNUNET_free_non_null (issuer_ego_name); | ||
198 | issuer_ego_name = NULL; | ||
199 | crd = GNUNET_CREDENTIAL_issue (credential, | ||
200 | privkey, | ||
201 | &subject_pkey, | ||
202 | issuer_attr); | ||
203 | printf ("Success.\n"); | ||
204 | printf (GNUNET_GNSRECORD_value_to_string (GNUNET_GNSRECORD_TYPE_CREDENTIAL, | ||
205 | crd, | ||
206 | sizeof (crd) + strlen (issuer_attr) + 1)); | ||
207 | } | ||
208 | |||
138 | 209 | ||
139 | 210 | ||
140 | 211 | ||
@@ -162,39 +233,53 @@ run (void *cls, | |||
162 | _("Failed to connect to CREDENTIAL\n")); | 233 | _("Failed to connect to CREDENTIAL\n")); |
163 | return; | 234 | return; |
164 | } | 235 | } |
236 | |||
237 | |||
238 | |||
165 | tt = GNUNET_SCHEDULER_add_delayed (timeout, | 239 | tt = GNUNET_SCHEDULER_add_delayed (timeout, |
166 | &do_timeout, NULL); | 240 | &do_timeout, NULL); |
167 | GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL); | 241 | GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL); |
168 | 242 | ||
169 | 243 | ||
170 | 244 | ||
171 | struct GNUNET_CRYPTO_EcdsaPublicKey subject_pkey; | 245 | if (NULL == subject_key) |
172 | struct GNUNET_CRYPTO_EcdsaPublicKey issuer_pkey; | 246 | { |
247 | fprintf (stderr, | ||
248 | _("Subject public key needed\n")); | ||
249 | GNUNET_SCHEDULER_shutdown (); | ||
250 | return; | ||
173 | 251 | ||
174 | if (NULL != subject_key && NULL != issuer_key) | 252 | } |
253 | if (GNUNET_OK != | ||
254 | GNUNET_CRYPTO_ecdsa_public_key_from_string (subject_key, | ||
255 | strlen (subject_key), | ||
256 | &subject_pkey)) | ||
175 | { | 257 | { |
176 | if (GNUNET_OK != | 258 | fprintf (stderr, |
177 | GNUNET_CRYPTO_ecdsa_public_key_from_string (subject_key, | 259 | _("Subject public key `%s' is not well-formed\n"), |
178 | strlen (subject_key), | 260 | subject_key); |
179 | &subject_pkey)) | 261 | GNUNET_SCHEDULER_shutdown (); |
262 | return; | ||
263 | } | ||
264 | |||
265 | if (GNUNET_YES == verify) { | ||
266 | if (NULL == issuer_key) | ||
180 | { | 267 | { |
181 | fprintf (stderr, | 268 | fprintf (stderr, |
182 | _("Subject public key `%s' is not well-formed\n"), | 269 | _("Issuer public key not well-formed\n")); |
183 | subject_key); | ||
184 | GNUNET_SCHEDULER_shutdown (); | 270 | GNUNET_SCHEDULER_shutdown (); |
185 | return; | 271 | return; |
186 | } | ||
187 | 272 | ||
273 | } | ||
188 | if (GNUNET_OK != | 274 | if (GNUNET_OK != |
189 | GNUNET_CRYPTO_ecdsa_public_key_from_string (issuer_key, | 275 | GNUNET_CRYPTO_ecdsa_public_key_from_string (issuer_key, |
190 | strlen (issuer_key), | 276 | strlen (issuer_key), |
191 | &issuer_pkey)) | 277 | &issuer_pkey)) |
192 | { | 278 | { |
193 | fprintf (stderr, | 279 | fprintf (stderr, |
194 | _("Authority public key `%s' is not well-formed\n"), | 280 | _("Issuer public key `%s' is not well-formed\n"), |
195 | issuer_key); | 281 | issuer_key); |
196 | GNUNET_SCHEDULER_shutdown (); | 282 | GNUNET_SCHEDULER_shutdown (); |
197 | return; | ||
198 | } | 283 | } |
199 | 284 | ||
200 | verify_request = GNUNET_CREDENTIAL_verify(credential, | 285 | verify_request = GNUNET_CREDENTIAL_verify(credential, |
@@ -204,15 +289,26 @@ run (void *cls, | |||
204 | subject_credential, | 289 | subject_credential, |
205 | &handle_verify_result, | 290 | &handle_verify_result, |
206 | NULL); | 291 | NULL); |
292 | } else if (GNUNET_YES == create_cred) { | ||
293 | if (NULL == issuer_ego_name) | ||
294 | { | ||
295 | fprintf (stderr, | ||
296 | _("Issuer ego required\n")); | ||
297 | GNUNET_SCHEDULER_shutdown (); | ||
298 | return; | ||
299 | |||
300 | } | ||
301 | el = GNUNET_IDENTITY_ego_lookup (cfg, | ||
302 | issuer_ego_name, | ||
303 | &identity_cb, | ||
304 | (void *) cfg); | ||
207 | return; | 305 | return; |
208 | } | 306 | } else { |
209 | else | ||
210 | { | ||
211 | fprintf (stderr, | 307 | fprintf (stderr, |
212 | _("Please specify name to lookup, subject key and issuer key!\n")); | 308 | _("Please specify name to lookup, subject key and issuer key!\n")); |
213 | GNUNET_SCHEDULER_shutdown (); | 309 | GNUNET_SCHEDULER_shutdown (); |
214 | return; | ||
215 | } | 310 | } |
311 | return; | ||
216 | } | 312 | } |
217 | 313 | ||
218 | 314 | ||
@@ -227,6 +323,12 @@ int | |||
227 | main (int argc, char *const *argv) | 323 | main (int argc, char *const *argv) |
228 | { | 324 | { |
229 | static const struct GNUNET_GETOPT_CommandLineOption options[] = { | 325 | static const struct GNUNET_GETOPT_CommandLineOption options[] = { |
326 | {'I', "issue", NULL, | ||
327 | gettext_noop ("create credential"), 0, | ||
328 | &GNUNET_GETOPT_set_one, &create_cred}, | ||
329 | {'V', "verify", NULL, | ||
330 | gettext_noop ("verify credential against attribute"), 0, | ||
331 | &GNUNET_GETOPT_set_one, &verify}, | ||
230 | {'s', "subject", "PKEY", | 332 | {'s', "subject", "PKEY", |
231 | gettext_noop ("The public key of the subject to lookup the credential for"), 1, | 333 | gettext_noop ("The public key of the subject to lookup the credential for"), 1, |
232 | &GNUNET_GETOPT_set_string, &subject_key}, | 334 | &GNUNET_GETOPT_set_string, &subject_key}, |
@@ -236,8 +338,11 @@ main (int argc, char *const *argv) | |||
236 | {'i', "issuer", "PKEY", | 338 | {'i', "issuer", "PKEY", |
237 | gettext_noop ("The public key of the authority to verify the credential against"), 1, | 339 | gettext_noop ("The public key of the authority to verify the credential against"), 1, |
238 | &GNUNET_GETOPT_set_string, &issuer_key}, | 340 | &GNUNET_GETOPT_set_string, &issuer_key}, |
341 | {'e', "ego", "EGO", | ||
342 | gettext_noop ("The ego to use to issue"), 1, | ||
343 | &GNUNET_GETOPT_set_string, &issuer_ego_name}, | ||
239 | {'a', "attribute", "ATTR", | 344 | {'a', "attribute", "ATTR", |
240 | gettext_noop ("The issuer attribute to verify against"), 1, | 345 | gettext_noop ("The issuer attribute to verify against or to issue"), 1, |
241 | &GNUNET_GETOPT_set_string, &issuer_attr}, | 346 | &GNUNET_GETOPT_set_string, &issuer_attr}, |
242 | GNUNET_GETOPT_OPTION_END | 347 | GNUNET_GETOPT_OPTION_END |
243 | }; | 348 | }; |