aboutsummaryrefslogtreecommitdiff
path: root/src/credential/gnunet-credential.c
diff options
context:
space:
mode:
authorAndreas Ebner <pansy007@googlemail.com>2019-06-25 15:21:12 +0200
committerSchanzenbach, Martin <mschanzenbach@posteo.de>2019-10-07 12:15:06 +0200
commitd2634b1f96dfd55ae4daef294bb6c05d687354c8 (patch)
tree85250438ba58e5c33c30003bde8e4a6bccf13ca8 /src/credential/gnunet-credential.c
parent921b03e4cee5653083e61de42ced85a7278647b2 (diff)
downloadgnunet-d2634b1f96dfd55ae4daef294bb6c05d687354c8.tar.gz
gnunet-d2634b1f96dfd55ae4daef294bb6c05d687354c8.zip
Handle all credential storage via credential service, prepared for subject side storage
- new commandline parameters - new gns record type: DELEGATE for subject side storage - credential connection to namestore - store all credentials via credential service (replacing namestore) - stable, but experimental implementation, atm just using existing methods, next step: introduce own methods and replace/rename existing variables
Diffstat (limited to 'src/credential/gnunet-credential.c')
-rw-r--r--src/credential/gnunet-credential.c736
1 files changed, 648 insertions, 88 deletions
diff --git a/src/credential/gnunet-credential.c b/src/credential/gnunet-credential.c
index 0558ca5fc..35fa6ff8a 100644
--- a/src/credential/gnunet-credential.c
+++ b/src/credential/gnunet-credential.c
@@ -11,12 +11,12 @@
11 WITHOUT ANY WARRANTY; without even the implied warranty of 11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details. 13 Affero General Public License for more details.
14 14
15 You should have received a copy of the GNU Affero General Public License 15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>. 16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17 17
18 SPDX-License-Identifier: AGPL3.0-or-later 18 SPDX-License-Identifier: AGPL3.0-or-later
19 */ 19*/
20/** 20/**
21 * @file gnunet-credential.c 21 * @file gnunet-credential.c
22 * @brief command line tool to access command line Credential service 22 * @brief command line tool to access command line Credential service
@@ -26,6 +26,7 @@
26#include <gnunet_util_lib.h> 26#include <gnunet_util_lib.h>
27#include <gnunet_credential_service.h> 27#include <gnunet_credential_service.h>
28#include <gnunet_gnsrecord_lib.h> 28#include <gnunet_gnsrecord_lib.h>
29#include <gnunet_namestore_service.h>
29#include "credential_misc.h" 30#include "credential_misc.h"
30#include "credential_serialization.h" 31#include "credential_serialization.h"
31 32
@@ -35,6 +36,16 @@
35static const struct GNUNET_CONFIGURATION_Handle *cfg; 36static const struct GNUNET_CONFIGURATION_Handle *cfg;
36 37
37/** 38/**
39 * Handle to the namestore.
40 */
41static struct GNUNET_NAMESTORE_Handle *ns;
42
43/**
44 * Private key for the our zone.
45 */
46static struct GNUNET_CRYPTO_EcdsaPrivateKey zone_pkey;
47
48/**
38 * EgoLookup 49 * EgoLookup
39 */ 50 */
40static struct GNUNET_IDENTITY_EgoLookup *el; 51static struct GNUNET_IDENTITY_EgoLookup *el;
@@ -121,6 +132,65 @@ static int create_cred;
121static int collect; 132static int collect;
122 133
123/** 134/**
135 * Create mode
136 */
137static int create_is;
138
139/**
140 * Create mode
141 */
142static int create_ss;
143
144/**
145 * Create mode
146 */
147static int sign_ss;
148
149/**
150 * Add mode
151 */
152static int add_iss;
153
154/**
155 * Signed issue credentials
156 */
157static char *extension;
158
159/**
160 * Queue entry for the 'add' operation.
161 */
162static struct GNUNET_NAMESTORE_QueueEntry *add_qe;
163
164/**
165 * Value in binary format.
166 */
167static void *data;
168
169/**
170 * Number of bytes in #data.
171 */
172static size_t data_size;
173
174/**
175 * Type string converted to DNS type value.
176 */
177static uint32_t type;
178
179/**
180 * Type of the record to add/remove, NULL to remove all.
181 */
182static char *typestring;
183/**
184 * Expiration string converted to numeric value.
185 */
186static uint64_t etime;
187
188/**
189 * Is expiration time relative or absolute time?
190 */
191static int etime_is_rel = GNUNET_SYSERR;
192
193/**
124 * Task run on shutdown. Cleans up everything. 194 * Task run on shutdown. Cleans up everything.
125 * 195 *
126 * @param cls unused 196 * @param cls unused
@@ -143,6 +213,21 @@ do_shutdown (void *cls)
143 GNUNET_SCHEDULER_cancel (tt); 213 GNUNET_SCHEDULER_cancel (tt);
144 tt = NULL; 214 tt = NULL;
145 } 215 }
216 if (NULL != el)
217 {
218 GNUNET_IDENTITY_ego_lookup_cancel (el);
219 el = NULL;
220 }
221 if (NULL != add_qe)
222 {
223 GNUNET_NAMESTORE_cancel (add_qe);
224 add_qe = NULL;
225 }
226 if (NULL != ns)
227 {
228 GNUNET_NAMESTORE_disconnect (ns);
229 ns = NULL;
230 }
146} 231}
147 232
148 233
@@ -160,18 +245,18 @@ do_timeout (void *cls)
160 245
161static void 246static void
162handle_collect_result (void *cls, 247handle_collect_result (void *cls,
163 unsigned int d_count, 248 unsigned int d_count,
164 struct GNUNET_CREDENTIAL_Delegation *dc, 249 struct GNUNET_CREDENTIAL_Delegation *dc,
165 unsigned int c_count, 250 unsigned int c_count,
166 struct GNUNET_CREDENTIAL_Credential *cred) 251 struct GNUNET_CREDENTIAL_Credential *cred)
167{ 252{
168 int i; 253 int i;
169 char*line; 254 char* line;
170 255
171 verify_request = NULL; 256 verify_request = NULL;
172 if (NULL != cred) 257 if (NULL != cred)
173 { 258 {
174 for (i = 0; i < c_count; i++) 259 for (i=0;i<c_count;i++)
175 { 260 {
176 line = GNUNET_CREDENTIAL_credential_to_string (&cred[i]); 261 line = GNUNET_CREDENTIAL_credential_to_string (&cred[i]);
177 printf ("%s\n", 262 printf ("%s\n",
@@ -193,16 +278,16 @@ handle_verify_result (void *cls,
193 struct GNUNET_CREDENTIAL_Credential *cred) 278 struct GNUNET_CREDENTIAL_Credential *cred)
194{ 279{
195 int i; 280 int i;
196 char*iss_key; 281 char* iss_key;
197 char*sub_key; 282 char* sub_key;
198 283
199 verify_request = NULL; 284 verify_request = NULL;
200 if (NULL == cred) 285 if (NULL == cred)
201 printf ("Failed.\n"); 286 printf ("Failed.\n");
202 else 287 else
203 { 288 {
204 printf ("Delegation Chain:\n"); 289 printf("Delegation Chain:\n");
205 for (i = 0; i < d_count; i++) 290 for (i=0;i<d_count;i++)
206 { 291 {
207 iss_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dc[i].issuer_key); 292 iss_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dc[i].issuer_key);
208 sub_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dc[i].subject_key); 293 sub_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dc[i].subject_key);
@@ -211,9 +296,7 @@ handle_verify_result (void *cls,
211 printf ("(%d) %s.%s <- %s.%s\n", i, 296 printf ("(%d) %s.%s <- %s.%s\n", i,
212 iss_key, dc[i].issuer_attribute, 297 iss_key, dc[i].issuer_attribute,
213 sub_key, dc[i].subject_attribute); 298 sub_key, dc[i].subject_attribute);
214 } 299 } else {
215 else
216 {
217 printf ("(%d) %s.%s <- %s\n", i, 300 printf ("(%d) %s.%s <- %s\n", i,
218 iss_key, dc[i].issuer_attribute, 301 iss_key, dc[i].issuer_attribute,
219 sub_key); 302 sub_key);
@@ -221,8 +304,8 @@ handle_verify_result (void *cls,
221 GNUNET_free (iss_key); 304 GNUNET_free (iss_key);
222 GNUNET_free (sub_key); 305 GNUNET_free (sub_key);
223 } 306 }
224 printf ("\nCredentials:\n"); 307 printf("\nCredentials:\n");
225 for (i = 0; i < c_count; i++) 308 for (i=0;i<c_count;i++)
226 { 309 {
227 iss_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred[i].issuer_key); 310 iss_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred[i].issuer_key);
228 sub_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred[i].subject_key); 311 sub_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred[i].subject_key);
@@ -231,6 +314,7 @@ handle_verify_result (void *cls,
231 sub_key); 314 sub_key);
232 GNUNET_free (iss_key); 315 GNUNET_free (iss_key);
233 GNUNET_free (sub_key); 316 GNUNET_free (sub_key);
317
234 } 318 }
235 printf ("Successful.\n"); 319 printf ("Successful.\n");
236 } 320 }
@@ -262,7 +346,7 @@ identity_cb (void *cls,
262 if (NULL != ego_name) 346 if (NULL != ego_name)
263 { 347 {
264 fprintf (stderr, 348 fprintf (stderr,
265 _ ("Ego `%s' not known to identity service\n"), 349 _("Ego `%s' not known to identity service\n"),
266 ego_name); 350 ego_name);
267 } 351 }
268 GNUNET_SCHEDULER_shutdown (); 352 GNUNET_SCHEDULER_shutdown ();
@@ -271,28 +355,29 @@ identity_cb (void *cls,
271 355
272 if (GNUNET_YES == collect) 356 if (GNUNET_YES == collect)
273 { 357 {
358
274 if (GNUNET_OK != 359 if (GNUNET_OK !=
275 GNUNET_CRYPTO_ecdsa_public_key_from_string (issuer_key, 360 GNUNET_CRYPTO_ecdsa_public_key_from_string (issuer_key,
276 strlen (issuer_key), 361 strlen (issuer_key),
277 &issuer_pkey)) 362 &issuer_pkey))
278 { 363 {
279 fprintf (stderr, 364 fprintf (stderr,
280 _ ("Issuer public key `%s' is not well-formed\n"), 365 _("Issuer public key `%s' is not well-formed\n"),
281 issuer_key); 366 issuer_key);
282 GNUNET_SCHEDULER_shutdown (); 367 GNUNET_SCHEDULER_shutdown ();
283 } 368 }
284 privkey = GNUNET_IDENTITY_ego_get_private_key (ego); 369 privkey = GNUNET_IDENTITY_ego_get_private_key (ego);
285 370
286 collect_request = GNUNET_CREDENTIAL_collect (credential, 371 collect_request = GNUNET_CREDENTIAL_collect(credential,
287 &issuer_pkey, 372 &issuer_pkey,
288 issuer_attr, // TODO argument 373 issuer_attr, //TODO argument
289 privkey, 374 privkey,
290 &handle_collect_result, 375 &handle_collect_result,
291 NULL); 376 NULL);
292 return; 377 return;
293 } 378 }
294 379
295 // Else issue 380 //Else issue
296 381
297 if (NULL == expiration) 382 if (NULL == expiration)
298 { 383 {
@@ -300,14 +385,12 @@ identity_cb (void *cls,
300 "Please specify a TTL\n"); 385 "Please specify a TTL\n");
301 GNUNET_SCHEDULER_shutdown (); 386 GNUNET_SCHEDULER_shutdown ();
302 return; 387 return;
303 } 388 } else if (GNUNET_OK == GNUNET_STRINGS_fancy_time_to_relative (expiration,
304 else if (GNUNET_OK == GNUNET_STRINGS_fancy_time_to_relative (expiration, 389 &etime_rel))
305 &etime_rel))
306 { 390 {
307 etime_abs = GNUNET_TIME_relative_to_absolute (etime_rel); 391 etime_abs = GNUNET_TIME_relative_to_absolute (etime_rel);
308 } 392 } else if (GNUNET_OK != GNUNET_STRINGS_fancy_time_to_absolute (expiration,
309 else if (GNUNET_OK != GNUNET_STRINGS_fancy_time_to_absolute (expiration, 393 &etime_abs))
310 &etime_abs))
311 { 394 {
312 fprintf (stderr, 395 fprintf (stderr,
313 "%s is not a valid ttl!\n", 396 "%s is not a valid ttl!\n",
@@ -326,13 +409,393 @@ identity_cb (void *cls,
326 &etime_abs); 409 &etime_abs);
327 410
328 res = GNUNET_CREDENTIAL_credential_to_string (crd); 411 res = GNUNET_CREDENTIAL_credential_to_string (crd);
412 fprintf(stderr,"Cred: %s\n", res);
329 GNUNET_free (crd); 413 GNUNET_free (crd);
330 printf ("%s\n", res); 414 printf ("%s\n", res);
331 GNUNET_SCHEDULER_shutdown (); 415 GNUNET_SCHEDULER_shutdown ();
332} 416}
333 417
334 418
419static char
420*strtokm(char *str, const char *delim)
421{
422 static char *tok;
423 static char *next;
424 char *m;
425
426 if (delim == NULL) return NULL;
427
428 tok = (str) ? str : next;
429 if (tok == NULL) return NULL;
335 430
431 m = strstr(tok, delim);
432
433 if (m) {
434 next = m + strlen(delim);
435 *m = '\0';
436 } else {
437 next = NULL;
438 }
439
440 if (m == tok || *tok == '\0') return strtokm(NULL, delim);
441
442 return tok;
443}
444
445void topntail(char *str) {
446 size_t len = strlen(str);
447 // check if last char is a space, if yes: remove 2 chars at the end
448 if(str[len-1] == ' ')
449 {
450 len -= 1;
451 }
452 // remove first and last char
453 memmove(str, str+1, len-2);
454 str[len-2] = 0;
455}
456
457static int
458parse_cmdl_param(const char *extensionstring)
459{
460 fprintf(stderr, "Starting to parse extension string...\n");
461 fprintf(stderr, "string to parse: %s\n", extensionstring);
462
463 //Example:
464 //--ego=epub --attribute=aasds --subject=DKCC5SMTBNV6W3VXDJ7A1N1YS6TRG7B3XC2S5N4HSXJEYYRFRCCG basd --ttl=60m
465 //--extension=NVTQZA44336VHKCP2SA20BR6899T621B2PJKC3V730AKXC37T6M0.aasds -> DKCC5SMTBNV6W3VXDJ7A1N1YS6TRG7B3XC2S5N4HSXJEYYRFRCCG | D1NuT8hHEUbkCURo1lkcSPKhYiydhv4nMkV042kc9J4MgIhB2/fQKLgJUyuGlJKvYgXLf4jHXNRHJe+aCLG7jw== | 1561126006528100
466
467 //TODO: parse, wenn nicht als argument direkt geparsed werden kann
468
469 char cmd_para[100];
470 char para_str[1024];
471 char *token;
472 char *tmp_str;
473 int matches = 0;
474
475 tmp_str = GNUNET_strdup (extensionstring);
476 // use special strtok to match multiple characters
477 token = strtokm (tmp_str, "--");
478 while (NULL != token) {
479 // also fills the variables if "regex"-like match
480 fprintf(stderr, "TOKEN: %s\n", token);
481 // match everything till =, ignore = (%*c), match everything including whitespaces (required for the extension parameter)
482 matches = SSCANF (token, "%[^=]%*c%[^\n]", cmd_para, para_str);
483 // string not well formatted
484 if (0 == matches) {
485 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, ("Failed to parse to extensionstring.\n"));
486 GNUNET_SCHEDULER_shutdown ();
487 GNUNET_free (tmp_str);
488 return GNUNET_SYSERR;
489 } else {
490 fprintf(stderr,"Found command and parameter: %s %s\n", cmd_para, para_str);
491 // assign values to variables, topntail to remove trailing/leading "
492 if(strcmp(cmd_para, "ego") == 0) {
493 fprintf(stderr,"ego found and parsed\n");
494 topntail(para_str);
495 ego_name = GNUNET_strdup(para_str);
496 } else if(strcmp(cmd_para, "attribute") == 0) {
497 fprintf(stderr,"issuer found and parsed\n");
498 topntail(para_str);
499 issuer_attr = GNUNET_strdup(para_str);
500 } else if(strcmp(cmd_para, "subject") == 0) {
501 fprintf(stderr,"subject found and parsed\n");
502 topntail(para_str);
503 subject_key = GNUNET_strdup(para_str);
504 } else if(strcmp(cmd_para, "ttl") == 0) {
505 fprintf(stderr,"ttl found and parsed\n");
506 expiration = GNUNET_strdup(para_str);
507 } else if(strcmp(cmd_para, "extension") == 0) {
508 fprintf(stderr,"extension found and parsed\n");
509 topntail(para_str);
510 extension = GNUNET_strdup(para_str);
511 }
512 }
513 token = strtokm (NULL, "--");
514 }
515 GNUNET_free (tmp_str);
516
517 //return GNUNET_SYSERR;
518 return GNUNET_OK;
519}
520
521/**
522 * Parse expiration time.
523 *
524 * @param expirationstring text to parse
525 * @param etime_is_rel[out] set to #GNUNET_YES if time is relative
526 * @param etime[out] set to expiration time (abs or rel)
527 * @return #GNUNET_OK on success
528 */
529static int
530parse_expiration (const char *expirationstring,
531 int *etime_is_rel,
532 uint64_t *etime)
533{
534 // TODO just copied from gnunet-namestore.c
535 struct GNUNET_TIME_Relative etime_rel;
536 struct GNUNET_TIME_Absolute etime_abs;
537
538 if (0 == strcmp (expirationstring,
539 "never"))
540 {
541 *etime = GNUNET_TIME_UNIT_FOREVER_ABS.abs_value_us;
542 *etime_is_rel = GNUNET_NO;
543 return GNUNET_OK;
544 }
545 if (GNUNET_OK ==
546 GNUNET_STRINGS_fancy_time_to_relative (expirationstring,
547 &etime_rel))
548 {
549 *etime_is_rel = GNUNET_YES;
550 *etime = etime_rel.rel_value_us;
551 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
552 "Storing record with relative expiration time of %s\n",
553 GNUNET_STRINGS_relative_time_to_string (etime_rel,
554 GNUNET_NO));
555 return GNUNET_OK;
556 }
557 if (GNUNET_OK ==
558 GNUNET_STRINGS_fancy_time_to_absolute (expirationstring,
559 &etime_abs))
560 {
561 *etime_is_rel = GNUNET_NO;
562 *etime = etime_abs.abs_value_us;
563 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
564 "Storing record with absolute expiration time of %s\n",
565 GNUNET_STRINGS_absolute_time_to_string (etime_abs));
566 return GNUNET_OK;
567 }
568 return GNUNET_SYSERR;
569}
570
571/**
572 * Function called if lookup fails.
573 */
574static void
575error_cb (void *cls)
576{
577 // TODO: Better
578 fprintf(stderr, "In add_error_cb\n");
579 GNUNET_SCHEDULER_shutdown ();
580 return;
581}
582static void
583add_continuation (void *cls,
584 int32_t success,
585 const char *emsg)
586{
587 fprintf(stderr, "Start: add_continuation\n");
588
589 struct GNUNET_NAMESTORE_QueueEntry **qe = cls;
590 *qe = NULL;
591
592 GNUNET_SCHEDULER_shutdown ();
593}
594
595static void
596get_existing_record (void *cls,
597 const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone_key,
598 const char *rec_name,
599 unsigned int rd_count,
600 const struct GNUNET_GNSRECORD_Data *rd)
601{
602 struct GNUNET_GNSRECORD_Data rdn[rd_count + 1];
603 struct GNUNET_GNSRECORD_Data *rde;
604
605 fprintf(stderr, "Start: get_existing_record\n");
606
607 fprintf(stderr, "count: %d\n", rd_count);
608
609
610 memset (rdn, 0, sizeof (struct GNUNET_GNSRECORD_Data));
611 GNUNET_memcpy (&rdn[1],
612 rd,
613 rd_count * sizeof (struct GNUNET_GNSRECORD_Data));
614 rde = &rdn[0];
615 rde->data = data;
616 rde->data_size = data_size;
617 rde->record_type = type;
618 // TODO: flags
619 /*if (1 == is_shadow)
620 rde->flags |= GNUNET_GNSRECORD_RF_SHADOW_RECORD;
621 if (1 != is_public)
622 rde->flags |= GNUNET_GNSRECORD_RF_PRIVATE;*/
623 rde->expiration_time = etime;
624 if (GNUNET_YES == etime_is_rel)
625 rde->flags |= GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION;
626 else if (GNUNET_NO != etime_is_rel)
627 rde->expiration_time = GNUNET_TIME_UNIT_FOREVER_ABS.abs_value_us;
628 GNUNET_assert (NULL != rec_name);
629 add_qe = GNUNET_NAMESTORE_records_store (ns,
630 &zone_pkey,
631 rec_name,
632 rd_count + 1,
633 rde,
634 &add_continuation,
635 &add_qe);
636
637 return;
638}
639
640static void
641store_cb (void *cls,
642 const struct GNUNET_IDENTITY_Ego *ego)
643{
644 const struct GNUNET_CONFIGURATION_Handle *cfg = cls;
645 struct GNUNET_CRYPTO_EcdsaPublicKey pub;
646
647 fprintf(stderr, "Start: store_cb\n");
648
649 ns = GNUNET_NAMESTORE_connect (cfg);
650 if (NULL == ns)
651 {
652 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
653 _("Failed to connect to namestore\n"));
654 GNUNET_SCHEDULER_shutdown ();
655 return;
656 }
657
658 // Key handling
659 fprintf(stderr, "Connected to ns\n");
660 zone_pkey = *GNUNET_IDENTITY_ego_get_private_key (ego);
661 fprintf(stderr, "Got zone_pkey\n");
662 // TODO rename to zone_pub?
663 GNUNET_CRYPTO_ecdsa_key_get_public (&zone_pkey, &pub);
664
665 // Check relevant cmdline parameters
666 // name ⁼ issuer_attr
667 if (NULL == issuer_attr)
668 {
669 fprintf (stderr, "Missing option -attribute for operation 'create'.\n");
670 GNUNET_SCHEDULER_shutdown ();
671 return;
672 }
673
674 // TODO later, rename subject_key to subject
675 // value ⁼ subject_key
676 if (NULL == subject_key)
677 {
678 fprintf (stderr, "Missing option -subject for operation 'create'.'\n");
679 GNUNET_SCHEDULER_shutdown ();
680 return;
681 }
682
683 // String to value conversion for storage
684 if (GNUNET_OK != GNUNET_GNSRECORD_string_to_value (type,
685 subject_key,
686 &data,
687 &data_size))
688 {
689 fprintf (stderr, "Value `%s' invalid for record type `%s'\n",
690 subject_key,
691 typestring);
692 GNUNET_SCHEDULER_shutdown ();
693 return;
694 }
695 fprintf (stderr, "Data size: `%lu'\n", data_size);
696
697 // Take care of expiration
698
699 if (NULL == expiration)
700 {
701 fprintf (stderr, "Missing option -e for operation 'create'\n");
702 GNUNET_SCHEDULER_shutdown ();
703 return;
704 }
705 if (GNUNET_OK != parse_expiration (expiration,
706 &etime_is_rel,
707 &etime))
708 {
709 fprintf (stderr, "Invalid time format `%s'\n",
710 expiration);
711 GNUNET_SCHEDULER_shutdown ();
712 return;
713 }
714
715 // Start lookup
716 add_qe = GNUNET_NAMESTORE_records_lookup (ns,
717 &zone_pkey,
718 issuer_attr,
719 &error_cb,
720 NULL,
721 &get_existing_record,
722 NULL);
723 return;
724}
725
726static void
727sign_cb (void *cls,
728 const struct GNUNET_IDENTITY_Ego *ego)
729{
730 const struct GNUNET_CRYPTO_EcdsaPrivateKey *privkey;
731 struct GNUNET_CREDENTIAL_Credential *crd;
732 struct GNUNET_TIME_Absolute etime_abs;
733 struct GNUNET_TIME_Relative etime_rel;
734 char *res;
735
736 el = NULL;
737
738
739 // work on expiration time
740 if (NULL == expiration)
741 {
742 fprintf (stderr, "Please specify a TTL\n");
743 GNUNET_SCHEDULER_shutdown ();
744 return;
745 } else if (GNUNET_OK == GNUNET_STRINGS_fancy_time_to_relative (expiration, &etime_rel))
746 {
747 etime_abs = GNUNET_TIME_relative_to_absolute (etime_rel);
748 } else if (GNUNET_OK != GNUNET_STRINGS_fancy_time_to_absolute (expiration, &etime_abs))
749 {
750 fprintf (stderr, "%s is not a valid ttl!\n", expiration);
751 GNUNET_SCHEDULER_shutdown ();
752 return;
753 }
754
755 // if contains a space - split it by the first space only - assume first token entry is subject_key
756 fprintf (stderr, "Start splitting\n");
757 char *space;
758 int idx;
759 space = strchr(subject_key, ' ');
760 idx = (int)(space - subject_key);
761
762 // TODO rename subject_key to subject
763 char *subject_pubkey_str = GNUNET_malloc(idx+1);
764 GNUNET_memcpy(subject_pubkey_str, subject_key, idx);
765 subject_pubkey_str[idx] = '\0';
766
767 fprintf(stderr, "idx: %d, str: %s\n", idx, subject_pubkey_str);
768
769 // work on keys
770 privkey = GNUNET_IDENTITY_ego_get_private_key (ego);
771
772 if (GNUNET_OK != GNUNET_CRYPTO_ecdsa_public_key_from_string (subject_pubkey_str,
773 strlen (subject_pubkey_str),
774 &subject_pkey))
775 {
776 fprintf (stderr, "Subject public key `%s' is not well-formed\n", subject_pubkey_str);
777 GNUNET_SCHEDULER_shutdown ();
778 return;
779 }
780
781 // Sign credential / TODO not credential but delegate (new method), not only pass subject_pkey but also subject_attr
782 // gnunet-credential --issue --ego=registrarb --subject=$ALICE_KEY --attribute=$REG_STUD_ATTR --ttl=5m -c test_credential_lookup.conf
783 // gnunet-credential --create --ego=epub --attribute="a" --subject="B b" --where="ss" -E 60m
784 // TODO: only signs subject_pkey at the moment, also requires subject_attr (or both in subject_key)
785 crd = GNUNET_CREDENTIAL_credential_issue (privkey,
786 &subject_pkey,
787 issuer_attr,
788 &etime_abs);
789 res = GNUNET_CREDENTIAL_credential_to_string (crd);
790 fprintf(stderr,"Dele: %s\n", res);
791 GNUNET_free (crd);
792 printf ("--ego=\"%s\" --attribute=\"%s\" --subject=\"%s\" --ttl=%s --extension=\"%s\"\n", ego_name, issuer_attr, subject_key, expiration, res);
793
794 GNUNET_free_non_null (ego_name);
795 ego_name = NULL;
796
797 GNUNET_SCHEDULER_shutdown ();
798}
336 799
337/** 800/**
338 * Main function that will be run. 801 * Main function that will be run.
@@ -348,21 +811,102 @@ run (void *cls,
348 const char *cfgfile, 811 const char *cfgfile,
349 const struct GNUNET_CONFIGURATION_Handle *c) 812 const struct GNUNET_CONFIGURATION_Handle *c)
350{ 813{
351 cfg = c;
352 814
815 cfg = c;
353 816
354 tt = GNUNET_SCHEDULER_add_delayed (timeout, 817 tt = GNUNET_SCHEDULER_add_delayed (timeout,
355 &do_timeout, NULL); 818 &do_timeout, NULL);
356 GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL); 819 GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL);
357 820
358 if (GNUNET_YES == collect) 821 if (GNUNET_YES == create_is) {
359 { 822 fprintf(stderr, "Starting to create issuer side...\n");
823
824 if (NULL == ego_name) {
825 fprintf (stderr, "ego required\n");
826 GNUNET_SCHEDULER_shutdown ();
827 return;
828 }
829
830 type = GNUNET_GNSRECORD_TYPE_ATTRIBUTE;
831 //TODO: Store normally (at issuer, for backward search)
832 // stuff from gnunet-namestore.c of namestore folder
833 fprintf (stderr, "Start: Store issuer side\n");
834 el = GNUNET_IDENTITY_ego_lookup (cfg,
835 ego_name,
836 &store_cb,
837 (void *) cfg);
838 return;
839 }
840
841 if (GNUNET_YES == create_ss) {
842 fprintf(stderr, "Starting to create subject side...\n");
843 // check if "credential"/signed parameter filled
844 if (NULL == extension) {
845 fprintf (stderr, "'extension' required\n");
846 GNUNET_SCHEDULER_shutdown ();
847 return;
848 }
849
850 // parses all the passed parameters
851 parse_cmdl_param(extension);
852
853 fprintf (stderr,"List of parsed attributes:\n");
854 fprintf (stderr,"Ego: %s\n", ego_name);
855 fprintf (stderr,"Attribute: %s\n", issuer_attr);
856 fprintf (stderr,"Subject: %s\n", subject_key);
857 fprintf (stderr,"ttl: %s\n", expiration);
858 fprintf (stderr,"Extension: %s\n", extension);
859
860 //TODO: subject key does not have to be returned, extension replaces it
861 //TODO: use own delegation type, implement string_to_value and value_to_string methods of plugin
862 //type = GNUNET_GNSRECORD_TYPE_DELEGATE;
863 type = GNUNET_GNSRECORD_TYPE_CREDENTIAL;
864 subject_key = extension;
865 fprintf (stderr, "Start: Store subject side\n");
866 el = GNUNET_IDENTITY_ego_lookup (cfg,
867 ego_name,
868 &store_cb,
869 (void *) cfg);
870
871 return;
872 }
873
874 if (GNUNET_YES == sign_ss) {
875 fprintf(stderr, "Starting to sign subject side...\n");
876
877 if (NULL == ego_name) {
878 fprintf (stderr, "ego required\n");
879 GNUNET_SCHEDULER_shutdown ();
880 return;
881 }
882
883 if (NULL == subject_key)
884 {
885 fprintf (stderr, "Subject public key needed\n");
886 GNUNET_SCHEDULER_shutdown ();
887 return;
888
889 }
890
891 //TODO: Sign like credential and return to store subject side
892 //TODO: Return everything as an input for the add
893 //TODO: Idee: Gleich add machen, statt return und neues add
894 fprintf (stderr, "Start: Sign, return and subject side store\n");
895 el = GNUNET_IDENTITY_ego_lookup (cfg,
896 ego_name,
897 &sign_cb,
898 (void *) cfg);
899 return;
900 }
901
902 if (GNUNET_YES == collect) {
360 if (NULL == issuer_key) 903 if (NULL == issuer_key)
361 { 904 {
362 fprintf (stderr, 905 fprintf (stderr,
363 _ ("Issuer public key not well-formed\n")); 906 _("Issuer public key not well-formed\n"));
364 GNUNET_SCHEDULER_shutdown (); 907 GNUNET_SCHEDULER_shutdown ();
365 return; 908 return;
909
366 } 910 }
367 911
368 credential = GNUNET_CREDENTIAL_connect (cfg); 912 credential = GNUNET_CREDENTIAL_connect (cfg);
@@ -370,22 +914,21 @@ run (void *cls,
370 if (NULL == credential) 914 if (NULL == credential)
371 { 915 {
372 fprintf (stderr, 916 fprintf (stderr,
373 _ ("Failed to connect to CREDENTIAL\n")); 917 _("Failed to connect to CREDENTIAL\n"));
374 GNUNET_SCHEDULER_shutdown (); 918 GNUNET_SCHEDULER_shutdown ();
375 return; 919 return;
376 } 920 }
377 if (NULL == issuer_attr) 921 if (NULL == issuer_attr)
378 { 922 {
379 fprintf (stderr, 923 fprintf (stderr,
380 _ ("You must provide issuer the attribute\n")); 924 _("You must provide issuer the attribute\n"));
381 GNUNET_SCHEDULER_shutdown (); 925 GNUNET_SCHEDULER_shutdown ();
382 return; 926 return;
383 } 927 }
384 928
385 if (NULL == ego_name) 929 if (NULL == ego_name) {
386 {
387 fprintf (stderr, 930 fprintf (stderr,
388 _ ("ego required\n")); 931 _("ego required\n"));
389 GNUNET_SCHEDULER_shutdown (); 932 GNUNET_SCHEDULER_shutdown ();
390 return; 933 return;
391 } 934 }
@@ -394,14 +937,16 @@ run (void *cls,
394 &identity_cb, 937 &identity_cb,
395 (void *) cfg); 938 (void *) cfg);
396 return; 939 return;
397 } 940
941 }
398 942
399 if (NULL == subject_key) 943 if (NULL == subject_key)
400 { 944 {
401 fprintf (stderr, 945 fprintf (stderr,
402 _ ("Subject public key needed\n")); 946 _("Subject public key needed\n"));
403 GNUNET_SCHEDULER_shutdown (); 947 GNUNET_SCHEDULER_shutdown ();
404 return; 948 return;
949
405 } 950 }
406 if (GNUNET_OK != 951 if (GNUNET_OK !=
407 GNUNET_CRYPTO_ecdsa_public_key_from_string (subject_key, 952 GNUNET_CRYPTO_ecdsa_public_key_from_string (subject_key,
@@ -409,19 +954,20 @@ run (void *cls,
409 &subject_pkey)) 954 &subject_pkey))
410 { 955 {
411 fprintf (stderr, 956 fprintf (stderr,
412 _ ("Subject public key `%s' is not well-formed\n"), 957 _("Subject public key `%s' is not well-formed\n"),
413 subject_key); 958 subject_key);
414 GNUNET_SCHEDULER_shutdown (); 959 GNUNET_SCHEDULER_shutdown ();
415 return; 960 return;
416 } 961 }
417 if (GNUNET_YES == verify) 962
418 { 963 if (GNUNET_YES == verify) {
419 if (NULL == issuer_key) 964 if (NULL == issuer_key)
420 { 965 {
421 fprintf (stderr, 966 fprintf (stderr,
422 _ ("Issuer public key not well-formed\n")); 967 _("Issuer public key not well-formed\n"));
423 GNUNET_SCHEDULER_shutdown (); 968 GNUNET_SCHEDULER_shutdown ();
424 return; 969 return;
970
425 } 971 }
426 if (GNUNET_OK != 972 if (GNUNET_OK !=
427 GNUNET_CRYPTO_ecdsa_public_key_from_string (issuer_key, 973 GNUNET_CRYPTO_ecdsa_public_key_from_string (issuer_key,
@@ -429,7 +975,7 @@ run (void *cls,
429 &issuer_pkey)) 975 &issuer_pkey))
430 { 976 {
431 fprintf (stderr, 977 fprintf (stderr,
432 _ ("Issuer public key `%s' is not well-formed\n"), 978 _("Issuer public key `%s' is not well-formed\n"),
433 issuer_key); 979 issuer_key);
434 GNUNET_SCHEDULER_shutdown (); 980 GNUNET_SCHEDULER_shutdown ();
435 return; 981 return;
@@ -439,19 +985,19 @@ run (void *cls,
439 if (NULL == credential) 985 if (NULL == credential)
440 { 986 {
441 fprintf (stderr, 987 fprintf (stderr,
442 _ ("Failed to connect to CREDENTIAL\n")); 988 _("Failed to connect to CREDENTIAL\n"));
443 GNUNET_SCHEDULER_shutdown (); 989 GNUNET_SCHEDULER_shutdown ();
444 return; 990 return;
445 } 991 }
446 if ((NULL == issuer_attr) ||(NULL == subject_credential) ) 992 if (NULL == issuer_attr || NULL == subject_credential)
447 { 993 {
448 fprintf (stderr, 994 fprintf (stderr,
449 _ ("You must provide issuer and subject attributes\n")); 995 _("You must provide issuer and subject attributes\n"));
450 GNUNET_SCHEDULER_shutdown (); 996 GNUNET_SCHEDULER_shutdown ();
451 return; 997 return;
452 } 998 }
453 999
454 // Subject credentials are comma separated 1000 //Subject credentials are comma separated
455 char *tmp = GNUNET_strdup (subject_credential); 1001 char *tmp = GNUNET_strdup (subject_credential);
456 char *tok = strtok (tmp, ","); 1002 char *tok = strtok (tmp, ",");
457 if (NULL == tok) 1003 if (NULL == tok)
@@ -464,60 +1010,58 @@ run (void *cls,
464 } 1010 }
465 int count = 1; 1011 int count = 1;
466 int i; 1012 int i;
467 while (NULL != (tok = strtok (NULL, ","))) 1013 while (NULL != (tok = strtok(NULL, ",")))
468 count++; 1014 count++;
469 struct GNUNET_CREDENTIAL_Credential credentials[count]; 1015 struct GNUNET_CREDENTIAL_Credential credentials[count];
470 struct GNUNET_CREDENTIAL_Credential *cred; 1016 struct GNUNET_CREDENTIAL_Credential *cred;
471 GNUNET_free (tmp); 1017 GNUNET_free (tmp);
472 tmp = GNUNET_strdup (subject_credential); 1018 tmp = GNUNET_strdup (subject_credential);
473 tok = strtok (tmp, ","); 1019 tok = strtok (tmp, ",");
474 for (i = 0; i < count; i++) 1020 for (i=0;i<count;i++)
475 { 1021 {
476 cred = GNUNET_CREDENTIAL_credential_from_string (tok); 1022 cred = GNUNET_CREDENTIAL_credential_from_string (tok);
477 GNUNET_memcpy (&credentials[i], 1023 GNUNET_memcpy (&credentials[i],
478 cred, 1024 cred,
479 sizeof(struct GNUNET_CREDENTIAL_Credential)); 1025 sizeof (struct GNUNET_CREDENTIAL_Credential));
480 credentials[i].issuer_attribute = GNUNET_strdup (cred->issuer_attribute); 1026 credentials[i].issuer_attribute = GNUNET_strdup (cred->issuer_attribute);
481 tok = strtok (NULL, ","); 1027 tok = strtok(NULL, ",");
482 GNUNET_free (cred); 1028 GNUNET_free (cred);
483 } 1029 }
484 1030
485 verify_request = GNUNET_CREDENTIAL_verify (credential, 1031 verify_request = GNUNET_CREDENTIAL_verify(credential,
486 &issuer_pkey, 1032 &issuer_pkey,
487 issuer_attr, // TODO argument 1033 issuer_attr, //TODO argument
488 &subject_pkey, 1034 &subject_pkey,
489 count, 1035 count,
490 credentials, 1036 credentials,
491 &handle_verify_result, 1037 &handle_verify_result,
492 NULL); 1038 NULL);
493 for (i = 0; i < count; i++) 1039 for (i=0;i<count;i++)
494 { 1040 {
495 GNUNET_free ((char*) credentials[i].issuer_attribute); 1041 GNUNET_free ((char*)credentials[i].issuer_attribute);
496 } 1042 }
497 GNUNET_free (tmp); 1043 GNUNET_free (tmp);
498 } 1044 } else if (GNUNET_YES == create_cred) {
499 else if (GNUNET_YES == create_cred)
500 {
501 if (NULL == ego_name) 1045 if (NULL == ego_name)
502 { 1046 {
503 fprintf (stderr, 1047 fprintf (stderr,
504 _ ("Issuer ego required\n")); 1048 _("Issuer ego required\n"));
505 GNUNET_SCHEDULER_shutdown (); 1049 GNUNET_SCHEDULER_shutdown ();
506 return; 1050 return;
1051
507 } 1052 }
508 el = GNUNET_IDENTITY_ego_lookup (cfg, 1053 el = GNUNET_IDENTITY_ego_lookup (cfg,
509 ego_name, 1054 ego_name,
510 &identity_cb, 1055 &identity_cb,
511 (void *) cfg); 1056 (void *) cfg);
1057
512 return; 1058 return;
513 } 1059 } else {
514 else
515 {
516 fprintf (stderr, 1060 fprintf (stderr,
517 _ ( 1061 _("Please specify name to lookup, subject key and issuer key!\n"));
518 "Please specify name to lookup, subject key and issuer key!\n"));
519 GNUNET_SCHEDULER_shutdown (); 1062 GNUNET_SCHEDULER_shutdown ();
520 } 1063 }
1064 fprintf (stderr, "In the end it doesnt even shutdown\n");
521 return; 1065 return;
522} 1066}
523 1067
@@ -539,26 +1083,22 @@ main (int argc, char *const *argv)
539 &create_cred), 1083 &create_cred),
540 GNUNET_GETOPT_option_flag ('V', 1084 GNUNET_GETOPT_option_flag ('V',
541 "verify", 1085 "verify",
542 gettext_noop ( 1086 gettext_noop ("verify credential against attribute"),
543 "verify credential against attribute"),
544 &verify), 1087 &verify),
545 GNUNET_GETOPT_option_string ('s', 1088 GNUNET_GETOPT_option_string ('s',
546 "subject", 1089 "subject",
547 "PKEY", 1090 "PKEY",
548 gettext_noop ( 1091 gettext_noop ("The public key of the subject to lookup the credential for"),
549 "The public key of the subject to lookup the credential for"),
550 &subject_key), 1092 &subject_key),
551 GNUNET_GETOPT_option_string ('b', 1093 GNUNET_GETOPT_option_string ('b',
552 "credential", 1094 "credential",
553 "CRED", 1095 "CRED",
554 gettext_noop ( 1096 gettext_noop ("The name of the credential presented by the subject"),
555 "The name of the credential presented by the subject"),
556 &subject_credential), 1097 &subject_credential),
557 GNUNET_GETOPT_option_string ('i', 1098 GNUNET_GETOPT_option_string ('i',
558 "issuer", 1099 "issuer",
559 "PKEY", 1100 "PKEY",
560 gettext_noop ( 1101 gettext_noop ("The public key of the authority to verify the credential against"),
561 "The public key of the authority to verify the credential against"),
562 &issuer_key), 1102 &issuer_key),
563 GNUNET_GETOPT_option_string ('e', 1103 GNUNET_GETOPT_option_string ('e',
564 "ego", 1104 "ego",
@@ -568,19 +1108,39 @@ main (int argc, char *const *argv)
568 GNUNET_GETOPT_option_string ('a', 1108 GNUNET_GETOPT_option_string ('a',
569 "attribute", 1109 "attribute",
570 "ATTR", 1110 "ATTR",
571 gettext_noop ( 1111 gettext_noop ("The issuer attribute to verify against or to issue"),
572 "The issuer attribute to verify against or to issue"),
573 &issuer_attr), 1112 &issuer_attr),
574 GNUNET_GETOPT_option_string ('T', 1113 GNUNET_GETOPT_option_string ('T',
575 "ttl", 1114 "ttl",
576 "EXP", 1115 "EXP",
577 gettext_noop ( 1116 gettext_noop ("The time to live for the credential"),
578 "The time to live for the credential"),
579 &expiration), 1117 &expiration),
580 GNUNET_GETOPT_option_flag ('g', 1118 GNUNET_GETOPT_option_flag ('g',
581 "collect", 1119 "collect",
582 gettext_noop ("collect credentials"), 1120 gettext_noop ("collect credentials"),
583 &collect), 1121 &collect),
1122
1123 GNUNET_GETOPT_option_flag ('U',
1124 "createIssuerSide",
1125 gettext_noop ("TODO: rename create to --issue, Create and issue a credential issuer side."),
1126 &create_is),
1127 GNUNET_GETOPT_option_flag ('C',
1128 "createSubjectSide",
1129 gettext_noop ("Issue a credential subject side."),
1130 &create_ss),
1131 GNUNET_GETOPT_option_flag ('S',
1132 "signSubjectSide",
1133 gettext_noop ("Create, sign and return a credential subject side."),
1134 &sign_ss),
1135 GNUNET_GETOPT_option_flag ('A',
1136 "add",
1137 gettext_noop ("Add credential to the namestore of an ego"),
1138 &add_iss),
1139 GNUNET_GETOPT_option_string ('x',
1140 "extension",
1141 "EXT",
1142 gettext_noop ("Signed issue credentials"),
1143 &extension),
584 GNUNET_GETOPT_OPTION_END 1144 GNUNET_GETOPT_OPTION_END
585 }; 1145 };
586 int ret; 1146 int ret;
@@ -593,7 +1153,7 @@ main (int argc, char *const *argv)
593 ret = 1153 ret =
594 (GNUNET_OK == 1154 (GNUNET_OK ==
595 GNUNET_PROGRAM_run (argc, argv, "gnunet-credential", 1155 GNUNET_PROGRAM_run (argc, argv, "gnunet-credential",
596 _ ("GNUnet credential resolver tool"), 1156 _("GNUnet credential resolver tool"),
597 options, 1157 options,
598 &run, NULL)) ? 0 : 1; 1158 &run, NULL)) ? 0 : 1;
599 GNUNET_free ((void*) argv); 1159 GNUNET_free ((void*) argv);
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-19 13:14:50 +0000