summaryrefslogtreecommitdiff
path: root/src/credential/gnunet-credential.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/credential/gnunet-credential.c')
-rw-r--r--src/credential/gnunet-credential.c294
1 files changed, 155 insertions, 139 deletions
diff --git a/src/credential/gnunet-credential.c b/src/credential/gnunet-credential.c
index 07148a1b5..5cc1a791e 100644
--- a/src/credential/gnunet-credential.c
+++ b/src/credential/gnunet-credential.c
@@ -27,7 +27,6 @@
27#include <gnunet_credential_service.h> 27#include <gnunet_credential_service.h>
28#include <gnunet_gnsrecord_lib.h> 28#include <gnunet_gnsrecord_lib.h>
29#include <gnunet_namestore_service.h> 29#include <gnunet_namestore_service.h>
30#include "credential_misc.h"
31#include "delegate_misc.h" 30#include "delegate_misc.h"
32#include "credential_serialization.h" 31#include "credential_serialization.h"
33 32
@@ -82,9 +81,9 @@ static struct GNUNET_SCHEDULER_Task *tt;
82static char *subject; 81static char *subject;
83 82
84/** 83/**
85 * Subject credential string 84 * Subject delegate string
86 */ 85 */
87static char *subject_credential; 86static char *subject_delegate;
88 87
89/** 88/**
90 * Credential TTL 89 * Credential TTL
@@ -123,11 +122,6 @@ static char *issuer_attr;
123static int verify; 122static int verify;
124 123
125/** 124/**
126 * Issue mode
127 */
128static int create_cred;
129
130/**
131 * Collect mode 125 * Collect mode
132 */ 126 */
133static int collect; 127static int collect;
@@ -153,6 +147,26 @@ static int sign_ss;
153static char *import; 147static char *import;
154 148
155/** 149/**
150 * Is record private
151 */
152static int is_private;
153
154/**
155 * Search direction: forward
156 */
157static int forward;
158
159/**
160 * Search direction: backward
161 */
162static int backward;
163
164/**
165 * API enum, filled and passed for collect/verify
166 */
167enum GNUNET_CREDENTIAL_AlgoDirectionFlags direction = 0;
168
169/**
156 * Queue entry for the 'add' operation. 170 * Queue entry for the 'add' operation.
157 */ 171 */
158static struct GNUNET_NAMESTORE_QueueEntry *add_qe; 172static struct GNUNET_NAMESTORE_QueueEntry *add_qe;
@@ -268,8 +282,10 @@ handle_collect_result (void *cls,
268 printf ("%s\n", line); 282 printf ("%s\n", line);
269 GNUNET_free (line); 283 GNUNET_free (line);
270 } 284 }
271 } else { 285 }
272 printf("Received NULL\n"); 286 else
287 {
288 printf ("Received NULL\n");
273 } 289 }
274 290
275 GNUNET_SCHEDULER_shutdown (); 291 GNUNET_SCHEDULER_shutdown ();
@@ -344,10 +360,6 @@ static void
344identity_cb (void *cls, const struct GNUNET_IDENTITY_Ego *ego) 360identity_cb (void *cls, const struct GNUNET_IDENTITY_Ego *ego)
345{ 361{
346 const struct GNUNET_CRYPTO_EcdsaPrivateKey *privkey; 362 const struct GNUNET_CRYPTO_EcdsaPrivateKey *privkey;
347 struct GNUNET_CREDENTIAL_Credential *cred;
348 struct GNUNET_TIME_Absolute etime_abs;
349 struct GNUNET_TIME_Relative etime_rel;
350 char *res;
351 363
352 el = NULL; 364 el = NULL;
353 if (NULL == ego) 365 if (NULL == ego)
@@ -381,44 +393,11 @@ identity_cb (void *cls, const struct GNUNET_IDENTITY_Ego *ego)
381 &issuer_pkey, 393 &issuer_pkey,
382 issuer_attr, //TODO argument 394 issuer_attr, //TODO argument
383 privkey, 395 privkey,
396 direction,
384 &handle_collect_result, 397 &handle_collect_result,
385 NULL); 398 NULL);
386 return; 399 return;
387 } 400 }
388
389 //Else issue
390
391 if (NULL == expiration)
392 {
393 fprintf (stderr, "Please specify a TTL\n");
394 GNUNET_SCHEDULER_shutdown ();
395 return;
396 }
397 else if (GNUNET_OK ==
398 GNUNET_STRINGS_fancy_time_to_relative (expiration, &etime_rel))
399 {
400 etime_abs = GNUNET_TIME_relative_to_absolute (etime_rel);
401 }
402 else if (GNUNET_OK !=
403 GNUNET_STRINGS_fancy_time_to_absolute (expiration, &etime_abs))
404 {
405 fprintf (stderr, "%s is not a valid ttl!\n", expiration);
406 GNUNET_SCHEDULER_shutdown ();
407 return;
408 }
409
410
411 privkey = GNUNET_IDENTITY_ego_get_private_key (ego);
412 GNUNET_free_non_null (ego_name);
413 ego_name = NULL;
414 cred = GNUNET_CREDENTIAL_credential_issue (privkey,
415 &subject_pkey,
416 issuer_attr,
417 &etime_abs);
418
419 res = GNUNET_CREDENTIAL_credential_to_string (cred);
420 GNUNET_free (cred);
421 printf ("%s\n", res);
422 GNUNET_SCHEDULER_shutdown (); 401 GNUNET_SCHEDULER_shutdown ();
423} 402}
424 403
@@ -506,9 +485,9 @@ get_existing_record (void *cls,
506 rde->record_type = type; 485 rde->record_type = type;
507 // Flags not required , TODO what have we said we do with that now? Look it up in my writing 486 // Flags not required , TODO what have we said we do with that now? Look it up in my writing
508 /*if (1 == is_shadow) 487 /*if (1 == is_shadow)
509 rde->flags |= GNUNET_GNSRECORD_RF_SHADOW_RECORD; 488 rde->flags |= GNUNET_GNSRECORD_RF_SHADOW_RECORD;*/
510 if (1 != is_public) 489 if (GNUNET_YES == is_private)
511 rde->flags |= GNUNET_GNSRECORD_RF_PRIVATE;*/ 490 rde->flags |= GNUNET_GNSRECORD_RF_PRIVATE;
512 rde->expiration_time = etime; 491 rde->expiration_time = etime;
513 if (GNUNET_YES == etime_is_rel) 492 if (GNUNET_YES == etime_is_rel)
514 rde->flags |= GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION; 493 rde->flags |= GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION;
@@ -751,6 +730,7 @@ run (void *cls,
751 730
752 if (GNUNET_YES == create_ss) 731 if (GNUNET_YES == create_ss)
753 { 732 {
733
754 // check if signed parameter has been passed in cmd line call 734 // check if signed parameter has been passed in cmd line call
755 if (NULL == import) 735 if (NULL == import)
756 { 736 {
@@ -787,6 +767,20 @@ run (void *cls,
787 return; 767 return;
788 } 768 }
789 769
770 if (GNUNET_NO == forward && GNUNET_NO == backward)
771 {
772 fprintf (
773 stderr,
774 _ (
775 "You must state which search direction: '--forward' or '--backward'\n"));
776 GNUNET_SCHEDULER_shutdown ();
777 return;
778 }
779 if (GNUNET_YES == forward)
780 direction |= GNUNET_CREDENTIAL_FLAG_FORWARD;
781 if (GNUNET_YES == backward)
782 direction |= GNUNET_CREDENTIAL_FLAG_BACKWARD;
783
790 if (GNUNET_YES == collect) 784 if (GNUNET_YES == collect)
791 { 785 {
792 if (NULL == issuer_key) 786 if (NULL == issuer_key)
@@ -840,6 +834,15 @@ run (void *cls,
840 834
841 if (GNUNET_YES == verify) 835 if (GNUNET_YES == verify)
842 { 836 {
837 if (GNUNET_NO == forward && GNUNET_NO == backward)
838 {
839 fprintf (
840 stderr,
841 _ (
842 "You must state which search direction: '-forward' or 'backward'\n"));
843 GNUNET_SCHEDULER_shutdown ();
844 return;
845 }
843 if (NULL == issuer_key) 846 if (NULL == issuer_key)
844 { 847 {
845 fprintf (stderr, _ ("Issuer public key not well-formed\n")); 848 fprintf (stderr, _ ("Issuer public key not well-formed\n"));
@@ -865,7 +868,7 @@ run (void *cls,
865 GNUNET_SCHEDULER_shutdown (); 868 GNUNET_SCHEDULER_shutdown ();
866 return; 869 return;
867 } 870 }
868 if (NULL == issuer_attr || NULL == subject_credential) 871 if (NULL == issuer_attr || NULL == subject_delegate)
869 { 872 {
870 fprintf (stderr, _ ("You must provide issuer and subject attributes\n")); 873 fprintf (stderr, _ ("You must provide issuer and subject attributes\n"));
871 GNUNET_SCHEDULER_shutdown (); 874 GNUNET_SCHEDULER_shutdown ();
@@ -873,7 +876,7 @@ run (void *cls,
873 } 876 }
874 877
875 //Subject credentials are comma separated 878 //Subject credentials are comma separated
876 char *tmp = GNUNET_strdup (subject_credential); 879 char *tmp = GNUNET_strdup (subject_delegate);
877 char *tok = strtok (tmp, ","); 880 char *tok = strtok (tmp, ",");
878 if (NULL == tok) 881 if (NULL == tok)
879 { 882 {
@@ -886,20 +889,20 @@ run (void *cls,
886 int i; 889 int i;
887 while (NULL != (tok = strtok (NULL, ","))) 890 while (NULL != (tok = strtok (NULL, ",")))
888 count++; 891 count++;
889 struct GNUNET_CREDENTIAL_Delegate credentials[count]; 892 struct GNUNET_CREDENTIAL_Delegate delegates[count];
890 struct GNUNET_CREDENTIAL_Delegate *cred; 893 struct GNUNET_CREDENTIAL_Delegate *dele;
891 GNUNET_free (tmp); 894 GNUNET_free (tmp);
892 tmp = GNUNET_strdup (subject_credential); 895 tmp = GNUNET_strdup (subject_delegate);
893 tok = strtok (tmp, ","); 896 tok = strtok (tmp, ",");
894 for (i = 0; i < count; i++) 897 for (i = 0; i < count; i++)
895 { 898 {
896 cred = GNUNET_CREDENTIAL_delegate_from_string (tok); 899 dele = GNUNET_CREDENTIAL_delegate_from_string (tok);
897 GNUNET_memcpy (&credentials[i], 900 GNUNET_memcpy (&delegates[i],
898 cred, 901 dele,
899 sizeof (struct GNUNET_CREDENTIAL_Delegate)); 902 sizeof (struct GNUNET_CREDENTIAL_Delegate));
900 credentials[i].issuer_attribute = GNUNET_strdup (cred->issuer_attribute); 903 delegates[i].issuer_attribute = GNUNET_strdup (dele->issuer_attribute);
901 tok = strtok (NULL, ","); 904 tok = strtok (NULL, ",");
902 GNUNET_free (cred); 905 GNUNET_free (dele);
903 } 906 }
904 907
905 verify_request = GNUNET_CREDENTIAL_verify (credential, 908 verify_request = GNUNET_CREDENTIAL_verify (credential,
@@ -907,27 +910,16 @@ run (void *cls,
907 issuer_attr, //TODO argument 910 issuer_attr, //TODO argument
908 &subject_pkey, 911 &subject_pkey,
909 count, 912 count,
910 credentials, 913 delegates,
914 direction,
911 &handle_verify_result, 915 &handle_verify_result,
912 NULL); 916 NULL);
913 for (i = 0; i < count; i++) 917 for (i = 0; i < count; i++)
914 { 918 {
915 GNUNET_free ((char *) credentials[i].issuer_attribute); 919 GNUNET_free ((char *) delegates[i].issuer_attribute);
916 } 920 }
917 GNUNET_free (tmp); 921 GNUNET_free (tmp);
918 } 922 }
919 else if (GNUNET_YES == create_cred)
920 {
921 if (NULL == ego_name)
922 {
923 fprintf (stderr, _ ("Issuer ego required\n"));
924 GNUNET_SCHEDULER_shutdown ();
925 return;
926 }
927 el = GNUNET_IDENTITY_ego_lookup (cfg, ego_name, &identity_cb, (void *) cfg);
928
929 return;
930 }
931 else 923 else
932 { 924 {
933 fprintf (stderr, 925 fprintf (stderr,
@@ -949,70 +941,94 @@ run (void *cls,
949int 941int
950main (int argc, char *const *argv) 942main (int argc, char *const *argv)
951{ 943{
952 struct GNUNET_GETOPT_CommandLineOption options[] = { 944 struct GNUNET_GETOPT_CommandLineOption options[] =
953 GNUNET_GETOPT_option_flag ('I', 945 {GNUNET_GETOPT_option_flag ('V',
954 "issue", 946 "verify",
955 gettext_noop ("create credential"), 947 gettext_noop (
956 &create_cred), 948 "verify credential against attribute"),
957 GNUNET_GETOPT_option_flag ('V', 949 &verify),
958 "verify", 950 GNUNET_GETOPT_option_string (
959 gettext_noop ("verify credential against attribute"), 951 's',
960 &verify), 952 "subject",
961 GNUNET_GETOPT_option_string ('s', 953 "PKEY",
962 "subject", 954 gettext_noop (
963 "PKEY", 955 "The public key of the subject to lookup the"
964 gettext_noop ("The public key of the subject to lookup the" 956 "credential for, or for issuer side storage: subject and its attributes"),
965 "credential for, or for issuer side storage: subject and its attributes"), 957 &subject),
966 &subject), 958 GNUNET_GETOPT_option_string (
967 GNUNET_GETOPT_option_string ('b', 959 'd',
968 "credential", 960 "delegate",
969 "CRED", 961 "DELE",
970 gettext_noop ("The name of the credential presented by the subject"), 962 gettext_noop ("The private, signed delegate presented by the subject"),
971 &subject_credential), 963 &subject_delegate),
972 GNUNET_GETOPT_option_string ('i', 964 GNUNET_GETOPT_option_string (
973 "issuer", 965 'i',
974 "PKEY", 966 "issuer",
975 gettext_noop ("The public key of the authority to verify the credential against"), 967 "PKEY",
976 &issuer_key), 968 gettext_noop (
977 GNUNET_GETOPT_option_string ('e', 969 "The public key of the authority to verify the credential against"),
978 "ego", 970 &issuer_key),
979 "EGO", 971 GNUNET_GETOPT_option_string ('e',
980 gettext_noop ("The ego/zone name to use"), 972 "ego",
981 &ego_name), 973 "EGO",
982 GNUNET_GETOPT_option_string ('a', 974 gettext_noop ("The ego/zone name to use"),
983 "attribute", 975 &ego_name),
984 "ATTR", 976 GNUNET_GETOPT_option_string (
985 gettext_noop ("The issuer attribute to verify against or to issue"), 977 'a',
986 &issuer_attr), 978 "attribute",
987 GNUNET_GETOPT_option_string ('T', 979 "ATTR",
988 "ttl", 980 gettext_noop ("The issuer attribute to verify against or to issue"),
989 "EXP", 981 &issuer_attr),
990 gettext_noop ("The time to live for the credential." 982 GNUNET_GETOPT_option_string ('T',
991 "e.g. 5m, 6h, \"1990-12-30 12:00:00\""), 983 "ttl",
992 &expiration), 984 "EXP",
993 GNUNET_GETOPT_option_flag ('g', 985 gettext_noop (
994 "collect", 986 "The time to live for the credential."
995 gettext_noop ("collect credentials"), 987 "e.g. 5m, 6h, \"1990-12-30 12:00:00\""),
996 &collect), 988 &expiration),
997 GNUNET_GETOPT_option_flag ('U', 989 GNUNET_GETOPT_option_flag ('g',
998 "createIssuerSide", 990 "collect",
999 gettext_noop ("Create and issue a credential issuer side."), 991 gettext_noop ("collect credentials"),
1000 &create_is), 992 &collect),
1001 GNUNET_GETOPT_option_flag ('C', 993 GNUNET_GETOPT_option_flag ('U',
1002 "createSubjectSide", 994 "createIssuerSide",
1003 gettext_noop ("Issue a credential subject side."), 995 gettext_noop (
1004 &create_ss), 996 "Create and issue a credential issuer side."),
1005 GNUNET_GETOPT_option_flag ('S', 997 &create_is),
1006 "signSubjectSide", 998 GNUNET_GETOPT_option_flag ('C',
1007 gettext_noop ("Create, sign and return a credential subject side."), 999 "createSubjectSide",
1008 &sign_ss), 1000 gettext_noop (
1009 GNUNET_GETOPT_option_string ('x', 1001 "Issue a credential subject side."),
1010 "import", 1002 &create_ss),
1011 "IMP", 1003 GNUNET_GETOPT_option_flag (
1012 gettext_noop ("Import signed credentials that should be issued to a zone/ego"), 1004 'S',
1013 &import), 1005 "signSubjectSide",
1014 GNUNET_GETOPT_OPTION_END 1006 gettext_noop ("Create, sign and return a credential subject side."),
1015 }; 1007 &sign_ss),
1008 GNUNET_GETOPT_option_string (
1009 'x',
1010 "import",
1011 "IMP",
1012 gettext_noop (
1013 "Import signed credentials that should be issued to a zone/ego"),
1014 &import),
1015 GNUNET_GETOPT_option_flag ('P',
1016 "private",
1017 gettext_noop ("Create private record entry."),
1018 &is_private),
1019 GNUNET_GETOPT_option_flag (
1020 'F',
1021 "forward",
1022 gettext_noop (
1023 "Indicates that the collect/verify process is done via forward search."),
1024 &forward),
1025 GNUNET_GETOPT_option_flag (
1026 'B',
1027 "backward",
1028 gettext_noop (
1029 "Indicates that the collect/verify process is done via forward search."),
1030 &backward),
1031 GNUNET_GETOPT_OPTION_END};
1016 int ret; 1032 int ret;
1017 1033
1018 timeout = GNUNET_TIME_UNIT_FOREVER_REL; 1034 timeout = GNUNET_TIME_UNIT_FOREVER_REL;