src/credential/credential_api.c

   1 /*
   2      This file is part of GNUnet.
   3      Copyright (C) 2009-2013, 2016 GNUnet e.V.
   4
   5      GNUnet is free software: you can redistribute it and/or modify it
   6      under the terms of the GNU General Public License as published
   7      by the Free Software Foundation, either version 3 of the License,
   8      or (at your option) any later version.
   9
  10      GNUnet is distributed in the hope that it will be useful, but
  11      WITHOUT ANY WARRANTY; without even the implied warranty of
  12      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  13      Affero General Public License for more details.
  14 */
  15 /**
  16  * @file credential/credential_api.c
  17  * @brief library to access the CREDENTIAL service
  18  * @author Martin Schanzenbach
  19  */
  20 #include "platform.h"
  21 #include "gnunet_util_lib.h"
  22 #include "gnunet_constants.h"
  23 #include "gnunet_arm_service.h"
  24 #include "gnunet_hello_lib.h"
  25 #include "gnunet_protocols.h"
  26 #include "gnunet_signatures.h"
  27 #include "credential.h"
  28 #include "credential_serialization.h"
  29 #include "gnunet_credential_service.h"
  30 #include "gnunet_identity_service.h"
  31
  32
  33 #define LOG(kind,...) GNUNET_log_from (kind, "credential-api",__VA_ARGS__)
  34
  35 /**
  36  * Handle to a verify request
  37  */
  38 struct GNUNET_CREDENTIAL_Request
  39 {
  40
  41   /**
  42    * DLL
  43    */
  44   struct GNUNET_CREDENTIAL_Request *next;
  45
  46   /**
  47    * DLL
  48    */
  49   struct GNUNET_CREDENTIAL_Request *prev;
  50
  51   /**
  52    * handle to credential service
  53    */
  54   struct GNUNET_CREDENTIAL_Handle *credential_handle;
  55
  56   /**
  57    * processor to call on verify result
  58    */
  59   GNUNET_CREDENTIAL_CredentialResultProcessor verify_proc;
  60
  61   /**
  62    * @e verify_proc closure
  63    */
  64   void *proc_cls;
  65
  66   /**
  67    * Envelope with the message for this queue entry.
  68    */
  69   struct GNUNET_MQ_Envelope *env;
  70
  71   /**
  72    * request id
  73    */
  74   uint32_t r_id;
  75
  76 };
  77
  78
  79 /**
  80  * Connection to the CREDENTIAL service.
  81  */
  82 struct GNUNET_CREDENTIAL_Handle
  83 {
  84
  85   /**
  86    * Configuration to use.
  87    */
  88   const struct GNUNET_CONFIGURATION_Handle *cfg;
  89
  90   /**
  91    * Connection to service (if available).
  92    */
  93   struct GNUNET_MQ_Handle *mq;
  94
  95   /**
  96    * Head of linked list of active verify requests.
  97    */
  98   struct GNUNET_CREDENTIAL_Request *request_head;
  99
 100   /**
 101    * Tail of linked list of active verify requests.
 102    */
 103   struct GNUNET_CREDENTIAL_Request *request_tail;
 104
 105   /**
 106    * Reconnect task
 107    */
 108   struct GNUNET_SCHEDULER_Task *reconnect_task;
 109
 110   /**
 111    * How long do we wait until we try to reconnect?
 112    */
 113   struct GNUNET_TIME_Relative reconnect_backoff;
 114
 115   /**
 116    * Request Id generator.  Incremented by one for each request.
 117    */
 118   uint32_t r_id_gen;
 119
 120 };
 121
 122
 123 /**
 124  * Reconnect to CREDENTIAL service.
 125  *
 126  * @param handle the handle to the CREDENTIAL service
 127  */
 128 static void
 129 reconnect (struct GNUNET_CREDENTIAL_Handle *handle);
 130
 131
 132 /**
 133  * Reconnect to CREDENTIAL
 134  *
 135  * @param cls the handle
 136  */
 137 static void
 138 reconnect_task (void *cls)
 139 {
 140   struct GNUNET_CREDENTIAL_Handle *handle = cls;
 141
 142   handle->reconnect_task = NULL;
 143   reconnect (handle);
 144 }
 145
 146
 147 /**
 148  * Disconnect from service and then reconnect.
 149  *
 150  * @param handle our handle
 151  */
 152 static void
 153 force_reconnect (struct GNUNET_CREDENTIAL_Handle *handle)
 154 {
 155   GNUNET_MQ_destroy (handle->mq);
 156   handle->mq = NULL;
 157   handle->reconnect_backoff
 158     = GNUNET_TIME_STD_BACKOFF (handle->reconnect_backoff);
 159   handle->reconnect_task
 160     = GNUNET_SCHEDULER_add_delayed (handle->reconnect_backoff,
 161                         &reconnect_task,
 162                         handle);
 163 }
 164
 165
 166 /**
 167  * Generic error handler, called with the appropriate error code and
 168  * the same closure specified at the creation of the message queue.
 169  * Not every message queue implementation supports an error handler.
 170  *
 171  * @param cls closure with the `struct GNUNET_CREDENTIAL_Handle *`
 172  * @param error error code
 173  */
 174 static void
 175 mq_error_handler (void *cls,
 176                   enum GNUNET_MQ_Error error)
 177 {
 178   struct GNUNET_CREDENTIAL_Handle *handle = cls;
 179
 180   force_reconnect (handle);
 181 }
 182
 183 /**
 184  * Check validity of message received from the CREDENTIAL service
 185  *
 186  * @param cls the `struct GNUNET_CREDENTIAL_Handle *`
 187  * @param vr_msg the incoming message
 188  */
 189 static int
 190 check_result (void *cls,
 191               const struct DelegationChainResultMessage *vr_msg)
 192 {
 193   //TODO
 194   return GNUNET_OK;
 195 }
 196
 197
 198 /**
 199  * Handler for messages received from the CREDENTIAL service
 200  *
 201  * @param cls the `struct GNUNET_CREDENTIAL_Handle *`
 202  * @param vr_msg the incoming message
 203  */
 204 static void
 205 handle_result (void *cls,
 206                const struct DelegationChainResultMessage *vr_msg)
 207 {
 208   struct GNUNET_CREDENTIAL_Handle *handle = cls;
 209   uint32_t r_id = ntohl (vr_msg->id);
 210   struct GNUNET_CREDENTIAL_Request *vr;
 211   size_t mlen = ntohs (vr_msg->header.size) - sizeof (*vr_msg);
 212   uint32_t d_count = ntohl (vr_msg->d_count);
 213   uint32_t c_count = ntohl (vr_msg->c_count);
 214   struct GNUNET_CREDENTIAL_Delegation d_chain[d_count];
 215   struct GNUNET_CREDENTIAL_Credential creds[c_count];
 216   GNUNET_CREDENTIAL_CredentialResultProcessor proc;
 217   void *proc_cls;
 218
 219   LOG (GNUNET_ERROR_TYPE_DEBUG,
 220        "Received verify reply from CREDENTIAL service\n");
 221   for (vr = handle->request_head; NULL != vr; vr = vr->next)
 222     if (vr->r_id == r_id)
 223       break;
 224   if (NULL == vr)
 225     return;
 226   proc = vr->verify_proc;
 227   proc_cls = vr->proc_cls;
 228   GNUNET_CONTAINER_DLL_remove (handle->request_head,
 229                                handle->request_tail,
 230                                vr);
 231   GNUNET_MQ_discard (vr->env);
 232   GNUNET_free (vr);
 233   GNUNET_assert (GNUNET_OK ==
 234                  GNUNET_CREDENTIAL_delegation_chain_deserialize (mlen,
 235                                                                  (const char*) &vr_msg[1],
 236                                                                  d_count,
 237                                                                  d_chain,
 238                                                                  c_count,
 239                                                                  creds));
 240   if (GNUNET_NO == ntohl (vr_msg->cred_found))
 241   {
 242     proc (proc_cls,
 243           0,
 244           NULL,
 245           0,
 246           NULL); // TODO
 247   } else {
 248     proc (proc_cls,
 249           d_count,
 250           d_chain,
 251           c_count,
 252           creds);
 253   }
 254 }
 255
 256
 257 /**
 258  * Reconnect to CREDENTIAL service.
 259  *
 260  * @param handle the handle to the CREDENTIAL service
 261  */
 262 static void
 263 reconnect (struct GNUNET_CREDENTIAL_Handle *handle)
 264 {
 265   struct GNUNET_MQ_MessageHandler handlers[] = {
 266     GNUNET_MQ_hd_var_size (result,
 267                            GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT,
 268                            struct DelegationChainResultMessage,
 269                            handle),
 270     GNUNET_MQ_hd_var_size (result,
 271                            GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT_RESULT,
 272                            struct DelegationChainResultMessage,
 273                            handle),
 274     GNUNET_MQ_handler_end ()
 275   };
 276   struct GNUNET_CREDENTIAL_Request *vr;
 277
 278   GNUNET_assert (NULL == handle->mq);
 279   LOG (GNUNET_ERROR_TYPE_DEBUG,
 280        "Trying to connect to CREDENTIAL\n");
 281   handle->mq = GNUNET_CLIENT_connect (handle->cfg,
 282                                       "credential",
 283                                       handlers,
 284                                       &mq_error_handler,
 285                                       handle);
 286   if (NULL == handle->mq)
 287     return;
 288   for (vr = handle->request_head; NULL != vr; vr = vr->next)
 289     GNUNET_MQ_send_copy (handle->mq,
 290                          vr->env);
 291 }
 292
 293
 294 /**
 295  * Initialize the connection with the CREDENTIAL service.
 296  *
 297  * @param cfg configuration to use
 298  * @return handle to the CREDENTIAL service, or NULL on error
 299  */
 300 struct GNUNET_CREDENTIAL_Handle *
 301 GNUNET_CREDENTIAL_connect (const struct GNUNET_CONFIGURATION_Handle *cfg)
 302 {
 303   struct GNUNET_CREDENTIAL_Handle *handle;
 304
 305   handle = GNUNET_new (struct GNUNET_CREDENTIAL_Handle);
 306   handle->cfg = cfg;
 307   reconnect (handle);
 308   if (NULL == handle->mq)
 309   {
 310     GNUNET_free (handle);
 311     return NULL;
 312   }
 313   return handle;
 314 }
 315
 316
 317 /**
 318  * Shutdown connection with the CREDENTIAL service.
 319  *
 320  * @param handle handle of the CREDENTIAL connection to stop
 321  */
 322 void
 323 GNUNET_CREDENTIAL_disconnect (struct GNUNET_CREDENTIAL_Handle *handle)
 324 {
 325   if (NULL != handle->mq)
 326   {
 327     GNUNET_MQ_destroy (handle->mq);
 328     handle->mq = NULL;
 329   }
 330   if (NULL != handle->reconnect_task)
 331   {
 332     GNUNET_SCHEDULER_cancel (handle->reconnect_task);
 333     handle->reconnect_task = NULL;
 334   }
 335   GNUNET_assert (NULL == handle->request_head);
 336   GNUNET_free (handle);
 337 }
 338
 339
 340 /**
 341  * Cancel pending verify request
 342  *
 343  * @param lr the verify request to cancel
 344  */
 345 void
 346 GNUNET_CREDENTIAL_request_cancel (struct GNUNET_CREDENTIAL_Request *lr)
 347 {
 348   struct GNUNET_CREDENTIAL_Handle *handle = lr->credential_handle;
 349
 350   GNUNET_CONTAINER_DLL_remove (handle->request_head,
 351                                handle->request_tail,
 352                                lr);
 353   GNUNET_MQ_discard (lr->env);
 354   GNUNET_free (lr);
 355 }
 356
 357
 358 /**
 359  * Performs attribute collection.
 360  * Collects all credentials of subject to fulfill the
 361  * attribute, if possible
 362  *
 363  * @param handle handle to the Credential service
 364  * @param issuer_key the issuer public key
 365  * @param issuer_attribute the issuer attribute
 366  * @param subject_key the subject public key
 367  * @param proc function to call on result
 368  * @param proc_cls closure for processor
 369  * @return handle to the queued request
 370  */
 371 struct GNUNET_CREDENTIAL_Request*
 372 GNUNET_CREDENTIAL_collect (struct GNUNET_CREDENTIAL_Handle *handle,
 373                            const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
 374                            const char *issuer_attribute,
 375                            const struct GNUNET_CRYPTO_EcdsaPrivateKey *subject_key,
 376                            GNUNET_CREDENTIAL_CredentialResultProcessor proc,
 377                            void *proc_cls)
 378 {
 379   /* IPC to shorten credential names, return shorten_handle */
 380   struct CollectMessage *c_msg;
 381   struct GNUNET_CREDENTIAL_Request *vr;
 382   size_t nlen;
 383
 384   if (NULL == issuer_attribute)
 385   {
 386     GNUNET_break (0);
 387     return NULL;
 388   }
 389
 390   //DEBUG LOG
 391   LOG (GNUNET_ERROR_TYPE_DEBUG,
 392        "Trying to collect `%s' in CREDENTIAL\n",
 393        issuer_attribute);
 394   nlen = strlen (issuer_attribute) + 1;
 395   if (nlen >= GNUNET_MAX_MESSAGE_SIZE - sizeof (*vr))
 396   {
 397     GNUNET_break (0);
 398     return NULL;
 399   }
 400   vr = GNUNET_new (struct GNUNET_CREDENTIAL_Request);
 401   vr->credential_handle = handle;
 402   vr->verify_proc = proc;
 403   vr->proc_cls = proc_cls;
 404   vr->r_id = handle->r_id_gen++;
 405   vr->env = GNUNET_MQ_msg_extra (c_msg,
 406                                  nlen,
 407                                  GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT);
 408   c_msg->id = htonl (vr->r_id);
 409   c_msg->subject_key = *subject_key;
 410   c_msg->issuer_key =  *issuer_key;
 411   c_msg->issuer_attribute_len = htons(strlen(issuer_attribute));
 412   GNUNET_memcpy (&c_msg[1],
 413                  issuer_attribute,
 414                  strlen (issuer_attribute));
 415   GNUNET_CONTAINER_DLL_insert (handle->request_head,
 416                                handle->request_tail,
 417                                vr);
 418   if (NULL != handle->mq)
 419     GNUNET_MQ_send_copy (handle->mq,
 420                          vr->env);
 421   return vr;
 422 }
 423 /**
 424  * Performs attribute verification.
 425  * Checks if there is a delegation chain from
 426  * attribute ``issuer_attribute'' issued by the issuer
 427  * with public key ``issuer_key'' maps to the attribute
 428  * ``subject_attribute'' claimed by the subject with key
 429  * ``subject_key''
 430  *
 431  * @param handle handle to the Credential service
 432  * @param issuer_key the issuer public key
 433  * @param issuer_attribute the issuer attribute
 434  * @param subject_key the subject public key
 435  * @param credential_count number of credentials provided
 436  * @param credentials subject credentials
 437  * @param proc function to call on result
 438  * @param proc_cls closure for processor
 439  * @return handle to the queued request
 440  */
 441 struct GNUNET_CREDENTIAL_Request*
 442 GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle,
 443                           const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
 444                           const char *issuer_attribute,
 445                           const struct GNUNET_CRYPTO_EcdsaPublicKey *subject_key,
 446                           uint32_t credential_count,
 447                           const struct GNUNET_CREDENTIAL_Credential *credentials,
 448                           GNUNET_CREDENTIAL_CredentialResultProcessor proc,
 449                           void *proc_cls)
 450 {
 451   /* IPC to shorten credential names, return shorten_handle */
 452   struct VerifyMessage *v_msg;
 453   struct GNUNET_CREDENTIAL_Request *vr;
 454   size_t nlen;
 455   size_t clen;
 456
 457   if (NULL == issuer_attribute || NULL == credentials)
 458   {
 459     GNUNET_break (0);
 460     return NULL;
 461   }
 462
 463   clen = GNUNET_CREDENTIAL_credentials_get_size (credential_count,
 464                                                  credentials);
 465
 466   //DEBUG LOG
 467   LOG (GNUNET_ERROR_TYPE_DEBUG,
 468        "Trying to verify `%s' in CREDENTIAL\n",
 469        issuer_attribute);
 470   nlen = strlen (issuer_attribute) + 1 + clen;
 471   if (nlen >= GNUNET_MAX_MESSAGE_SIZE - sizeof (*vr))
 472   {
 473     GNUNET_break (0);
 474     return NULL;
 475   }
 476   vr = GNUNET_new (struct GNUNET_CREDENTIAL_Request);
 477   vr->credential_handle = handle;
 478   vr->verify_proc = proc;
 479   vr->proc_cls = proc_cls;
 480   vr->r_id = handle->r_id_gen++;
 481   vr->env = GNUNET_MQ_msg_extra (v_msg,
 482                                  nlen,
 483                                  GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY);
 484   v_msg->id = htonl (vr->r_id);
 485   v_msg->subject_key = *subject_key;
 486   v_msg->c_count = htonl(credential_count);
 487   v_msg->issuer_key =  *issuer_key;
 488   v_msg->issuer_attribute_len = htons(strlen(issuer_attribute));
 489   GNUNET_memcpy (&v_msg[1],
 490                  issuer_attribute,
 491                  strlen (issuer_attribute));
 492   GNUNET_CREDENTIAL_credentials_serialize (credential_count,
 493                                            credentials,
 494                                            clen,
 495                                            ((char*)&v_msg[1])
 496                                            + strlen (issuer_attribute) + 1);
 497   GNUNET_CONTAINER_DLL_insert (handle->request_head,
 498                                handle->request_tail,
 499                                vr);
 500   if (NULL != handle->mq)
 501     GNUNET_MQ_send_copy (handle->mq,
 502                          vr->env);
 503   return vr;
 504 }
 505
 506 /* end of credential_api.c */