2 This file is part of GNUnet.
3 Copyright (C) 2009-2013, 2016 GNUnet e.V.
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
18 Boston, MA 02110-1301, USA.
21 * @file credential/credential_api.c
22 * @brief library to access the CREDENTIAL service
23 * @author Adnan Husain
26 #include "gnunet_util_lib.h"
27 #include "gnunet_constants.h"
28 #include "gnunet_arm_service.h"
29 #include "gnunet_hello_lib.h"
30 #include "gnunet_protocols.h"
31 #include "gnunet_signatures.h"
32 #include "credential.h"
33 #include "gnunet_credential_service.h"
34 #include "gnunet_identity_service.h"
37 #define LOG(kind,...) GNUNET_log_from (kind, "credential-api",__VA_ARGS__)
40 * Handle to a verify request
42 struct GNUNET_CREDENTIAL_Request
48 struct GNUNET_CREDENTIAL_Request *next;
53 struct GNUNET_CREDENTIAL_Request *prev;
56 * handle to credential service
58 struct GNUNET_CREDENTIAL_Handle *credential_handle;
61 * processor to call on verify result
63 GNUNET_CREDENTIAL_VerifyResultProcessor verify_proc;
66 * @e verify_proc closure
71 * Envelope with the message for this queue entry.
73 struct GNUNET_MQ_Envelope *env;
84 * Connection to the CREDENTIAL service.
86 struct GNUNET_CREDENTIAL_Handle
90 * Configuration to use.
92 const struct GNUNET_CONFIGURATION_Handle *cfg;
95 * Connection to service (if available).
97 struct GNUNET_MQ_Handle *mq;
100 * Head of linked list of active verify requests.
102 struct GNUNET_CREDENTIAL_Request *verify_head;
105 * Tail of linked list of active verify requests.
107 struct GNUNET_CREDENTIAL_Request *verify_tail;
112 struct GNUNET_SCHEDULER_Task *reconnect_task;
115 * How long do we wait until we try to reconnect?
117 struct GNUNET_TIME_Relative reconnect_backoff;
120 * Request Id generator. Incremented by one for each request.
128 * Reconnect to CREDENTIAL service.
130 * @param handle the handle to the CREDENTIAL service
133 reconnect (struct GNUNET_CREDENTIAL_Handle *handle);
137 * Reconnect to CREDENTIAL
139 * @param cls the handle
142 reconnect_task (void *cls)
144 struct GNUNET_CREDENTIAL_Handle *handle = cls;
146 handle->reconnect_task = NULL;
152 * Disconnect from service and then reconnect.
154 * @param handle our handle
157 force_reconnect (struct GNUNET_CREDENTIAL_Handle *handle)
159 GNUNET_MQ_destroy (handle->mq);
161 handle->reconnect_backoff
162 = GNUNET_TIME_STD_BACKOFF (handle->reconnect_backoff);
163 handle->reconnect_task
164 = GNUNET_SCHEDULER_add_delayed (handle->reconnect_backoff,
171 * Generic error handler, called with the appropriate error code and
172 * the same closure specified at the creation of the message queue.
173 * Not every message queue implementation supports an error handler.
175 * @param cls closure with the `struct GNUNET_CREDENTIAL_Handle *`
176 * @param error error code
179 mq_error_handler (void *cls,
180 enum GNUNET_MQ_Error error)
182 struct GNUNET_CREDENTIAL_Handle *handle = cls;
184 force_reconnect (handle);
189 * Check validity of message received from the CREDENTIAL service
191 * @param cls the `struct GNUNET_CREDENTIAL_Handle *`
192 * @param loookup_msg the incoming message
195 check_result (void *cls,
196 const struct VerifyResultMessage *vr_msg)
204 * Handler for messages received from the CREDENTIAL service
206 * @param cls the `struct GNUNET_CREDENTIAL_Handle *`
207 * @param loookup_msg the incoming message
210 handle_result (void *cls,
211 const struct VerifyResultMessage *vr_msg)
213 struct GNUNET_CREDENTIAL_Handle *handle = cls;
214 uint32_t r_id = ntohl (vr_msg->id);
215 struct GNUNET_CREDENTIAL_Request *vr;
216 GNUNET_CREDENTIAL_VerifyResultProcessor proc;
219 LOG (GNUNET_ERROR_TYPE_DEBUG,
220 "Received verify reply from CREDENTIAL service\n");
221 for (vr = handle->verify_head; NULL != vr; vr = vr->next)
222 if (vr->r_id == r_id)
226 proc = vr->verify_proc;
227 proc_cls = vr->proc_cls;
228 GNUNET_CONTAINER_DLL_remove (handle->verify_head,
233 GNUNET_assert (GNUNET_OK ==
234 GNUNET_CREDENTIAL_records_deserialize (mlen,
235 (const char*) &lookup_msg[1],
239 if (GNUNET_NO == ntohl (vr_msg->cred_found))
247 (struct GNUNET_CREDENTIAL_CredentialRecordData*) &vr_msg[1],
255 * Reconnect to CREDENTIAL service.
257 * @param handle the handle to the CREDENTIAL service
260 reconnect (struct GNUNET_CREDENTIAL_Handle *handle)
262 struct GNUNET_MQ_MessageHandler handlers[] = {
263 GNUNET_MQ_hd_var_size (result,
264 GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT,
265 struct VerifyResultMessage,
267 GNUNET_MQ_handler_end ()
269 struct GNUNET_CREDENTIAL_Request *vr;
271 GNUNET_assert (NULL == handle->mq);
272 LOG (GNUNET_ERROR_TYPE_DEBUG,
273 "Trying to connect to CREDENTIAL\n");
274 handle->mq = GNUNET_CLIENT_connecT (handle->cfg,
279 if (NULL == handle->mq)
281 for (vr = handle->verify_head; NULL != vr; vr = vr->next)
282 GNUNET_MQ_send_copy (handle->mq,
288 * Initialize the connection with the CREDENTIAL service.
290 * @param cfg configuration to use
291 * @return handle to the CREDENTIAL service, or NULL on error
293 struct GNUNET_CREDENTIAL_Handle *
294 GNUNET_CREDENTIAL_connect (const struct GNUNET_CONFIGURATION_Handle *cfg)
296 struct GNUNET_CREDENTIAL_Handle *handle;
298 handle = GNUNET_new (struct GNUNET_CREDENTIAL_Handle);
301 if (NULL == handle->mq)
303 GNUNET_free (handle);
311 * Shutdown connection with the CREDENTIAL service.
313 * @param handle handle of the CREDENTIAL connection to stop
316 GNUNET_CREDENTIAL_disconnect (struct GNUNET_CREDENTIAL_Handle *handle)
318 if (NULL != handle->mq)
320 GNUNET_MQ_destroy (handle->mq);
323 if (NULL != handle->reconnect_task)
325 GNUNET_SCHEDULER_cancel (handle->reconnect_task);
326 handle->reconnect_task = NULL;
328 GNUNET_assert (NULL == handle->verify_head);
329 GNUNET_free (handle);
334 * Cancel pending verify request
336 * @param lr the verify request to cancel
339 GNUNET_CREDENTIAL_verify_cancel (struct GNUNET_CREDENTIAL_Request *vr)
341 struct GNUNET_CREDENTIAL_Handle *handle = vr->credential_handle;
343 GNUNET_CONTAINER_DLL_remove (handle->verify_head,
346 GNUNET_MQ_discard (vr->env);
351 * Performs attribute verification.
352 * Checks if there is a delegation chain from
353 * attribute ``issuer_attribute'' issued by the issuer
354 * with public key ``issuer_key'' maps to the attribute
355 * ``subject_attribute'' claimed by the subject with key
358 * @param handle handle to the Credential service
359 * @param issuer_key the issuer public key
360 * @param issuer_attribute the issuer attribute
361 * @param subject_key the subject public key
362 * @param subject_attribute the attribute claimed by the subject
363 * @param proc function to call on result
364 * @param proc_cls closure for processor
365 * @return handle to the queued request
367 struct GNUNET_CREDENTIAL_Request*
368 GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle,
369 const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
370 const char *issuer_attribute,
371 const struct GNUNET_CRYPTO_EcdsaPublicKey *subject_key,
372 const char *subject_attribute,
373 GNUNET_CREDENTIAL_VerifyResultProcessor proc,
376 /* IPC to shorten credential names, return shorten_handle */
377 struct VerifyMessage *v_msg;
378 struct GNUNET_CREDENTIAL_Request *vr;
381 if (NULL == issuer_attribute || NULL == subject_attribute)
387 LOG (GNUNET_ERROR_TYPE_DEBUG,
388 "Trying to verify `%s' in CREDENTIAL\n",
390 nlen = strlen (issuer_attribute) + strlen (subject_attribute) + 1;
391 if (nlen >= GNUNET_SERVER_MAX_MESSAGE_SIZE - sizeof (*vr))
396 vr = GNUNET_new (struct GNUNET_CREDENTIAL_Request);
397 vr->credential_handle = handle;
398 vr->verify_proc = proc;
399 vr->proc_cls = proc_cls;
400 vr->r_id = handle->r_id_gen++;
401 vr->env = GNUNET_MQ_msg_extra (v_msg,
403 GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY);
404 v_msg->id = htonl (vr->r_id);
405 v_msg->subject_key = *subject_key;
406 v_msg->issuer_key = *issuer_key;
407 v_msg->issuer_attribute_len = htons(strlen(issuer_attribute));
408 v_msg->subject_attribute_len = htons(strlen(subject_attribute));
409 GNUNET_memcpy (&v_msg[1],
411 strlen (issuer_attribute));
412 GNUNET_memcpy (((char*)&v_msg[1]) + strlen (issuer_attribute),
414 strlen (subject_attribute));
415 GNUNET_CONTAINER_DLL_insert (handle->verify_head,
418 if (NULL != handle->mq)
419 GNUNET_MQ_send_copy (handle->mq,
425 * Issue an attribute to a subject
427 * @param handle handle to the Credential service
428 * @param issuer the ego that should be used to issue the attribute
429 * @param subject the subject of the attribute
430 * @param attribute the name of the attribute
431 * @return handle to the queued request
433 struct GNUNET_CREDENTIAL_CredentialRecordData *
434 GNUNET_CREDENTIAL_issue (struct GNUNET_CREDENTIAL_Handle *handle,
435 const struct GNUNET_CRYPTO_EcdsaPrivateKey *issuer,
436 struct GNUNET_CRYPTO_EcdsaPublicKey *subject,
437 const char *attribute,
438 struct GNUNET_TIME_Absolute *expiration)
440 struct GNUNET_CREDENTIAL_CredentialRecordData *crd;
442 crd = GNUNET_malloc (sizeof (struct GNUNET_CREDENTIAL_CredentialRecordData) + strlen (attribute) + 1);
444 crd->purpose.size = htonl (strlen (attribute) + 1 +
445 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey) +
446 sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) +
449 crd->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_CREDENTIAL);
450 GNUNET_CRYPTO_ecdsa_key_get_public (issuer,
452 crd->subject_key = *subject;
453 crd->expiration = GNUNET_htonll (expiration->abs_value_us);
454 GNUNET_memcpy (&crd[1],
458 GNUNET_CRYPTO_ecdsa_sign (issuer,
472 /* end of credential_api.c */