src/credential/credential_api.c

   1 /*
   2      This file is part of GNUnet.
   3      Copyright (C) 2009-2013, 2016 GNUnet e.V.
   4
   5      GNUnet is free software; you can redistribute it and/or modify
   6      it under the terms of the GNU General Public License as published
   7      by the Free Software Foundation; either version 3, or (at your
   8      option) any later version.
   9
  10      GNUnet is distributed in the hope that it will be useful, but
  11      WITHOUT ANY WARRANTY; without even the implied warranty of
  12      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  13      General Public License for more details.
  14
  15      You should have received a copy of the GNU General Public License
  16      along with GNUnet; see the file COPYING.  If not, write to the
  17      Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
  18      Boston, MA 02110-1301, USA.
  19 */
  20 /**
  21  * @file credential/credential_api.c
  22  * @brief library to access the CREDENTIAL service
  23  * @author Martin Schanzenbach
  24  */
  25 #include "platform.h"
  26 #include "gnunet_util_lib.h"
  27 #include "gnunet_constants.h"
  28 #include "gnunet_arm_service.h"
  29 #include "gnunet_hello_lib.h"
  30 #include "gnunet_protocols.h"
  31 #include "gnunet_signatures.h"
  32 #include "credential.h"
  33 #include "credential_serialization.h"
  34 #include "gnunet_credential_service.h"
  35 #include "gnunet_identity_service.h"
  36
  37
  38 #define LOG(kind,...) GNUNET_log_from (kind, "credential-api",__VA_ARGS__)
  39
  40 /**
  41  * Handle to a verify request
  42  */
  43 struct GNUNET_CREDENTIAL_Request
  44 {
  45
  46   /**
  47    * DLL
  48    */
  49   struct GNUNET_CREDENTIAL_Request *next;
  50
  51   /**
  52    * DLL
  53    */
  54   struct GNUNET_CREDENTIAL_Request *prev;
  55
  56   /**
  57    * handle to credential service
  58    */
  59   struct GNUNET_CREDENTIAL_Handle *credential_handle;
  60
  61   /**
  62    * processor to call on verify result
  63    */
  64   GNUNET_CREDENTIAL_CredentialResultProcessor verify_proc;
  65
  66   /**
  67    * @e verify_proc closure
  68    */
  69   void *proc_cls;
  70
  71   /**
  72    * Envelope with the message for this queue entry.
  73    */
  74   struct GNUNET_MQ_Envelope *env;
  75
  76   /**
  77    * request id
  78    */
  79   uint32_t r_id;
  80
  81 };
  82
  83
  84 /**
  85  * Connection to the CREDENTIAL service.
  86  */
  87 struct GNUNET_CREDENTIAL_Handle
  88 {
  89
  90   /**
  91    * Configuration to use.
  92    */
  93   const struct GNUNET_CONFIGURATION_Handle *cfg;
  94
  95   /**
  96    * Connection to service (if available).
  97    */
  98   struct GNUNET_MQ_Handle *mq;
  99
 100   /**
 101    * Head of linked list of active verify requests.
 102    */
 103   struct GNUNET_CREDENTIAL_Request *request_head;
 104
 105   /**
 106    * Tail of linked list of active verify requests.
 107    */
 108   struct GNUNET_CREDENTIAL_Request *request_tail;
 109
 110   /**
 111    * Reconnect task
 112    */
 113   struct GNUNET_SCHEDULER_Task *reconnect_task;
 114
 115   /**
 116    * How long do we wait until we try to reconnect?
 117    */
 118   struct GNUNET_TIME_Relative reconnect_backoff;
 119
 120   /**
 121    * Request Id generator.  Incremented by one for each request.
 122    */
 123   uint32_t r_id_gen;
 124
 125 };
 126
 127
 128 /**
 129  * Reconnect to CREDENTIAL service.
 130  *
 131  * @param handle the handle to the CREDENTIAL service
 132  */
 133 static void
 134 reconnect (struct GNUNET_CREDENTIAL_Handle *handle);
 135
 136
 137 /**
 138  * Reconnect to CREDENTIAL
 139  *
 140  * @param cls the handle
 141  */
 142 static void
 143 reconnect_task (void *cls)
 144 {
 145   struct GNUNET_CREDENTIAL_Handle *handle = cls;
 146
 147   handle->reconnect_task = NULL;
 148   reconnect (handle);
 149 }
 150
 151
 152 /**
 153  * Disconnect from service and then reconnect.
 154  *
 155  * @param handle our handle
 156  */
 157 static void
 158 force_reconnect (struct GNUNET_CREDENTIAL_Handle *handle)
 159 {
 160   GNUNET_MQ_destroy (handle->mq);
 161   handle->mq = NULL;
 162   handle->reconnect_backoff
 163     = GNUNET_TIME_STD_BACKOFF (handle->reconnect_backoff);
 164   handle->reconnect_task
 165     = GNUNET_SCHEDULER_add_delayed (handle->reconnect_backoff,
 166                         &reconnect_task,
 167                         handle);
 168 }
 169
 170
 171 /**
 172  * Generic error handler, called with the appropriate error code and
 173  * the same closure specified at the creation of the message queue.
 174  * Not every message queue implementation supports an error handler.
 175  *
 176  * @param cls closure with the `struct GNUNET_CREDENTIAL_Handle *`
 177  * @param error error code
 178  */
 179 static void
 180 mq_error_handler (void *cls,
 181                   enum GNUNET_MQ_Error error)
 182 {
 183   struct GNUNET_CREDENTIAL_Handle *handle = cls;
 184
 185   force_reconnect (handle);
 186 }
 187
 188 /**
 189  * Check validity of message received from the CREDENTIAL service
 190  *
 191  * @param cls the `struct GNUNET_CREDENTIAL_Handle *`
 192  * @param vr_msg the incoming message
 193  */
 194 static int
 195 check_result (void *cls,
 196               const struct DelegationChainResultMessage *vr_msg)
 197 {
 198   //TODO
 199   return GNUNET_OK;
 200 }
 201
 202
 203 /**
 204  * Handler for messages received from the CREDENTIAL service
 205  *
 206  * @param cls the `struct GNUNET_CREDENTIAL_Handle *`
 207  * @param vr_msg the incoming message
 208  */
 209 static void
 210 handle_result (void *cls,
 211                const struct DelegationChainResultMessage *vr_msg)
 212 {
 213   struct GNUNET_CREDENTIAL_Handle *handle = cls;
 214   uint32_t r_id = ntohl (vr_msg->id);
 215   struct GNUNET_CREDENTIAL_Request *vr;
 216   size_t mlen = ntohs (vr_msg->header.size) - sizeof (*vr_msg);
 217   uint32_t d_count = ntohl (vr_msg->d_count);
 218   uint32_t c_count = ntohl (vr_msg->c_count);
 219   struct GNUNET_CREDENTIAL_Delegation d_chain[d_count];
 220   struct GNUNET_CREDENTIAL_Credential creds[c_count];
 221   GNUNET_CREDENTIAL_CredentialResultProcessor proc;
 222   void *proc_cls;
 223
 224   LOG (GNUNET_ERROR_TYPE_DEBUG,
 225        "Received verify reply from CREDENTIAL service\n");
 226   for (vr = handle->request_head; NULL != vr; vr = vr->next)
 227     if (vr->r_id == r_id)
 228       break;
 229   if (NULL == vr)
 230     return;
 231   proc = vr->verify_proc;
 232   proc_cls = vr->proc_cls;
 233   GNUNET_CONTAINER_DLL_remove (handle->request_head,
 234                                handle->request_tail,
 235                                vr);
 236   GNUNET_MQ_discard (vr->env);
 237   GNUNET_free (vr);
 238   GNUNET_assert (GNUNET_OK ==
 239                  GNUNET_CREDENTIAL_delegation_chain_deserialize (mlen,
 240                                                                  (const char*) &vr_msg[1],
 241                                                                  d_count,
 242                                                                  d_chain,
 243                                                                  c_count,
 244                                                                  creds));
 245   if (GNUNET_NO == ntohl (vr_msg->cred_found))
 246   {
 247     proc (proc_cls,
 248           0,
 249           NULL,
 250           0,
 251           NULL); // TODO
 252   } else {
 253     proc (proc_cls,
 254           d_count,
 255           d_chain,
 256           c_count,
 257           creds);
 258   }
 259 }
 260
 261
 262 /**
 263  * Reconnect to CREDENTIAL service.
 264  *
 265  * @param handle the handle to the CREDENTIAL service
 266  */
 267 static void
 268 reconnect (struct GNUNET_CREDENTIAL_Handle *handle)
 269 {
 270   struct GNUNET_MQ_MessageHandler handlers[] = {
 271     GNUNET_MQ_hd_var_size (result,
 272                            GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT,
 273                            struct DelegationChainResultMessage,
 274                            handle),
 275     GNUNET_MQ_hd_var_size (result,
 276                            GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT_RESULT,
 277                            struct DelegationChainResultMessage,
 278                            handle),
 279     GNUNET_MQ_handler_end ()
 280   };
 281   struct GNUNET_CREDENTIAL_Request *vr;
 282
 283   GNUNET_assert (NULL == handle->mq);
 284   LOG (GNUNET_ERROR_TYPE_DEBUG,
 285        "Trying to connect to CREDENTIAL\n");
 286   handle->mq = GNUNET_CLIENT_connect (handle->cfg,
 287                                       "credential",
 288                                       handlers,
 289                                       &mq_error_handler,
 290                                       handle);
 291   if (NULL == handle->mq)
 292     return;
 293   for (vr = handle->request_head; NULL != vr; vr = vr->next)
 294     GNUNET_MQ_send_copy (handle->mq,
 295                          vr->env);
 296 }
 297
 298
 299 /**
 300  * Initialize the connection with the CREDENTIAL service.
 301  *
 302  * @param cfg configuration to use
 303  * @return handle to the CREDENTIAL service, or NULL on error
 304  */
 305 struct GNUNET_CREDENTIAL_Handle *
 306 GNUNET_CREDENTIAL_connect (const struct GNUNET_CONFIGURATION_Handle *cfg)
 307 {
 308   struct GNUNET_CREDENTIAL_Handle *handle;
 309
 310   handle = GNUNET_new (struct GNUNET_CREDENTIAL_Handle);
 311   handle->cfg = cfg;
 312   reconnect (handle);
 313   if (NULL == handle->mq)
 314   {
 315     GNUNET_free (handle);
 316     return NULL;
 317   }
 318   return handle;
 319 }
 320
 321
 322 /**
 323  * Shutdown connection with the CREDENTIAL service.
 324  *
 325  * @param handle handle of the CREDENTIAL connection to stop
 326  */
 327 void
 328 GNUNET_CREDENTIAL_disconnect (struct GNUNET_CREDENTIAL_Handle *handle)
 329 {
 330   if (NULL != handle->mq)
 331   {
 332     GNUNET_MQ_destroy (handle->mq);
 333     handle->mq = NULL;
 334   }
 335   if (NULL != handle->reconnect_task)
 336   {
 337     GNUNET_SCHEDULER_cancel (handle->reconnect_task);
 338     handle->reconnect_task = NULL;
 339   }
 340   GNUNET_assert (NULL == handle->request_head);
 341   GNUNET_free (handle);
 342 }
 343
 344
 345 /**
 346  * Cancel pending verify request
 347  *
 348  * @param lr the verify request to cancel
 349  */
 350 void
 351 GNUNET_CREDENTIAL_request_cancel (struct GNUNET_CREDENTIAL_Request *lr)
 352 {
 353   struct GNUNET_CREDENTIAL_Handle *handle = lr->credential_handle;
 354
 355   GNUNET_CONTAINER_DLL_remove (handle->request_head,
 356                                handle->request_tail,
 357                                lr);
 358   GNUNET_MQ_discard (lr->env);
 359   GNUNET_free (lr);
 360 }
 361
 362
 363 /**
 364  * Performs attribute collection.
 365  * Collects all credentials of subject to fulfill the
 366  * attribute, if possible
 367  *
 368  * @param handle handle to the Credential service
 369  * @param issuer_key the issuer public key
 370  * @param issuer_attribute the issuer attribute
 371  * @param subject_key the subject public key
 372  * @param proc function to call on result
 373  * @param proc_cls closure for processor
 374  * @return handle to the queued request
 375  */
 376 struct GNUNET_CREDENTIAL_Request*
 377 GNUNET_CREDENTIAL_collect (struct GNUNET_CREDENTIAL_Handle *handle,
 378                            const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
 379                            const char *issuer_attribute,
 380                            const struct GNUNET_CRYPTO_EcdsaPrivateKey *subject_key,
 381                            GNUNET_CREDENTIAL_CredentialResultProcessor proc,
 382                            void *proc_cls)
 383 {
 384   /* IPC to shorten credential names, return shorten_handle */
 385   struct CollectMessage *c_msg;
 386   struct GNUNET_CREDENTIAL_Request *vr;
 387   size_t nlen;
 388
 389   if (NULL == issuer_attribute)
 390   {
 391     GNUNET_break (0);
 392     return NULL;
 393   }
 394
 395   //DEBUG LOG
 396   LOG (GNUNET_ERROR_TYPE_DEBUG,
 397        "Trying to collect `%s' in CREDENTIAL\n",
 398        issuer_attribute);
 399   nlen = strlen (issuer_attribute) + 1;
 400   if (nlen >= GNUNET_MAX_MESSAGE_SIZE - sizeof (*vr))
 401   {
 402     GNUNET_break (0);
 403     return NULL;
 404   }
 405   vr = GNUNET_new (struct GNUNET_CREDENTIAL_Request);
 406   vr->credential_handle = handle;
 407   vr->verify_proc = proc;
 408   vr->proc_cls = proc_cls;
 409   vr->r_id = handle->r_id_gen++;
 410   vr->env = GNUNET_MQ_msg_extra (c_msg,
 411                                  nlen,
 412                                  GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT);
 413   c_msg->id = htonl (vr->r_id);
 414   c_msg->subject_key = *subject_key;
 415   c_msg->issuer_key =  *issuer_key;
 416   c_msg->issuer_attribute_len = htons(strlen(issuer_attribute));
 417   GNUNET_memcpy (&c_msg[1],
 418                  issuer_attribute,
 419                  strlen (issuer_attribute));
 420   GNUNET_CONTAINER_DLL_insert (handle->request_head,
 421                                handle->request_tail,
 422                                vr);
 423   if (NULL != handle->mq)
 424     GNUNET_MQ_send_copy (handle->mq,
 425                          vr->env);
 426   return vr;
 427 }
 428 /**
 429  * Performs attribute verification.
 430  * Checks if there is a delegation chain from
 431  * attribute ``issuer_attribute'' issued by the issuer
 432  * with public key ``issuer_key'' maps to the attribute
 433  * ``subject_attribute'' claimed by the subject with key
 434  * ``subject_key''
 435  *
 436  * @param handle handle to the Credential service
 437  * @param issuer_key the issuer public key
 438  * @param issuer_attribute the issuer attribute
 439  * @param subject_key the subject public key
 440  * @param credential_count number of credentials provided
 441  * @param credentials subject credentials
 442  * @param proc function to call on result
 443  * @param proc_cls closure for processor
 444  * @return handle to the queued request
 445  */
 446 struct GNUNET_CREDENTIAL_Request*
 447 GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle,
 448                           const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
 449                           const char *issuer_attribute,
 450                           const struct GNUNET_CRYPTO_EcdsaPublicKey *subject_key,
 451                           uint32_t credential_count,
 452                           const struct GNUNET_CREDENTIAL_Credential *credentials,
 453                           GNUNET_CREDENTIAL_CredentialResultProcessor proc,
 454                           void *proc_cls)
 455 {
 456   /* IPC to shorten credential names, return shorten_handle */
 457   struct VerifyMessage *v_msg;
 458   struct GNUNET_CREDENTIAL_Request *vr;
 459   size_t nlen;
 460   size_t clen;
 461
 462   if (NULL == issuer_attribute || NULL == credentials)
 463   {
 464     GNUNET_break (0);
 465     return NULL;
 466   }
 467
 468   clen = GNUNET_CREDENTIAL_credentials_get_size (credential_count,
 469                                                  credentials);
 470
 471   //DEBUG LOG
 472   LOG (GNUNET_ERROR_TYPE_DEBUG,
 473        "Trying to verify `%s' in CREDENTIAL\n",
 474        issuer_attribute);
 475   nlen = strlen (issuer_attribute) + 1 + clen;
 476   if (nlen >= GNUNET_MAX_MESSAGE_SIZE - sizeof (*vr))
 477   {
 478     GNUNET_break (0);
 479     return NULL;
 480   }
 481   vr = GNUNET_new (struct GNUNET_CREDENTIAL_Request);
 482   vr->credential_handle = handle;
 483   vr->verify_proc = proc;
 484   vr->proc_cls = proc_cls;
 485   vr->r_id = handle->r_id_gen++;
 486   vr->env = GNUNET_MQ_msg_extra (v_msg,
 487                                  nlen,
 488                                  GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY);
 489   v_msg->id = htonl (vr->r_id);
 490   v_msg->subject_key = *subject_key;
 491   v_msg->c_count = htonl(credential_count);
 492   v_msg->issuer_key =  *issuer_key;
 493   v_msg->issuer_attribute_len = htons(strlen(issuer_attribute));
 494   GNUNET_memcpy (&v_msg[1],
 495                  issuer_attribute,
 496                  strlen (issuer_attribute));
 497   GNUNET_CREDENTIAL_credentials_serialize (credential_count,
 498                                            credentials,
 499                                            clen,
 500                                            ((char*)&v_msg[1])
 501                                            + strlen (issuer_attribute) + 1);
 502   GNUNET_CONTAINER_DLL_insert (handle->request_head,
 503                                handle->request_tail,
 504                                vr);
 505   if (NULL != handle->mq)
 506     GNUNET_MQ_send_copy (handle->mq,
 507                          vr->env);
 508   return vr;
 509 }
 510
 511 /* end of credential_api.c */