2 This file is part of GNUnet.
3 Copyright (C) 2009-2013, 2016 GNUnet e.V.
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
18 Boston, MA 02110-1301, USA.
21 * @file credential/credential_api.c
22 * @brief library to access the CREDENTIAL service
23 * @author Martin Schanzenbach
26 #include "gnunet_util_lib.h"
27 #include "gnunet_constants.h"
28 #include "gnunet_arm_service.h"
29 #include "gnunet_hello_lib.h"
30 #include "gnunet_protocols.h"
31 #include "gnunet_signatures.h"
32 #include "credential.h"
33 #include "credential_serialization.h"
34 #include "gnunet_credential_service.h"
35 #include "gnunet_identity_service.h"
38 #define LOG(kind,...) GNUNET_log_from (kind, "credential-api",__VA_ARGS__)
41 * Handle to a verify request
43 struct GNUNET_CREDENTIAL_Request
49 struct GNUNET_CREDENTIAL_Request *next;
54 struct GNUNET_CREDENTIAL_Request *prev;
57 * handle to credential service
59 struct GNUNET_CREDENTIAL_Handle *credential_handle;
62 * processor to call on verify result
64 GNUNET_CREDENTIAL_CredentialResultProcessor verify_proc;
67 * @e verify_proc closure
72 * Envelope with the message for this queue entry.
74 struct GNUNET_MQ_Envelope *env;
85 * Connection to the CREDENTIAL service.
87 struct GNUNET_CREDENTIAL_Handle
91 * Configuration to use.
93 const struct GNUNET_CONFIGURATION_Handle *cfg;
96 * Connection to service (if available).
98 struct GNUNET_MQ_Handle *mq;
101 * Head of linked list of active verify requests.
103 struct GNUNET_CREDENTIAL_Request *request_head;
106 * Tail of linked list of active verify requests.
108 struct GNUNET_CREDENTIAL_Request *request_tail;
113 struct GNUNET_SCHEDULER_Task *reconnect_task;
116 * How long do we wait until we try to reconnect?
118 struct GNUNET_TIME_Relative reconnect_backoff;
121 * Request Id generator. Incremented by one for each request.
129 * Reconnect to CREDENTIAL service.
131 * @param handle the handle to the CREDENTIAL service
134 reconnect (struct GNUNET_CREDENTIAL_Handle *handle);
138 * Reconnect to CREDENTIAL
140 * @param cls the handle
143 reconnect_task (void *cls)
145 struct GNUNET_CREDENTIAL_Handle *handle = cls;
147 handle->reconnect_task = NULL;
153 * Disconnect from service and then reconnect.
155 * @param handle our handle
158 force_reconnect (struct GNUNET_CREDENTIAL_Handle *handle)
160 GNUNET_MQ_destroy (handle->mq);
162 handle->reconnect_backoff
163 = GNUNET_TIME_STD_BACKOFF (handle->reconnect_backoff);
164 handle->reconnect_task
165 = GNUNET_SCHEDULER_add_delayed (handle->reconnect_backoff,
172 * Generic error handler, called with the appropriate error code and
173 * the same closure specified at the creation of the message queue.
174 * Not every message queue implementation supports an error handler.
176 * @param cls closure with the `struct GNUNET_CREDENTIAL_Handle *`
177 * @param error error code
180 mq_error_handler (void *cls,
181 enum GNUNET_MQ_Error error)
183 struct GNUNET_CREDENTIAL_Handle *handle = cls;
185 force_reconnect (handle);
189 * Check validity of message received from the CREDENTIAL service
191 * @param cls the `struct GNUNET_CREDENTIAL_Handle *`
192 * @param vr_msg the incoming message
195 check_result (void *cls,
196 const struct DelegationChainResultMessage *vr_msg)
204 * Handler for messages received from the CREDENTIAL service
206 * @param cls the `struct GNUNET_CREDENTIAL_Handle *`
207 * @param vr_msg the incoming message
210 handle_result (void *cls,
211 const struct DelegationChainResultMessage *vr_msg)
213 struct GNUNET_CREDENTIAL_Handle *handle = cls;
214 uint32_t r_id = ntohl (vr_msg->id);
215 struct GNUNET_CREDENTIAL_Request *vr;
216 size_t mlen = ntohs (vr_msg->header.size) - sizeof (*vr_msg);
217 uint32_t d_count = ntohl (vr_msg->d_count);
218 uint32_t c_count = ntohl (vr_msg->c_count);
219 struct GNUNET_CREDENTIAL_Delegation d_chain[d_count];
220 struct GNUNET_CREDENTIAL_Credential creds[c_count];
221 GNUNET_CREDENTIAL_CredentialResultProcessor proc;
224 LOG (GNUNET_ERROR_TYPE_DEBUG,
225 "Received verify reply from CREDENTIAL service\n");
226 for (vr = handle->request_head; NULL != vr; vr = vr->next)
227 if (vr->r_id == r_id)
231 proc = vr->verify_proc;
232 proc_cls = vr->proc_cls;
233 GNUNET_CONTAINER_DLL_remove (handle->request_head,
234 handle->request_tail,
236 GNUNET_MQ_discard (vr->env);
238 GNUNET_assert (GNUNET_OK ==
239 GNUNET_CREDENTIAL_delegation_chain_deserialize (mlen,
240 (const char*) &vr_msg[1],
245 if (GNUNET_NO == ntohl (vr_msg->cred_found))
263 * Reconnect to CREDENTIAL service.
265 * @param handle the handle to the CREDENTIAL service
268 reconnect (struct GNUNET_CREDENTIAL_Handle *handle)
270 struct GNUNET_MQ_MessageHandler handlers[] = {
271 GNUNET_MQ_hd_var_size (result,
272 GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT,
273 struct DelegationChainResultMessage,
275 GNUNET_MQ_hd_var_size (result,
276 GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT_RESULT,
277 struct DelegationChainResultMessage,
279 GNUNET_MQ_handler_end ()
281 struct GNUNET_CREDENTIAL_Request *vr;
283 GNUNET_assert (NULL == handle->mq);
284 LOG (GNUNET_ERROR_TYPE_DEBUG,
285 "Trying to connect to CREDENTIAL\n");
286 handle->mq = GNUNET_CLIENT_connect (handle->cfg,
291 if (NULL == handle->mq)
293 for (vr = handle->request_head; NULL != vr; vr = vr->next)
294 GNUNET_MQ_send_copy (handle->mq,
300 * Initialize the connection with the CREDENTIAL service.
302 * @param cfg configuration to use
303 * @return handle to the CREDENTIAL service, or NULL on error
305 struct GNUNET_CREDENTIAL_Handle *
306 GNUNET_CREDENTIAL_connect (const struct GNUNET_CONFIGURATION_Handle *cfg)
308 struct GNUNET_CREDENTIAL_Handle *handle;
310 handle = GNUNET_new (struct GNUNET_CREDENTIAL_Handle);
313 if (NULL == handle->mq)
315 GNUNET_free (handle);
323 * Shutdown connection with the CREDENTIAL service.
325 * @param handle handle of the CREDENTIAL connection to stop
328 GNUNET_CREDENTIAL_disconnect (struct GNUNET_CREDENTIAL_Handle *handle)
330 if (NULL != handle->mq)
332 GNUNET_MQ_destroy (handle->mq);
335 if (NULL != handle->reconnect_task)
337 GNUNET_SCHEDULER_cancel (handle->reconnect_task);
338 handle->reconnect_task = NULL;
340 GNUNET_assert (NULL == handle->request_head);
341 GNUNET_free (handle);
346 * Cancel pending verify request
348 * @param lr the verify request to cancel
351 GNUNET_CREDENTIAL_request_cancel (struct GNUNET_CREDENTIAL_Request *lr)
353 struct GNUNET_CREDENTIAL_Handle *handle = lr->credential_handle;
355 GNUNET_CONTAINER_DLL_remove (handle->request_head,
356 handle->request_tail,
358 GNUNET_MQ_discard (lr->env);
364 * Performs attribute collection.
365 * Collects all credentials of subject to fulfill the
366 * attribute, if possible
368 * @param handle handle to the Credential service
369 * @param issuer_key the issuer public key
370 * @param issuer_attribute the issuer attribute
371 * @param subject_key the subject public key
372 * @param proc function to call on result
373 * @param proc_cls closure for processor
374 * @return handle to the queued request
376 struct GNUNET_CREDENTIAL_Request*
377 GNUNET_CREDENTIAL_collect (struct GNUNET_CREDENTIAL_Handle *handle,
378 const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
379 const char *issuer_attribute,
380 const struct GNUNET_CRYPTO_EcdsaPrivateKey *subject_key,
381 GNUNET_CREDENTIAL_CredentialResultProcessor proc,
384 /* IPC to shorten credential names, return shorten_handle */
385 struct CollectMessage *c_msg;
386 struct GNUNET_CREDENTIAL_Request *vr;
389 if (NULL == issuer_attribute)
396 LOG (GNUNET_ERROR_TYPE_DEBUG,
397 "Trying to collect `%s' in CREDENTIAL\n",
399 nlen = strlen (issuer_attribute) + 1;
400 if (nlen >= GNUNET_MAX_MESSAGE_SIZE - sizeof (*vr))
405 vr = GNUNET_new (struct GNUNET_CREDENTIAL_Request);
406 vr->credential_handle = handle;
407 vr->verify_proc = proc;
408 vr->proc_cls = proc_cls;
409 vr->r_id = handle->r_id_gen++;
410 vr->env = GNUNET_MQ_msg_extra (c_msg,
412 GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT);
413 c_msg->id = htonl (vr->r_id);
414 c_msg->subject_key = *subject_key;
415 c_msg->issuer_key = *issuer_key;
416 c_msg->issuer_attribute_len = htons(strlen(issuer_attribute));
417 GNUNET_memcpy (&c_msg[1],
419 strlen (issuer_attribute));
420 GNUNET_CONTAINER_DLL_insert (handle->request_head,
421 handle->request_tail,
423 if (NULL != handle->mq)
424 GNUNET_MQ_send_copy (handle->mq,
429 * Performs attribute verification.
430 * Checks if there is a delegation chain from
431 * attribute ``issuer_attribute'' issued by the issuer
432 * with public key ``issuer_key'' maps to the attribute
433 * ``subject_attribute'' claimed by the subject with key
436 * @param handle handle to the Credential service
437 * @param issuer_key the issuer public key
438 * @param issuer_attribute the issuer attribute
439 * @param subject_key the subject public key
440 * @param credential_count number of credentials provided
441 * @param credentials subject credentials
442 * @param proc function to call on result
443 * @param proc_cls closure for processor
444 * @return handle to the queued request
446 struct GNUNET_CREDENTIAL_Request*
447 GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle,
448 const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
449 const char *issuer_attribute,
450 const struct GNUNET_CRYPTO_EcdsaPublicKey *subject_key,
451 uint32_t credential_count,
452 const struct GNUNET_CREDENTIAL_Credential *credentials,
453 GNUNET_CREDENTIAL_CredentialResultProcessor proc,
456 /* IPC to shorten credential names, return shorten_handle */
457 struct VerifyMessage *v_msg;
458 struct GNUNET_CREDENTIAL_Request *vr;
462 if (NULL == issuer_attribute || NULL == credentials)
468 clen = GNUNET_CREDENTIAL_credentials_get_size (credential_count,
472 LOG (GNUNET_ERROR_TYPE_DEBUG,
473 "Trying to verify `%s' in CREDENTIAL\n",
475 nlen = strlen (issuer_attribute) + 1 + clen;
476 if (nlen >= GNUNET_MAX_MESSAGE_SIZE - sizeof (*vr))
481 vr = GNUNET_new (struct GNUNET_CREDENTIAL_Request);
482 vr->credential_handle = handle;
483 vr->verify_proc = proc;
484 vr->proc_cls = proc_cls;
485 vr->r_id = handle->r_id_gen++;
486 vr->env = GNUNET_MQ_msg_extra (v_msg,
488 GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY);
489 v_msg->id = htonl (vr->r_id);
490 v_msg->subject_key = *subject_key;
491 v_msg->c_count = htonl(credential_count);
492 v_msg->issuer_key = *issuer_key;
493 v_msg->issuer_attribute_len = htons(strlen(issuer_attribute));
494 GNUNET_memcpy (&v_msg[1],
496 strlen (issuer_attribute));
497 GNUNET_CREDENTIAL_credentials_serialize (credential_count,
501 + strlen (issuer_attribute) + 1);
502 GNUNET_CONTAINER_DLL_insert (handle->request_head,
503 handle->request_tail,
505 if (NULL != handle->mq)
506 GNUNET_MQ_send_copy (handle->mq,
511 /* end of credential_api.c */