2 This file is part of GNUnet.
3 Copyright (C) 2009-2013, 2016 GNUnet e.V.
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
16 * @file credential/credential_api.c
17 * @brief library to access the CREDENTIAL service
18 * @author Martin Schanzenbach
21 #include "gnunet_util_lib.h"
22 #include "gnunet_constants.h"
23 #include "gnunet_arm_service.h"
24 #include "gnunet_hello_lib.h"
25 #include "gnunet_protocols.h"
26 #include "gnunet_signatures.h"
27 #include "credential.h"
28 #include "credential_serialization.h"
29 #include "gnunet_credential_service.h"
30 #include "gnunet_identity_service.h"
33 #define LOG(kind,...) GNUNET_log_from (kind, "credential-api",__VA_ARGS__)
36 * Handle to a verify request
38 struct GNUNET_CREDENTIAL_Request
44 struct GNUNET_CREDENTIAL_Request *next;
49 struct GNUNET_CREDENTIAL_Request *prev;
52 * handle to credential service
54 struct GNUNET_CREDENTIAL_Handle *credential_handle;
57 * processor to call on verify result
59 GNUNET_CREDENTIAL_CredentialResultProcessor verify_proc;
62 * @e verify_proc closure
67 * Envelope with the message for this queue entry.
69 struct GNUNET_MQ_Envelope *env;
80 * Connection to the CREDENTIAL service.
82 struct GNUNET_CREDENTIAL_Handle
86 * Configuration to use.
88 const struct GNUNET_CONFIGURATION_Handle *cfg;
91 * Connection to service (if available).
93 struct GNUNET_MQ_Handle *mq;
96 * Head of linked list of active verify requests.
98 struct GNUNET_CREDENTIAL_Request *request_head;
101 * Tail of linked list of active verify requests.
103 struct GNUNET_CREDENTIAL_Request *request_tail;
108 struct GNUNET_SCHEDULER_Task *reconnect_task;
111 * How long do we wait until we try to reconnect?
113 struct GNUNET_TIME_Relative reconnect_backoff;
116 * Request Id generator. Incremented by one for each request.
124 * Reconnect to CREDENTIAL service.
126 * @param handle the handle to the CREDENTIAL service
129 reconnect (struct GNUNET_CREDENTIAL_Handle *handle);
133 * Reconnect to CREDENTIAL
135 * @param cls the handle
138 reconnect_task (void *cls)
140 struct GNUNET_CREDENTIAL_Handle *handle = cls;
142 handle->reconnect_task = NULL;
148 * Disconnect from service and then reconnect.
150 * @param handle our handle
153 force_reconnect (struct GNUNET_CREDENTIAL_Handle *handle)
155 GNUNET_MQ_destroy (handle->mq);
157 handle->reconnect_backoff
158 = GNUNET_TIME_STD_BACKOFF (handle->reconnect_backoff);
159 handle->reconnect_task
160 = GNUNET_SCHEDULER_add_delayed (handle->reconnect_backoff,
167 * Generic error handler, called with the appropriate error code and
168 * the same closure specified at the creation of the message queue.
169 * Not every message queue implementation supports an error handler.
171 * @param cls closure with the `struct GNUNET_CREDENTIAL_Handle *`
172 * @param error error code
175 mq_error_handler (void *cls,
176 enum GNUNET_MQ_Error error)
178 struct GNUNET_CREDENTIAL_Handle *handle = cls;
180 force_reconnect (handle);
184 * Check validity of message received from the CREDENTIAL service
186 * @param cls the `struct GNUNET_CREDENTIAL_Handle *`
187 * @param vr_msg the incoming message
190 check_result (void *cls,
191 const struct DelegationChainResultMessage *vr_msg)
199 * Handler for messages received from the CREDENTIAL service
201 * @param cls the `struct GNUNET_CREDENTIAL_Handle *`
202 * @param vr_msg the incoming message
205 handle_result (void *cls,
206 const struct DelegationChainResultMessage *vr_msg)
208 struct GNUNET_CREDENTIAL_Handle *handle = cls;
209 uint32_t r_id = ntohl (vr_msg->id);
210 struct GNUNET_CREDENTIAL_Request *vr;
211 size_t mlen = ntohs (vr_msg->header.size) - sizeof (*vr_msg);
212 uint32_t d_count = ntohl (vr_msg->d_count);
213 uint32_t c_count = ntohl (vr_msg->c_count);
214 struct GNUNET_CREDENTIAL_Delegation d_chain[d_count];
215 struct GNUNET_CREDENTIAL_Credential creds[c_count];
216 GNUNET_CREDENTIAL_CredentialResultProcessor proc;
219 LOG (GNUNET_ERROR_TYPE_DEBUG,
220 "Received verify reply from CREDENTIAL service\n");
221 for (vr = handle->request_head; NULL != vr; vr = vr->next)
222 if (vr->r_id == r_id)
226 proc = vr->verify_proc;
227 proc_cls = vr->proc_cls;
228 GNUNET_CONTAINER_DLL_remove (handle->request_head,
229 handle->request_tail,
231 GNUNET_MQ_discard (vr->env);
233 GNUNET_assert (GNUNET_OK ==
234 GNUNET_CREDENTIAL_delegation_chain_deserialize (mlen,
235 (const char*) &vr_msg[1],
240 if (GNUNET_NO == ntohl (vr_msg->cred_found))
258 * Reconnect to CREDENTIAL service.
260 * @param handle the handle to the CREDENTIAL service
263 reconnect (struct GNUNET_CREDENTIAL_Handle *handle)
265 struct GNUNET_MQ_MessageHandler handlers[] = {
266 GNUNET_MQ_hd_var_size (result,
267 GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT,
268 struct DelegationChainResultMessage,
270 GNUNET_MQ_hd_var_size (result,
271 GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT_RESULT,
272 struct DelegationChainResultMessage,
274 GNUNET_MQ_handler_end ()
276 struct GNUNET_CREDENTIAL_Request *vr;
278 GNUNET_assert (NULL == handle->mq);
279 LOG (GNUNET_ERROR_TYPE_DEBUG,
280 "Trying to connect to CREDENTIAL\n");
281 handle->mq = GNUNET_CLIENT_connect (handle->cfg,
286 if (NULL == handle->mq)
288 for (vr = handle->request_head; NULL != vr; vr = vr->next)
289 GNUNET_MQ_send_copy (handle->mq,
295 * Initialize the connection with the CREDENTIAL service.
297 * @param cfg configuration to use
298 * @return handle to the CREDENTIAL service, or NULL on error
300 struct GNUNET_CREDENTIAL_Handle *
301 GNUNET_CREDENTIAL_connect (const struct GNUNET_CONFIGURATION_Handle *cfg)
303 struct GNUNET_CREDENTIAL_Handle *handle;
305 handle = GNUNET_new (struct GNUNET_CREDENTIAL_Handle);
308 if (NULL == handle->mq)
310 GNUNET_free (handle);
318 * Shutdown connection with the CREDENTIAL service.
320 * @param handle handle of the CREDENTIAL connection to stop
323 GNUNET_CREDENTIAL_disconnect (struct GNUNET_CREDENTIAL_Handle *handle)
325 if (NULL != handle->mq)
327 GNUNET_MQ_destroy (handle->mq);
330 if (NULL != handle->reconnect_task)
332 GNUNET_SCHEDULER_cancel (handle->reconnect_task);
333 handle->reconnect_task = NULL;
335 GNUNET_assert (NULL == handle->request_head);
336 GNUNET_free (handle);
341 * Cancel pending verify request
343 * @param lr the verify request to cancel
346 GNUNET_CREDENTIAL_request_cancel (struct GNUNET_CREDENTIAL_Request *lr)
348 struct GNUNET_CREDENTIAL_Handle *handle = lr->credential_handle;
350 GNUNET_CONTAINER_DLL_remove (handle->request_head,
351 handle->request_tail,
353 GNUNET_MQ_discard (lr->env);
359 * Performs attribute collection.
360 * Collects all credentials of subject to fulfill the
361 * attribute, if possible
363 * @param handle handle to the Credential service
364 * @param issuer_key the issuer public key
365 * @param issuer_attribute the issuer attribute
366 * @param subject_key the subject public key
367 * @param proc function to call on result
368 * @param proc_cls closure for processor
369 * @return handle to the queued request
371 struct GNUNET_CREDENTIAL_Request*
372 GNUNET_CREDENTIAL_collect (struct GNUNET_CREDENTIAL_Handle *handle,
373 const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
374 const char *issuer_attribute,
375 const struct GNUNET_CRYPTO_EcdsaPrivateKey *subject_key,
376 GNUNET_CREDENTIAL_CredentialResultProcessor proc,
379 /* IPC to shorten credential names, return shorten_handle */
380 struct CollectMessage *c_msg;
381 struct GNUNET_CREDENTIAL_Request *vr;
384 if (NULL == issuer_attribute)
391 LOG (GNUNET_ERROR_TYPE_DEBUG,
392 "Trying to collect `%s' in CREDENTIAL\n",
394 nlen = strlen (issuer_attribute) + 1;
395 if (nlen >= GNUNET_MAX_MESSAGE_SIZE - sizeof (*vr))
400 vr = GNUNET_new (struct GNUNET_CREDENTIAL_Request);
401 vr->credential_handle = handle;
402 vr->verify_proc = proc;
403 vr->proc_cls = proc_cls;
404 vr->r_id = handle->r_id_gen++;
405 vr->env = GNUNET_MQ_msg_extra (c_msg,
407 GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT);
408 c_msg->id = htonl (vr->r_id);
409 c_msg->subject_key = *subject_key;
410 c_msg->issuer_key = *issuer_key;
411 c_msg->issuer_attribute_len = htons(strlen(issuer_attribute));
412 GNUNET_memcpy (&c_msg[1],
414 strlen (issuer_attribute));
415 GNUNET_CONTAINER_DLL_insert (handle->request_head,
416 handle->request_tail,
418 if (NULL != handle->mq)
419 GNUNET_MQ_send_copy (handle->mq,
424 * Performs attribute verification.
425 * Checks if there is a delegation chain from
426 * attribute ``issuer_attribute'' issued by the issuer
427 * with public key ``issuer_key'' maps to the attribute
428 * ``subject_attribute'' claimed by the subject with key
431 * @param handle handle to the Credential service
432 * @param issuer_key the issuer public key
433 * @param issuer_attribute the issuer attribute
434 * @param subject_key the subject public key
435 * @param credential_count number of credentials provided
436 * @param credentials subject credentials
437 * @param proc function to call on result
438 * @param proc_cls closure for processor
439 * @return handle to the queued request
441 struct GNUNET_CREDENTIAL_Request*
442 GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle,
443 const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
444 const char *issuer_attribute,
445 const struct GNUNET_CRYPTO_EcdsaPublicKey *subject_key,
446 uint32_t credential_count,
447 const struct GNUNET_CREDENTIAL_Credential *credentials,
448 GNUNET_CREDENTIAL_CredentialResultProcessor proc,
451 /* IPC to shorten credential names, return shorten_handle */
452 struct VerifyMessage *v_msg;
453 struct GNUNET_CREDENTIAL_Request *vr;
457 if (NULL == issuer_attribute || NULL == credentials)
463 clen = GNUNET_CREDENTIAL_credentials_get_size (credential_count,
467 LOG (GNUNET_ERROR_TYPE_DEBUG,
468 "Trying to verify `%s' in CREDENTIAL\n",
470 nlen = strlen (issuer_attribute) + 1 + clen;
471 if (nlen >= GNUNET_MAX_MESSAGE_SIZE - sizeof (*vr))
476 vr = GNUNET_new (struct GNUNET_CREDENTIAL_Request);
477 vr->credential_handle = handle;
478 vr->verify_proc = proc;
479 vr->proc_cls = proc_cls;
480 vr->r_id = handle->r_id_gen++;
481 vr->env = GNUNET_MQ_msg_extra (v_msg,
483 GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY);
484 v_msg->id = htonl (vr->r_id);
485 v_msg->subject_key = *subject_key;
486 v_msg->c_count = htonl(credential_count);
487 v_msg->issuer_key = *issuer_key;
488 v_msg->issuer_attribute_len = htons(strlen(issuer_attribute));
489 GNUNET_memcpy (&v_msg[1],
491 strlen (issuer_attribute));
492 GNUNET_CREDENTIAL_credentials_serialize (credential_count,
496 + strlen (issuer_attribute) + 1);
497 GNUNET_CONTAINER_DLL_insert (handle->request_head,
498 handle->request_tail,
500 if (NULL != handle->mq)
501 GNUNET_MQ_send_copy (handle->mq,
506 /* end of credential_api.c */