src/credential/credential_misc.c

   1 /*
   2      This file is part of GNUnet.
   3      Copyright (C) 2009-2013, 2016 GNUnet e.V.
   4
   5      GNUnet is free software: you can redistribute it and/or modify it
   6      under the terms of the GNU Affero General Public License as published
   7      by the Free Software Foundation, either version 3 of the License,
   8      or (at your option) any later version.
   9
  10      GNUnet is distributed in the hope that it will be useful, but
  11      WITHOUT ANY WARRANTY; without even the implied warranty of
  12      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  13      Affero General Public License for more details.
  14
  15      You should have received a copy of the GNU Affero General Public License
  16      along with this program.  If not, see <http://www.gnu.org/licenses/>.
  17
  18      SPDX-License-Identifier: AGPL3.0-or-later
  19  */
  20
  21
  22 /**
  23  * @file credential/credential_misc.c
  24  * @brief Misc API for credentials
  25  *
  26  * @author Martin Schanzenbach
  27  */
  28 #include "platform.h"
  29 #include "gnunet_util_lib.h"
  30 #include "gnunet_constants.h"
  31 #include "gnunet_credential_service.h"
  32 #include "gnunet_signatures.h"
  33 #include "credential.h"
  34 #include <inttypes.h>
  35
  36 char*
  37 GNUNET_CREDENTIAL_credential_to_string (const struct
  38                                         GNUNET_CREDENTIAL_Credential *cred)
  39 {
  40   char *cred_str;
  41   char *subject_pkey;
  42   char *issuer_pkey;
  43   char *signature;
  44
  45
  46   subject_pkey = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->subject_key);
  47   issuer_pkey = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->issuer_key);
  48   GNUNET_STRINGS_base64_encode ((char*) &cred->signature,
  49                                 sizeof(struct GNUNET_CRYPTO_EcdsaSignature),
  50                                 &signature);
  51   GNUNET_asprintf (&cred_str,
  52                    "%s.%s -> %s | %s | %" SCNu64,
  53                    issuer_pkey,
  54                    cred->issuer_attribute,
  55                    subject_pkey,
  56                    signature,
  57                    cred->expiration.abs_value_us);
  58   GNUNET_free (subject_pkey);
  59   GNUNET_free (issuer_pkey);
  60   GNUNET_free (signature);
  61   return cred_str;
  62 }
  63
  64 struct GNUNET_CREDENTIAL_Credential*
  65 GNUNET_CREDENTIAL_credential_from_string (const char*s)
  66 {
  67   struct GNUNET_CREDENTIAL_Credential *cred;
  68   size_t enclen = (sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)) * 8;
  69
  70   if (enclen % 5 > 0)
  71     enclen += 5 - enclen % 5;
  72   enclen /= 5; /* 260/5 = 52 */
  73   char subject_pkey[enclen + 1];
  74   char issuer_pkey[enclen + 1];
  75   char name[253 + 1];
  76   char signature[256]; // TODO max payload size
  77
  78   struct GNUNET_CRYPTO_EcdsaSignature *sig;
  79   struct GNUNET_TIME_Absolute etime_abs;
  80
  81   if (5 != sscanf (s,
  82                    "%52s.%253s -> %52s | %s | %" SCNu64,
  83                    issuer_pkey,
  84                    name,
  85                    subject_pkey,
  86                    signature,
  87                    &etime_abs.abs_value_us))
  88   {
  89     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
  90                 _ ("Unable to parse CRED record string `%s'\n"),
  91                 s);
  92     return NULL;
  93   }
  94   cred = GNUNET_malloc (sizeof(struct GNUNET_CREDENTIAL_Credential) + strlen (
  95                           name) + 1);
  96   GNUNET_CRYPTO_ecdsa_public_key_from_string (subject_pkey,
  97                                               strlen (subject_pkey),
  98                                               &cred->subject_key);
  99   GNUNET_CRYPTO_ecdsa_public_key_from_string (issuer_pkey,
 100                                               strlen (issuer_pkey),
 101                                               &cred->issuer_key);
 102   GNUNET_assert (sizeof(struct GNUNET_CRYPTO_EcdsaSignature) ==
 103                  GNUNET_STRINGS_base64_decode (signature,
 104                                                strlen (
 105                                                  signature),
 106                                                (
 107                                                  char**) &sig));
 108   cred->signature = *sig;
 109   cred->expiration = etime_abs;
 110   GNUNET_free (sig);
 111   GNUNET_memcpy (&cred[1],
 112                  name,
 113                  strlen (name) + 1);
 114   cred->issuer_attribute_len = strlen ((char*) &cred[1]);
 115   cred->issuer_attribute = (char*) &cred[1];
 116   return cred;
 117 }
 118
 119 /**
 120  * Issue an attribute to a subject
 121  *
 122  * @param issuer the ego that should be used to issue the attribute
 123  * @param subject the subject of the attribute
 124  * @param attribute the name of the attribute
 125  * @return handle to the queued request
 126  */
 127 struct GNUNET_CREDENTIAL_Credential *
 128 GNUNET_CREDENTIAL_credential_issue (const struct
 129                                     GNUNET_CRYPTO_EcdsaPrivateKey *issuer,
 130                                     struct GNUNET_CRYPTO_EcdsaPublicKey *subject,
 131                                     const char *attribute,
 132                                     struct GNUNET_TIME_Absolute *expiration)
 133 {
 134   struct CredentialEntry *crd;
 135   struct GNUNET_CREDENTIAL_Credential *cred;
 136   size_t size;
 137
 138   size = sizeof(struct CredentialEntry) + strlen (attribute) + 1;
 139   crd = GNUNET_malloc (size);
 140   cred = GNUNET_malloc (sizeof(struct GNUNET_CREDENTIAL_Credential) + strlen (
 141                           attribute) + 1);
 142   crd->purpose.size = htonl (size - sizeof(struct
 143                                            GNUNET_CRYPTO_EcdsaSignature));
 144
 145   crd->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_CREDENTIAL);
 146   GNUNET_CRYPTO_ecdsa_key_get_public (issuer,
 147                                       &crd->issuer_key);
 148   crd->subject_key = *subject;
 149   crd->expiration = GNUNET_htonll (expiration->abs_value_us);
 150   crd->issuer_attribute_len = htonl (strlen (attribute) + 1);
 151   GNUNET_memcpy ((char*) &crd[1],
 152                  attribute,
 153                  strlen (attribute) + 1);
 154   if (GNUNET_OK !=
 155       GNUNET_CRYPTO_ecdsa_sign (issuer,
 156                                 &crd->purpose,
 157                                 &crd->signature))
 158   {
 159     GNUNET_break (0);
 160     GNUNET_free (crd);
 161     GNUNET_free (cred);
 162     return NULL;
 163   }
 164   cred->signature = crd->signature;
 165   cred->expiration = *expiration;
 166   GNUNET_CRYPTO_ecdsa_key_get_public (issuer,
 167                                       &cred->issuer_key);
 168
 169   cred->subject_key = *subject;
 170   GNUNET_memcpy (&cred[1],
 171                  attribute,
 172                  strlen (attribute) + 1);
 173   cred->issuer_attribute = (char*) &cred[1];
 174   GNUNET_free (crd);
 175   return cred;
 176 }