2 This file is part of GNUnet.
3 Copyright (C) 2012-2013 GNUnet e.V.
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
16 * @file gnunet-credential.c
17 * @brief command line tool to access command line Credential service
18 * @author Martin Schanzenbach
21 #include <gnunet_util_lib.h>
22 #include <gnunet_credential_service.h>
23 #include <gnunet_gnsrecord_lib.h>
24 #include "credential_misc.h"
25 #include "credential_serialization.h"
28 * Configuration we are using.
30 static const struct GNUNET_CONFIGURATION_Handle *cfg;
35 static struct GNUNET_IDENTITY_EgoLookup *el;
38 * Handle to Credential service.
40 static struct GNUNET_CREDENTIAL_Handle *credential;
43 * Desired timeout for the lookup (default is no timeout).
45 static struct GNUNET_TIME_Relative timeout;
48 * Handle to verify request
50 static struct GNUNET_CREDENTIAL_Request *verify_request;
53 * Handle to collect request
55 static struct GNUNET_CREDENTIAL_Request *collect_request;
58 * Task scheduled to handle timeout.
60 static struct GNUNET_SCHEDULER_Task *tt;
63 * Subject pubkey string
65 static char *subject_key;
68 * Subject credential string
70 static char *subject_credential;
75 static char *expiration;
80 struct GNUNET_CRYPTO_EcdsaPublicKey subject_pkey;
85 struct GNUNET_CRYPTO_EcdsaPublicKey issuer_pkey;
89 * Issuer pubkey string
91 static char *issuer_key;
96 static char *ego_name;
101 static char *issuer_attr;
111 static int create_cred;
119 * Task run on shutdown. Cleans up everything.
124 do_shutdown (void *cls)
126 if (NULL != verify_request)
128 GNUNET_CREDENTIAL_request_cancel (verify_request);
129 verify_request = NULL;
131 if (NULL != credential)
133 GNUNET_CREDENTIAL_disconnect (credential);
138 GNUNET_SCHEDULER_cancel (tt);
145 * Task run on timeout. Triggers shutdown.
150 do_timeout (void *cls)
153 GNUNET_SCHEDULER_shutdown ();
157 handle_collect_result (void *cls,
158 unsigned int d_count,
159 struct GNUNET_CREDENTIAL_Delegation *dc,
160 unsigned int c_count,
161 struct GNUNET_CREDENTIAL_Credential *cred)
166 verify_request = NULL;
169 for (i=0;i<c_count;i++)
171 line = GNUNET_CREDENTIAL_credential_to_string (&cred[i]);
179 GNUNET_SCHEDULER_shutdown ();
184 handle_verify_result (void *cls,
185 unsigned int d_count,
186 struct GNUNET_CREDENTIAL_Delegation *dc,
187 unsigned int c_count,
188 struct GNUNET_CREDENTIAL_Credential *cred)
194 verify_request = NULL;
196 printf ("Failed.\n");
199 printf("Delegation Chain:\n");
200 for (i=0;i<d_count;i++)
202 iss_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dc[i].issuer_key);
203 sub_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dc[i].subject_key);
204 if (0 != dc[i].subject_attribute_len)
206 printf ("(%d) %s.%s <- %s.%s\n", i,
207 iss_key, dc[i].issuer_attribute,
208 sub_key, dc[i].subject_attribute);
210 printf ("(%d) %s.%s <- %s\n", i,
211 iss_key, dc[i].issuer_attribute,
214 GNUNET_free (iss_key);
215 GNUNET_free (sub_key);
217 printf("\nCredentials:\n");
218 for (i=0;i<c_count;i++)
220 iss_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred[i].issuer_key);
221 sub_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred[i].subject_key);
222 printf ("%s.%s <- %s\n",
223 iss_key, cred[i].issuer_attribute,
225 GNUNET_free (iss_key);
226 GNUNET_free (sub_key);
229 printf ("Successful.\n");
233 GNUNET_SCHEDULER_shutdown ();
237 * Callback invoked from identity service with ego information.
238 * An @a ego of NULL means the ego was not found.
240 * @param cls closure with the configuration
241 * @param ego an ego known to identity service, or NULL
244 identity_cb (void *cls,
245 const struct GNUNET_IDENTITY_Ego *ego)
247 const struct GNUNET_CRYPTO_EcdsaPrivateKey *privkey;
248 struct GNUNET_CREDENTIAL_Credential *crd;
249 struct GNUNET_TIME_Absolute etime_abs;
250 struct GNUNET_TIME_Relative etime_rel;
256 if (NULL != ego_name)
259 _("Ego `%s' not known to identity service\n"),
262 GNUNET_SCHEDULER_shutdown ();
266 if (GNUNET_YES == collect)
270 GNUNET_CRYPTO_ecdsa_public_key_from_string (issuer_key,
275 _("Issuer public key `%s' is not well-formed\n"),
277 GNUNET_SCHEDULER_shutdown ();
279 privkey = GNUNET_IDENTITY_ego_get_private_key (ego);
281 collect_request = GNUNET_CREDENTIAL_collect(credential,
283 issuer_attr, //TODO argument
285 &handle_collect_result,
292 if (NULL == expiration)
295 "Please specify a TTL\n");
296 GNUNET_SCHEDULER_shutdown ();
298 } else if (GNUNET_OK == GNUNET_STRINGS_fancy_time_to_relative (expiration,
301 etime_abs = GNUNET_TIME_relative_to_absolute (etime_rel);
302 } else if (GNUNET_OK != GNUNET_STRINGS_fancy_time_to_absolute (expiration,
306 "%s is not a valid ttl!\n",
308 GNUNET_SCHEDULER_shutdown ();
313 privkey = GNUNET_IDENTITY_ego_get_private_key (ego);
314 GNUNET_free_non_null (ego_name);
316 crd = GNUNET_CREDENTIAL_credential_issue (privkey,
321 res = GNUNET_CREDENTIAL_credential_to_string (crd);
323 printf ("%s\n", res);
324 GNUNET_SCHEDULER_shutdown ();
331 * Main function that will be run.
334 * @param args remaining command-line arguments
335 * @param cfgfile name of the configuration file used (for saving, can be NULL!)
336 * @param c configuration
342 const struct GNUNET_CONFIGURATION_Handle *c)
348 tt = GNUNET_SCHEDULER_add_delayed (timeout,
350 GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL);
352 if (GNUNET_YES == collect) {
353 if (NULL == issuer_key)
356 _("Issuer public key not well-formed\n"));
357 GNUNET_SCHEDULER_shutdown ();
362 credential = GNUNET_CREDENTIAL_connect (cfg);
364 if (NULL == credential)
367 _("Failed to connect to CREDENTIAL\n"));
368 GNUNET_SCHEDULER_shutdown ();
371 if (NULL == issuer_attr)
374 _("You must provide issuer the attribute\n"));
375 GNUNET_SCHEDULER_shutdown ();
379 if (NULL == ego_name)
382 _("ego required\n"));
383 GNUNET_SCHEDULER_shutdown ();
387 el = GNUNET_IDENTITY_ego_lookup (cfg,
395 if (NULL == subject_key)
398 _("Subject public key needed\n"));
399 GNUNET_SCHEDULER_shutdown ();
404 GNUNET_CRYPTO_ecdsa_public_key_from_string (subject_key,
405 strlen (subject_key),
409 _("Subject public key `%s' is not well-formed\n"),
411 GNUNET_SCHEDULER_shutdown ();
414 if (GNUNET_YES == verify) {
415 if (NULL == issuer_key)
418 _("Issuer public key not well-formed\n"));
419 GNUNET_SCHEDULER_shutdown ();
424 GNUNET_CRYPTO_ecdsa_public_key_from_string (issuer_key,
429 _("Issuer public key `%s' is not well-formed\n"),
431 GNUNET_SCHEDULER_shutdown ();
434 credential = GNUNET_CREDENTIAL_connect (cfg);
436 if (NULL == credential)
439 _("Failed to connect to CREDENTIAL\n"));
440 GNUNET_SCHEDULER_shutdown ();
443 if (NULL == issuer_attr || NULL == subject_credential)
446 _("You must provide issuer and subject attributes\n"));
447 GNUNET_SCHEDULER_shutdown ();
451 //Subject credentials are comma separated
452 char *tmp = GNUNET_strdup (subject_credential);
453 char *tok = strtok (tmp, ",");
457 "Invalid subject credentials\n");
459 GNUNET_SCHEDULER_shutdown ();
464 while (NULL != (tok = strtok(NULL, ",")))
466 struct GNUNET_CREDENTIAL_Credential credentials[count];
467 struct GNUNET_CREDENTIAL_Credential *cred;
469 tmp = GNUNET_strdup (subject_credential);
470 tok = strtok (tmp, ",");
471 for (i=0;i<count;i++)
473 cred = GNUNET_CREDENTIAL_credential_from_string (tok);
474 GNUNET_memcpy (&credentials[i],
476 sizeof (struct GNUNET_CREDENTIAL_Credential));
477 credentials[i].issuer_attribute = GNUNET_strdup (cred->issuer_attribute);
478 tok = strtok(NULL, ",");
482 verify_request = GNUNET_CREDENTIAL_verify(credential,
484 issuer_attr, //TODO argument
488 &handle_verify_result,
490 for (i=0;i<count;i++)
492 GNUNET_free ((char*)credentials[i].issuer_attribute);
495 } else if (GNUNET_YES == create_cred) {
496 if (NULL == ego_name)
499 _("Issuer ego required\n"));
500 GNUNET_SCHEDULER_shutdown ();
504 el = GNUNET_IDENTITY_ego_lookup (cfg,
511 _("Please specify name to lookup, subject key and issuer key!\n"));
512 GNUNET_SCHEDULER_shutdown ();
519 * The main function for gnunet-gns.
521 * @param argc number of arguments from the command line
522 * @param argv command line arguments
523 * @return 0 ok, 1 on error
526 main (int argc, char *const *argv)
528 struct GNUNET_GETOPT_CommandLineOption options[] = {
529 GNUNET_GETOPT_option_flag ('I',
531 gettext_noop ("create credential"),
533 GNUNET_GETOPT_option_flag ('V',
535 gettext_noop ("verify credential against attribute"),
537 GNUNET_GETOPT_option_string ('s',
540 gettext_noop ("The public key of the subject to lookup the credential for"),
542 GNUNET_GETOPT_option_string ('b',
545 gettext_noop ("The name of the credential presented by the subject"),
546 &subject_credential),
547 GNUNET_GETOPT_option_string ('i',
550 gettext_noop ("The public key of the authority to verify the credential against"),
552 GNUNET_GETOPT_option_string ('e',
555 gettext_noop ("The ego to use"),
557 GNUNET_GETOPT_option_string ('a',
560 gettext_noop ("The issuer attribute to verify against or to issue"),
562 GNUNET_GETOPT_option_string ('T',
565 gettext_noop ("The time to live for the credential"),
567 GNUNET_GETOPT_option_flag ('g',
569 gettext_noop ("collect credentials"),
571 GNUNET_GETOPT_OPTION_END
575 timeout = GNUNET_TIME_UNIT_FOREVER_REL;
576 if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
579 GNUNET_log_setup ("gnunet-credential", "WARNING", NULL);
582 GNUNET_PROGRAM_run (argc, argv, "gnunet-credential",
583 _("GNUnet credential resolver tool"),
585 &run, NULL)) ? 0 : 1;
586 GNUNET_free ((void*) argv);
590 /* end of gnunet-credential.c */