2 This file is part of GNUnet.
3 Copyright (C) 2012-2013 GNUnet e.V.
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
19 * @file gnunet-credential.c
20 * @brief command line tool to access command line Credential service
21 * @author Martin Schanzenbach
24 #include <gnunet_util_lib.h>
25 #include <gnunet_credential_service.h>
26 #include <gnunet_gnsrecord_lib.h>
27 #include "credential_misc.h"
28 #include "credential_serialization.h"
31 * Configuration we are using.
33 static const struct GNUNET_CONFIGURATION_Handle *cfg;
38 static struct GNUNET_IDENTITY_EgoLookup *el;
41 * Handle to Credential service.
43 static struct GNUNET_CREDENTIAL_Handle *credential;
46 * Desired timeout for the lookup (default is no timeout).
48 static struct GNUNET_TIME_Relative timeout;
51 * Handle to verify request
53 static struct GNUNET_CREDENTIAL_Request *verify_request;
56 * Handle to collect request
58 static struct GNUNET_CREDENTIAL_Request *collect_request;
61 * Task scheduled to handle timeout.
63 static struct GNUNET_SCHEDULER_Task *tt;
66 * Subject pubkey string
68 static char *subject_key;
71 * Subject credential string
73 static char *subject_credential;
78 static char *expiration;
83 struct GNUNET_CRYPTO_EcdsaPublicKey subject_pkey;
88 struct GNUNET_CRYPTO_EcdsaPublicKey issuer_pkey;
92 * Issuer pubkey string
94 static char *issuer_key;
99 static char *ego_name;
104 static char *issuer_attr;
114 static int create_cred;
122 * Task run on shutdown. Cleans up everything.
127 do_shutdown (void *cls)
129 if (NULL != verify_request)
131 GNUNET_CREDENTIAL_request_cancel (verify_request);
132 verify_request = NULL;
134 if (NULL != credential)
136 GNUNET_CREDENTIAL_disconnect (credential);
141 GNUNET_SCHEDULER_cancel (tt);
148 * Task run on timeout. Triggers shutdown.
153 do_timeout (void *cls)
156 GNUNET_SCHEDULER_shutdown ();
160 handle_collect_result (void *cls,
161 unsigned int d_count,
162 struct GNUNET_CREDENTIAL_Delegation *dc,
163 unsigned int c_count,
164 struct GNUNET_CREDENTIAL_Credential *cred)
169 verify_request = NULL;
172 for (i=0;i<c_count;i++)
174 line = GNUNET_CREDENTIAL_credential_to_string (&cred[i]);
182 GNUNET_SCHEDULER_shutdown ();
187 handle_verify_result (void *cls,
188 unsigned int d_count,
189 struct GNUNET_CREDENTIAL_Delegation *dc,
190 unsigned int c_count,
191 struct GNUNET_CREDENTIAL_Credential *cred)
197 verify_request = NULL;
199 printf ("Failed.\n");
202 printf("Delegation Chain:\n");
203 for (i=0;i<d_count;i++)
205 iss_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dc[i].issuer_key);
206 sub_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dc[i].subject_key);
207 if (0 != dc[i].subject_attribute_len)
209 printf ("(%d) %s.%s <- %s.%s\n", i,
210 iss_key, dc[i].issuer_attribute,
211 sub_key, dc[i].subject_attribute);
213 printf ("(%d) %s.%s <- %s\n", i,
214 iss_key, dc[i].issuer_attribute,
217 GNUNET_free (iss_key);
218 GNUNET_free (sub_key);
220 printf("\nCredentials:\n");
221 for (i=0;i<c_count;i++)
223 iss_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred[i].issuer_key);
224 sub_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred[i].subject_key);
225 printf ("%s.%s <- %s\n",
226 iss_key, cred[i].issuer_attribute,
228 GNUNET_free (iss_key);
229 GNUNET_free (sub_key);
232 printf ("Successful.\n");
236 GNUNET_SCHEDULER_shutdown ();
240 * Callback invoked from identity service with ego information.
241 * An @a ego of NULL means the ego was not found.
243 * @param cls closure with the configuration
244 * @param ego an ego known to identity service, or NULL
247 identity_cb (void *cls,
248 const struct GNUNET_IDENTITY_Ego *ego)
250 const struct GNUNET_CRYPTO_EcdsaPrivateKey *privkey;
251 struct GNUNET_CREDENTIAL_Credential *crd;
252 struct GNUNET_TIME_Absolute etime_abs;
253 struct GNUNET_TIME_Relative etime_rel;
259 if (NULL != ego_name)
262 _("Ego `%s' not known to identity service\n"),
265 GNUNET_SCHEDULER_shutdown ();
269 if (GNUNET_YES == collect)
273 GNUNET_CRYPTO_ecdsa_public_key_from_string (issuer_key,
278 _("Issuer public key `%s' is not well-formed\n"),
280 GNUNET_SCHEDULER_shutdown ();
282 privkey = GNUNET_IDENTITY_ego_get_private_key (ego);
284 collect_request = GNUNET_CREDENTIAL_collect(credential,
286 issuer_attr, //TODO argument
288 &handle_collect_result,
295 if (NULL == expiration)
298 "Please specify a TTL\n");
299 GNUNET_SCHEDULER_shutdown ();
301 } else if (GNUNET_OK == GNUNET_STRINGS_fancy_time_to_relative (expiration,
304 etime_abs = GNUNET_TIME_relative_to_absolute (etime_rel);
305 } else if (GNUNET_OK != GNUNET_STRINGS_fancy_time_to_absolute (expiration,
309 "%s is not a valid ttl!\n",
311 GNUNET_SCHEDULER_shutdown ();
316 privkey = GNUNET_IDENTITY_ego_get_private_key (ego);
317 GNUNET_free_non_null (ego_name);
319 crd = GNUNET_CREDENTIAL_credential_issue (privkey,
324 res = GNUNET_CREDENTIAL_credential_to_string (crd);
326 printf ("%s\n", res);
327 GNUNET_SCHEDULER_shutdown ();
334 * Main function that will be run.
337 * @param args remaining command-line arguments
338 * @param cfgfile name of the configuration file used (for saving, can be NULL!)
339 * @param c configuration
345 const struct GNUNET_CONFIGURATION_Handle *c)
351 tt = GNUNET_SCHEDULER_add_delayed (timeout,
353 GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL);
355 if (GNUNET_YES == collect) {
356 if (NULL == issuer_key)
359 _("Issuer public key not well-formed\n"));
360 GNUNET_SCHEDULER_shutdown ();
365 credential = GNUNET_CREDENTIAL_connect (cfg);
367 if (NULL == credential)
370 _("Failed to connect to CREDENTIAL\n"));
371 GNUNET_SCHEDULER_shutdown ();
374 if (NULL == issuer_attr)
377 _("You must provide issuer the attribute\n"));
378 GNUNET_SCHEDULER_shutdown ();
382 if (NULL == ego_name)
385 _("ego required\n"));
386 GNUNET_SCHEDULER_shutdown ();
390 el = GNUNET_IDENTITY_ego_lookup (cfg,
398 if (NULL == subject_key)
401 _("Subject public key needed\n"));
402 GNUNET_SCHEDULER_shutdown ();
407 GNUNET_CRYPTO_ecdsa_public_key_from_string (subject_key,
408 strlen (subject_key),
412 _("Subject public key `%s' is not well-formed\n"),
414 GNUNET_SCHEDULER_shutdown ();
417 if (GNUNET_YES == verify) {
418 if (NULL == issuer_key)
421 _("Issuer public key not well-formed\n"));
422 GNUNET_SCHEDULER_shutdown ();
427 GNUNET_CRYPTO_ecdsa_public_key_from_string (issuer_key,
432 _("Issuer public key `%s' is not well-formed\n"),
434 GNUNET_SCHEDULER_shutdown ();
437 credential = GNUNET_CREDENTIAL_connect (cfg);
439 if (NULL == credential)
442 _("Failed to connect to CREDENTIAL\n"));
443 GNUNET_SCHEDULER_shutdown ();
446 if (NULL == issuer_attr || NULL == subject_credential)
449 _("You must provide issuer and subject attributes\n"));
450 GNUNET_SCHEDULER_shutdown ();
454 //Subject credentials are comma separated
455 char *tmp = GNUNET_strdup (subject_credential);
456 char *tok = strtok (tmp, ",");
460 "Invalid subject credentials\n");
462 GNUNET_SCHEDULER_shutdown ();
467 while (NULL != (tok = strtok(NULL, ",")))
469 struct GNUNET_CREDENTIAL_Credential credentials[count];
470 struct GNUNET_CREDENTIAL_Credential *cred;
472 tmp = GNUNET_strdup (subject_credential);
473 tok = strtok (tmp, ",");
474 for (i=0;i<count;i++)
476 cred = GNUNET_CREDENTIAL_credential_from_string (tok);
477 GNUNET_memcpy (&credentials[i],
479 sizeof (struct GNUNET_CREDENTIAL_Credential));
480 credentials[i].issuer_attribute = GNUNET_strdup (cred->issuer_attribute);
481 tok = strtok(NULL, ",");
485 verify_request = GNUNET_CREDENTIAL_verify(credential,
487 issuer_attr, //TODO argument
491 &handle_verify_result,
493 for (i=0;i<count;i++)
495 GNUNET_free ((char*)credentials[i].issuer_attribute);
498 } else if (GNUNET_YES == create_cred) {
499 if (NULL == ego_name)
502 _("Issuer ego required\n"));
503 GNUNET_SCHEDULER_shutdown ();
507 el = GNUNET_IDENTITY_ego_lookup (cfg,
514 _("Please specify name to lookup, subject key and issuer key!\n"));
515 GNUNET_SCHEDULER_shutdown ();
522 * The main function for gnunet-gns.
524 * @param argc number of arguments from the command line
525 * @param argv command line arguments
526 * @return 0 ok, 1 on error
529 main (int argc, char *const *argv)
531 struct GNUNET_GETOPT_CommandLineOption options[] = {
532 GNUNET_GETOPT_option_flag ('I',
534 gettext_noop ("create credential"),
536 GNUNET_GETOPT_option_flag ('V',
538 gettext_noop ("verify credential against attribute"),
540 GNUNET_GETOPT_option_string ('s',
543 gettext_noop ("The public key of the subject to lookup the credential for"),
545 GNUNET_GETOPT_option_string ('b',
548 gettext_noop ("The name of the credential presented by the subject"),
549 &subject_credential),
550 GNUNET_GETOPT_option_string ('i',
553 gettext_noop ("The public key of the authority to verify the credential against"),
555 GNUNET_GETOPT_option_string ('e',
558 gettext_noop ("The ego to use"),
560 GNUNET_GETOPT_option_string ('a',
563 gettext_noop ("The issuer attribute to verify against or to issue"),
565 GNUNET_GETOPT_option_string ('T',
568 gettext_noop ("The time to live for the credential"),
570 GNUNET_GETOPT_option_flag ('g',
572 gettext_noop ("collect credentials"),
574 GNUNET_GETOPT_OPTION_END
578 timeout = GNUNET_TIME_UNIT_FOREVER_REL;
579 if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
582 GNUNET_log_setup ("gnunet-credential", "WARNING", NULL);
585 GNUNET_PROGRAM_run (argc, argv, "gnunet-credential",
586 _("GNUnet credential resolver tool"),
588 &run, NULL)) ? 0 : 1;
589 GNUNET_free ((void*) argv);
593 /* end of gnunet-credential.c */
projects / oweals / gnunet.git / blob