2 This file is part of GNUnet.
3 Copyright (C) 2012-2013 GNUnet e.V.
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
18 Boston, MA 02110-1301, USA.
21 * @file gnunet-credential.c
22 * @brief command line tool to access command line Credential service
23 * @author Adnan Husain
26 #include <gnunet_util_lib.h>
27 #include <gnunet_credential_service.h>
28 #include <gnunet_gnsrecord_lib.h>
29 #include "credential_misc.h"
30 #include "credential_serialization.h"
33 * Configuration we are using.
35 static const struct GNUNET_CONFIGURATION_Handle *cfg;
40 static struct GNUNET_IDENTITY_EgoLookup *el;
43 * Handle to Credential service.
45 static struct GNUNET_CREDENTIAL_Handle *credential;
48 * Desired timeout for the lookup (default is no timeout).
50 static struct GNUNET_TIME_Relative timeout;
53 * Handle to verify request
55 static struct GNUNET_CREDENTIAL_Request *verify_request;
58 * Handle to collect request
60 static struct GNUNET_CREDENTIAL_Request *collect_request;
63 * Task scheduled to handle timeout.
65 static struct GNUNET_SCHEDULER_Task *tt;
68 * Subject pubkey string
70 static char *subject_key;
73 * Subject credential string
75 static char *subject_credential;
80 static char *expiration;
85 struct GNUNET_CRYPTO_EcdsaPublicKey subject_pkey;
90 struct GNUNET_CRYPTO_EcdsaPublicKey issuer_pkey;
94 * Issuer pubkey string
96 static char *issuer_key;
101 static char *ego_name;
106 static char *issuer_attr;
116 static int create_cred;
124 * Task run on shutdown. Cleans up everything.
129 do_shutdown (void *cls)
131 if (NULL != verify_request)
133 GNUNET_CREDENTIAL_request_cancel (verify_request);
134 verify_request = NULL;
136 if (NULL != credential)
138 GNUNET_CREDENTIAL_disconnect (credential);
143 GNUNET_SCHEDULER_cancel (tt);
150 * Task run on timeout. Triggers shutdown.
155 do_timeout (void *cls)
158 GNUNET_SCHEDULER_shutdown ();
162 * Function called with the result of a Credential lookup.
164 * @param cls the 'const char *' name that was resolved
165 * @param cd_count number of records returned
166 * @param cd array of @a cd_count records with the results
169 handle_collect_result (void *cls,
170 unsigned int d_count,
171 struct GNUNET_CREDENTIAL_Delegation *dc,
172 unsigned int c_count,
173 struct GNUNET_CREDENTIAL_Credential *cred)
178 verify_request = NULL;
181 for (i=0;i<c_count;i++)
183 line = GNUNET_CREDENTIAL_credential_to_string (&cred[i]);
191 GNUNET_SCHEDULER_shutdown ();
196 * Function called with the result of a Credential lookup.
198 * @param cls the 'const char *' name that was resolved
199 * @param cd_count number of records returned
200 * @param cd array of @a cd_count records with the results
203 handle_verify_result (void *cls,
204 unsigned int d_count,
205 struct GNUNET_CREDENTIAL_Delegation *dc,
206 unsigned int c_count,
207 struct GNUNET_CREDENTIAL_Credential *cred)
213 verify_request = NULL;
215 printf ("Failed.\n");
218 printf("Delegation Chain:\n");
219 for (i=0;i<d_count;i++)
221 iss_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dc[i].issuer_key);
222 sub_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dc[i].subject_key);
223 if (0 != dc[i].subject_attribute_len)
225 printf ("(%d) %s.%s <- %s.%s\n", i,
226 iss_key, dc[i].issuer_attribute,
227 sub_key, dc[i].subject_attribute);
229 printf ("(%d) %s.%s <- %s\n", i,
230 iss_key, dc[i].issuer_attribute,
233 GNUNET_free (iss_key);
234 GNUNET_free (sub_key);
236 printf("\nCredentials:\n");
237 for (i=0;i<c_count;i++)
239 iss_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred[i].issuer_key);
240 sub_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred[i].subject_key);
241 printf ("%s.%s <- %s\n",
242 iss_key, cred[i].issuer_attribute,
244 GNUNET_free (iss_key);
245 GNUNET_free (sub_key);
248 printf ("Successful.\n");
252 GNUNET_SCHEDULER_shutdown ();
256 * Callback invoked from identity service with ego information.
257 * An @a ego of NULL means the ego was not found.
259 * @param cls closure with the configuration
260 * @param ego an ego known to identity service, or NULL
263 identity_cb (void *cls,
264 const struct GNUNET_IDENTITY_Ego *ego)
266 const struct GNUNET_CRYPTO_EcdsaPrivateKey *privkey;
267 struct GNUNET_CREDENTIAL_Credential *crd;
268 struct GNUNET_TIME_Absolute etime_abs;
269 struct GNUNET_TIME_Relative etime_rel;
275 if (NULL != ego_name)
278 _("Ego `%s' not known to identity service\n"),
281 GNUNET_SCHEDULER_shutdown ();
285 if (GNUNET_YES == collect)
289 GNUNET_CRYPTO_ecdsa_public_key_from_string (issuer_key,
294 _("Issuer public key `%s' is not well-formed\n"),
296 GNUNET_SCHEDULER_shutdown ();
298 privkey = GNUNET_IDENTITY_ego_get_private_key (ego);
300 collect_request = GNUNET_CREDENTIAL_collect(credential,
302 issuer_attr, //TODO argument
304 &handle_collect_result,
311 if (NULL == expiration)
314 "Please specify a TTL\n");
315 GNUNET_SCHEDULER_shutdown ();
317 } else if (GNUNET_OK == GNUNET_STRINGS_fancy_time_to_relative (expiration,
320 etime_abs = GNUNET_TIME_relative_to_absolute (etime_rel);
321 } else if (GNUNET_OK != GNUNET_STRINGS_fancy_time_to_absolute (expiration,
325 "%s is not a valid ttl!\n",
327 GNUNET_SCHEDULER_shutdown ();
332 privkey = GNUNET_IDENTITY_ego_get_private_key (ego);
333 GNUNET_free_non_null (ego_name);
335 crd = GNUNET_CREDENTIAL_credential_issue (privkey,
340 res = GNUNET_CREDENTIAL_credential_to_string (crd);
342 printf ("%s\n", res);
343 GNUNET_SCHEDULER_shutdown ();
350 * Main function that will be run.
353 * @param args remaining command-line arguments
354 * @param cfgfile name of the configuration file used (for saving, can be NULL!)
355 * @param c configuration
361 const struct GNUNET_CONFIGURATION_Handle *c)
367 tt = GNUNET_SCHEDULER_add_delayed (timeout,
369 GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL);
371 if (GNUNET_YES == collect) {
372 if (NULL == issuer_key)
375 _("Issuer public key not well-formed\n"));
376 GNUNET_SCHEDULER_shutdown ();
381 credential = GNUNET_CREDENTIAL_connect (cfg);
383 if (NULL == credential)
386 _("Failed to connect to CREDENTIAL\n"));
387 GNUNET_SCHEDULER_shutdown ();
389 if (NULL == issuer_attr)
392 _("You must provide issuer the attribute\n"));
393 GNUNET_SCHEDULER_shutdown ();
396 if (NULL == ego_name)
399 _("ego required\n"));
400 GNUNET_SCHEDULER_shutdown ();
404 el = GNUNET_IDENTITY_ego_lookup (cfg,
412 if (NULL == subject_key)
415 _("Subject public key needed\n"));
416 GNUNET_SCHEDULER_shutdown ();
421 GNUNET_CRYPTO_ecdsa_public_key_from_string (subject_key,
422 strlen (subject_key),
426 _("Subject public key `%s' is not well-formed\n"),
428 GNUNET_SCHEDULER_shutdown ();
431 if (GNUNET_YES == verify) {
432 if (NULL == issuer_key)
435 _("Issuer public key not well-formed\n"));
436 GNUNET_SCHEDULER_shutdown ();
441 GNUNET_CRYPTO_ecdsa_public_key_from_string (issuer_key,
446 _("Issuer public key `%s' is not well-formed\n"),
448 GNUNET_SCHEDULER_shutdown ();
450 credential = GNUNET_CREDENTIAL_connect (cfg);
452 if (NULL == credential)
455 _("Failed to connect to CREDENTIAL\n"));
456 GNUNET_SCHEDULER_shutdown ();
458 if (NULL == issuer_attr || NULL == subject_credential)
461 _("You must provide issuer and subject attributes\n"));
462 GNUNET_SCHEDULER_shutdown ();
465 //Subject credentials are comma separated
466 char *tmp = GNUNET_strdup (subject_credential);
467 char *tok = strtok (tmp, ",");
471 "Invalid subject credentials\n");
473 GNUNET_SCHEDULER_shutdown ();
477 while (NULL != (tok = strtok(NULL, ",")))
479 struct GNUNET_CREDENTIAL_Credential credentials[count];
480 struct GNUNET_CREDENTIAL_Credential *cred;
482 tmp = GNUNET_strdup (subject_credential);
483 tok = strtok (tmp, ",");
484 for (i=0;i<count;i++)
486 cred = GNUNET_CREDENTIAL_credential_from_string (tok);
487 GNUNET_memcpy (&credentials[i],
489 sizeof (struct GNUNET_CREDENTIAL_Credential));
490 credentials[i].issuer_attribute = GNUNET_strdup (cred->issuer_attribute);
491 tok = strtok(NULL, ",");
495 verify_request = GNUNET_CREDENTIAL_verify(credential,
497 issuer_attr, //TODO argument
501 &handle_verify_result,
503 for (i=0;i<count;i++)
505 GNUNET_free ((char*)credentials[i].issuer_attribute);
507 } else if (GNUNET_YES == create_cred) {
508 if (NULL == ego_name)
511 _("Issuer ego required\n"));
512 GNUNET_SCHEDULER_shutdown ();
516 el = GNUNET_IDENTITY_ego_lookup (cfg,
523 _("Please specify name to lookup, subject key and issuer key!\n"));
524 GNUNET_SCHEDULER_shutdown ();
531 * The main function for gnunet-gns.
533 * @param argc number of arguments from the command line
534 * @param argv command line arguments
535 * @return 0 ok, 1 on error
538 main (int argc, char *const *argv)
540 struct GNUNET_GETOPT_CommandLineOption options[] = {
541 GNUNET_GETOPT_option_flag ('I',
543 gettext_noop ("create credential"),
545 GNUNET_GETOPT_option_flag ('V',
547 gettext_noop ("verify credential against attribute"),
549 GNUNET_GETOPT_option_string ('s',
552 gettext_noop ("The public key of the subject to lookup the credential for"),
554 GNUNET_GETOPT_option_string ('b',
557 gettext_noop ("The name of the credential presented by the subject"),
558 &subject_credential),
559 GNUNET_GETOPT_option_string ('i',
562 gettext_noop ("The public key of the authority to verify the credential against"),
564 GNUNET_GETOPT_option_string ('e',
567 gettext_noop ("The ego to use"),
569 GNUNET_GETOPT_option_string ('a',
572 gettext_noop ("The issuer attribute to verify against or to issue"),
574 GNUNET_GETOPT_option_string ('T',
577 gettext_noop ("The time to live for the credential"),
579 GNUNET_GETOPT_option_flag ('g',
581 gettext_noop ("collect credentials"),
583 GNUNET_GETOPT_OPTION_END
587 timeout = GNUNET_TIME_UNIT_FOREVER_REL;
588 if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
591 GNUNET_log_setup ("gnunet-credential", "WARNING", NULL);
594 GNUNET_PROGRAM_run (argc, argv, "gnunet-credential",
595 _("GNUnet credential resolver tool"),
597 &run, NULL)) ? 0 : 1;
598 GNUNET_free ((void*) argv);
602 /* end of gnunet-credential.c */