2 This file is part of GNUnet.
3 Copyright (C) 2012-2013 GNUnet e.V.
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
18 SPDX-License-Identifier: AGPL3.0-or-later
21 * @file gnunet-credential.c
22 * @brief command line tool to access command line Credential service
23 * @author Martin Schanzenbach
26 #include <gnunet_util_lib.h>
27 #include <gnunet_credential_service.h>
28 #include <gnunet_gnsrecord_lib.h>
29 #include "credential_misc.h"
30 #include "credential_serialization.h"
33 * Configuration we are using.
35 static const struct GNUNET_CONFIGURATION_Handle *cfg;
40 static struct GNUNET_IDENTITY_EgoLookup *el;
43 * Handle to Credential service.
45 static struct GNUNET_CREDENTIAL_Handle *credential;
48 * Desired timeout for the lookup (default is no timeout).
50 static struct GNUNET_TIME_Relative timeout;
53 * Handle to verify request
55 static struct GNUNET_CREDENTIAL_Request *verify_request;
58 * Handle to collect request
60 static struct GNUNET_CREDENTIAL_Request *collect_request;
63 * Task scheduled to handle timeout.
65 static struct GNUNET_SCHEDULER_Task *tt;
68 * Subject pubkey string
70 static char *subject_key;
73 * Subject credential string
75 static char *subject_credential;
80 static char *expiration;
85 struct GNUNET_CRYPTO_EcdsaPublicKey subject_pkey;
90 struct GNUNET_CRYPTO_EcdsaPublicKey issuer_pkey;
94 * Issuer pubkey string
96 static char *issuer_key;
101 static char *ego_name;
106 static char *issuer_attr;
116 static int create_cred;
124 * Task run on shutdown. Cleans up everything.
129 do_shutdown(void *cls)
131 if (NULL != verify_request)
133 GNUNET_CREDENTIAL_request_cancel(verify_request);
134 verify_request = NULL;
136 if (NULL != credential)
138 GNUNET_CREDENTIAL_disconnect(credential);
143 GNUNET_SCHEDULER_cancel(tt);
150 * Task run on timeout. Triggers shutdown.
155 do_timeout(void *cls)
158 GNUNET_SCHEDULER_shutdown();
162 handle_collect_result(void *cls,
163 unsigned int d_count,
164 struct GNUNET_CREDENTIAL_Delegation *dc,
165 unsigned int c_count,
166 struct GNUNET_CREDENTIAL_Credential *cred)
171 verify_request = NULL;
174 for (i = 0; i < c_count; i++)
176 line = GNUNET_CREDENTIAL_credential_to_string(&cred[i]);
184 GNUNET_SCHEDULER_shutdown();
189 handle_verify_result(void *cls,
190 unsigned int d_count,
191 struct GNUNET_CREDENTIAL_Delegation *dc,
192 unsigned int c_count,
193 struct GNUNET_CREDENTIAL_Credential *cred)
199 verify_request = NULL;
204 printf("Delegation Chain:\n");
205 for (i = 0; i < d_count; i++)
207 iss_key = GNUNET_CRYPTO_ecdsa_public_key_to_string(&dc[i].issuer_key);
208 sub_key = GNUNET_CRYPTO_ecdsa_public_key_to_string(&dc[i].subject_key);
209 if (0 != dc[i].subject_attribute_len)
211 printf("(%d) %s.%s <- %s.%s\n", i,
212 iss_key, dc[i].issuer_attribute,
213 sub_key, dc[i].subject_attribute);
217 printf("(%d) %s.%s <- %s\n", i,
218 iss_key, dc[i].issuer_attribute,
221 GNUNET_free(iss_key);
222 GNUNET_free(sub_key);
224 printf("\nCredentials:\n");
225 for (i = 0; i < c_count; i++)
227 iss_key = GNUNET_CRYPTO_ecdsa_public_key_to_string(&cred[i].issuer_key);
228 sub_key = GNUNET_CRYPTO_ecdsa_public_key_to_string(&cred[i].subject_key);
229 printf("%s.%s <- %s\n",
230 iss_key, cred[i].issuer_attribute,
232 GNUNET_free(iss_key);
233 GNUNET_free(sub_key);
235 printf("Successful.\n");
239 GNUNET_SCHEDULER_shutdown();
243 * Callback invoked from identity service with ego information.
244 * An @a ego of NULL means the ego was not found.
246 * @param cls closure with the configuration
247 * @param ego an ego known to identity service, or NULL
250 identity_cb(void *cls,
251 const struct GNUNET_IDENTITY_Ego *ego)
253 const struct GNUNET_CRYPTO_EcdsaPrivateKey *privkey;
254 struct GNUNET_CREDENTIAL_Credential *crd;
255 struct GNUNET_TIME_Absolute etime_abs;
256 struct GNUNET_TIME_Relative etime_rel;
262 if (NULL != ego_name)
265 _("Ego `%s' not known to identity service\n"),
268 GNUNET_SCHEDULER_shutdown();
272 if (GNUNET_YES == collect)
275 GNUNET_CRYPTO_ecdsa_public_key_from_string(issuer_key,
280 _("Issuer public key `%s' is not well-formed\n"),
282 GNUNET_SCHEDULER_shutdown();
284 privkey = GNUNET_IDENTITY_ego_get_private_key(ego);
286 collect_request = GNUNET_CREDENTIAL_collect(credential,
288 issuer_attr, //TODO argument
290 &handle_collect_result,
297 if (NULL == expiration)
300 "Please specify a TTL\n");
301 GNUNET_SCHEDULER_shutdown();
304 else if (GNUNET_OK == GNUNET_STRINGS_fancy_time_to_relative(expiration,
307 etime_abs = GNUNET_TIME_relative_to_absolute(etime_rel);
309 else if (GNUNET_OK != GNUNET_STRINGS_fancy_time_to_absolute(expiration,
313 "%s is not a valid ttl!\n",
315 GNUNET_SCHEDULER_shutdown();
320 privkey = GNUNET_IDENTITY_ego_get_private_key(ego);
321 GNUNET_free_non_null(ego_name);
323 crd = GNUNET_CREDENTIAL_credential_issue(privkey,
328 res = GNUNET_CREDENTIAL_credential_to_string(crd);
331 GNUNET_SCHEDULER_shutdown();
338 * Main function that will be run.
341 * @param args remaining command-line arguments
342 * @param cfgfile name of the configuration file used (for saving, can be NULL!)
343 * @param c configuration
349 const struct GNUNET_CONFIGURATION_Handle *c)
354 tt = GNUNET_SCHEDULER_add_delayed(timeout,
356 GNUNET_SCHEDULER_add_shutdown(&do_shutdown, NULL);
358 if (GNUNET_YES == collect)
360 if (NULL == issuer_key)
363 _("Issuer public key not well-formed\n"));
364 GNUNET_SCHEDULER_shutdown();
368 credential = GNUNET_CREDENTIAL_connect(cfg);
370 if (NULL == credential)
373 _("Failed to connect to CREDENTIAL\n"));
374 GNUNET_SCHEDULER_shutdown();
377 if (NULL == issuer_attr)
380 _("You must provide issuer the attribute\n"));
381 GNUNET_SCHEDULER_shutdown();
385 if (NULL == ego_name)
388 _("ego required\n"));
389 GNUNET_SCHEDULER_shutdown();
392 el = GNUNET_IDENTITY_ego_lookup(cfg,
399 if (NULL == subject_key)
402 _("Subject public key needed\n"));
403 GNUNET_SCHEDULER_shutdown();
407 GNUNET_CRYPTO_ecdsa_public_key_from_string(subject_key,
412 _("Subject public key `%s' is not well-formed\n"),
414 GNUNET_SCHEDULER_shutdown();
417 if (GNUNET_YES == verify)
419 if (NULL == issuer_key)
422 _("Issuer public key not well-formed\n"));
423 GNUNET_SCHEDULER_shutdown();
427 GNUNET_CRYPTO_ecdsa_public_key_from_string(issuer_key,
432 _("Issuer public key `%s' is not well-formed\n"),
434 GNUNET_SCHEDULER_shutdown();
437 credential = GNUNET_CREDENTIAL_connect(cfg);
439 if (NULL == credential)
442 _("Failed to connect to CREDENTIAL\n"));
443 GNUNET_SCHEDULER_shutdown();
446 if (NULL == issuer_attr || NULL == subject_credential)
449 _("You must provide issuer and subject attributes\n"));
450 GNUNET_SCHEDULER_shutdown();
454 //Subject credentials are comma separated
455 char *tmp = GNUNET_strdup(subject_credential);
456 char *tok = strtok(tmp, ",");
460 "Invalid subject credentials\n");
462 GNUNET_SCHEDULER_shutdown();
467 while (NULL != (tok = strtok(NULL, ",")))
469 struct GNUNET_CREDENTIAL_Credential credentials[count];
470 struct GNUNET_CREDENTIAL_Credential *cred;
472 tmp = GNUNET_strdup(subject_credential);
473 tok = strtok(tmp, ",");
474 for (i = 0; i < count; i++)
476 cred = GNUNET_CREDENTIAL_credential_from_string(tok);
477 GNUNET_memcpy(&credentials[i],
479 sizeof(struct GNUNET_CREDENTIAL_Credential));
480 credentials[i].issuer_attribute = GNUNET_strdup(cred->issuer_attribute);
481 tok = strtok(NULL, ",");
485 verify_request = GNUNET_CREDENTIAL_verify(credential,
487 issuer_attr, //TODO argument
491 &handle_verify_result,
493 for (i = 0; i < count; i++)
495 GNUNET_free((char*)credentials[i].issuer_attribute);
499 else if (GNUNET_YES == create_cred)
501 if (NULL == ego_name)
504 _("Issuer ego required\n"));
505 GNUNET_SCHEDULER_shutdown();
508 el = GNUNET_IDENTITY_ego_lookup(cfg,
517 _("Please specify name to lookup, subject key and issuer key!\n"));
518 GNUNET_SCHEDULER_shutdown();
525 * The main function for gnunet-gns.
527 * @param argc number of arguments from the command line
528 * @param argv command line arguments
529 * @return 0 ok, 1 on error
532 main(int argc, char *const *argv)
534 struct GNUNET_GETOPT_CommandLineOption options[] = {
535 GNUNET_GETOPT_option_flag('I',
537 gettext_noop("create credential"),
539 GNUNET_GETOPT_option_flag('V',
541 gettext_noop("verify credential against attribute"),
543 GNUNET_GETOPT_option_string('s',
546 gettext_noop("The public key of the subject to lookup the credential for"),
548 GNUNET_GETOPT_option_string('b',
551 gettext_noop("The name of the credential presented by the subject"),
552 &subject_credential),
553 GNUNET_GETOPT_option_string('i',
556 gettext_noop("The public key of the authority to verify the credential against"),
558 GNUNET_GETOPT_option_string('e',
561 gettext_noop("The ego to use"),
563 GNUNET_GETOPT_option_string('a',
566 gettext_noop("The issuer attribute to verify against or to issue"),
568 GNUNET_GETOPT_option_string('T',
571 gettext_noop("The time to live for the credential"),
573 GNUNET_GETOPT_option_flag('g',
575 gettext_noop("collect credentials"),
577 GNUNET_GETOPT_OPTION_END
581 timeout = GNUNET_TIME_UNIT_FOREVER_REL;
582 if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args(argc, argv, &argc, &argv))
585 GNUNET_log_setup("gnunet-credential", "WARNING", NULL);
588 GNUNET_PROGRAM_run(argc, argv, "gnunet-credential",
589 _("GNUnet credential resolver tool"),
591 &run, NULL)) ? 0 : 1;
592 GNUNET_free((void*)argv);
596 /* end of gnunet-credential.c */
projects / oweals / gnunet.git / blob