2 This file is part of GNUnet.
3 Copyright (C) 2013 GNUnet e.V.
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
18 SPDX-License-Identifier: AGPL3.0-or-later
22 * @file revocation/gnunet-revocation.c
23 * @brief tool for revoking public keys
24 * @author Christian Grothoff
27 #include "gnunet_util_lib.h"
28 #include "gnunet_revocation_service.h"
29 #include "gnunet_identity_service.h"
45 static char *filename;
50 static char *revoke_ego;
55 static char *test_ego;
58 * Handle for revocation query.
60 static struct GNUNET_REVOCATION_Query *q;
63 * Handle for revocation.
65 static struct GNUNET_REVOCATION_Handle *h;
68 * Handle for our ego lookup.
70 static struct GNUNET_IDENTITY_EgoLookup *el;
75 static const struct GNUNET_CONFIGURATION_Handle *cfg;
78 * Number of matching bits required for revocation.
80 static unsigned long long matching_bits;
83 * Task used for proof-of-work calculation.
85 static struct GNUNET_SCHEDULER_Task *pow_task;
89 * Function run if the user aborts with CTRL-C.
94 do_shutdown (void *cls)
98 GNUNET_IDENTITY_ego_lookup_cancel (el);
103 GNUNET_REVOCATION_query_cancel (q);
108 GNUNET_REVOCATION_revoke_cancel (h);
115 * Print the result from a revocation query.
118 * @param is_valid #GNUNET_YES if the key is still valid, #GNUNET_NO if not, #GNUNET_SYSERR on error
121 print_query_result (void *cls, int is_valid)
127 fprintf (stdout, _ ("Key `%s' is valid\n"), test_ego);
131 fprintf (stdout, _ ("Key `%s' has been revoked\n"), test_ego);
135 fprintf (stdout, "%s", _ ("Internal error\n"));
142 GNUNET_SCHEDULER_shutdown ();
147 * Print the result from a revocation request.
150 * @param is_valid #GNUNET_YES if the key is still valid, #GNUNET_NO if not, #GNUNET_SYSERR on error
153 print_revocation_result (void *cls, int is_valid)
159 if (NULL != revoke_ego)
161 _ ("Key for ego `%s' is still valid, revocation failed (!)\n"),
164 fprintf (stdout, "%s", _ ("Revocation failed (!)\n"));
168 if (NULL != revoke_ego)
170 _ ("Key for ego `%s' has been successfully revoked\n"),
173 fprintf (stdout, "%s", _ ("Revocation successful.\n"));
179 _ ("Internal error, key revocation might have failed\n"));
186 GNUNET_SCHEDULER_shutdown ();
191 * Data needed to perform a revocation.
193 struct RevocationData
198 struct GNUNET_CRYPTO_EcdsaPublicKey key;
201 * Revocation signature data.
203 struct GNUNET_CRYPTO_EcdsaSignature sig;
206 * Proof of work (in NBO).
208 uint64_t pow GNUNET_PACKED;
213 * Perform the revocation.
216 perform_revocation (const struct RevocationData *rd)
218 h = GNUNET_REVOCATION_revoke (cfg,
222 &print_revocation_result,
228 * Write the current state of the revocation data
231 * @param rd data to sync
234 sync_rd (const struct RevocationData *rd)
236 if ((NULL != filename) &&
237 (sizeof(struct RevocationData) ==
238 GNUNET_DISK_fn_write (filename,
241 GNUNET_DISK_PERM_USER_READ
242 | GNUNET_DISK_PERM_USER_WRITE)))
243 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, "write", filename);
248 * Perform the proof-of-work calculation.
250 * @param cls the `struct RevocationData`
253 calculate_pow_shutdown (void *cls)
255 struct RevocationData *rd = cls;
257 if (NULL != pow_task)
259 GNUNET_SCHEDULER_cancel (pow_task);
268 * Perform the proof-of-work calculation.
270 * @param cls the `struct RevocationData`
273 calculate_pow (void *cls)
275 struct RevocationData *rd = cls;
277 /* store temporary results */
279 if (0 == (rd->pow % 128))
281 /* display progress estimate */
282 if ((0 == ((1 << matching_bits) / 100 / 50)) ||
283 (0 == (rd->pow % ((1 << matching_bits) / 100 / 50))))
284 fprintf (stderr, "%s", ".");
285 if ((0 != rd->pow) && ((0 == ((1 << matching_bits) / 100)) ||
286 (0 == (rd->pow % ((1 << matching_bits) / 100)))))
288 " - @ %3u%% (estimate)\n",
289 (unsigned int) (rd->pow * 100) / (1 << matching_bits));
290 /* actually do POW calculation */
292 if (GNUNET_OK == GNUNET_REVOCATION_check_pow (&rd->key,
294 (unsigned int) matching_bits))
296 if ((NULL != filename) &&
297 (sizeof(struct RevocationData) !=
298 GNUNET_DISK_fn_write (filename,
300 sizeof(struct RevocationData),
301 GNUNET_DISK_PERM_USER_READ
302 | GNUNET_DISK_PERM_USER_WRITE)))
303 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, "write", filename);
306 perform_revocation (rd);
310 fprintf (stderr, "%s", "\n");
312 _ ("Revocation certificate for `%s' stored in `%s'\n"),
315 GNUNET_SCHEDULER_shutdown ();
319 pow_task = GNUNET_SCHEDULER_add_now (&calculate_pow, rd);
324 * Function called with the result from the ego lookup.
327 * @param ego the ego, NULL if not found
330 ego_callback (void *cls, const struct GNUNET_IDENTITY_Ego *ego)
332 struct RevocationData *rd;
333 struct GNUNET_CRYPTO_EcdsaPublicKey key;
338 fprintf (stdout, _ ("Ego `%s' not found.\n"), revoke_ego);
339 GNUNET_SCHEDULER_shutdown ();
342 GNUNET_IDENTITY_ego_get_public_key (ego, &key);
343 rd = GNUNET_new (struct RevocationData);
344 if ((NULL != filename) && (GNUNET_YES == GNUNET_DISK_file_test (filename)) &&
345 (sizeof(struct RevocationData) ==
346 GNUNET_DISK_fn_read (filename, rd, sizeof(struct RevocationData))))
348 if (0 != GNUNET_memcmp (&rd->key, &key))
351 _ ("Error: revocation certificate in `%s' is not for `%s'\n"),
360 GNUNET_REVOCATION_sign_revocation (GNUNET_IDENTITY_ego_get_private_key (
366 GNUNET_REVOCATION_check_pow (&key, rd->pow, (unsigned int) matching_bits))
368 fprintf (stderr, "%s", _ ("Revocation certificate ready\n"));
370 perform_revocation (rd);
372 GNUNET_SCHEDULER_shutdown ();
378 _ ("Revocation certificate not ready, calculating proof of work\n"));
379 pow_task = GNUNET_SCHEDULER_add_now (&calculate_pow, rd);
380 GNUNET_SCHEDULER_add_shutdown (&calculate_pow_shutdown, rd);
385 * Main function that will be run by the scheduler.
388 * @param args remaining command-line arguments
389 * @param cfgfile name of the configuration file used (for saving, can be NULL!)
390 * @param c configuration
396 const struct GNUNET_CONFIGURATION_Handle *c)
398 struct GNUNET_CRYPTO_EcdsaPublicKey pk;
399 struct RevocationData rd;
402 if (NULL != test_ego)
405 GNUNET_CRYPTO_ecdsa_public_key_from_string (test_ego,
409 fprintf (stderr, _ ("Public key `%s' malformed\n"), test_ego);
412 GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL);
413 q = GNUNET_REVOCATION_query (cfg, &pk, &print_query_result, NULL);
414 if (NULL != revoke_ego)
419 "Testing and revoking at the same time is not allowed, only executing test.\n"));
422 if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_number (cfg,
427 GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
432 if (NULL != revoke_ego)
434 if (! perform && (NULL == filename))
438 _ ("No filename to store revocation certificate given.\n"));
442 el = GNUNET_IDENTITY_ego_lookup (cfg, revoke_ego, &ego_callback, NULL);
443 GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL);
446 if ((NULL != filename) && (perform))
448 if (sizeof(rd) != GNUNET_DISK_fn_read (filename, &rd, sizeof(rd)))
451 _ ("Failed to read revocation certificate from `%s'\n"),
455 GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL);
457 GNUNET_REVOCATION_check_pow (&rd.key,
459 (unsigned int) matching_bits))
461 struct RevocationData *cp = GNUNET_new (struct RevocationData);
464 pow_task = GNUNET_SCHEDULER_add_now (&calculate_pow, cp);
465 GNUNET_SCHEDULER_add_shutdown (&calculate_pow_shutdown, cp);
468 perform_revocation (&rd);
471 fprintf (stderr, "%s", _ ("No action specified. Nothing to do.\n"));
476 * The main function of gnunet-revocation.
478 * @param argc number of arguments from the command line
479 * @param argv command line arguments
480 * @return 0 ok, 1 on error
483 main (int argc, char *const *argv)
485 struct GNUNET_GETOPT_CommandLineOption options[] = {
486 GNUNET_GETOPT_option_string ('f',
490 "use NAME for the name of the revocation file"),
493 GNUNET_GETOPT_option_string (
498 "revoke the private key associated for the the private key associated with the ego NAME "),
501 GNUNET_GETOPT_option_flag (
505 "actually perform revocation, otherwise we just do the precomputation"),
508 GNUNET_GETOPT_option_string ('t',
512 "test if the public key KEY has been revoked"),
515 GNUNET_GETOPT_OPTION_END
518 if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
521 ret = (GNUNET_OK == GNUNET_PROGRAM_run (argc,
524 gettext_noop ("help text"),
530 GNUNET_free ((void *) argv);
535 /* end of gnunet-revocation.c */