2 This file is part of GNUnet.
3 Copyright (C) 2013 GNUnet e.V.
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 * @file revocation/gnunet-revocation.c
21 * @brief tool for revoking public keys
22 * @author Christian Grothoff
25 #include "gnunet_util_lib.h"
26 #include "gnunet_revocation_service.h"
27 #include "gnunet_identity_service.h"
43 static char *filename;
48 static char *revoke_ego;
53 static char *test_ego;
56 * Handle for revocation query.
58 static struct GNUNET_REVOCATION_Query *q;
61 * Handle for revocation.
63 static struct GNUNET_REVOCATION_Handle *h;
66 * Handle for our ego lookup.
68 static struct GNUNET_IDENTITY_EgoLookup *el;
73 static const struct GNUNET_CONFIGURATION_Handle *cfg;
76 * Number of matching bits required for revocation.
78 static unsigned long long matching_bits;
81 * Task used for proof-of-work calculation.
83 static struct GNUNET_SCHEDULER_Task *pow_task;
87 * Function run if the user aborts with CTRL-C.
92 do_shutdown (void *cls)
96 GNUNET_IDENTITY_ego_lookup_cancel (el);
101 GNUNET_REVOCATION_query_cancel (q);
106 GNUNET_REVOCATION_revoke_cancel (h);
113 * Print the result from a revocation query.
116 * @param is_valid #GNUNET_YES if the key is still valid, #GNUNET_NO if not, #GNUNET_SYSERR on error
119 print_query_result (void *cls,
127 _("Key `%s' is valid\n"),
132 _("Key `%s' has been revoked\n"),
138 _("Internal error\n"));
144 GNUNET_SCHEDULER_shutdown ();
149 * Print the result from a revocation request.
152 * @param is_valid #GNUNET_YES if the key is still valid, #GNUNET_NO if not, #GNUNET_SYSERR on error
155 print_revocation_result (void *cls,
162 if (NULL != revoke_ego)
164 _("Key for ego `%s' is still valid, revocation failed (!)\n"),
169 _("Revocation failed (!)\n"));
172 if (NULL != revoke_ego)
174 _("Key for ego `%s' has been successfully revoked\n"),
179 _("Revocation successful.\n"));
184 _("Internal error, key revocation might have failed\n"));
190 GNUNET_SCHEDULER_shutdown ();
195 * Data needed to perform a revocation.
197 struct RevocationData
202 struct GNUNET_CRYPTO_EcdsaPublicKey key;
205 * Revocation signature data.
207 struct GNUNET_CRYPTO_EcdsaSignature sig;
210 * Proof of work (in NBO).
212 uint64_t pow GNUNET_PACKED;
217 * Perform the revocation.
220 perform_revocation (const struct RevocationData *rd)
222 h = GNUNET_REVOCATION_revoke (cfg,
226 &print_revocation_result,
232 * Write the current state of the revocation data
235 * @param rd data to sync
238 sync_rd (const struct RevocationData *rd)
240 if ( (NULL != filename) &&
241 (sizeof (struct RevocationData) ==
242 GNUNET_DISK_fn_write (filename,
245 GNUNET_DISK_PERM_USER_READ |
246 GNUNET_DISK_PERM_USER_WRITE)) )
247 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
254 * Perform the proof-of-work calculation.
256 * @param cls the `struct RevocationData`
259 calculate_pow_shutdown (void *cls)
261 struct RevocationData *rd = cls;
263 if (NULL != pow_task)
265 GNUNET_SCHEDULER_cancel (pow_task);
274 * Perform the proof-of-work calculation.
276 * @param cls the `struct RevocationData`
279 calculate_pow (void *cls)
281 struct RevocationData *rd = cls;
283 /* store temporary results */
285 if (0 == (rd->pow % 128))
287 /* display progress estimate */
288 if ( (0 == ((1 << matching_bits) / 100 / 50)) ||
289 (0 == (rd->pow % ((1 << matching_bits) / 100 / 50))) )
290 FPRINTF (stderr, "%s", ".");
291 if ( (0 != rd->pow) &&
292 ( (0 == ((1 << matching_bits) / 100)) ||
293 (0 == (rd->pow % ((1 << matching_bits) / 100))) ) )
294 FPRINTF (stderr, " - @ %3u%% (estimate)\n",
295 (unsigned int) (rd->pow * 100) / (1 << matching_bits));
296 /* actually do POW calculation */
299 GNUNET_REVOCATION_check_pow (&rd->key,
301 (unsigned int) matching_bits))
303 if ( (NULL != filename) &&
304 (sizeof (struct RevocationData) !=
305 GNUNET_DISK_fn_write (filename,
307 sizeof (struct RevocationData),
308 GNUNET_DISK_PERM_USER_READ |
309 GNUNET_DISK_PERM_USER_WRITE)) )
310 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
315 perform_revocation (rd);
319 FPRINTF (stderr, "%s", "\n");
321 _("Revocation certificate for `%s' stored in `%s'\n"),
324 GNUNET_SCHEDULER_shutdown ();
328 pow_task = GNUNET_SCHEDULER_add_now (&calculate_pow,
334 * Function called with the result from the ego lookup.
337 * @param ego the ego, NULL if not found
340 ego_callback (void *cls,
341 const struct GNUNET_IDENTITY_Ego *ego)
343 struct RevocationData *rd;
344 struct GNUNET_CRYPTO_EcdsaPublicKey key;
350 _("Ego `%s' not found.\n"),
352 GNUNET_SCHEDULER_shutdown ();
355 GNUNET_IDENTITY_ego_get_public_key (ego,
357 rd = GNUNET_new (struct RevocationData);
358 if ( (NULL != filename) &&
360 GNUNET_DISK_file_test (filename)) &&
361 (sizeof (struct RevocationData) ==
362 GNUNET_DISK_fn_read (filename,
364 sizeof (struct RevocationData))) )
366 if (0 != memcmp (&rd->key,
368 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
371 _("Error: revocation certificate in `%s' is not for `%s'\n"),
380 GNUNET_REVOCATION_sign_revocation (GNUNET_IDENTITY_ego_get_private_key (ego),
385 GNUNET_REVOCATION_check_pow (&key,
387 (unsigned int) matching_bits))
391 _("Revocation certificate ready\n"));
393 perform_revocation (rd);
395 GNUNET_SCHEDULER_shutdown ();
401 _("Revocation certificate not ready, calculating proof of work\n"));
402 pow_task = GNUNET_SCHEDULER_add_now (&calculate_pow,
404 GNUNET_SCHEDULER_add_shutdown (&calculate_pow_shutdown,
410 * Main function that will be run by the scheduler.
413 * @param args remaining command-line arguments
414 * @param cfgfile name of the configuration file used (for saving, can be NULL!)
415 * @param c configuration
421 const struct GNUNET_CONFIGURATION_Handle *c)
423 struct GNUNET_CRYPTO_EcdsaPublicKey pk;
424 struct RevocationData rd;
427 if (NULL != test_ego)
430 GNUNET_CRYPTO_ecdsa_public_key_from_string (test_ego,
435 _("Public key `%s' malformed\n"),
439 GNUNET_SCHEDULER_add_shutdown (&do_shutdown,
441 q = GNUNET_REVOCATION_query (cfg,
445 if (NULL != revoke_ego)
448 _("Testing and revoking at the same time is not allowed, only executing test.\n"));
452 GNUNET_CONFIGURATION_get_value_number (cfg,
457 GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
462 if (NULL != revoke_ego)
464 if ( !perform && (NULL == filename) )
468 _("No filename to store revocation certificate given.\n"));
472 el = GNUNET_IDENTITY_ego_lookup (cfg,
476 GNUNET_SCHEDULER_add_shutdown (&do_shutdown,
480 if ( (NULL != filename) &&
484 GNUNET_DISK_fn_read (filename,
489 _("Failed to read revocation certificate from `%s'\n"),
493 GNUNET_SCHEDULER_add_shutdown (&do_shutdown,
496 GNUNET_REVOCATION_check_pow (&rd.key,
498 (unsigned int) matching_bits))
500 struct RevocationData *cp = GNUNET_new (struct RevocationData);
503 pow_task = GNUNET_SCHEDULER_add_now (&calculate_pow,
505 GNUNET_SCHEDULER_add_shutdown (&calculate_pow_shutdown,
509 perform_revocation (&rd);
514 _("No action specified. Nothing to do.\n"));
519 * The main function of gnunet-revocation.
521 * @param argc number of arguments from the command line
522 * @param argv command line arguments
523 * @return 0 ok, 1 on error
526 main (int argc, char *const *argv)
528 struct GNUNET_GETOPT_CommandLineOption options[] = {
530 GNUNET_GETOPT_option_string ('f',
533 gettext_noop ("use NAME for the name of the revocation file"),
536 GNUNET_GETOPT_option_string ('R',
539 gettext_noop ("revoke the private key associated for the the private key associated with the ego NAME "),
542 GNUNET_GETOPT_option_flag ('p',
544 gettext_noop ("actually perform revocation, otherwise we just do the precomputation"),
547 GNUNET_GETOPT_option_string ('t',
550 gettext_noop ("test if the public key KEY has been revoked"),
553 GNUNET_GETOPT_OPTION_END
555 if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
559 GNUNET_PROGRAM_run (argc, argv, "gnunet-revocation",
560 gettext_noop ("help text"), options, &run,
562 GNUNET_free ((void*) argv);
566 /* end of gnunet-revocation.c */