2 This file is part of GNUnet.
3 (C) 2013 Christian Grothoff (and other contributing authors)
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 59 Temple Place - Suite 330,
18 Boston, MA 02111-1307, USA.
22 * @file revocation/gnunet-revocation.c
23 * @brief tool for revoking public keys
24 * @author Christian Grothoff
27 #include "gnunet_util_lib.h"
28 #include "gnunet_revocation_service.h"
29 #include "gnunet_identity_service.h"
45 static char *filename;
50 static char *revoke_ego;
55 static char *test_ego;
58 * Handle for revocation query.
60 static struct GNUNET_REVOCATION_Query *q;
63 * Handle for revocation.
65 static struct GNUNET_REVOCATION_Handle *h;
68 * Handle for our ego lookup.
70 static struct GNUNET_IDENTITY_EgoLookup *el;
75 static const struct GNUNET_CONFIGURATION_Handle *cfg;
78 * Number of matching bits required for revocation.
80 static unsigned long long matching_bits;
84 * Function run if the user aborts with CTRL-C.
87 * @param tc scheduler context
90 do_shutdown (void *cls,
91 const struct GNUNET_SCHEDULER_TaskContext *tc)
95 GNUNET_REVOCATION_query_cancel (q);
100 GNUNET_REVOCATION_revoke_cancel (h);
107 * Print the result from a revocation query.
110 * @param is_valid #GNUNET_YES if the key is still valid, #GNUNET_NO if not, #GNUNET_SYSERR on error
113 print_query_result (void *cls,
121 _("Key `%s' is valid\n"),
126 _("Key `%s' has been revoked\n"),
132 _("Internal error\n"));
138 GNUNET_SCHEDULER_shutdown ();
143 * Print the result from a revocation request.
146 * @param is_valid #GNUNET_YES if the key is still valid, #GNUNET_NO if not, #GNUNET_SYSERR on error
149 print_revocation_result (void *cls,
157 _("Key for ego `%s' is still valid, revocation failed (!)\n"),
162 _("Key for ego `%s' has been successfully revoked\n"),
168 _("Internal error, key revocation might have failed\n"));
174 GNUNET_SCHEDULER_shutdown ();
179 * Data needed to perform a revocation.
181 struct RevocationData
186 struct GNUNET_CRYPTO_EccPublicSignKey key;
189 * Revocation signature data.
191 struct GNUNET_CRYPTO_EccSignature sig;
194 * Proof of work (in NBO).
196 uint64_t pow GNUNET_PACKED;
201 * Perform the revocation.
204 perform_revocation (const struct RevocationData *rd)
206 h = GNUNET_REVOCATION_revoke (cfg,
210 &print_revocation_result,
216 * Perform the proof-of-work calculation.
218 * @param cls the `struct RevocationData`
219 * @param tc scheduler context
222 calculate_pow (void *cls,
223 const struct GNUNET_SCHEDULER_TaskContext *tc)
225 struct RevocationData *rd = cls;
227 if ( (0 != (GNUNET_SCHEDULER_REASON_SHUTDOWN & tc->reason)) ||
228 (0 == (rd->pow % 128) ) )
230 if (0 == (rd->pow % 128 * 1024))
232 if (0 == (rd->pow % (1024 * 128 * 80)))
233 fprintf (stderr, "\n");
234 fprintf (stderr, ".");
236 if ( (NULL != filename) &&
237 (sizeof (struct RevocationData) ==
238 GNUNET_DISK_fn_write (filename,
241 GNUNET_DISK_PERM_USER_READ |
242 GNUNET_DISK_PERM_USER_WRITE)) )
243 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
247 if (0 != (GNUNET_SCHEDULER_REASON_SHUTDOWN & tc->reason))
254 GNUNET_REVOCATION_check_pow (&rd->key,
256 (unsigned int) matching_bits))
258 if ( (NULL != filename) &&
259 (sizeof (struct RevocationData) ==
260 GNUNET_DISK_fn_write (filename,
263 GNUNET_DISK_PERM_USER_READ |
264 GNUNET_DISK_PERM_USER_WRITE)) )
265 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
269 perform_revocation (rd);
273 _("Revocation certificate for `%s' stored in `%s'\n"),
276 GNUNET_SCHEDULER_shutdown ();
280 GNUNET_SCHEDULER_add_now (&calculate_pow,
286 * Function called with the result from the ego lookup.
289 * @param ego the ego, NULL if not found
292 ego_callback (void *cls,
293 const struct GNUNET_IDENTITY_Ego *ego)
295 struct RevocationData *rd;
296 struct GNUNET_CRYPTO_EccPublicSignKey key;
302 _("Ego `%s' not found.\n"),
304 GNUNET_SCHEDULER_shutdown ();
307 GNUNET_IDENTITY_ego_get_public_key (ego,
309 rd = GNUNET_new (struct RevocationData);
310 if ( (NULL != filename) &&
312 GNUNET_DISK_file_test (filename)) &&
313 (sizeof (struct RevocationData) ==
314 GNUNET_DISK_fn_read (filename,
318 if (0 != memcmp (&rd->key,
320 sizeof (struct GNUNET_CRYPTO_EccPublicSignKey)))
323 _("Error: revocation certificate in `%s' is not for `%s'\n"),
332 GNUNET_REVOCATION_sign_revocation (GNUNET_IDENTITY_ego_get_private_key (ego),
337 GNUNET_REVOCATION_check_pow (&key,
339 (unsigned int) matching_bits))
343 _("Revocation certificate ready, initiating revocation\n"));
344 perform_revocation (rd);
350 _("Revocation certificate not ready, calculating proof of work\n"));
351 GNUNET_SCHEDULER_add_now (&calculate_pow,
357 * Main function that will be run by the scheduler.
360 * @param args remaining command-line arguments
361 * @param cfgfile name of the configuration file used (for saving, can be NULL!)
362 * @param c configuration
368 const struct GNUNET_CONFIGURATION_Handle *c)
370 struct GNUNET_CRYPTO_EccPublicSignKey pk;
371 struct RevocationData rd;
374 if (NULL != test_ego)
377 GNUNET_CRYPTO_ecc_public_sign_key_from_string (test_ego,
382 _("Public key `%s' malformed\n"),
386 GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_FOREVER_REL,
389 q = GNUNET_REVOCATION_query (cfg,
393 if (NULL != revoke_ego)
396 _("Testing and revoking at the same time is not allowed, only executing test.\n"));
400 GNUNET_CONFIGURATION_get_value_number (cfg,
405 GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
410 if (NULL != revoke_ego)
413 el = GNUNET_IDENTITY_ego_lookup (cfg,
417 GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_FOREVER_REL,
422 if ( (NULL != filename) &&
426 GNUNET_DISK_fn_read (filename,
431 _("Failed to read revocation certificate from `%s'\n"),
435 perform_revocation (&rd);
436 GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_FOREVER_REL,
443 _("No action specified. Nothing to do.\n"));
448 * The main function of gnunet-revocation.
450 * @param argc number of arguments from the command line
451 * @param argv command line arguments
452 * @return 0 ok, 1 on error
455 main (int argc, char *const *argv)
457 static const struct GNUNET_GETOPT_CommandLineOption options[] = {
458 {'f', "filename", "NAME",
459 gettext_noop ("use NAME for the name of the revocation file"),
460 1, &GNUNET_GETOPT_set_string, &filename},
461 {'R', "revoke", "NAME",
462 gettext_noop ("revoke the private key associated with the ego NAME "),
463 1, &GNUNET_GETOPT_set_string, &revoke_ego},
464 {'p', "perform", NULL,
465 gettext_noop ("actually perform the revocation revocation file, otherwise we just do the precomputation"),
466 0, &GNUNET_GETOPT_set_one, &perform},
468 gettext_noop ("test if the public key KEY has been revoked"),
469 1, &GNUNET_GETOPT_set_string, &test_ego},
470 GNUNET_GETOPT_OPTION_END
472 if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
476 GNUNET_PROGRAM_run (argc, argv, "gnunet-revocation",
477 gettext_noop ("help text"), options, &run,
479 GNUNET_free ((void*) argv);
483 /* end of gnunet-revocation.c */