2 This file is part of GNUnet.
3 (C) 2013 Christian Grothoff (and other contributing authors)
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public Licerevocation as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public Licerevocation for more details.
15 You should have received a copy of the GNU General Public Licerevocation
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 59 Temple Place - Suite 330,
18 Boston, MA 02111-1307, USA.
22 * @file revocation/gnunet-service-revocation.c
23 * @brief key revocation service
24 * @author Christian Grothoff
26 * The purpose of this service is to allow users to permanently revoke
27 * (compromised) keys. This is done by flooding the network with the
28 * revocation requests. To reduce the attack potential offered by such
29 * flooding, revocations must include a proof of work. We use the
30 * set service for efficiently computing the union of revocations of
34 * - broadcast p2p revocations
35 * - handle p2p connect (trigger SET union)
36 * - optimization: avoid sending revocation back to peer that we got it from;
37 * - optimization: have randomized delay in sending revocations to other peers
38 * to make it rare to traverse each link twice (NSE-style)
42 #include "gnunet_util_lib.h"
43 #include "gnunet_constants.h"
44 #include "gnunet_protocols.h"
45 #include "gnunet_signatures.h"
46 #include "gnunet_statistics_service.h"
47 #include "gnunet_core_service.h"
48 #include "gnunet_revocation_service.h"
49 #include "gnunet_set_service.h"
50 #include "revocation.h"
55 * Per-peer information.
61 * Core handle for sending messages to this peer.
63 struct GNUNET_CORE_TransmitHandle *th;
66 * What is the identity of the peer?
68 struct GNUNET_PeerIdentity id;
71 * Task scheduled to send message to this peer.
73 GNUNET_SCHEDULER_TaskIdentifier transmit_task;
79 * Set from all revocations known to us.
81 static struct GNUNET_SET_Handle *revocation_set;
84 * Hash map with all revoked keys, maps the hash of the public key
85 * to the respective `struct RevokeMessage`.
87 static struct GNUNET_CONTAINER_MultiHashMap *revocation_map;
90 * Handle to our current configuration.
92 static const struct GNUNET_CONFIGURATION_Handle *cfg;
95 * Handle to the statistics service.
97 static struct GNUNET_STATISTICS_Handle *stats;
100 * Handle to the core service (for flooding)
102 static struct GNUNET_CORE_Handle *coreAPI;
105 * Map of all connected peers.
107 static struct GNUNET_CONTAINER_MultiPeerMap *peers;
110 * The peer identity of this peer.
112 static struct GNUNET_PeerIdentity my_identity;
115 * Handle to this serivce's server.
117 static struct GNUNET_SERVER_Handle *srv;
120 * Notification context for convenient sending of replies to the clients.
122 static struct GNUNET_SERVER_NotificationContext *nc;
125 * File handle for the revocation database.
127 static struct GNUNET_DISK_FileHandle *revocation_db;
130 * Amount of work required (W-bit collisions) for REVOCATION proofs, in collision-bits.
132 static unsigned long long revocation_work_required;
136 * An revoke message has been received, check that it is well-formed.
138 * @param rm the message to verify
139 * @return #GNUNET_YES if the message is verified
140 * #GNUNET_NO if the key/signature don't verify
143 verify_revoke_message (const struct RevokeMessage *rm)
146 GNUNET_REVOCATION_check_pow (&rm->public_key,
148 (unsigned int) revocation_work_required))
150 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
151 "Proof of work invalid!\n");
156 GNUNET_CRYPTO_ecc_verify (GNUNET_SIGNATURE_PURPOSE_REVOCATION,
169 * Handle QUERY message from client.
172 * @param client who sent the message
173 * @param message the message received
176 handle_query_message (void *cls,
177 struct GNUNET_SERVER_Client *client,
178 const struct GNUNET_MessageHeader *message)
180 const struct QueryMessage *qm = (const struct QueryMessage *) message;
181 struct QueryResponseMessage qrm;
182 struct GNUNET_HashCode hc;
185 GNUNET_CRYPTO_hash (&qm->key,
186 sizeof (struct GNUNET_CRYPTO_EccPublicSignKey),
188 res = GNUNET_CONTAINER_multihashmap_contains (revocation_map, &hc);
189 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
191 ? "Received revocation check for valid key `%s' from client\n"
192 : "Received revocation check for revoked key `%s' from client\n",
194 qrm.header.size = htons (sizeof (struct QueryResponseMessage));
195 qrm.header.type = htons (GNUNET_MESSAGE_TYPE_REVOCATION_QUERY_RESPONSE);
196 qrm.is_valid = htonl ((GNUNET_YES == res) ? GNUNET_NO : GNUNET_YES);
197 GNUNET_SERVER_notification_context_add (nc,
199 GNUNET_SERVER_notification_context_unicast (nc,
203 GNUNET_SERVER_receive_done (client, GNUNET_OK);
208 * Flood the given revocation message to all neighbours.
210 * @param cls the `struct RevokeMessage` to flood
211 * @param target a neighbour
212 * @param value our `struct PeerEntry` for the neighbour
213 * @return #GNUNET_OK (continue to iterate)
217 const struct GNUNET_PeerIdentity *target,
220 GNUNET_break (0); // FIXME: not implemented
226 * Publicize revocation message. Stores the message locally in the
227 * database and passes it to all connected neighbours (and adds it to
228 * the set for future connections).
230 * @param rm message to publicize
231 * @return #GNUNET_OK on success, #GNUNET_NO if we encountered an error,
232 * #GNUNET_SYSERR if the message was malformed
235 publicize_rm (const struct RevokeMessage *rm)
237 struct RevokeMessage *cp;
238 struct GNUNET_HashCode hc;
239 struct GNUNET_SET_Element e;
241 GNUNET_CRYPTO_hash (&rm->public_key,
242 sizeof (struct GNUNET_CRYPTO_EccPublicSignKey),
245 GNUNET_CONTAINER_multihashmap_contains (revocation_map,
248 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
249 _("Duplicate revocation received from peer. Ignored.\n"));
253 verify_revoke_message (rm))
256 return GNUNET_SYSERR;
259 if (sizeof (struct RevokeMessage) !=
260 GNUNET_DISK_file_write (revocation_db,
262 sizeof (struct RevokeMessage)))
264 GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR,
269 GNUNET_DISK_file_sync (revocation_db))
271 GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR,
275 /* keep copy in memory */
276 cp = (struct RevokeMessage *) GNUNET_copy_message (&rm->header);
277 GNUNET_break (GNUNET_OK ==
278 GNUNET_CONTAINER_multihashmap_put (revocation_map,
281 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY));
282 /* add to set for future connections */
283 e.size = htons (rm->header.size);
287 GNUNET_SET_add_element (revocation_set,
294 /* flood to neighbours */
295 GNUNET_CONTAINER_multipeermap_iterate (peers,
303 * Handle REVOKE message from client.
306 * @param client who sent the message
307 * @param message the message received
310 handle_revoke_message (void *cls,
311 struct GNUNET_SERVER_Client *client,
312 const struct GNUNET_MessageHeader *message)
314 const struct RevokeMessage *rm;
315 struct RevocationResponseMessage rrm;
318 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
319 "Received REVOKE message from client\n");
320 rm = (const struct RevokeMessage *) message;
321 if (GNUNET_SYSERR == (ret = publicize_rm (rm)))
324 GNUNET_SERVER_receive_done (client, GNUNET_SYSERR);
327 rrm.header.size = htons (sizeof (struct RevocationResponseMessage));
328 rrm.header.type = htons (GNUNET_MESSAGE_TYPE_REVOCATION_REVOKE_RESPONSE);
329 rrm.is_valid = htonl ((GNUNET_OK == ret) ? GNUNET_NO : GNUNET_YES);
330 GNUNET_SERVER_notification_context_add (nc,
332 GNUNET_SERVER_notification_context_unicast (nc,
336 GNUNET_SERVER_receive_done (client, GNUNET_OK);
341 * Core handler for flooded revocation messages.
343 * @param cls closure unused
344 * @param message message
345 * @param peer peer identity this message is from (ignored)
348 handle_p2p_revoke_message (void *cls,
349 const struct GNUNET_PeerIdentity *peer,
350 const struct GNUNET_MessageHeader *message)
352 const struct RevokeMessage *rm;
354 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
355 "Received REVOKE message from peer\n");
356 rm = (const struct RevokeMessage *) message;
357 GNUNET_break_op (GNUNET_SYSERR != publicize_rm (rm));
363 * Method called whenever a peer connects. Sets up the PeerEntry and
364 * schedules the initial revocation set exchange with this peer.
367 * @param peer peer identity this notification is about
370 handle_core_connect (void *cls,
371 const struct GNUNET_PeerIdentity *peer)
373 struct PeerEntry *peer_entry;
375 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Peer `%s' connected to us\n",
377 peer_entry = GNUNET_new (struct PeerEntry);
378 peer_entry->id = *peer;
379 GNUNET_assert (GNUNET_OK ==
380 GNUNET_CONTAINER_multipeermap_put (peers, peer,
382 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY));
383 GNUNET_break (0); // FIXME: implement revocation set union on connect!
385 peer_entry->transmit_task =
386 GNUNET_SCHEDULER_add_delayed (get_transmit_delay (-1), &transmit_task_cb,
389 GNUNET_STATISTICS_update (stats, "# peers connected", 1, GNUNET_NO);
394 * Method called whenever a peer disconnects. Deletes the PeerEntry and cancels
395 * any pending transmission requests to that peer.
398 * @param peer peer identity this notification is about
401 handle_core_disconnect (void *cls,
402 const struct GNUNET_PeerIdentity *peer)
404 struct PeerEntry *pos;
406 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
407 "Peer `%s' disconnected from us\n",
409 pos = GNUNET_CONTAINER_multipeermap_get (peers, peer);
415 GNUNET_assert (GNUNET_YES ==
416 GNUNET_CONTAINER_multipeermap_remove (peers, peer,
419 if (pos->transmit_task != GNUNET_SCHEDULER_NO_TASK)
421 GNUNET_SCHEDULER_cancel (pos->transmit_task);
422 pos->transmit_task = GNUNET_SCHEDULER_NO_TASK;
426 GNUNET_CORE_notify_transmit_ready_cancel (pos->th);
431 GNUNET_STATISTICS_update (stats, "# peers connected", -1, GNUNET_NO);
436 * Free all values in a hash map.
440 * @param value value to free
441 * @return #GNUNET_OK (continue to iterate)
444 free_entry (void *cls,
445 const struct GNUNET_HashCode *key,
454 * Task run during shutdown.
460 shutdown_task (void *cls,
461 const struct GNUNET_SCHEDULER_TaskContext *tc)
463 if (NULL != revocation_set)
465 GNUNET_SET_destroy (revocation_set);
466 revocation_set = NULL;
470 GNUNET_CORE_disconnect (coreAPI);
475 GNUNET_STATISTICS_destroy (stats, GNUNET_NO);
480 GNUNET_CONTAINER_multipeermap_destroy (peers);
485 GNUNET_SERVER_notification_context_destroy (nc);
488 if (NULL != revocation_db)
490 GNUNET_DISK_file_close (revocation_db);
491 revocation_db = NULL;
493 GNUNET_CONTAINER_multihashmap_iterate (revocation_map,
496 GNUNET_CONTAINER_multihashmap_destroy (revocation_map);
501 * Called on core init/fail.
503 * @param cls service closure
504 * @param identity the public identity of this peer
507 core_init (void *cls,
508 const struct GNUNET_PeerIdentity *identity)
510 if (NULL == identity)
512 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
513 "Connection to core FAILED!\n");
514 GNUNET_SCHEDULER_shutdown ();
517 my_identity = *identity;
522 * Handle network size estimate clients.
525 * @param server the initialized server
526 * @param c configuration to use
530 struct GNUNET_SERVER_Handle *server,
531 const struct GNUNET_CONFIGURATION_Handle *c)
533 static const struct GNUNET_SERVER_MessageHandler handlers[] = {
534 {&handle_query_message, NULL, GNUNET_MESSAGE_TYPE_REVOCATION_QUERY,
535 sizeof (struct QueryMessage)},
536 {&handle_revoke_message, NULL, GNUNET_MESSAGE_TYPE_REVOCATION_REVOKE,
537 sizeof (struct RevokeMessage)},
540 static const struct GNUNET_CORE_MessageHandler core_handlers[] = {
541 {&handle_p2p_revoke_message, GNUNET_MESSAGE_TYPE_REVOCATION_REVOKE,
542 sizeof (struct RevokeMessage)},
547 struct RevokeMessage *rm;
548 struct GNUNET_HashCode hc;
551 GNUNET_CONFIGURATION_get_value_filename (c,
556 GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
559 GNUNET_SCHEDULER_shutdown ();
564 revocation_map = GNUNET_CONTAINER_multihashmap_create (16, GNUNET_NO);
565 nc = GNUNET_SERVER_notification_context_create (server, 1);
567 GNUNET_CONFIGURATION_get_value_number (cfg, "REVOCATION", "WORKBITS",
568 &revocation_work_required))
570 GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
573 GNUNET_SCHEDULER_shutdown ();
577 if (revocation_work_required >= sizeof (struct GNUNET_HashCode) * 8)
579 GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
582 _("Value is too large.\n"));
583 GNUNET_SCHEDULER_shutdown ();
587 revocation_set = GNUNET_SET_create (cfg,
588 GNUNET_SET_OPERATION_UNION);
590 revocation_db = GNUNET_DISK_file_open (fn,
591 GNUNET_DISK_OPEN_READWRITE |
592 GNUNET_DISK_OPEN_CREATE,
593 GNUNET_DISK_PERM_USER_READ | GNUNET_DISK_PERM_USER_WRITE |
594 GNUNET_DISK_PERM_GROUP_READ |
595 GNUNET_DISK_PERM_OTHER_READ);
596 if (NULL == revocation_db)
598 GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
601 _("Could not open revocation database file!"));
602 GNUNET_SCHEDULER_shutdown ();
607 GNUNET_DISK_file_size (fn, &left, GNUNET_YES, GNUNET_YES))
609 while (left > sizeof (struct RevokeMessage))
611 rm = GNUNET_new (struct RevokeMessage);
612 if (sizeof (struct RevokeMessage) !=
613 GNUNET_DISK_file_read (revocation_db,
615 sizeof (struct RevokeMessage)))
617 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
621 GNUNET_SCHEDULER_shutdown ();
625 GNUNET_break (0 == ntohl (rm->reserved));
626 GNUNET_CRYPTO_hash (&rm->public_key,
627 sizeof (struct GNUNET_CRYPTO_EccPublicSignKey),
629 GNUNET_break (GNUNET_OK ==
630 GNUNET_CONTAINER_multihashmap_put (revocation_map,
633 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY));
637 GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_FOREVER_REL, &shutdown_task,
639 peers = GNUNET_CONTAINER_multipeermap_create (128, GNUNET_NO);
640 GNUNET_SERVER_add_handlers (srv, handlers);
641 /* Connect to core service and register core handlers */
642 coreAPI = GNUNET_CORE_connect (cfg, /* Main configuration */
643 NULL, /* Closure passed to functions */
644 &core_init, /* Call core_init once connected */
645 &handle_core_connect, /* Handle connects */
646 &handle_core_disconnect, /* Handle disconnects */
647 NULL, /* Don't want notified about all incoming messages */
648 GNUNET_NO, /* For header only inbound notification */
649 NULL, /* Don't want notified about all outbound messages */
650 GNUNET_NO, /* For header only outbound notification */
651 core_handlers); /* Register these handlers */
654 GNUNET_SCHEDULER_shutdown ();
657 stats = GNUNET_STATISTICS_create ("revocation", cfg);
662 * The main function for the network size estimation service.
664 * @param argc number of arguments from the command line
665 * @param argv command line arguments
666 * @return 0 ok, 1 on error
673 GNUNET_SERVICE_run (argc, argv, "revocation", GNUNET_SERVICE_OPTION_NONE,
674 &run, NULL)) ? 0 : 1;
682 * MINIMIZE heap size (way below 128k) since this process doesn't need much.
684 void __attribute__ ((constructor))
685 GNUNET_ARM_memory_init ()
687 mallopt (M_TRIM_THRESHOLD, 4 * 1024);
688 mallopt (M_TOP_PAD, 1 * 1024);
695 /* end of gnunet-service-revocation.c */