diff options
| author | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2016-12-14 07:52:23 +0100 |
|---|---|---|
| committer | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2016-12-14 07:52:23 +0100 |
| commit | 80bdda1c79efb648cb56bdfb63da0c2c0db3ff45 (patch) | |
| tree | 6b6b99779062dbe1325974acb5c4ea19b78e63e8 /src/credential | |
| parent | 12a3d957faa3932db31ffea0497dd083fd381b86 (diff) | |
-add serializer
Diffstat (limited to 'src/credential')
| -rw-r--r-- | src/credential/Makefile.am | 6 | ||||
| -rw-r--r-- | src/credential/credential.h | 2 | ||||
| -rw-r--r-- | src/credential/credential_api.c | 24 | ||||
| -rw-r--r-- | src/credential/credential_serialization.c | 215 | ||||
| -rw-r--r-- | src/credential/credential_serialization.h | 81 | ||||
| -rw-r--r-- | src/credential/gnunet-credential.c | 38 | ||||
| -rw-r--r-- | src/credential/gnunet-service-credential.c | 114 | ||||
| -rw-r--r-- | src/credential/plugin_rest_credential.c | 63 | ||||
| -rwxr-xr-x | src/credential/test_credential_verify.sh | 5 |
9 files changed, 464 insertions, 84 deletions
diff --git a/src/credential/Makefile.am b/src/credential/Makefile.am index 13da9dc0f5..51dbb34d75 100644 --- a/src/credential/Makefile.am +++ b/src/credential/Makefile.am @@ -63,8 +63,9 @@ libgnunet_plugin_gnsrecord_credential_la_LDFLAGS = \ gnunet_service_credential_SOURCES = \ - gnunet-service-credential.c + gnunet-service-credential.c gnunet_service_credential_LDADD = \ + libgnunetcredential.la \ $(top_builddir)/src/util/libgnunetutil.la \ $(top_builddir)/src/gns/libgnunetgns.la \ $(top_builddir)/src/statistics/libgnunetstatistics.la \ @@ -72,7 +73,8 @@ gnunet_service_credential_LDADD = \ libgnunetcredential_la_SOURCES = \ - credential_api.c credential.h + credential_api.c credential.h \ + credential_serialization.c libgnunetcredential_la_LIBADD = \ $(top_builddir)/src/util/libgnunetutil.la $(XLIB) libgnunetcredential_la_LDFLAGS = \ diff --git a/src/credential/credential.h b/src/credential/credential.h index d52776cfa4..209fcdcaa9 100644 --- a/src/credential/credential.h +++ b/src/credential/credential.h @@ -92,7 +92,7 @@ struct VerifyResultMessage /** * The number of credentials in the response */ - uint32_t cd_count GNUNET_PACKED; + uint32_t d_count GNUNET_PACKED; /* followed by ad_count GNUNET_CREDENTIAL_RecordData structs*/ diff --git a/src/credential/credential_api.c b/src/credential/credential_api.c index 54a02484df..cae6702065 100644 --- a/src/credential/credential_api.c +++ b/src/credential/credential_api.c @@ -30,6 +30,7 @@ #include "gnunet_protocols.h" #include "gnunet_signatures.h" #include "credential.h" +#include "credential_serialization.h" #include "gnunet_credential_service.h" #include "gnunet_identity_service.h" @@ -213,6 +214,10 @@ handle_result (void *cls, struct GNUNET_CREDENTIAL_Handle *handle = cls; uint32_t r_id = ntohl (vr_msg->id); struct GNUNET_CREDENTIAL_Request *vr; + size_t mlen = ntohs (vr_msg->header.size) - sizeof (*vr_msg); + uint32_t d_count = ntohl (vr_msg->d_count); + struct GNUNET_CREDENTIAL_Delegation d_chain[d_count]; + struct GNUNET_CREDENTIAL_Credential cred; GNUNET_CREDENTIAL_VerifyResultProcessor proc; void *proc_cls; @@ -229,24 +234,23 @@ handle_result (void *cls, handle->verify_tail, vr); GNUNET_free (vr); - /** GNUNET_assert (GNUNET_OK == - GNUNET_CREDENTIAL_records_deserialize (mlen, - (const char*) &lookup_msg[1], - rd_count, - rd)); - */ + GNUNET_CREDENTIAL_delegation_chain_deserialize (mlen, + (const char*) &vr_msg[1], + d_count, + d_chain, + &cred)); if (GNUNET_NO == ntohl (vr_msg->cred_found)) { proc (proc_cls, - NULL, 0, + NULL, NULL); // TODO } else { proc (proc_cls, - (struct GNUNET_CREDENTIAL_CredentialRecordData*) &vr_msg[1], - 0, - NULL); + d_count, + d_chain, + &cred); } } diff --git a/src/credential/credential_serialization.c b/src/credential/credential_serialization.c new file mode 100644 index 0000000000..2fbcebd9ff --- /dev/null +++ b/src/credential/credential_serialization.c @@ -0,0 +1,215 @@ +/* + This file is part of GNUnet. + Copyright (C) 2009-2013, 2016 GNUnet e.V. + + GNUnet is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published + by the Free Software Foundation; either version 3, or (at your + option) any later version. + + GNUnet is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with GNUnet; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, + Boston, MA 02110-1301, USA. +*/ + + +/** + * @file credential/credential_serialization.c + * @brief API to serialize and deserialize delegation chains + * and credentials + * @author Martin Schanzenbach + */ +#include "platform.h" +#include "gnunet_util_lib.h" +#include "gnunet_constants.h" +#include "gnunet_credential_service.h" + +GNUNET_NETWORK_STRUCT_BEGIN + +struct NetworkRecord +{ + /** + * Issuer key + */ + struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key; + + /** + * Subject key + */ + struct GNUNET_CRYPTO_EcdsaPublicKey subject_key; + + /** + * Issuer attributes + */ + uint32_t issuer_attribute_len GNUNET_PACKED; + + /** + * Subject attributes + */ + uint32_t subject_attribute_len GNUNET_PACKED; +}; + +GNUNET_NETWORK_STRUCT_END + +/** + * Calculate how many bytes we will need to serialize + * the given delegation chain and credential + * + * @param d_count number of delegation chain entries + * @param dd array of #GNUNET_CREDENTIAL_Delegation + * @param cd a #GNUNET_CREDENTIAL_Credential + * @return the required size to serialize + */ +size_t +GNUNET_CREDENTIAL_delegation_chain_get_size (unsigned int d_count, + const struct GNUNET_CREDENTIAL_Delegation *dd, + const struct GNUNET_CREDENTIAL_Credential *cd) +{ + unsigned int i; + size_t ret; + + ret = sizeof (struct NetworkRecord) * (d_count + 1); + + for (i=0; i<d_count;i++) + { + GNUNET_assert ((ret + + dd[i].issuer_attribute_len + + dd[i].subject_attribute_len) >= ret); + ret += dd[i].issuer_attribute_len + dd[i].subject_attribute_len; + } + GNUNET_assert ((ret + cd->issuer_attribute_len) >= ret); + ret += cd->issuer_attribute_len; + return ret; +} + +/** + * Serizalize the given delegation chain entries and credential + * + * @param d_count number of delegation chain entries + * @param dd array of #GNUNET_CREDENTIAL_Delegation + * @param cd a #GNUNET_CREDENTIAL_Credential + * @param dest_size size of the destination + * @param dest where to store the result + * @return the size of the data, -1 on failure + */ +ssize_t +GNUNET_CREDENTIAL_delegation_chain_serialize (unsigned int d_count, + const struct GNUNET_CREDENTIAL_Delegation *dd, + const struct GNUNET_CREDENTIAL_Credential *cd, + size_t dest_size, + char *dest) +{ + struct NetworkRecord rec; + unsigned int i; + size_t off; + + off = 0; + for (i=0;i<d_count;i++) + { + rec.issuer_attribute_len = htonl ((uint32_t) dd[i].issuer_attribute_len); + rec.subject_attribute_len = htonl ((uint32_t) dd[i].subject_attribute_len); + rec.issuer_key = dd[i].issuer_key; + rec.subject_key = dd[i].subject_key; + if (off + sizeof (rec) > dest_size) + return -1; + GNUNET_memcpy (&dest[off], + &rec, + sizeof (rec)); + off += sizeof (rec); + if (off + dd[i].issuer_attribute_len > dest_size) + return -1; + GNUNET_memcpy (&dest[off], + dd[i].issuer_attribute, + dd[i].issuer_attribute_len); + off += dd[i].issuer_attribute_len; + if (0 == dd[i].subject_attribute_len) + continue; + if (off + dd[i].subject_attribute_len > dest_size) + return -1; + GNUNET_memcpy (&dest[off], + dd[i].subject_attribute, + dd[i].subject_attribute_len); + off += dd[i].subject_attribute_len; + } + rec.issuer_attribute_len = htonl ((uint32_t) cd->issuer_attribute_len); + rec.subject_attribute_len = htonl (0); + rec.issuer_key = cd->issuer_key; + if (off + sizeof (rec) > dest_size) + return -1; + GNUNET_memcpy (&dest[off], + &rec, + sizeof (rec)); + off += sizeof (rec); + if (off + cd->issuer_attribute_len > dest_size) + return -1; + GNUNET_memcpy (&dest[off], + cd->issuer_attribute, + cd->issuer_attribute_len); + off += cd->issuer_attribute_len; + + return off; +} + + +/** + * Deserialize the given destination + * + * @param len size of the serialized delegation chain and cred + * @param src the serialized data + * @param d_count the number of delegation chain entries + * @param dd where to put the delegation chain entries + * @param cd where to put the credential data + * @return #GNUNET_OK on success, #GNUNET_SYSERR on error + */ +int +GNUNET_CREDENTIAL_delegation_chain_deserialize (size_t len, + const char *src, + unsigned int d_count, + struct GNUNET_CREDENTIAL_Delegation *dd, + struct GNUNET_CREDENTIAL_Credential *cd) +{ + struct NetworkRecord rec; + unsigned int i; + size_t off; + + off = 0; + for (i=0;i<d_count;i++) + { + if (off + sizeof (rec) > len) + return GNUNET_SYSERR; + GNUNET_memcpy (&rec, &src[off], sizeof (rec)); + dd[i].issuer_attribute_len = ntohl ((uint32_t) rec.issuer_attribute_len); + dd[i].issuer_key = rec.issuer_key; + dd[i].subject_key = rec.subject_key; + off += sizeof (rec); + if (off + dd[i].issuer_attribute_len > len) + return GNUNET_SYSERR; + dd[i].issuer_attribute = &src[off]; + off += dd[i].issuer_attribute_len; + dd[i].subject_attribute_len = ntohl ((uint32_t) rec.subject_attribute_len); + if (off + dd[i].subject_attribute_len > len) + return GNUNET_SYSERR; + dd[i].subject_attribute = &src[off]; + off += dd[i].subject_attribute_len; + } + if (off + sizeof (rec) > len) + return GNUNET_SYSERR; + GNUNET_memcpy (&rec, &src[off], sizeof (rec)); + cd->issuer_attribute_len = ntohl ((uint32_t) rec.issuer_attribute_len); + cd->issuer_key = rec.issuer_key; + cd->subject_key = rec.subject_key; + off += sizeof (rec); + if (off + cd->issuer_attribute_len > len) + return GNUNET_SYSERR; + cd->issuer_attribute = &src[off]; + off += cd->issuer_attribute_len; + return GNUNET_OK; +} + +/* end of credential_serialization.c */ diff --git a/src/credential/credential_serialization.h b/src/credential/credential_serialization.h new file mode 100644 index 0000000000..7e984ce0ab --- /dev/null +++ b/src/credential/credential_serialization.h @@ -0,0 +1,81 @@ +/* + This file is part of GNUnet. + Copyright (C) 2009-2013, 2016 GNUnet e.V. + + GNUnet is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published + by the Free Software Foundation; either version 3, or (at your + option) any later version. + + GNUnet is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with GNUnet; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, + Boston, MA 02110-1301, USA. +*/ + + +/** + * @file credential/credential_serialization.h + * @brief API to serialize and deserialize delegation chains + * and credentials + * @author Martin Schanzenbach + */ +#include "platform.h" +#include "gnunet_util_lib.h" +#include "gnunet_constants.h" +#include "gnunet_credential_service.h" + +/** + * Calculate how many bytes we will need to serialize + * the given delegation chain and credential + * + * @param d_count number of delegation chain entries + * @param dd array of #GNUNET_CREDENTIAL_Delegation + * @param cd a #GNUNET_CREDENTIAL_Credential + * @return the required size to serialize + */ +size_t +GNUNET_CREDENTIAL_delegation_chain_get_size (unsigned int d_count, + const struct GNUNET_CREDENTIAL_Delegation *dd, + const struct GNUNET_CREDENTIAL_Credential *cd); + +/** + * Serizalize the given delegation chain entries and credential + * + * @param d_count number of delegation chain entries + * @param dd array of #GNUNET_CREDENTIAL_Delegation + * @param cd a #GNUNET_CREDENTIAL_Credential + * @param dest_size size of the destination + * @param dest where to store the result + * @return the size of the data, -1 on failure + */ +ssize_t +GNUNET_CREDENTIAL_delegation_chain_serialize (unsigned int d_count, + const struct GNUNET_CREDENTIAL_Delegation *dd, + const struct GNUNET_CREDENTIAL_Credential *cd, + size_t dest_size, + char *dest); + + +/** + * Deserialize the given destination + * + * @param len size of the serialized delegation chain and cred + * @param src the serialized data + * @param d_count the number of delegation chain entries + * @param dd where to put the delegation chain entries + * @param cd where to put the credential data + * @return #GNUNET_OK on success, #GNUNET_SYSERR on error + */ +int +GNUNET_CREDENTIAL_delegation_chain_deserialize (size_t len, + const char *src, + unsigned int d_count, + struct GNUNET_CREDENTIAL_Delegation *dd, + struct GNUNET_CREDENTIAL_Credential *cd); +/* end of credential_serialization.h */ diff --git a/src/credential/gnunet-credential.c b/src/credential/gnunet-credential.c index d728f533d5..82f0e349c4 100644 --- a/src/credential/gnunet-credential.c +++ b/src/credential/gnunet-credential.c @@ -157,17 +157,43 @@ do_timeout (void *cls) */ static void handle_verify_result (void *cls, - struct GNUNET_CREDENTIAL_CredentialRecordData *cred, - uint32_t delegation_count, - struct GNUNET_CREDENTIAL_AttributeRecordData *deleg) + unsigned int d_count, + struct GNUNET_CREDENTIAL_Delegation *dc, + struct GNUNET_CREDENTIAL_Credential *cred) { - + int i; verify_request = NULL; if (NULL == cred) - printf ("Verify failed.\n"); + printf ("Failed.\n"); else + { + for (i=0;i<d_count;i++) + { + char iss_attr[dc[i].issuer_attribute_len]; + char* iss_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dc[i].issuer_key); + char* sub_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dc[i].subject_key); + + char sub_attr[dc[i].subject_attribute_len]; + memcpy (iss_attr, + dc[i].issuer_attribute, + dc[i].issuer_attribute_len); + iss_attr[dc[i].issuer_attribute_len] = '\0'; + printf ("%s.%s <- ",iss_key, iss_attr); + printf ("%s",sub_key); + if (0 != dc[i].subject_attribute_len) + { + memcpy (sub_attr, + dc[i].subject_attribute, + dc[i].subject_attribute_len); + sub_attr[dc[i].subject_attribute_len] = '\0'; + + printf (".%s",sub_attr); + } + printf ("\n"); + } printf ("Successful.\n"); + } GNUNET_SCHEDULER_shutdown (); @@ -209,7 +235,7 @@ identity_cb (void *cls, GNUNET_SCHEDULER_shutdown (); return; } else if (GNUNET_OK == GNUNET_STRINGS_fancy_time_to_relative (expiration, - &etime_rel)) + &etime_rel)) { etime_abs = GNUNET_TIME_relative_to_absolute (etime_rel); } else if (GNUNET_OK != GNUNET_STRINGS_fancy_time_to_absolute (expiration, diff --git a/src/credential/gnunet-service-credential.c b/src/credential/gnunet-service-credential.c index 38d74e2abd..74e1e1cd27 100644 --- a/src/credential/gnunet-service-credential.c +++ b/src/credential/gnunet-service-credential.c @@ -27,6 +27,7 @@ #include "gnunet_credential_service.h" #include "gnunet_statistics_service.h" #include "credential.h" +#include "credential_serialization.h" #include "gnunet_protocols.h" #include "gnunet_signatures.h" @@ -165,6 +166,11 @@ struct DelegationQueueEntry * The delegation chain entry */ struct GNUNET_CREDENTIAL_DelegationChainEntry *delegation_chain_entry; + + /** + * Delegation chain length until now + */ + uint32_t d_count; }; @@ -221,11 +227,6 @@ struct VerifyRequestHandle struct CredentialRecordEntry *cred_chain_tail; /** - * Number of chain entries - */ - uint32_t cred_chain_entries; - - /** * Delegation Queue */ struct DelegationQueueEntry *chain_start; @@ -251,6 +252,11 @@ struct VerifyRequestHandle uint32_t credential_size; /** + * Length of found delegation chain + */ + uint32_t d_count; + + /** * request id */ uint32_t request_id; @@ -439,65 +445,92 @@ send_lookup_response (struct VerifyRequestHandle *vrh) struct GNUNET_MQ_Envelope *env; struct VerifyResultMessage *rmsg; struct DelegationQueueEntry *dq_entry; - char *write_ptr; size_t size = vrh->credential_size; + struct GNUNET_CREDENTIAL_Delegation dd[vrh->d_count]; + struct GNUNET_CREDENTIAL_Credential cred; GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Sending response\n"); - - for (dq_entry = vrh->chain_end; NULL != dq_entry; dq_entry = dq_entry->parent) + dq_entry = vrh->chain_end; + for (int i=0; i<vrh->d_count; i++) { - if (NULL == dq_entry->delegation_chain_entry) - break; - size += sizeof (struct GNUNET_CREDENTIAL_DelegationChainEntry); + dd[i].issuer_key = dq_entry->delegation_chain_entry->issuer_key; + dd[i].subject_key = dq_entry->delegation_chain_entry->subject_key; + dd[i].issuer_attribute = dq_entry->delegation_chain_entry->issuer_attribute; + dd[i].issuer_attribute_len = strlen (dq_entry->delegation_chain_entry->issuer_attribute); + dd[i].subject_attribute_len = 0; if (NULL != dq_entry->delegation_chain_entry->subject_attribute) - size += strlen (dq_entry->delegation_chain_entry->subject_attribute) + 1; - size += strlen(dq_entry->delegation_chain_entry->issuer_attribute) + 1; + { + dd[i].subject_attribute = dq_entry->delegation_chain_entry->subject_attribute; + dd[i].subject_attribute_len = strlen(dq_entry->delegation_chain_entry->subject_attribute); + } + dq_entry = dq_entry->parent; } + /** + * Get serialized record data + * Append at the end of rmsg + */ + cred.issuer_key = vrh->credential->issuer_key; + cred.subject_key = vrh->credential->issuer_key; + cred.issuer_attribute_len = strlen((char*)&vrh->credential[1]); + cred.issuer_attribute = (char*)&vrh->credential[1]; + size = GNUNET_CREDENTIAL_delegation_chain_get_size (vrh->d_count, + dd, + &cred); env = GNUNET_MQ_msg_extra (rmsg, size, GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT); //Assign id so that client can find associated request rmsg->id = vrh->request_id; - rmsg->cd_count = htonl (vrh->cred_chain_entries); - - /** - * Get serialized record data - * Append at the end of rmsg - */ - rmsg->cred_found = htonl (GNUNET_NO); + rmsg->d_count = htonl (vrh->d_count); if (NULL != vrh->credential) - { - memcpy (&rmsg[1], - vrh->credential, - vrh->credential_size); rmsg->cred_found = htonl (GNUNET_YES); - } + else + rmsg->cred_found = htonl (GNUNET_NO); + + GNUNET_assert (-1 != GNUNET_CREDENTIAL_delegation_chain_serialize (vrh->d_count, + dd, + &cred, + size, + (char*)&rmsg[1])); + + + /*for (dq_entry = vrh->chain_end; NULL != dq_entry; dq_entry = dq_entry->parent) + { + if (NULL == dq_entry->delegation_chain_entry) + break; + size += sizeof (struct GNUNET_CREDENTIAL_DelegationChainEntry); + if (NULL != dq_entry->delegation_chain_entry->subject_attribute) + size += strlen (dq_entry->delegation_chain_entry->subject_attribute) + 1; + size += strlen(dq_entry->delegation_chain_entry->issuer_attribute) + 1; + d_count++; + }*/ + //TODO refactor into serializer module - write_ptr = (char*)&rmsg[1] + vrh->credential_size; - for (dq_entry = vrh->chain_end; NULL != dq_entry; dq_entry = dq_entry->parent) - { + /*write_ptr = (char*)&rmsg[1] + vrh->credential_size; + for (dq_entry = vrh->chain_end; NULL != dq_entry; dq_entry = dq_entry->parent) + { if (NULL == dq_entry->delegation_chain_entry) - break; + break; memcpy (write_ptr, - dq_entry->delegation_chain_entry, - sizeof (struct GNUNET_CREDENTIAL_DelegationChainEntry)); + dq_entry->delegation_chain_entry, + sizeof (struct GNUNET_CREDENTIAL_DelegationChainEntry)); write_ptr += sizeof (struct GNUNET_CREDENTIAL_DelegationChainEntry); if (NULL != dq_entry->delegation_chain_entry->subject_attribute) { - GNUNET_snprintf (write_ptr, - strlen (dq_entry->delegation_chain_entry->subject_attribute) + 2, - "%s;", - dq_entry->delegation_chain_entry->subject_attribute); - write_ptr += strlen (dq_entry->delegation_chain_entry->subject_attribute) + 1; + GNUNET_snprintf (write_ptr, + strlen (dq_entry->delegation_chain_entry->subject_attribute) + 2, + "%s;", + dq_entry->delegation_chain_entry->subject_attribute); + write_ptr += strlen (dq_entry->delegation_chain_entry->subject_attribute) + 1; } memcpy (write_ptr, - dq_entry->delegation_chain_entry->issuer_attribute, - strlen(dq_entry->delegation_chain_entry->issuer_attribute)); + dq_entry->delegation_chain_entry->issuer_attribute, + strlen(dq_entry->delegation_chain_entry->issuer_attribute)); write_ptr += strlen(dq_entry->delegation_chain_entry->issuer_attribute) + 1; - } + }*/ GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq(vrh->client), env); GNUNET_CONTAINER_DLL_remove (vrh_head, vrh_tail, vrh); @@ -580,6 +613,7 @@ backward_resolution (void* cls, dq_entry->delegation_chain_entry->issuer_attribute = GNUNET_strdup (current_delegation->lookup_attribute); dq_entry->parent = current_delegation; + dq_entry->d_count = current_delegation->d_count + 1; GNUNET_CONTAINER_DLL_insert (current_delegation->children_head, current_delegation->children_tail, dq_entry); @@ -608,6 +642,7 @@ backward_resolution (void* cls, vrh->credential = GNUNET_malloc (cred_pointer->data_size); vrh->credential_size = cred_pointer->data_size; vrh->chain_end = dq_entry; + vrh->d_count = dq_entry->d_count; //Found match send_lookup_response (vrh); return; @@ -743,6 +778,7 @@ handle_credential_query (void* cls, dq_entry->issuer_attribute = GNUNET_strdup (vrh->issuer_attribute); dq_entry->handle = vrh; dq_entry->lookup_attribute = GNUNET_strdup (vrh->issuer_attribute); + dq_entry->d_count = 0; vrh->chain_start = dq_entry; vrh->pending_lookups = 1; //Start with backward resolution diff --git a/src/credential/plugin_rest_credential.c b/src/credential/plugin_rest_credential.c index 137f55c479..798f76049c 100644 --- a/src/credential/plugin_rest_credential.c +++ b/src/credential/plugin_rest_credential.c @@ -186,22 +186,45 @@ do_error (void *cls) * @return JSON, NULL if failed */ static json_t* -attribute_delegation_to_json (struct GNUNET_CREDENTIAL_AttributeRecordData *attr) +attribute_delegation_to_json (struct GNUNET_CREDENTIAL_Delegation *delegation_chain_entry) { char *subject; - char *attribute; + char *issuer; + char iss_attribute[delegation_chain_entry->issuer_attribute_len]; + char sub_attribute[delegation_chain_entry->subject_attribute_len]; json_t *attr_obj; - subject = GNUNET_CRYPTO_ecdsa_public_key_to_string (&attr->subject_key); + issuer = GNUNET_CRYPTO_ecdsa_public_key_to_string (&delegation_chain_entry->issuer_key); + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Issuer in delegation malformed\n"); + return NULL; + } + subject = GNUNET_CRYPTO_ecdsa_public_key_to_string (&delegation_chain_entry->subject_key); { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Subject in credential malformed\n"); + GNUNET_free (issuer); return NULL; } - attribute = (char*)&attr[1]; attr_obj = json_object (); + memcpy (iss_attribute, + delegation_chain_entry->issuer_attribute, + delegation_chain_entry->issuer_attribute_len); + iss_attribute[delegation_chain_entry->issuer_attribute_len] = '\0'; + json_object_set_new (attr_obj, "subject", json_string (subject)); - json_object_set_new (attr_obj, "attribute", json_string (attribute)); + json_object_set_new (attr_obj, "issuer", json_string (issuer)); + json_object_set_new (attr_obj, "issuer_attribute", json_string (iss_attribute)); + + if (0 < delegation_chain_entry->subject_attribute_len) + { + memcpy (sub_attribute, + delegation_chain_entry->subject_attribute, + delegation_chain_entry->subject_attribute_len); + sub_attribute[delegation_chain_entry->subject_attribute_len] = '\0'; + json_object_set_new (attr_obj, "subject_attribute", json_string (sub_attribute)); + } GNUNET_free (subject); return attr_obj; } @@ -212,14 +235,11 @@ attribute_delegation_to_json (struct GNUNET_CREDENTIAL_AttributeRecordData *attr * @return the resulting json, NULL if failed */ static json_t* -credential_to_json (struct GNUNET_CREDENTIAL_CredentialRecordData *cred) +credential_to_json (struct GNUNET_CREDENTIAL_Credential *cred) { - struct GNUNET_TIME_Absolute exp; - const char* exp_str; char *issuer; char *subject; - char *attribute; - char *signature; + char attribute[cred->issuer_attribute_len + 1]; json_t *cred_obj; issuer = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->issuer_key); @@ -237,21 +257,16 @@ credential_to_json (struct GNUNET_CREDENTIAL_CredentialRecordData *cred) GNUNET_free (issuer); return NULL; } - GNUNET_STRINGS_base64_encode ((char*)&cred->signature, - sizeof (struct GNUNET_CRYPTO_EcdsaSignature), - &signature); - attribute = (char*)&cred[1]; - exp.abs_value_us = ntohs (cred->expiration); - exp_str = GNUNET_STRINGS_absolute_time_to_string (exp); + memcpy (attribute, + cred->issuer_attribute, + cred->issuer_attribute_len); + attribute[cred->issuer_attribute_len] = '\0'; cred_obj = json_object (); json_object_set_new (cred_obj, "issuer", json_string (issuer)); json_object_set_new (cred_obj, "subject", json_string (subject)); json_object_set_new (cred_obj, "attribute", json_string (attribute)); - json_object_set_new (cred_obj, "signature", json_string (signature)); - json_object_set_new (cred_obj, "expiration", json_string (exp_str)); GNUNET_free (issuer); GNUNET_free (subject); - GNUNET_free (signature); return cred_obj; } @@ -264,9 +279,9 @@ credential_to_json (struct GNUNET_CREDENTIAL_CredentialRecordData *cred) */ static void handle_verify_response (void *cls, - struct GNUNET_CREDENTIAL_CredentialRecordData *cred, - uint32_t delegation_count, - struct GNUNET_CREDENTIAL_AttributeRecordData *deleg) + unsigned int d_count, + struct GNUNET_CREDENTIAL_Delegation *delegation_chain, + struct GNUNET_CREDENTIAL_Credential *cred) { struct VerifyHandle *handle = cls; @@ -292,9 +307,9 @@ handle_verify_response (void *cls, handle->issuer_attr); cred_obj = credential_to_json (cred); result_array = json_array (); - for (i = 0; i < delegation_count; i++) + for (i = 0; i < d_count; i++) { - attr_obj = attribute_delegation_to_json (&(deleg[i])); + attr_obj = attribute_delegation_to_json (&delegation_chain[i]); json_array_append (result_array, attr_obj); json_decref (attr_obj); } diff --git a/src/credential/test_credential_verify.sh b/src/credential/test_credential_verify.sh index 3b76d20e5b..012341f5f2 100755 --- a/src/credential/test_credential_verify.sh +++ b/src/credential/test_credential_verify.sh @@ -67,10 +67,11 @@ gnunet-namestore -z gnunet -d -n $MEMBER_ATTR -t ATTR -c test_credential_lookup. gnunet-namestore -z service -d -n $USER_ATTR -t ATTR -c test_credential_lookup.conf gnunet-arm -e -c test_credential_lookup.conf -if [ "$RES_CRED" == "Successful." ] +if [ "$RES_CRED" != "Failed." ] then + echo $RES_CRED exit 0 else - echo "FAIL: Failed to verify credential $RES_IP." + echo "FAIL: Failed to verify credential $RES_CRED." exit 1 fi |