summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Ebner <pansy007@googlemail.com>2019-08-06 16:17:33 +0200
committerSchanzenbach, Martin <mschanzenbach@posteo.de>2019-10-07 12:17:28 +0200
commit33525da20575ba0149d1c6bcaac74e52d4e0ddd7 (patch)
tree91966b82a290b9b9d34c9d6e1c10f13d1b8156ed
parent15b0d71a635f02f5e0291a695d35a65698fdea05 (diff)
Removed GNUNET_CREDENTIAL_Credential, new cmdline parameters, formatting:
- removed all files and functions related to GNUNET_CREDENTIAL_Credential, has been replaced by GNUNET_CREDENTIAL_Delegate - renamed cmline parameter 'credential' - added cmline parameter for backward/forward search and a related enum - added cmline parameter to store private delegates - only private delegates are used as start/end of the search algorithm (set to vrh in collect) - run valgrind: no memory exceptions - run clang-format
-rw-r--r--src/credential/Makefile.am2
-rw-r--r--src/credential/credential.h4
-rw-r--r--src/credential/credential_api.c189
-rw-r--r--src/credential/credential_misc.c176
-rw-r--r--src/credential/credential_misc.h36
-rw-r--r--src/credential/credential_serialization.c91
-rw-r--r--src/credential/credential_serialization.h112
-rw-r--r--src/credential/gnunet-credential.c294
-rw-r--r--src/credential/gnunet-service-credential.c643
-rw-r--r--src/credential/plugin_gnsrecord_credential.c21
-rwxr-xr-xsrc/credential/test_credential_own.sh28
-rw-r--r--src/include/gnunet_credential_service.h67
12 files changed, 697 insertions, 966 deletions
diff --git a/src/credential/Makefile.am b/src/credential/Makefile.am
index d7d8964eb..e72cf4f79 100644
--- a/src/credential/Makefile.am
+++ b/src/credential/Makefile.am
@@ -72,8 +72,6 @@ libgnunetcredential_la_SOURCES = \
credential_api.c credential.h\
credential_serialization.c \
credential_serialization.h \
- credential_misc.c \
- credential_misc.h \
delegate_misc.c \
delegate_misc.h
libgnunetcredential_la_LIBADD = \
diff --git a/src/credential/credential.h b/src/credential/credential.h
index ca8fb78d7..43ecec73f 100644
--- a/src/credential/credential.h
+++ b/src/credential/credential.h
@@ -29,8 +29,6 @@
GNUNET_NETWORK_STRUCT_BEGIN
-enum direction{Backward, Forward, Bidirectional};
-
/**
* Message from client to Credential service to collect credentials.
*/
@@ -249,7 +247,7 @@ struct DelegateEntry
* Expiration time of this credential
*/
uint64_t expiration GNUNET_PACKED;
-
+
/**
* Issuer subject attribute length
*/
diff --git a/src/credential/credential_api.c b/src/credential/credential_api.c
index 4fe32465a..7c3b35464 100644
--- a/src/credential/credential_api.c
+++ b/src/credential/credential_api.c
@@ -35,7 +35,7 @@
#include "gnunet_identity_service.h"
-#define LOG(kind,...) GNUNET_log_from (kind, "credential-api",__VA_ARGS__)
+#define LOG(kind, ...) GNUNET_log_from (kind, "credential-api", __VA_ARGS__)
/**
* Handle to a verify request
@@ -77,7 +77,6 @@ struct GNUNET_CREDENTIAL_Request
* request id
*/
uint32_t r_id;
-
};
@@ -121,7 +120,6 @@ struct GNUNET_CREDENTIAL_Handle
* Request Id generator. Incremented by one for each request.
*/
uint32_t r_id_gen;
-
};
@@ -159,12 +157,12 @@ force_reconnect (struct GNUNET_CREDENTIAL_Handle *handle)
{
GNUNET_MQ_destroy (handle->mq);
handle->mq = NULL;
- handle->reconnect_backoff
- = GNUNET_TIME_STD_BACKOFF (handle->reconnect_backoff);
- handle->reconnect_task
- = GNUNET_SCHEDULER_add_delayed (handle->reconnect_backoff,
- &reconnect_task,
- handle);
+ handle->reconnect_backoff =
+ GNUNET_TIME_STD_BACKOFF (handle->reconnect_backoff);
+ handle->reconnect_task =
+ GNUNET_SCHEDULER_add_delayed (handle->reconnect_backoff,
+ &reconnect_task,
+ handle);
}
@@ -177,8 +175,7 @@ force_reconnect (struct GNUNET_CREDENTIAL_Handle *handle)
* @param error error code
*/
static void
-mq_error_handler (void *cls,
- enum GNUNET_MQ_Error error)
+mq_error_handler (void *cls, enum GNUNET_MQ_Error error)
{
struct GNUNET_CREDENTIAL_Handle *handle = cls;
@@ -192,8 +189,7 @@ mq_error_handler (void *cls,
* @param vr_msg the incoming message
*/
static int
-check_result (void *cls,
- const struct DelegationChainResultMessage *vr_msg)
+check_result (void *cls, const struct DelegationChainResultMessage *vr_msg)
{
//TODO
return GNUNET_OK;
@@ -207,8 +203,7 @@ check_result (void *cls,
* @param vr_msg the incoming message
*/
static void
-handle_result (void *cls,
- const struct DelegationChainResultMessage *vr_msg)
+handle_result (void *cls, const struct DelegationChainResultMessage *vr_msg)
{
struct GNUNET_CREDENTIAL_Handle *handle = cls;
uint32_t r_id = ntohl (vr_msg->id);
@@ -230,31 +225,25 @@ handle_result (void *cls,
return;
proc = vr->verify_proc;
proc_cls = vr->proc_cls;
- GNUNET_CONTAINER_DLL_remove (handle->request_head,
- handle->request_tail,
- vr);
+ GNUNET_CONTAINER_DLL_remove (handle->request_head, handle->request_tail, vr);
GNUNET_MQ_discard (vr->env);
GNUNET_free (vr);
- GNUNET_assert (GNUNET_OK ==
- GNUNET_CREDENTIAL_delegation_chain_deserialize (mlen,
- (const char*) &vr_msg[1],
- d_count,
- d_chain,
- c_count,
- dels));
+ GNUNET_assert (
+ GNUNET_OK ==
+ GNUNET_CREDENTIAL_delegation_chain_deserialize (mlen,
+ (const char *) &vr_msg[1],
+ d_count,
+ d_chain,
+ c_count,
+ dels));
if (GNUNET_NO == ntohl (vr_msg->del_found))
{
- proc (proc_cls,
- 0,
- NULL,
- 0,
+ proc (proc_cls, 0, NULL, 0,
NULL); // TODO
- } else {
- proc (proc_cls,
- d_count,
- d_chain,
- c_count,
- dels);
+ }
+ else
+ {
+ proc (proc_cls, d_count, d_chain, c_count, dels);
}
}
@@ -267,22 +256,20 @@ handle_result (void *cls,
static void
reconnect (struct GNUNET_CREDENTIAL_Handle *handle)
{
- struct GNUNET_MQ_MessageHandler handlers[] = {
- GNUNET_MQ_hd_var_size (result,
- GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT,
- struct DelegationChainResultMessage,
- handle),
- GNUNET_MQ_hd_var_size (result,
- GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT_RESULT,
- struct DelegationChainResultMessage,
- handle),
- GNUNET_MQ_handler_end ()
- };
+ struct GNUNET_MQ_MessageHandler handlers[] =
+ {GNUNET_MQ_hd_var_size (result,
+ GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT,
+ struct DelegationChainResultMessage,
+ handle),
+ GNUNET_MQ_hd_var_size (result,
+ GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT_RESULT,
+ struct DelegationChainResultMessage,
+ handle),
+ GNUNET_MQ_handler_end ()};
struct GNUNET_CREDENTIAL_Request *vr;
GNUNET_assert (NULL == handle->mq);
- LOG (GNUNET_ERROR_TYPE_DEBUG,
- "Trying to connect to CREDENTIAL\n");
+ LOG (GNUNET_ERROR_TYPE_DEBUG, "Trying to connect to CREDENTIAL\n");
handle->mq = GNUNET_CLIENT_connect (handle->cfg,
"credential",
handlers,
@@ -291,8 +278,7 @@ reconnect (struct GNUNET_CREDENTIAL_Handle *handle)
if (NULL == handle->mq)
return;
for (vr = handle->request_head; NULL != vr; vr = vr->next)
- GNUNET_MQ_send_copy (handle->mq,
- vr->env);
+ GNUNET_MQ_send_copy (handle->mq, vr->env);
}
@@ -352,9 +338,7 @@ GNUNET_CREDENTIAL_request_cancel (struct GNUNET_CREDENTIAL_Request *lr)
{
struct GNUNET_CREDENTIAL_Handle *handle = lr->credential_handle;
- GNUNET_CONTAINER_DLL_remove (handle->request_head,
- handle->request_tail,
- lr);
+ GNUNET_CONTAINER_DLL_remove (handle->request_head, handle->request_tail, lr);
GNUNET_MQ_discard (lr->env);
GNUNET_free (lr);
}
@@ -373,13 +357,15 @@ GNUNET_CREDENTIAL_request_cancel (struct GNUNET_CREDENTIAL_Request *lr)
* @param proc_cls closure for processor
* @return handle to the queued request
*/
-struct GNUNET_CREDENTIAL_Request*
-GNUNET_CREDENTIAL_collect (struct GNUNET_CREDENTIAL_Handle *handle,
- const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
- const char *issuer_attribute,
- const struct GNUNET_CRYPTO_EcdsaPrivateKey *subject_key,
- GNUNET_CREDENTIAL_CredentialResultProcessor proc,
- void *proc_cls)
+struct GNUNET_CREDENTIAL_Request *
+GNUNET_CREDENTIAL_collect (
+ struct GNUNET_CREDENTIAL_Handle *handle,
+ const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
+ const char *issuer_attribute,
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *subject_key,
+ enum GNUNET_CREDENTIAL_AlgoDirectionFlags direction,
+ GNUNET_CREDENTIAL_CredentialResultProcessor proc,
+ void *proc_cls)
{
/* IPC to shorten credential names, return shorten_handle */
struct CollectMessage *c_msg;
@@ -407,25 +393,18 @@ GNUNET_CREDENTIAL_collect (struct GNUNET_CREDENTIAL_Handle *handle,
vr->verify_proc = proc;
vr->proc_cls = proc_cls;
vr->r_id = handle->r_id_gen++;
- vr->env = GNUNET_MQ_msg_extra (c_msg,
- nlen,
- GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT);
+ vr->env =
+ GNUNET_MQ_msg_extra (c_msg, nlen, GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT);
c_msg->id = htonl (vr->r_id);
c_msg->subject_key = *subject_key;
- c_msg->issuer_key = *issuer_key;
- c_msg->issuer_attribute_len = htons(strlen(issuer_attribute));
- c_msg->resolution_algo = htons(Backward);
- //c_msg->resolution_algo = htons(Forward);
-
- GNUNET_memcpy (&c_msg[1],
- issuer_attribute,
- strlen (issuer_attribute));
- GNUNET_CONTAINER_DLL_insert (handle->request_head,
- handle->request_tail,
- vr);
+ c_msg->issuer_key = *issuer_key;
+ c_msg->issuer_attribute_len = htons (strlen (issuer_attribute));
+ c_msg->resolution_algo = htons (direction);
+
+ GNUNET_memcpy (&c_msg[1], issuer_attribute, strlen (issuer_attribute));
+ GNUNET_CONTAINER_DLL_insert (handle->request_head, handle->request_tail, vr);
if (NULL != handle->mq)
- GNUNET_MQ_send_copy (handle->mq,
- vr->env);
+ GNUNET_MQ_send_copy (handle->mq, vr->env);
return vr;
}
/**
@@ -446,15 +425,17 @@ GNUNET_CREDENTIAL_collect (struct GNUNET_CREDENTIAL_Handle *handle,
* @param proc_cls closure for processor
* @return handle to the queued request
*/
-struct GNUNET_CREDENTIAL_Request*
-GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle,
- const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
- const char *issuer_attribute,
- const struct GNUNET_CRYPTO_EcdsaPublicKey *subject_key,
- uint32_t delegate_count,
- const struct GNUNET_CREDENTIAL_Delegate *delegates,
- GNUNET_CREDENTIAL_CredentialResultProcessor proc,
- void *proc_cls)
+struct GNUNET_CREDENTIAL_Request *
+GNUNET_CREDENTIAL_verify (
+ struct GNUNET_CREDENTIAL_Handle *handle,
+ const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
+ const char *issuer_attribute,
+ const struct GNUNET_CRYPTO_EcdsaPublicKey *subject_key,
+ uint32_t delegate_count,
+ const struct GNUNET_CREDENTIAL_Delegate *delegates,
+ enum GNUNET_CREDENTIAL_AlgoDirectionFlags direction,
+ GNUNET_CREDENTIAL_CredentialResultProcessor proc,
+ void *proc_cls)
{
/* IPC to shorten credential names, return shorten_handle */
struct VerifyMessage *v_msg;
@@ -468,8 +449,7 @@ GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle,
return NULL;
}
- clen = GNUNET_CREDENTIAL_delegates_get_size (delegate_count,
- delegates);
+ clen = GNUNET_CREDENTIAL_delegates_get_size (delegate_count, delegates);
//DEBUG LOG
LOG (GNUNET_ERROR_TYPE_DEBUG,
@@ -486,31 +466,24 @@ GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle,
vr->verify_proc = proc;
vr->proc_cls = proc_cls;
vr->r_id = handle->r_id_gen++;
- vr->env = GNUNET_MQ_msg_extra (v_msg,
- nlen,
- GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY);
+ vr->env =
+ GNUNET_MQ_msg_extra (v_msg, nlen, GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY);
v_msg->id = htonl (vr->r_id);
v_msg->subject_key = *subject_key;
- v_msg->d_count = htonl(delegate_count);
- v_msg->issuer_key = *issuer_key;
- v_msg->issuer_attribute_len = htons(strlen(issuer_attribute));
- v_msg->resolution_algo = htons(Backward);
- //v_msg->resolution_algo = htons(Forward);
-
- GNUNET_memcpy (&v_msg[1],
- issuer_attribute,
- strlen (issuer_attribute));
+ v_msg->d_count = htonl (delegate_count);
+ v_msg->issuer_key = *issuer_key;
+ v_msg->issuer_attribute_len = htons (strlen (issuer_attribute));
+ v_msg->resolution_algo = htons (direction);
+
+ GNUNET_memcpy (&v_msg[1], issuer_attribute, strlen (issuer_attribute));
GNUNET_CREDENTIAL_delegates_serialize (delegate_count,
- delegates,
- clen,
- ((char*)&v_msg[1])
- + strlen (issuer_attribute) + 1);
- GNUNET_CONTAINER_DLL_insert (handle->request_head,
- handle->request_tail,
- vr);
+ delegates,
+ clen,
+ ((char *) &v_msg[1]) +
+ strlen (issuer_attribute) + 1);
+ GNUNET_CONTAINER_DLL_insert (handle->request_head, handle->request_tail, vr);
if (NULL != handle->mq)
- GNUNET_MQ_send_copy (handle->mq,
- vr->env);
+ GNUNET_MQ_send_copy (handle->mq, vr->env);
return vr;
}
diff --git a/src/credential/credential_misc.c b/src/credential/credential_misc.c
deleted file mode 100644
index 13435273e..000000000
--- a/src/credential/credential_misc.c
+++ /dev/null
@@ -1,176 +0,0 @@
-/*
- This file is part of GNUnet.
- Copyright (C) 2009-2013, 2016 GNUnet e.V.
-
- GNUnet is free software: you can redistribute it and/or modify it
- under the terms of the GNU Affero General Public License as published
- by the Free Software Foundation, either version 3 of the License,
- or (at your option) any later version.
-
- GNUnet is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Affero General Public License for more details.
-
- You should have received a copy of the GNU Affero General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-
- SPDX-License-Identifier: AGPL3.0-or-later
- */
-
-
-/**
- * @file credential/credential_misc.c
- * @brief Misc API for credentials
- *
- * @author Martin Schanzenbach
- */
-#include "platform.h"
-#include "gnunet_util_lib.h"
-#include "gnunet_constants.h"
-#include "gnunet_credential_service.h"
-#include "gnunet_signatures.h"
-#include "credential.h"
-#include <inttypes.h>
-
-char*
-GNUNET_CREDENTIAL_credential_to_string (const struct
- GNUNET_CREDENTIAL_Credential *cred)
-{
- char *cred_str;
- char *subject_pkey;
- char *issuer_pkey;
- char *signature;
-
-
- subject_pkey = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->subject_key);
- issuer_pkey = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->issuer_key);
- GNUNET_STRINGS_base64_encode ((char*) &cred->signature,
- sizeof(struct GNUNET_CRYPTO_EcdsaSignature),
- &signature);
- GNUNET_asprintf (&cred_str,
- "%s.%s -> %s | %s | %" SCNu64,
- issuer_pkey,
- cred->issuer_attribute,
- subject_pkey,
- signature,
- cred->expiration.abs_value_us);
- GNUNET_free (subject_pkey);
- GNUNET_free (issuer_pkey);
- GNUNET_free (signature);
- return cred_str;
-}
-
-struct GNUNET_CREDENTIAL_Credential*
-GNUNET_CREDENTIAL_credential_from_string (const char*s)
-{
- struct GNUNET_CREDENTIAL_Credential *cred;
- size_t enclen = (sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)) * 8;
-
- if (enclen % 5 > 0)
- enclen += 5 - enclen % 5;
- enclen /= 5; /* 260/5 = 52 */
- char subject_pkey[enclen + 1];
- char issuer_pkey[enclen + 1];
- char name[253 + 1];
- char signature[256]; // TODO max payload size
-
- struct GNUNET_CRYPTO_EcdsaSignature *sig;
- struct GNUNET_TIME_Absolute etime_abs;
-
- if (5 != sscanf (s,
- "%52s.%253s -> %52s | %s | %" SCNu64,
- issuer_pkey,
- name,
- subject_pkey,
- signature,
- &etime_abs.abs_value_us))
- {
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- _ ("Unable to parse CRED record string `%s'\n"),
- s);
- return NULL;
- }
- cred = GNUNET_malloc (sizeof(struct GNUNET_CREDENTIAL_Credential) + strlen (
- name) + 1);
- GNUNET_CRYPTO_ecdsa_public_key_from_string (subject_pkey,
- strlen (subject_pkey),
- &cred->subject_key);
- GNUNET_CRYPTO_ecdsa_public_key_from_string (issuer_pkey,
- strlen (issuer_pkey),
- &cred->issuer_key);
- GNUNET_assert (sizeof(struct GNUNET_CRYPTO_EcdsaSignature) ==
- GNUNET_STRINGS_base64_decode (signature,
- strlen (
- signature),
- (
- char**) &sig));
- cred->signature = *sig;
- cred->expiration = etime_abs;
- GNUNET_free (sig);
- GNUNET_memcpy (&cred[1],
- name,
- strlen (name) + 1);
- cred->issuer_attribute_len = strlen ((char*) &cred[1]);
- cred->issuer_attribute = (char*) &cred[1];
- return cred;
-}
-
-/**
- * Issue an attribute to a subject
- *
- * @param issuer the ego that should be used to issue the attribute
- * @param subject the subject of the attribute
- * @param attribute the name of the attribute
- * @return handle to the queued request
- */
-struct GNUNET_CREDENTIAL_Credential *
-GNUNET_CREDENTIAL_credential_issue (const struct
- GNUNET_CRYPTO_EcdsaPrivateKey *issuer,
- struct GNUNET_CRYPTO_EcdsaPublicKey *subject,
- const char *attribute,
- struct GNUNET_TIME_Absolute *expiration)
-{
- struct CredentialEntry *crd;
- struct GNUNET_CREDENTIAL_Credential *cred;
- size_t size;
-
- size = sizeof(struct CredentialEntry) + strlen (attribute) + 1;
- crd = GNUNET_malloc (size);
- cred = GNUNET_malloc (sizeof(struct GNUNET_CREDENTIAL_Credential) + strlen (
- attribute) + 1);
- crd->purpose.size = htonl (size - sizeof(struct
- GNUNET_CRYPTO_EcdsaSignature));
-
- crd->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_CREDENTIAL);
- GNUNET_CRYPTO_ecdsa_key_get_public (issuer,
- &crd->issuer_key);
- crd->subject_key = *subject;
- crd->expiration = GNUNET_htonll (expiration->abs_value_us);
- crd->issuer_attribute_len = htonl (strlen (attribute) + 1);
- GNUNET_memcpy ((char*) &crd[1],
- attribute,
- strlen (attribute) + 1);
- if (GNUNET_OK !=
- GNUNET_CRYPTO_ecdsa_sign (issuer,
- &crd->purpose,
- &crd->signature))
- {
- GNUNET_break (0);
- GNUNET_free (crd);
- GNUNET_free (cred);
- return NULL;
- }
- cred->signature = crd->signature;
- cred->expiration = *expiration;
- GNUNET_CRYPTO_ecdsa_key_get_public (issuer,
- &cred->issuer_key);
-
- cred->subject_key = *subject;
- GNUNET_memcpy (&cred[1],
- attribute,
- strlen (attribute) + 1);
- cred->issuer_attribute = (char*) &cred[1];
- GNUNET_free (crd);
- return cred;
-}
diff --git a/src/credential/credential_misc.h b/src/credential/credential_misc.h
deleted file mode 100644
index 510e1aacb..000000000
--- a/src/credential/credential_misc.h
+++ /dev/null
@@ -1,36 +0,0 @@
-/*
- This file is part of GNUnet
- Copyright (C) 2012-2013 GNUnet e.V.
-
- GNUnet is free software: you can redistribute it and/or modify it
- under the terms of the GNU Affero General Public License as published
- by the Free Software Foundation, either version 3 of the License,
- or (at your option) any later version.
-
- GNUnet is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Affero General Public License for more details.
-
- You should have received a copy of the GNU Affero General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-
- SPDX-License-Identifier: AGPL3.0-or-later
- */
-/**
- * @file credential/credential_misc.h
- * @brief Credential helper functions
- */
-#ifndef CREDENTIAL_MISC_H
-#define CREDENTIAL_MISC_H
-
-#include "gnunet_credential_service.h"
-
-char *
-GNUNET_CREDENTIAL_credential_to_string (
- const struct GNUNET_CREDENTIAL_Credential *cred);
-
-struct GNUNET_CREDENTIAL_Credential *
-GNUNET_CREDENTIAL_credential_from_string (const char *str);
-
-#endif
diff --git a/src/credential/credential_serialization.c b/src/credential/credential_serialization.c
index 65a85e37e..564d9957b 100644
--- a/src/credential/credential_serialization.c
+++ b/src/credential/credential_serialization.c
@@ -221,11 +221,10 @@ GNUNET_CREDENTIAL_delegates_serialize (
* @return #GNUNET_OK on success, #GNUNET_SYSERR on error
*/
int
-GNUNET_CREDENTIAL_delegates_deserialize (
- size_t len,
- const char *src,
- unsigned int c_count,
- struct GNUNET_CREDENTIAL_Delegate *cd)
+GNUNET_CREDENTIAL_delegates_deserialize (size_t len,
+ const char *src,
+ unsigned int c_count,
+ struct GNUNET_CREDENTIAL_Delegate *cd)
{
struct DelegateEntry c_rec;
unsigned int i;
@@ -335,9 +334,9 @@ GNUNET_CREDENTIAL_delegation_chain_serialize (
off += dd[i].subject_attribute_len;
}
return off + GNUNET_CREDENTIAL_delegates_serialize (c_count,
- cd,
- dest_size - off,
- &dest[off]);
+ cd,
+ dest_size - off,
+ &dest[off]);
}
@@ -386,79 +385,9 @@ GNUNET_CREDENTIAL_delegation_chain_deserialize (
off += dd[i].subject_attribute_len;
}
return GNUNET_CREDENTIAL_delegates_deserialize (len - off,
- &src[off],
- c_count,
- cd);
-}
-
-int
-GNUNET_CREDENTIAL_credential_serialize (
- struct GNUNET_CREDENTIAL_Credential *cred,
- char **data)
-{
- size_t size;
- struct CredentialEntry *cdata;
-
- size = sizeof (struct CredentialEntry) + strlen (cred->issuer_attribute) + 1;
- *data = GNUNET_malloc (size);
- cdata = (struct CredentialEntry *) *data;
- cdata->subject_key = cred->subject_key;
- cdata->issuer_key = cred->issuer_key;
- cdata->expiration = GNUNET_htonll (cred->expiration.abs_value_us);
- cdata->signature = cred->signature;
- cdata->issuer_attribute_len = htonl (strlen (cred->issuer_attribute) + 1);
- cdata->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_CREDENTIAL);
- cdata->purpose.size =
- htonl (size - sizeof (struct GNUNET_CRYPTO_EcdsaSignature));
- GNUNET_memcpy (&cdata[1],
- cred->issuer_attribute,
- strlen (cred->issuer_attribute));
-
- if (GNUNET_OK !=
- GNUNET_CRYPTO_ecdsa_verify (GNUNET_SIGNATURE_PURPOSE_CREDENTIAL,
- &cdata->purpose,
- &cdata->signature,
- &cdata->issuer_key))
- {
- GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "Invalid credential\n");
- //return NULL;
- }
- return size;
-}
-
-struct GNUNET_CREDENTIAL_Credential *
-GNUNET_CREDENTIAL_credential_deserialize (const char *data, size_t data_size)
-{
- struct GNUNET_CREDENTIAL_Credential *cred;
- struct CredentialEntry *cdata;
- char *issuer_attribute;
-
- if (data_size < sizeof (struct CredentialEntry))
- return NULL;
- cdata = (struct CredentialEntry *) data;
- if (GNUNET_OK !=
- GNUNET_CRYPTO_ecdsa_verify (GNUNET_SIGNATURE_PURPOSE_CREDENTIAL,
- &cdata->purpose,
- &cdata->signature,
- &cdata->issuer_key))
- {
- GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "Invalid credential\n");
- //return NULL;
- }
- issuer_attribute = (char *) &cdata[1];
-
- cred = GNUNET_malloc (sizeof (struct GNUNET_CREDENTIAL_Credential) +
- ntohl (cdata->issuer_attribute_len));
-
- cred->issuer_key = cdata->issuer_key;
- cred->subject_key = cdata->subject_key;
- GNUNET_memcpy (&cred[1],
- issuer_attribute,
- ntohl (cdata->issuer_attribute_len));
- cred->signature = cdata->signature;
- cred->issuer_attribute = (char *) &cred[1];
- cred->expiration.abs_value_us = GNUNET_ntohll (cdata->expiration);
- return cred;
+ &src[off],
+ c_count,
+ cd);
}
int
diff --git a/src/credential/credential_serialization.h b/src/credential/credential_serialization.h
index 12988354b..0e106caa1 100644
--- a/src/credential/credential_serialization.h
+++ b/src/credential/credential_serialization.h
@@ -42,8 +42,9 @@
* @return the required size to serialize
*/
size_t
-GNUNET_CREDENTIAL_delegation_set_get_size (unsigned int ds_count,
- const struct GNUNET_CREDENTIAL_DelegationSet *dsr);
+GNUNET_CREDENTIAL_delegation_set_get_size (
+ unsigned int ds_count,
+ const struct GNUNET_CREDENTIAL_DelegationSet *dsr);
/**
* Serizalize the given delegation record entries
@@ -55,10 +56,11 @@ GNUNET_CREDENTIAL_delegation_set_get_size (unsigned int ds_count,
* @return the size of the data, -1 on failure
*/
ssize_t
-GNUNET_CREDENTIAL_delegation_set_serialize (unsigned int d_count,
- const struct GNUNET_CREDENTIAL_DelegationSet *dsr,
- size_t dest_size,
- char *dest);
+GNUNET_CREDENTIAL_delegation_set_serialize (
+ unsigned int d_count,
+ const struct GNUNET_CREDENTIAL_DelegationSet *dsr,
+ size_t dest_size,
+ char *dest);
/**
@@ -71,48 +73,51 @@ GNUNET_CREDENTIAL_delegation_set_serialize (unsigned int d_count,
* @return #GNUNET_OK on success, #GNUNET_SYSERR on error
*/
int
-GNUNET_CREDENTIAL_delegation_set_deserialize (size_t len,
- const char *src,
- unsigned int d_count,
- struct GNUNET_CREDENTIAL_DelegationSet *dsr);
+GNUNET_CREDENTIAL_delegation_set_deserialize (
+ size_t len,
+ const char *src,
+ unsigned int d_count,
+ struct GNUNET_CREDENTIAL_DelegationSet *dsr);
- /**
+/**
* Calculate how many bytes we will need to serialize
* the given delegation chain and credential
*
* @param d_count number of delegation chain entries
* @param dd array of #GNUNET_CREDENTIAL_Delegation
* @param c_count number of credential entries
- * @param cd a #GNUNET_CREDENTIAL_Credential
+ * @param cd a #GNUNET_CREDENTIAL_Delegate
* @return the required size to serialize
*/
- size_t
- GNUNET_CREDENTIAL_delegation_chain_get_size (unsigned int d_count,
- const struct GNUNET_CREDENTIAL_Delegation *dd,
- unsigned int c_count,
- const struct GNUNET_CREDENTIAL_Delegate *cd);
+size_t
+GNUNET_CREDENTIAL_delegation_chain_get_size (
+ unsigned int d_count,
+ const struct GNUNET_CREDENTIAL_Delegation *dd,
+ unsigned int c_count,
+ const struct GNUNET_CREDENTIAL_Delegate *cd);
- /**
+/**
* Serizalize the given delegation chain entries and credential
*
* @param d_count number of delegation chain entries
* @param dd array of #GNUNET_CREDENTIAL_Delegation
* @param c_count number of credential entries
- * @param cd a #GNUNET_CREDENTIAL_Credential
+ * @param cd a #GNUNET_CREDENTIAL_Delegate
* @param dest_size size of the destination
* @param dest where to store the result
* @return the size of the data, -1 on failure
*/
- ssize_t
- GNUNET_CREDENTIAL_delegation_chain_serialize (unsigned int d_count,
- const struct GNUNET_CREDENTIAL_Delegation *dd,
- unsigned int c_count,
- const struct GNUNET_CREDENTIAL_Delegate *cd,
- size_t dest_size,
- char *dest);
+ssize_t
+GNUNET_CREDENTIAL_delegation_chain_serialize (
+ unsigned int d_count,
+ const struct GNUNET_CREDENTIAL_Delegation *dd,
+ unsigned int c_count,
+ const struct GNUNET_CREDENTIAL_Delegate *cd,
+ size_t dest_size,
+ char *dest);
- /**
+/**
* Deserialize the given destination
*
* @param len size of the serialized delegation chain and cred
@@ -123,45 +128,38 @@ GNUNET_CREDENTIAL_delegation_set_deserialize (size_t len,
* @param cd where to put the credential data
* @return #GNUNET_OK on success, #GNUNET_SYSERR on error
*/
- int
- GNUNET_CREDENTIAL_delegation_chain_deserialize (size_t len,
- const char *src,
- unsigned int d_count,
- struct GNUNET_CREDENTIAL_Delegation *dd,
- unsigned int c_count,
- struct GNUNET_CREDENTIAL_Delegate *cd);
- size_t
- GNUNET_CREDENTIAL_delegates_get_size (unsigned int c_count,
- const struct GNUNET_CREDENTIAL_Delegate *cd);
+int
+GNUNET_CREDENTIAL_delegation_chain_deserialize (
+ size_t len,
+ const char *src,
+ unsigned int d_count,
+ struct GNUNET_CREDENTIAL_Delegation *dd,
+ unsigned int c_count,
+ struct GNUNET_CREDENTIAL_Delegate *cd);
+size_t
+GNUNET_CREDENTIAL_delegates_get_size (
+ unsigned int c_count,
+ const struct GNUNET_CREDENTIAL_Delegate *cd);
ssize_t
-GNUNET_CREDENTIAL_delegates_serialize (unsigned int c_count,
- const struct GNUNET_CREDENTIAL_Delegate *cd,
- size_t dest_size,
- char *dest);
+GNUNET_CREDENTIAL_delegates_serialize (
+ unsigned int c_count,
+ const struct GNUNET_CREDENTIAL_Delegate *cd,
+ size_t dest_size,
+ char *dest);
int
GNUNET_CREDENTIAL_delegates_deserialize (size_t len,
- const char *src,
- unsigned int c_count,
- struct GNUNET_CREDENTIAL_Delegate *cd);
-
-
-int
-GNUNET_CREDENTIAL_credential_serialize (struct GNUNET_CREDENTIAL_Credential *cred,
- char **data);
-
-struct GNUNET_CREDENTIAL_Credential*
-GNUNET_CREDENTIAL_credential_deserialize (const char* data,
- size_t data_size);
+ const char *src,
+ unsigned int c_count,
+ struct GNUNET_CREDENTIAL_Delegate *cd);
int
GNUNET_CREDENTIAL_delegate_serialize (struct GNUNET_CREDENTIAL_Delegate *cred,
- char **data);
+ char **data);
-struct GNUNET_CREDENTIAL_Delegate*
-GNUNET_CREDENTIAL_delegate_deserialize (const char* data,
- size_t data_size);
+struct GNUNET_CREDENTIAL_Delegate *
+GNUNET_CREDENTIAL_delegate_deserialize (const char *data, size_t data_size);
#endif
/* end of credential_serialization.h */
diff --git a/src/credential/gnunet-credential.c b/src/credential/gnunet-credential.c
index 07148a1b5..5cc1a791e 100644
--- a/src/credential/gnunet-credential.c
+++ b/src/credential/gnunet-credential.c
@@ -27,7 +27,6 @@
#include <gnunet_credential_service.h>
#include <gnunet_gnsrecord_lib.h>
#include <gnunet_namestore_service.h>
-#include "credential_misc.h"
#include "delegate_misc.h"
#include "credential_serialization.h"
@@ -82,9 +81,9 @@ static struct GNUNET_SCHEDULER_Task *tt;
static char *subject;
/**
- * Subject credential string
+ * Subject delegate string
*/
-static char *subject_credential;
+static char *subject_delegate;
/**
* Credential TTL
@@ -123,11 +122,6 @@ static char *issuer_attr;
static int verify;
/**
- * Issue mode
- */
-static int create_cred;
-
-/**
* Collect mode
*/
static int collect;
@@ -153,6 +147,26 @@ static int sign_ss;
static char *import;
/**
+ * Is record private
+ */
+static int is_private;
+
+/**
+ * Search direction: forward
+ */
+static int forward;
+
+/**
+ * Search direction: backward
+ */
+static int backward;
+
+/**
+ * API enum, filled and passed for collect/verify
+ */
+enum GNUNET_CREDENTIAL_AlgoDirectionFlags direction = 0;
+
+/**
* Queue entry for the 'add' operation.
*/
static struct GNUNET_NAMESTORE_QueueEntry *add_qe;
@@ -268,8 +282,10 @@ handle_collect_result (void *cls,
printf ("%s\n", line);
GNUNET_free (line);
}
- } else {
- printf("Received NULL\n");
+ }
+ else
+ {
+ printf ("Received NULL\n");
}
GNUNET_SCHEDULER_shutdown ();
@@ -344,10 +360,6 @@ static void
identity_cb (void *cls, const struct GNUNET_IDENTITY_Ego *ego)
{
const struct GNUNET_CRYPTO_EcdsaPrivateKey *privkey;
- struct GNUNET_CREDENTIAL_Credential *cred;
- struct GNUNET_TIME_Absolute etime_abs;
- struct GNUNET_TIME_Relative etime_rel;
- char *res;
el = NULL;
if (NULL == ego)
@@ -381,44 +393,11 @@ identity_cb (void *cls, const struct GNUNET_IDENTITY_Ego *ego)
&issuer_pkey,
issuer_attr, //TODO argument
privkey,
+ direction,
&handle_collect_result,
NULL);
return;
}
-
- //Else issue
-
- if (NULL == expiration)
- {
- fprintf (stderr, "Please specify a TTL\n");
- GNUNET_SCHEDULER_shutdown ();
- return;
- }
- else if (GNUNET_OK ==
- GNUNET_STRINGS_fancy_time_to_relative (expiration, &etime_rel))
- {
- etime_abs = GNUNET_TIME_relative_to_absolute (etime_rel);
- }
- else if (GNUNET_OK !=
- GNUNET_STRINGS_fancy_time_to_absolute (expiration, &etime_abs))
- {
- fprintf (stderr, "%s is not a valid ttl!\n", expiration);
- GNUNET_SCHEDULER_shutdown ();
- return;
- }
-
-
- privkey = GNUNET_IDENTITY_ego_get_private_key (ego);
- GNUNET_free_non_null (ego_name);
- ego_name = NULL;
- cred = GNUNET_CREDENTIAL_credential_issue (privkey,
- &subject_pkey,
- issuer_attr,
- &etime_abs);
-
- res = GNUNET_CREDENTIAL_credential_to_string (cred);
- GNUNET_free (cred);
- printf ("%s\n", res);
GNUNET_SCHEDULER_shutdown ();
}
@@ -506,9 +485,9 @@ get_existing_record (void *cls,
rde->record_type = type;
// Flags not required , TODO what have we said we do with that now? Look it up in my writing
/*if (1 == is_shadow)
- rde->flags |= GNUNET_GNSRECORD_RF_SHADOW_RECORD;
- if (1 != is_public)
- rde->flags |= GNUNET_GNSRECORD_RF_PRIVATE;*/
+ rde->flags |= GNUNET_GNSRECORD_RF_SHADOW_RECORD;*/
+ if (GNUNET_YES == is_private)
+ rde->flags |= GNUNET_GNSRECORD_RF_PRIVATE;
rde->expiration_time = etime;
if (GNUNET_YES == etime_is_rel)
rde->flags |= GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION;
@@ -751,6 +730,7 @@ run (void *cls,
if (GNUNET_YES == create_ss)
{
+
// check if signed parameter has been passed in cmd line call
if (NULL == import)
{
@@ -787,6 +767,20 @@ run (void *cls,
return;
}
+ if (GNUNET_NO == forward && GNUNET_NO == backward)
+ {
+ fprintf (
+ stderr,
+ _ (
+ "You must state which search direction: '--forward' or '--backward'\n"));
+ GNUNET_SCHEDULER_shutdown ();
+ return;
+ }
+ if (GNUNET_YES == forward)
+ direction |= GNUNET_CREDENTIAL_FLAG_FORWARD;
+ if (GNUNET_YES == backward)
+ direction |= GNUNET_CREDENTIAL_FLAG_BACKWARD;
+
if (GNUNET_YES == collect)
{
if (NULL == issuer_key)
@@ -840,6 +834,15 @@ run (void *cls,
if (GNUNET_YES == verify)
{
+ if (GNUNET_NO == forward && GNUNET_NO == backward)
+ {
+ fprintf (
+ stderr,
+ _ (
+ "You must state which search direction: '-forward' or 'backward'\n"));
+ GNUNET_SCHEDULER_shutdown ();
+ return;
+ }
if (NULL == issuer_key)
{
fprintf (stderr, _ ("Issuer public key not well-formed\n"));
@@ -865,7 +868,7 @@ run (void *cls,
GNUNET_SCHEDULER_shutdown ();
return;
}
- if (NULL == issuer_attr || NULL == subject_credential)
+ if (NULL == issuer_attr || NULL == subject_delegate)
{
fprintf (stderr, _ ("You must provide issuer and subject attributes\n"));
GNUNET_SCHEDULER_shutdown ();
@@ -873,7 +876,7 @@ run (void *cls,
}
//Subject credentials are comma separated
- char *tmp = GNUNET_strdup (subject_credential);
+ char *tmp = GNUNET_strdup (subject_delegate);
char *tok = strtok (tmp, ",");
if (NULL == tok)
{
@@ -886,20 +889,20 @@ run (void *cls,
int i;
while (NULL != (tok = strtok (NULL, ",")))
count++;
- struct GNUNET_CREDENTIAL_Delegate credentials[count];
- struct GNUNET_CREDENTIAL_Delegate *cred;
+ struct GNUNET_CREDENTIAL_Delegate delegates[count];
+ struct GNUNET_CREDENTIAL_Delegate *dele;
GNUNET_free (tmp);
- tmp = GNUNET_strdup (subject_credential);
+ tmp = GNUNET_strdup (subject_delegate);
tok = strtok (tmp, ",");
for (i = 0; i < count; i++)
{
- cred = GNUNET_CREDENTIAL_delegate_from_string (tok);
- GNUNET_memcpy (&credentials[i],
- cred,
+ dele = GNUNET_CREDENTIAL_delegate_from_string (tok);
+ GNUNET_memcpy (&delegates[i],
+ dele,
sizeof (struct GNUNET_CREDENTIAL_Delegate));
- credentials[i].issuer_attribute = GNUNET_strdup (cred->issuer_attribute);
+ delegates[i].issuer_attribute = GNUNET_strdup (dele->issuer_attribute);
tok = strtok (NULL, ",");
- GNUNET_free (cred);
+ GNUNET_free (dele);
}
verify_request = GNUNET_CREDENTIAL_verify (credential,
@@ -907,27 +910,16 @@ run (void *cls,
issuer_attr, //TODO argument
&subject_pkey,
count,
- credentials,
+ delegates,
+ direction,
&handle_verify_result,
NULL);
for (i = 0; i < count; i++)
{
- GNUNET_free ((char *) credentials[i].issuer_attribute);
+ GNUNET_free ((char *) delegates[i].issuer_attribute);
}
GNUNET_free (tmp);
}
- else if (GNUNET_YES == create_cred)
- {
- if (NULL == ego_name)
- {
- fprintf (stderr, _ ("Issuer ego required\n"));
- GNUNET_SCHEDULER_shutdown ();
- return;
- }
- el = GNUNET_IDENTITY_ego_lookup (cfg, ego_name, &identity_cb, (void *) cfg);
-
- return;
- }
else
{
fprintf (stderr,
@@ -949,70 +941,94 @@ run (void *cls,
int
main (int argc, char *const *argv)
{
- struct GNUNET_GETOPT_CommandLineOption options[] = {
- GNUNET_GETOPT_option_flag ('I',
- "issue",
- gettext_noop ("create credential"),
- &create_cred),
- GNUNET_GETOPT_option_flag ('V',
- "verify",
- gettext_noop ("verify credential against attribute"),
- &verify),
- GNUNET_GETOPT_option_string ('s',
- "subject",
- "PKEY",
- gettext_noop ("The public key of the subject to lookup the"
- "credential for, or for issuer side storage: subject and its attributes"),
- &subject),
- GNUNET_GETOPT_option_string ('b',
- "credential",
- "CRED",
- gettext_noop ("The name of the credential presented by the subject"),
- &subject_credential),
- GNUNET_GETOPT_option_string ('i',
- "issuer",
- "PKEY",
- gettext_noop ("The public key of the authority to verify the credential against"),
- &issuer_key),
- GNUNET_GETOPT_option_string ('e',
- "ego",
- "EGO",
- gettext_noop ("The ego/zone name to use"),
- &ego_name),
- GNUNET_GETOPT_option_string ('a',
- "attribute",
- "ATTR",
- gettext_noop ("The issuer attribute to verify against or to issue"),
- &issuer_attr),
- GNUNET_GETOPT_option_string ('T',
- "ttl",
- "EXP",
- gettext_noop ("The time to live for the credential."
- "e.g. 5m, 6h, \"1990-12-30 12:00:00\""),
- &expiration),
- GNUNET_GETOPT_option_flag ('g',
- "collect",
- gettext_noop ("collect credentials"),
- &collect),
- GNUNET_GETOPT_option_flag ('U',
- "createIssuerSide",
- gettext_noop ("Create and issue a credential issuer side."),
- &create_is),
- GNUNET_GETOPT_option_flag ('C',
- "createSubjectSide",
- gettext_noop ("Issue a credential subject side."),
- &create_ss),
- GNUNET_GETOPT_option_flag ('S',
- "signSubjectSide",
- gettext_noop ("Create, sign and return a credential subject side."),
- &sign_ss),
- GNUNET_GETOPT_option_string ('x',
- "import",
- "IMP",
- gettext_noop ("Import signed credentials that should be issued to a zone/ego"),
- &import),
- GNUNET_GETOPT_OPTION_END
- };
+ struct GNUNET_GETOPT_CommandLineOption options[] =
+ {GNUNET_GETOPT_option_flag ('V',
+ "verify",
+ gettext_noop (
+ "verify credential against attribute"),
+ &verify),
+ GNUNET_GETOPT_option_string (
+ 's',
+ "subject",
+ "PKEY",
+ gettext_noop (
+ "The public key of the subject to lookup the"
+ "credential for, or for issuer side storage: subject and its attributes"),
+ &subject),
+ GNUNET_GETOPT_option_string (
+ 'd',
+ "delegate",
+ "DELE",
+ gettext_noop ("The private, signed delegate presented by the subject"),
+ &subject_delegate),
+ GNUNET_GETOPT_option_string (
+ 'i',
+ "issuer",
+ "PKEY",
+ gettext_noop (
+ "The public key of the authority to verify the credential against"),
+ &issuer_key),
+ GNUNET_GETOPT_option_string ('e',
+ "ego",
+ "EGO",
+ gettext_noop ("The ego/zone name to use"),
+ &ego_name),
+ GNUNET_GETOPT_option_string (
+ 'a',
+ "attribute",
+ "ATTR",
+ gettext_noop ("The issuer attribute to verify against or to issue"),
+ &issuer_attr),
+ GNUNET_GETOPT_option_string ('T',
+ "ttl",
+ "EXP",
+ gettext_noop (
+ "The time to live for the credential."
+ "e.g. 5m, 6h, \"1990-12-30 12:00:00\""),
+ &expiration),
+ GNUNET_GETOPT_option_flag ('g',
+ "collect",
+ gettext_noop ("collect credentials"),
+ &collect),
+ GNUNET_GETOPT_option_flag ('U',
+ "createIssuerSide",
+ gettext_noop (
+ "Create and issue a credential issuer side."),
+ &create_is),
+ GNUNET_GETOPT_option_flag ('C',
+ "createSubjectSide",
+ gettext_noop (
+ "Issue a credential subject side."),
+ &create_ss),
+ GNUNET_GETOPT_option_flag (
+ 'S',
+ "signSubjectSide",
+ gettext_noop ("Create, sign and return a credential subject side."),
+ &sign_ss),
+ GNUNET_GETOPT_option_string (
+ 'x',
+ "import",
+ "IMP",
+ gettext_noop (
+ "Import signed credentials that should be issued to a zone/ego"),
+ &import),
+ GNUNET_GETOPT_option_flag ('P',
+ "private",
+ gettext_noop ("Create private record entry."),
+ &is_private),
+ GNUNET_GETOPT_option_flag (
+ 'F',
+ "forward",
+ gettext_noop (
+ "Indicates that the collect/verify process is done via forward search."),
+ &forward),
+ GNUNET_GETOPT_option_flag (
+ 'B',
+ "backward",
+ gettext_noop (
+ "Indicates that the collect/verify process is done via forward search."),
+ &backward),
+ GNUNET_GETOPT_OPTION_END};
int ret;
timeout = GNUNET_TIME_UNIT_FOREVER_REL;
diff --git a/src/credential/gnunet-service-credential.c b/src/credential/gnunet-service-credential.c
index 2d954f823..41f4f64d6 100644
--- a/src/credential/gnunet-service-credential.c
+++ b/src/credential/gnunet-service-credential.c
@@ -340,7 +340,7 @@ struct VerifyRequestHandle
/**
* Direction of the resolution algo
*/
- enum direction resolution_algo;
+ enum GNUNET_CREDENTIAL_AlgoDirectionFlags resolution_algo;
/**
* Delegate iterator for lookup
@@ -385,12 +385,14 @@ cleanup_delegation_set (struct DelegationSetQueueEntry *ds_entry)
return;
for (dq_entry = ds_entry->queue_entries_head; NULL != dq_entry;
- dq_entry = ds_entry->queue_entries_head) {
+ dq_entry = ds_entry->queue_entries_head)
+ {
GNUNET_CONTAINER_DLL_remove (ds_entry->queue_entries_head,
ds_entry->queue_entries_tail,
dq_entry);
for (child = dq_entry->set_entries_head; NULL != child;
- child = dq_entry->set_entries_head) {
+ child = dq_entry->set_entries_head)
+ {
GNUNET_CONTAINER_DLL_remove (dq_entry->set_entries_head,
dq_entry->set_entries_tail,
child);
@@ -403,11 +405,13 @@ cleanup_delegation_set (struct DelegationSetQueueEntry *ds_entry)
GNUNET_free_non_null (ds_entry->issuer_attribute);
GNUNET_free_non_null (ds_entry->unresolved_attribute_delegation);
GNUNET_free_non_null (ds_entry->attr_trailer);
- if (NULL != ds_entry->lookup_request) {
+ if (NULL != ds_entry->lookup_request)
+ {
GNUNET_GNS_lookup_cancel (ds_entry->lookup_request);
ds_entry->lookup_request = NULL;
}
- if (NULL != ds_entry->delegation_chain_entry) {
+ if (NULL != ds_entry->delegation_chain_entry)
+ {
GNUNET_free_non_null (ds_entry->delegation_chain_entry->subject_attribute);
GNUNET_free_non_null (ds_entry->delegation_chain_entry->issuer_attribute);
GNUNET_free (ds_entry->delegation_chain_entry);
@@ -420,14 +424,16 @@ cleanup_handle (struct VerifyRequestHandle *vrh)
{
struct DelegateRecordEntry *del_entry;
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Cleaning up...\n");
- if (NULL != vrh->lookup_request) {
+ if (NULL != vrh->lookup_request)
+ {
GNUNET_GNS_lookup_cancel (vrh->lookup_request);
vrh->lookup_request = NULL;
}
cleanup_delegation_set (vrh->root_set);
GNUNET_free_non_null (vrh->issuer_attribute);
for (del_entry = vrh->del_chain_head; NULL != vrh->del_chain_head;
- del_entry = vrh->del_chain_head) {
+ del_entry = vrh->del_chain_head)
+ {
GNUNET_CONTAINER_DLL_remove (vrh->del_chain_head,
vrh->del_chain_tail,
del_entry);
@@ -444,21 +450,25 @@ shutdown_task (void *cls)
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Shutting down!\n");
- while (NULL != (vrh = vrh_head)) {
+ while (NULL != (vrh = vrh_head))
+ {
// CREDENTIAL_resolver_lookup_cancel (clh->lookup);
GNUNET_CONTAINER_DLL_remove (vrh_head, vrh_tail, vrh);
cleanup_handle (vrh);
}
- if (NULL != gns) {
+ if (NULL != gns)
+ {
GNUNET_GNS_disconnect (gns);
gns = NULL;
}
- if (NULL != namestore) {
+ if (NULL != namestore)
+ {
GNUNET_NAMESTORE_disconnect (namestore);
namestore = NULL;
}
- if (NULL != statistics) {
+ if (NULL != statistics)
+ {
GNUNET_STATISTICS_destroy (statistics, GNUNET_NO);
statistics = NULL;
}
@@ -480,14 +490,16 @@ send_lookup_response (struct VerifyRequestHandle *vrh)
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Sending response\n");
dce = vrh->delegation_chain_head;
- for (uint32_t i = 0; i < vrh->delegation_chain_size; i++) {
+ for (uint32_t i = 0; i < vrh->delegation_chain_size; i++)
+ {
dd[i].issuer_key = dce->issuer_key;
dd[i].subject_key = dce->subject_key;
dd[i].issuer_attribute = dce->issuer_attribute;
dd[i].issuer_attribute_len = strlen (dce->issuer_attribute) + 1;
dd[i].subject_attribute_len = 0;
dd[i].subject_attribute = NULL;
- if (NULL != dce->subject_attribute) {
+ if (NULL != dce->subject_attribute)
+ {
dd[i].subject_attribute = dce->subject_attribute;
dd[i].subject_attribute_len = strlen (dce->subject_attribute) + 1;
}
@@ -495,16 +507,16 @@ send_lookup_response (struct VerifyRequestHandle *vrh)
}
// Remove all not needed credentials
- for (del = vrh->del_chain_head; NULL != del;) {
- if (del->refcount > 0) {
+ for (del = vrh->del_chain_head; NULL != del;)
+ {
+ if (del->refcount > 0)
+ {
del = del->next;
continue;
}
tmp = del;
del = del->next;
- GNUNET_CONTAINER_DLL_remove (vrh->del_chain_head,
- vrh->del_chain_tail,
- tmp);
+ GNUNET_CONTAINER_DLL_remove (vrh->del_chain_head, vrh->del_chain_tail, tmp);
GNUNET_free (tmp->delegate);
GNUNET_free (tmp);
vrh->del_chain_size--;
@@ -513,20 +525,21 @@ send_lookup_response (struct VerifyRequestHandle *vrh)
// Get serialized record data
// Append at the end of rmsg
del = vrh->del_chain_head;
- for (uint32_t i = 0; i < vrh->del_chain_size; i++) {
+ for (uint32_t i = 0; i < vrh->del_chain_size; i++)
+ {
dele[i].issuer_key = del->delegate->issuer_key;
dele[i].subject_key = del->delegate->subject_key;
- dele[i].issuer_attribute_len
- = strlen (del->delegate->issuer_attribute) + 1;
+ dele[i].issuer_attribute_len = strlen (del->delegate->issuer_attribute) + 1;
dele[i].issuer_attribute = del->delegate->issuer_attribute;
dele[i].expiration = del->delegate->expiration;
dele[i].signature = del->delegate->signature;
del = del->next;
}
- size = GNUNET_CREDENTIAL_delegation_chain_get_size (vrh->delegation_chain_size,
- dd,
- vrh->del_chain_size,
- dele);
+ size =
+ GNUNET_CREDENTIAL_delegation_chain_get_size (vrh->delegation_chain_size,
+ dd,
+ vrh->del_chain_size,
+ dele);
env = GNUNET_MQ_msg_extra (rmsg,
size,
GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT);
@@ -541,13 +554,13 @@ send_lookup_response (struct VerifyRequestHandle *vrh)
rmsg->del_found = htonl (GNUNET_NO);
GNUNET_assert (
- -1
- != GNUNET_CREDENTIAL_delegation_chain_serialize (vrh->delegation_chain_size,
- dd,
- vrh->del_chain_size,
- dele,
- size,
- (char *)&rmsg[1]));
+ -1 !=
+ GNUNET_CREDENTIAL_delegation_chain_serialize (vrh->delegation_chain_size,
+ dd,
+ vrh->del_chain_size,
+ dele,
+ size,
+ (char *) &rmsg[1]));
GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq (vrh->client), env);
GNUNET_CONTAINER_DLL_remove (vrh_head, vrh_tail, vrh);
@@ -559,8 +572,11 @@ send_lookup_response (struct VerifyRequestHandle *vrh)
GNUNET_NO);
}
-static char*
-partial_match(char *tmp_trail, char *tmp_subattr, char *parent_trail, char *issuer_attribute)
+static char *
+partial_match (char *tmp_trail,
+ char *tmp_subattr,
+ char *parent_trail,
+ char *issuer_attribute)
{
char *saveptr1, *saveptr2;
char *trail_token;
@@ -574,14 +590,16 @@ partial_match(char *tmp_trail, char *tmp_subattr, char *parent_trail, char *issu
sub_token = strtok_r (tmp_subattr, ".", &saveptr2);
while (NULL != trail_token && NULL != sub_token)
{
- if(0 == strcmp(trail_token,sub_token))
+ if (0 == strcmp (trail_token, sub_token))
{
// good, matches, remove
- } else {
+ }
+ else
+ {
// not relevant for solving the chain, end for iteration here
return NULL;
}
-
+
trail_token = strtok_r (NULL, ".", &saveptr1);
sub_token = strtok_r (NULL, ".", &saveptr2);
}
@@ -590,47 +608,38 @@ partial_match(char *tmp_trail, char *tmp_subattr, char *parent_trail, char *issu
// 2. the trailer is NULL, but the subject has more attributes
// Reason: This will lead to "startzone.attribute" but we're looking for a solution
// for "<- startzone"
- if(NULL == trail_token)
+ if (NULL == trail_token)
{
return NULL;
}
// do not have to check sub_token == NULL, if both would be NULL
// at the same time, the complete match part above should have triggered already
-
+
// otherwise, above while only ends when sub_token == NULL
- GNUNET_asprintf (&attr_trailer,
- "%s",
- trail_token);
- trail_token = strtok_r (NULL, ".", &saveptr1);
- while(NULL != trail_token)
+ GNUNET_asprintf (&attr_trailer, "%s", trail_token);
+ trail_token = strtok_r (NULL, ".", &saveptr1);
+ while (NULL != trail_token)
{
- GNUNET_asprintf (&attr_trailer,
- "%s.%s",
- parent_trail,
- trail_token);
- trail_token = strtok_r (NULL, ".", &saveptr1);
-
+ GNUNET_asprintf (&attr_trailer, "%s.%s", parent_trail, trail_token);
+ trail_token = strtok_r (NULL, ".", &saveptr1);
}
- GNUNET_asprintf (&attr_trailer,
- "%s.%s",
- issuer_attribute,
- attr_trailer);
+ GNUNET_asprintf (&attr_trailer, "%s.%s", issuer_attribute, attr_trailer);
return attr_trailer;
}
static void
forward_resolution (void *cls,
- uint32_t rd_count,
- const struct GNUNET_GNSRECORD_Data *rd)
+ uint32_t rd_count,
+ const struct GNUNET_GNSRECORD_Data *rd)
{
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Received %d entries.\n", rd_count);
-
+
struct VerifyRequestHandle *vrh;
struct DelegationSetQueueEntry *current_set;
struct DelegationSetQueueEntry *ds_entry;
struct DelegationQueueEntry *dq_entry;
-
+
current_set = cls;
// set handle to NULL (as el = NULL)
current_set->lookup_request = NULL;
@@ -638,20 +647,21 @@ forward_resolution (void *cls,
vrh->pending_lookups--;
// Loop record entries
- for (uint32_t i = 0; i < rd_count; i++) {
+ for (uint32_t i = 0; i < rd_count; i++)
+ {
if (GNUNET_GNSRECORD_TYPE_DELEGATE != rd[i].record_type)
continue;
// Start deserialize into Delegate
struct GNUNET_CREDENTIAL_Delegate *del;
- del = GNUNET_CREDENTIAL_delegate_deserialize(rd[i].data, rd[i].data_size);
+ del = GNUNET_CREDENTIAL_delegate_deserialize (rd[i].data, rd[i].data_size);
// Start: Create DQ Entry
dq_entry = GNUNET_new (struct DelegationQueueEntry);
// AND delegations are not possible, only 1 solution
dq_entry->required_solutions = 1;
dq_entry->parent_set = current_set;
-
+
// Insert it into the current set
GNUNET_CONTAINER_DLL_insert (current_set->queue_entries_head,
current_set->queue_entries_tail,
@@ -659,7 +669,7 @@ forward_resolution (void *cls,
// Start: Create DS Entry
ds_entry = GNUNET_new (struct DelegationSetQueueEntry);
-
+
// (1) A.a <- A.b.c
// (2) A.b <- D.d
// (3) D.d <- E
@@ -671,42 +681,55 @@ forward_resolution (void *cls,
// 3. new solution: replace, add trailer
// At resolution chain start trailer of parent is NULL
- if (NULL == current_set->attr_trailer) {
+ if (NULL == current_set->attr_trailer)
+ {
// for (5) F.c <- G, remember .c when going upwards
- ds_entry->attr_trailer = GNUNET_strdup(del->issuer_attribute);
- } else {
- if (0 == del->subject_attribute_len){
+ ds_entry->attr_trailer = GNUNET_strdup (del->issuer_attribute);
+ }
+ else
+ {
+ if (0 == del->subject_attribute_len)
+ {
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Found: New solution\n");
// new solution
// create new trailer del->issuer_attribute, ds_entry->attr_trailer
GNUNET_asprintf (&ds_entry->attr_trailer,
- "%s.%s",
- del->issuer_attribute,
- current_set->attr_trailer);
- } else if(0 == strcmp(del->subject_attribute, current_set->attr_trailer)){
+ "%s.%s",
+ del->issuer_attribute,
+ current_set->attr_trailer);
+ }
+ else if (0 == strcmp (del->subject_attribute, current_set->attr_trailer))
+ {
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Found: Complete match\n");
// complete match
// new trailer == issuer attribute (e.g. (5) to (4))
// TODO memleak, free trailer before
- ds_entry->attr_trailer = GNUNET_strdup(del->issuer_attribute);
- } else {
+ ds_entry->attr_trailer = GNUNET_strdup (del->issuer_attribute);
+ }
+ else
+ {
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Found: Partial match\n");
// partial match
- char *trail = partial_match(GNUNET_strdup (current_set->attr_trailer),
- GNUNET_strdup (del->subject_attribute),
- current_set->attr_trailer,
- GNUNET_strdup (del->issuer_attribute));
+ char *trail = partial_match (GNUNET_strdup (current_set->attr_trailer),
+ GNUNET_strdup (del->subject_attribute),
+ current_set->attr_trailer,
+ GNUNET_strdup (del->issuer_attribute));
// if null: skip this record entry (reasons: mismatch or overmatch, both not relevant)
- if(NULL == trail) {
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Entry not relevant, discarding: %s.%s <- %s.%s\n",
- GNUNET_CRYPTO_ecdsa_public_key_to_string(&del->issuer_key),
- del->issuer_attribute,
- GNUNET_CRYPTO_ecdsa_public_key_to_string(&del->subject_key),
- del->subject_attribute);
+ if (NULL == trail)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Entry not relevant, discarding: %s.%s <- %s.%s\n",
+ GNUNET_CRYPTO_ecdsa_public_key_to_string (
+ &del->issuer_key),
+ del->issuer_attribute,
+ GNUNET_CRYPTO_ecdsa_public_key_to_string (
+ &del->subject_key),
+ del->subject_attribute);
continue;
- } else
+ }
+ else
ds_entry->attr_trailer = trail;
}
}
@@ -717,15 +740,17 @@ forward_resolution (void *cls,
// TODO: new ds_entry struct with subject_key (or one for both with contact_key or sth)
ds_entry->issuer_key = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPublicKey);
GNUNET_memcpy (ds_entry->issuer_key,
- &del->subject_key,
- sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
+ &del->subject_key,
+ sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
ds_entry->delegation_chain_entry = GNUNET_new (struct DelegationChainEntry);
ds_entry->delegation_chain_entry->subject_key = del->subject_key;
if (0 < del->subject_attribute_len)
- ds_entry->delegation_chain_entry->subject_attribute = GNUNET_strdup (del->subject_attribute);
+ ds_entry->delegation_chain_entry->subject_attribute =
+ GNUNET_strdup (del->subject_attribute);
ds_entry->delegation_chain_entry->issuer_key = del->issuer_key;
- ds_entry->delegation_chain_entry->issuer_attribute = GNUNET_strdup (del->issuer_attribute);
+ ds_entry->delegation_chain_entry->issuer_attribute =
+ GNUNET_strdup (del->issuer_attribute);
// current delegation as parent
ds_entry->parent_queue_entry = dq_entry;
@@ -733,66 +758,74 @@ forward_resolution (void *cls,
// Check for solution
// if: issuer key we looking for
if (0 == memcmp (&del->issuer_key,
- &vrh->issuer_key,
- sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
+ &vrh->issuer_key,
+ sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
{
// if: issuer attr we looking for
- if (0 == strcmp (del->issuer_attribute,
- vrh->issuer_attribute))
+ if (0 == strcmp (del->issuer_attribute, vrh->issuer_attribute))
+ {
+ // if: complete match, meaning new trailer == issuer attr
+ if (0 == strcmp (vrh->issuer_attribute, ds_entry->attr_trailer))
{
- // if: complete match, meaning new trailer == issuer attr
- if(0 == strcmp (vrh->issuer_attribute, ds_entry->attr_trailer))
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Found: Solution\n");
+
+ // Add found solution into delegation_chain
+ struct DelegationSetQueueEntry *tmp_set;
+ for (tmp_set = ds_entry; NULL != tmp_set->parent_queue_entry;
+ tmp_set = tmp_set->parent_queue_entry->parent_set)
{
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Found: Solution\n");
-
- // Add found solution into delegation_chain
- struct DelegationSetQueueEntry *tmp_set;
- for (tmp_set = ds_entry; NULL != tmp_set->parent_queue_entry;
- tmp_set = tmp_set->parent_queue_entry->parent_set) {
- if (NULL != tmp_set->delegation_chain_entry) {
- vrh->delegation_chain_size++;
- GNUNET_CONTAINER_DLL_insert (vrh->delegation_chain_head,
- vrh->delegation_chain_tail,
- tmp_set->delegation_chain_entry);
- }
+ if (NULL != tmp_set->delegation_chain_entry)
+ {
+ vrh->delegation_chain_size++;
+ GNUNET_CONTAINER_DLL_insert (vrh->delegation_chain_head,
+ vrh->delegation_chain_tail,
+ tmp_set->delegation_chain_entry);
}
+ }
- // Increase refcount for this delegate
- for (struct DelegateRecordEntry *del_entry = vrh->del_chain_head; del_entry != NULL; del_entry = del_entry->next) {
- if (0 == memcmp (&del_entry->delegate->issuer_key,
- &vrh->delegation_chain_head->subject_key,
- sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
+ // Increase refcount for this delegate
+ for (struct DelegateRecordEntry *del_entry = vrh->del_chain_head;
+ del_entry != NULL;
+ del_entry = del_entry->next)
+ {
+ if (0 == memcmp (&del_entry->delegate->issuer_key,
+ &vrh->delegation_chain_head->subject_key,
+ sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
+ {
+ if (0 == strcmp (del_entry->delegate->issuer_attribute,
+ vrh->delegation_chain_head->subject_attribute))
{
- if (0 == strcmp (del_entry->delegate->issuer_attribute,
- vrh->delegation_chain_head->subject_attribute))
- {
- del_entry->refcount++;
- }
+ del_entry->refcount++;
}
- }
-
- send_lookup_response (vrh);
- return;
+ }
}
+
+ send_lookup_response (vrh);
+ return;
}
+ }
}
- // Starting a new GNS lookup
+ // Starting a new GNS lookup
vrh->pending_lookups++;
ds_entry->handle = vrh;
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Starting to look up trailer %s in zone %s\n", ds_entry->attr_trailer, GNUNET_CRYPTO_ecdsa_public_key_to_string(&del->issuer_key));
-
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Starting to look up trailer %s in zone %s\n",
+ ds_entry->attr_trailer,
+ GNUNET_CRYPTO_ecdsa_public_key_to_string (&del->issuer_key));
+
GNUNET_GNS_lookup (gns,
- GNUNET_GNS_EMPTY_LABEL_AT,
- &del->issuer_key,
- GNUNET_GNSRECORD_TYPE_DELEGATE,
- GNUNET_GNS_LO_DEFAULT,
- &forward_resolution,
- ds_entry);
+ GNUNET_GNS_EMPTY_LABEL_AT,
+ &del->issuer_key,
+ GNUNET_GNSRECORD_TYPE_DELEGATE,
+ GNUNET_GNS_LO_DEFAULT,
+ &forward_resolution,
+ ds_entry);
}
- if (0 == vrh->pending_lookups) {
+ if (0 == vrh->pending_lookups)
+ {
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "We are all out of attributes...\n");
send_lookup_response (vrh);
return;
@@ -820,23 +853,24 @@ backward_resolution (void *cls,
vrh->pending_lookups--;
// Each OR
- for (uint32_t i = 0; i < rd_count; i++) {
+ for (uint32_t i = 0; i < rd_count; i++)
+ {
if (GNUNET_GNSRECORD_TYPE_ATTRIBUTE != rd[i].record_type)
continue;
sets = rd[i].data;
struct GNUNET_CREDENTIAL_DelegationSet set[ntohl (sets->set_count)];
- GNUNET_log (
- GNUNET_ERROR_TYPE_DEBUG,
- "Found new attribute delegation with %d sets. Creating new Job...\n",
- ntohl (sets->set_count));
-
- if (GNUNET_OK
- != GNUNET_CREDENTIAL_delegation_set_deserialize (
- GNUNET_ntohll (sets->data_size),
- (const char *)&sets[1],
- ntohl (sets->set_count),
- set)) {
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Found new attribute delegation with %d sets. Creating new Job...\n",
+ ntohl (sets->set_count));
+
+ if (GNUNET_OK !=
+ GNUNET_CREDENTIAL_delegation_set_deserialize (GNUNET_ntohll (
+ sets->data_size),
+ (const char *) &sets[1],
+ ntohl (sets->set_count),
+ set))
+ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to deserialize!\n");
continue;
}
@@ -848,13 +882,17 @@ backward_resolution (void *cls,
current_set->queue_entries_tail,
dq_entry);
// Each AND
- for (uint32_t j = 0; j < ntohl (sets->set_count); j++) {
+ for (uint32_t j = 0; j < ntohl (sets->set_count); j++)
+ {
ds_entry = GNUNET_new (struct DelegationSetQueueEntry);
- if (NULL != current_set->attr_trailer) {
- if (0 == set[j].subject_attribute_len) {
+ if (NULL != current_set->attr_trailer)
+ {
+ if (0 == set[j].subject_attribute_len)
+ {
GNUNET_asprintf (&expanded_attr, "%s", current_set->attr_trailer);
-
- } else {
+ }
+ else
+ {
GNUNET_asprintf (&expanded_attr,
"%s.%s",
set[j].subject_attribute,
@@ -862,30 +900,33 @@ backward_resolution (void *cls,
}
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Expanded to %s\n", expanded_attr);
ds_entry->unresolved_attribute_delegation = expanded_attr;
- } else {
- if (0 != set[j].subject_attribute_len) {
+ }
+ else
+ {
+ if (0 != set[j].subject_attribute_len)
+ {
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Not Expanding %s\n",
set[j].subject_attribute);
- ds_entry->unresolved_attribute_delegation
- = GNUNET_strdup (set[j].subject_attribute);
+ ds_entry->unresolved_attribute_delegation =
+ GNUNET_strdup (set[j].subject_attribute);
}
}
// Add a credential chain entry
- ds_entry->delegation_chain_entry
- = GNUNET_new (struct DelegationChainEntry);
+ ds_entry->delegation_chain_entry =
+ GNUNET_new (struct DelegationChainEntry);
ds_entry->delegation_chain_entry->subject_key = set[j].subject_key;
ds_entry->issuer_key = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPublicKey);
GNUNET_memcpy (ds_entry->issuer_key,
&set[j].subject_key,
sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
if (0 < set[j].subject_attribute_len)
- ds_entry->delegation_chain_entry->subject_attribute
- = GNUNET_strdup (set[j].subject_attribute);
+ ds_entry->delegation_chain_entry->subject_attribute =
+ GNUNET_strdup (set[j].subject_attribute);
ds_entry->delegation_chain_entry->issuer_key = *current_set->issuer_key;
- ds_entry->delegation_chain_entry->issuer_attribute
- = GNUNET_strdup (current_set->lookup_attribute);
+ ds_entry->delegation_chain_entry->issuer_attribute =
+ GNUNET_strdup (current_set->lookup_attribute);
ds_entry->parent_queue_entry = dq_entry; // current_delegation;
@@ -898,30 +939,31 @@ backward_resolution (void *cls,
* Check if this delegation already matches one of our credentials
*/
for (del_pointer = vrh->del_chain_head; del_pointer != NULL;
- del_pointer = del_pointer->next) {
+ del_pointer = del_pointer->next)
+ {
// If key and attribute match credential continue and backtrack
- if (0
- != memcmp (&set->subject_key,
- &del_pointer->delegate->issuer_key,
- sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
+ if (0 != memcmp (&set->subject_key,
+ &del_pointer->delegate->issuer_key,
+ sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
continue;
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Checking if %s matches %s\n",
ds_entry->unresolved_attribute_delegation,
del_pointer->delegate->issuer_attribute);
- if (0
- != strcmp (ds_entry->unresolved_attribute_delegation,
- del_pointer->delegate->issuer_attribute))
+ if (0 != strcmp (ds_entry->unresolved_attribute_delegation,
+ del_pointer->delegate->issuer_attribute))
continue;
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Found issuer\n");
del_pointer->refcount++;
// Backtrack
for (tmp_set = ds_entry; NULL != tmp_set->parent_queue_entry;
- tmp_set = tmp_set->parent_queue_entry->parent_set) {
+ tmp_set = tmp_set->parent_queue_entry->parent_set)
+ {
tmp_set->parent_queue_entry->required_solutions--;
- if (NULL != tmp_set->delegation_chain_entry) {
+ if (NULL != tmp_set->delegation_chain_entry)
+ {
vrh->delegation_chain_size++;
GNUNET_CONTAINER_DLL_insert (vrh->delegation_chain_head,
vrh->delegation_chain_tail,
@@ -931,63 +973,69 @@ backward_resolution (void *cls,
break;
}
- if (NULL == tmp_set->parent_queue_entry) {
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "All solutions found\n");
+ if (NULL == tmp_set->parent_queue_entry)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "All solutions found\n");
// Found match
send_lookup_response (vrh);
return;
}
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Not all solutions found yet.\n");
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Not all solutions found yet.\n");
continue;
}
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Building new lookup request from %s\n",
ds_entry->unresolved_attribute_delegation);
// Continue with backward resolution
- char
- issuer_attribute_name[strlen (ds_entry->unresolved_attribute_delegation)
- + 1];
+ char issuer_attribute_name[strlen (
+ ds_entry->unresolved_attribute_delegation) +
+ 1];
strcpy (issuer_attribute_name, ds_entry->unresolved_attribute_delegation);
char *next_attr = strtok (issuer_attribute_name, ".");
- if (NULL == next_attr) {
+ if (NULL == next_attr)
+ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Failed to parse next attribute\n");
continue;
}
GNUNET_asprintf (&lookup_attribute, "%s", next_attr);
GNUNET_asprintf (&ds_entry->lookup_attribute, "%s", next_attr);
- if (strlen (next_attr)
- == strlen (ds_entry->unresolved_attribute_delegation)) {
+ if (strlen (next_attr) ==
+ strlen (ds_entry->unresolved_attribute_delegation))
+ {
ds_entry->attr_trailer = NULL;
- } else {
+ }
+ else
+ {
next_attr += strlen (next_attr) + 1;
ds_entry->attr_trailer = GNUNET_strdup (next_attr);
}
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Looking up %s\n",
ds_entry->lookup_attribute);
if (NULL != ds_entry->attr_trailer)
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"%s still to go...\n",
ds_entry->attr_trailer);
vrh->pending_lookups++;
ds_entry->handle = vrh;
- ds_entry->lookup_request
- = GNUNET_GNS_lookup (gns,
- lookup_attribute,
- ds_entry->issuer_key, // issuer_key,
- GNUNET_GNSRECORD_TYPE_ATTRIBUTE,
- GNUNET_GNS_LO_DEFAULT,
- &backward_resolution,
- ds_entry);
+ ds_entry->lookup_request =
+ GNUNET_GNS_lookup (gns,
+ lookup_attribute,
+ ds_entry->issuer_key, // issuer_key,
+ GNUNET_GNSRECORD_TYPE_ATTRIBUTE,
+ GNUNET_GNS_LO_DEFAULT,
+ &backward_resolution,
+ ds_entry);
GNUNET_free (lookup_attribute);
}
}
- if (0 == vrh->pending_lookups) {
+ if (0 == vrh->pending_lookups)
+ {
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "We are all out of attributes...\n");
send_lookup_response (vrh);
return;
@@ -1008,20 +1056,22 @@ delegation_chain_bw_resolution_start (void *cls)
struct DelegateRecordEntry *del_entry;
vrh->lookup_request = NULL;
- if (0 == vrh->del_chain_size) {
+ if (0 == vrh->del_chain_size)
+ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No delegates found\n");
send_lookup_response (vrh);
return;
}
for (del_entry = vrh->del_chain_head; del_entry != NULL;
- del_entry = del_entry->next) {
+ del_entry = del_entry->next)
+ {
if (0 != memcmp (&del_entry->delegate->issuer_key,
- &vrh->issuer_key,
- sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
+ &vrh->issuer_key,
+ sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
continue;
- if (0 != strcmp (del_entry->delegate->issuer_attribute,
- vrh->issuer_attribute))
+ if (0 !=
+ strcmp (del_entry->delegate->issuer_attribute, vrh->issuer_attribute))
continue;
del_entry->refcount++;
// Found match prematurely
@@ -1029,7 +1079,7 @@ delegation_chain_bw_resolution_start (void *cls)
return;
}
-
+
//Check for attributes from the issuer and follow the chain
//till you get the required subject's attributes
char issuer_attribute_name[strlen (vrh->issuer_attribute) + 1];
@@ -1084,20 +1134,23 @@ delegation_chain_fw_resolution_start (void *cls)
// X.x <- C
// Y.y <- C
// wenn X.x oder Y.y nicht == A.a dann starte von A
- if (0 == vrh->del_chain_size) {
+ if (0 == vrh->del_chain_size)
+ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No delegations found\n");
send_lookup_response (vrh);
return;
}
- // Check if one of the delegations of the subject already match
- for (del_entry = vrh->del_chain_head; del_entry != NULL; del_entry = del_entry->next) {
+ // Check if one of the delegations of the subject already match
+ for (del_entry = vrh->del_chain_head; del_entry != NULL;
+ del_entry = del_entry->next)
+ {
if (0 != memcmp (&del_entry->delegate->issuer_key,
- &vrh->issuer_key,
- sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
+ &vrh->issuer_key,
+ sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
continue;
- if (0 != strcmp (del_entry->delegate->issuer_attribute,
- vrh->issuer_attribute))
+ if (0 !=
+ strcmp (del_entry->delegate->issuer_attribute, vrh->issuer_attribute))
continue;
del_entry->refcount++;
// Found match prematurely
@@ -1110,33 +1163,39 @@ delegation_chain_fw_resolution_start (void *cls)
// ds_entry created belongs to the first lookup, vrh still has the
// issuer+attr we look for
- for (del_entry = vrh->del_chain_head; del_entry != NULL; del_entry = del_entry->next) {
+ for (del_entry = vrh->del_chain_head; del_entry != NULL;
+ del_entry = del_entry->next)
+ {
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Looking for %s.%s\n",
- GNUNET_CRYPTO_ecdsa_public_key_to_string(&del_entry->delegate->issuer_key), del_entry->delegate->issuer_attribute);
-
+ GNUNET_CRYPTO_ecdsa_public_key_to_string (
+ &del_entry->delegate->issuer_key),
+ del_entry->delegate->issuer_attribute);
+
ds_entry = GNUNET_new (struct DelegationSetQueueEntry);
ds_entry->issuer_key = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPublicKey);
// TODO: new ds_entry struct with subject_key (or one for both with contact_key or sth)
GNUNET_memcpy (ds_entry->issuer_key,
- &del_entry->delegate->subject_key,
- sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
- ds_entry->attr_trailer = GNUNET_strdup(del_entry->delegate->issuer_attribute);
+ &del_entry->delegate->subject_key,
+ sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
+ ds_entry->attr_trailer =
+ GNUNET_strdup (del_entry->delegate->issuer_attribute);
ds_entry->handle = vrh;
vrh->root_set = ds_entry;
- vrh->pending_lookups ++;
+ vrh->pending_lookups++;
// Start with forward resolution
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Start Forward Resolution\n");
- ds_entry->lookup_request = GNUNET_GNS_lookup (gns,
- GNUNET_GNS_EMPTY_LABEL_AT,
- &del_entry->delegate->issuer_key, // issuer_key,
- GNUNET_GNSRECORD_TYPE_DELEGATE,
- GNUNET_GNS_LO_DEFAULT,
- &forward_resolution,
- ds_entry);
+ ds_entry->lookup_request =
+ GNUNET_GNS_lookup (gns,
+ GNUNET_GNS_EMPTY_LABEL_AT,
+ &del_entry->delegate->issuer_key, // issuer_key,
+ GNUNET_GNSRECORD_TYPE_DELEGATE,
+ GNUNET_GNS_LO_DEFAULT,
+ &forward_resolution,
+ ds_entry);
}
}
@@ -1147,17 +1206,20 @@ check_verify (void *cls, const struct VerifyMessage *v_msg)
const char *attr;
msg_size = ntohs (v_msg->header.size);
- if (msg_size < sizeof (struct VerifyMessage)) {
+ if (msg_size < sizeof (struct VerifyMessage))
+ {
GNUNET_break (0);
return GNUNET_SYSERR;
}
- if (ntohs (v_msg->issuer_attribute_len) > GNUNET_CREDENTIAL_MAX_LENGTH) {
+ if (ntohs (v_msg->issuer_attribute_len) > GNUNET_CREDENTIAL_MAX_LENGTH)
+ {
GNUNET_break (0);
return GNUNET_SYSERR;
}
- attr = (const char *)&v_msg[1];
+ attr = (const char *) &v_msg[1];
- if (strlen (attr) > GNUNET_CREDENTIAL_MAX_LENGTH) {
+ if (strlen (attr) > GNUNET_CREDENTIAL_MAX_LENGTH)
+ {
GNUNET_break (0);
return GNUNET_SYSERR;
}
@@ -1179,7 +1241,7 @@ handle_verify (void *cls, const struct VerifyMessage *v_msg)
const char *utf_in;
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Received VERIFY message\n");
- utf_in = (const char *)&v_msg[1];
+ utf_in = (const char *) &v_msg[1];
GNUNET_STRINGS_utf8_tolower (utf_in, attrptr);
GNUNET_memcpy (issuer_attribute, attr, ntohs (v_msg->issuer_attribute_len));
issuer_attribute[ntohs (v_msg->issuer_attribute_len)] = '\0';
@@ -1190,50 +1252,52 @@ handle_verify (void *cls, const struct VerifyMessage *v_msg)
vrh->issuer_key = v_msg->issuer_key;
vrh->subject_key = v_msg->subject_key;
vrh->issuer_attribute = GNUNET_strdup (issuer_attribute);
- vrh->resolution_algo = ntohs(v_msg->resolution_algo);
+ vrh->resolution_algo = ntohs (v_msg->resolution_algo);
GNUNET_SERVICE_client_continue (vrh->client);
- if (0 == strlen (issuer_attribute)) {
+ if (0 == strlen (issuer_attribute))
+ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No issuer attribute provided!\n");
send_lookup_response (vrh);
return;
}
-
+
// Parse delegates from verifaction message
delegate_count = ntohl (v_msg->d_count);
- delegate_data_size = ntohs (v_msg->header.size)
- - sizeof (struct VerifyMessage)
- - ntohs (v_msg->issuer_attribute_len) - 1;
+ delegate_data_size = ntohs (v_msg->header.size) -
+ sizeof (struct VerifyMessage) -
+ ntohs (v_msg->issuer_attribute_len) - 1;
struct GNUNET_CREDENTIAL_Delegate delegates[delegate_count];
memset (delegates,
0,
sizeof (struct GNUNET_CREDENTIAL_Delegate) * delegate_count);
- delegate_data = (char *)&v_msg[1] + ntohs (v_msg->issuer_attribute_len) + 1;
- if (GNUNET_OK
- != GNUNET_CREDENTIAL_delegates_deserialize (delegate_data_size,
- delegate_data,
- delegate_count,
- delegates)) {
+ delegate_data = (char *) &v_msg[1] + ntohs (v_msg->issuer_attribute_len) + 1;
+ if (GNUNET_OK != GNUNET_CREDENTIAL_delegates_deserialize (delegate_data_size,
+ delegate_data,
+ delegate_count,
+ delegates))
+ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Cannot deserialize delegates!\n");
send_lookup_response (vrh);
return;
}
// Prepare vrh delegation chain for later validation
- for (uint32_t i = 0; i < delegate_count; i++) {
+ for (uint32_t i = 0; i < delegate_count; i++)
+ {
del_entry = GNUNET_new (struct DelegateRecordEntry);
- del_entry->delegate
- = GNUNET_malloc (sizeof (struct GNUNET_CREDENTIAL_Delegate)
- + delegates[i].issuer_attribute_len + 1);
+ del_entry->delegate =
+ GNUNET_malloc (sizeof (struct GNUNET_CREDENTIAL_Delegate) +
+ delegates[i].issuer_attribute_len + 1);
GNUNET_memcpy (del_entry->delegate,
&delegates[i],
sizeof (struct GNUNET_CREDENTIAL_Delegate));
GNUNET_memcpy (&del_entry->delegate[1],
delegates[i].issuer_attribute,
delegates[i].issuer_attribute_len);
- del_entry->delegate->issuer_attribute_len
- = delegates[i].issuer_attribute_len;
- del_entry->delegate->issuer_attribute = (char *)&del_entry->delegate[1];
+ del_entry->delegate->issuer_attribute_len =
+ delegates[i].issuer_attribute_len;
+ del_entry->delegate->issuer_attribute = (char *) &del_entry->delegate[1];
GNUNET_CONTAINER_DLL_insert_tail (vrh->del_chain_head,
vrh->del_chain_tail,
del_entry);
@@ -1241,11 +1305,16 @@ handle_verify (void *cls, const struct VerifyMessage *v_msg)
}
// Switch resolution algo
- if(Backward == vrh->resolution_algo){
+ if (GNUNET_CREDENTIAL_FLAG_BACKWARD & vrh->resolution_algo)
+ {
delegation_chain_bw_resolution_start (vrh);
- } else if (Forward == vrh->resolution_algo){
+ }
+ else if (GNUNET_CREDENTIAL_FLAG_FORWARD & vrh->resolution_algo)
+ {
delegation_chain_fw_resolution_start (vrh);
- } else{
+ }
+ else
+ {
//TODO
}
}
@@ -1266,21 +1335,26 @@ delegate_collection_finished (void *cls)
struct VerifyRequestHandle *vrh = cls;
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Done collecting delegates.\n");
- if(Backward == vrh->resolution_algo){
+ if (GNUNET_CREDENTIAL_FLAG_BACKWARD & vrh->resolution_algo)
+ {
delegation_chain_bw_resolution_start (vrh);
- } else if (Forward == vrh->resolution_algo){
+ }
+ else if (GNUNET_CREDENTIAL_FLAG_FORWARD & vrh->resolution_algo)
+ {
delegation_chain_fw_resolution_start (vrh);
- } else{
+ }
+ else
+ {
//TODO
}
}
static void
handle_delegate_collection_cb (void *cls,
- const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
- const char *label,
- unsigned int rd_count,
- const struct GNUNET_GNSRECORD_Data *rd)
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
+ const char *label,
+ unsigned int rd_count,
+ const struct GNUNET_GNSRECORD_Data *rd)
{
struct VerifyRequestHandle *vrh = cls;
struct GNUNET_CREDENTIAL_Delegate *del;
@@ -1289,25 +1363,31 @@ handle_delegate_collection_cb (void *cls,
cred_record_count = 0;
vrh->dele_qe = NULL;
- //TODO not all, only private and with sub_attr_len == 0
- for (uint32_t i = 0; i < rd_count; i++) {
+ for (uint32_t i = 0; i < rd_count; i++)
+ {
if (GNUNET_GNSRECORD_TYPE_DELEGATE != rd[i].record_type)
continue;
cred_record_count++;
del = GNUNET_CREDENTIAL_delegate_deserialize (rd[i].data, rd[i].data_size);
- if (NULL == del) {
- GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "Invalid credential found\n");
+ if (NULL == del)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "Invalid delegate found\n");
continue;
}
- del_entry = GNUNET_new (struct DelegateRecordEntry);
- del_entry->delegate = del;
- GNUNET_CONTAINER_DLL_insert_tail (vrh->del_chain_head,
- vrh->del_chain_tail,
- del_entry);
- vrh->del_chain_size++;
+ // only add the entries that are explicity marked as private
+ // and therefor symbolize the end of a chain
+ if (rd[i].flags & GNUNET_GNSRECORD_RF_PRIVATE)
+ {
+ del_entry = GNUNET_new (struct DelegateRecordEntry);
+ del_entry->delegate = del;
+ GNUNET_CONTAINER_DLL_insert_tail (vrh->del_chain_head,
+ vrh->del_chain_tail,
+ del_entry);
+ vrh->del_chain_size++;
+ }
}
- delegate_collection_finished(vrh);
+ delegate_collection_finished (vrh);
}
static void
@@ -1322,7 +1402,7 @@ handle_collect (void *cls, const struct CollectMessage *c_msg)
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Received COLLECT message\n");
- utf_in = (const char *)&c_msg[1];
+ utf_in = (const char *) &c_msg[1];
GNUNET_STRINGS_utf8_tolower (utf_in, attrptr);
GNUNET_memcpy (issuer_attribute, attr, ntohs (c_msg->issuer_attribute_len));
@@ -1334,23 +1414,25 @@ handle_collect (void *cls, const struct CollectMessage *c_msg)
vrh->issuer_key = c_msg->issuer_key;
GNUNET_CRYPTO_ecdsa_key_get_public (&c_msg->subject_key, &vrh->subject_key);
vrh->issuer_attribute = GNUNET_strdup (issuer_attribute);
- vrh->resolution_algo = ntohs(c_msg->resolution_algo);
+ vrh->resolution_algo = ntohs (c_msg->resolution_algo);
- if (0 == strlen (issuer_attribute)) {
+ if (0 == strlen (issuer_attribute))
+ {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No issuer attribute provided!\n");
send_lookup_response (vrh);
return;
}
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Getting delegates for subject\n");
-
+
// Get all delegates from subject
- vrh->dele_qe = GNUNET_NAMESTORE_records_lookup (namestore,
- &c_msg->subject_key,
- GNUNET_GNS_EMPTY_LABEL_AT,
- &handle_delegate_collection_error_cb,
- vrh,
- &handle_delegate_collection_cb,
- vrh);
+ vrh->dele_qe =
+ GNUNET_NAMESTORE_records_lookup (namestore,
+ &c_msg->subject_key,
+ GNUNET_GNS_EMPTY_LABEL_AT,
+ &handle_delegate_collection_error_cb,
+ vrh,
+ &handle_delegate_collection_cb,
+ vrh);
GNUNET_SERVICE_client_continue (vrh->client);
}
@@ -1362,18 +1444,21 @@ check_collect (void *cls, const struct CollectMessage *c_msg)
const char *attr;
msg_size = ntohs (c_msg->header.size);
- if (msg_size < sizeof (struct CollectMessage)) {
+ if (msg_size < sizeof (struct CollectMessage))
+ {
GNUNET_break (0);
return GNUNET_SYSERR;
}
- if (ntohs (c_msg->issuer_attribute_len) > GNUNET_CREDENTIAL_MAX_LENGTH) {
+ if (ntohs (c_msg->issuer_attribute_len) > GNUNET_CREDENTIAL_MAX_LENGTH)
+ {
GNUNET_break (0);
return GNUNET_SYSERR;
}
- attr = (const char *)&c_msg[1];
+ attr = (const char *) &c_msg[1];
- if (('\0' != attr[msg_size - sizeof (struct CollectMessage) - 1])
- || (strlen (attr) > GNUNET_CREDENTIAL_MAX_LENGTH)) {
+ if (('\0' != attr[msg_size - sizeof (struct CollectMessage) - 1]) ||
+ (strlen (attr) > GNUNET_CREDENTIAL_MAX_LENGTH))
+ {
GNUNET_break (0);
return GNUNET_SYSERR;
}
@@ -1411,11 +1496,13 @@ run (void *cls,
{
gns = GNUNET_GNS_connect (c);
- if (NULL == gns) {
+ if (NULL == gns)
+ {
fprintf (stderr, _ ("Failed to connect to GNS\n"));
}
namestore = GNUNET_NAMESTORE_connect (c);
- if (NULL == namestore) {
+ if (NULL == namestore)
+ {
fprintf (stderr, _ ("Failed to connect to namestore\n"));
}
diff --git a/src/credential/plugin_gnsrecord_credential.c b/src/credential/plugin_gnsrecord_credential.c
index 784c7def1..088c4dd0e 100644
--- a/src/credential/plugin_gnsrecord_credential.c
+++ b/src/credential/plugin_gnsrecord_credential.c
@@ -27,7 +27,6 @@
#include "gnunet_util_lib.h"
-#include "credential_misc.h"
#include "delegate_misc.h"
#include "credential_serialization.h"
#include "gnunet_credential_service.h"
@@ -79,7 +78,7 @@ credential_value_to_string (void *cls,
{
subject_pkey =
GNUNET_CRYPTO_ecdsa_public_key_to_string (&set[i].subject_key);
-
+
if (0 == set[i].subject_attribute_len)
{
if (0 == i)
@@ -117,16 +116,6 @@ credential_value_to_string (void *cls,
}
return attr_str;
}
- case GNUNET_GNSRECORD_TYPE_CREDENTIAL:
- {
- struct GNUNET_CREDENTIAL_Credential *cred;
- char *cred_str;
-
- cred = GNUNET_CREDENTIAL_credential_deserialize (data, data_size);
- cred_str = GNUNET_CREDENTIAL_credential_to_string (cred);
- GNUNET_free (cred);
- return cred_str;
- }
case GNUNET_GNSRECORD_TYPE_DELEGATE:
{
struct GNUNET_CREDENTIAL_Delegate *cred;
@@ -255,14 +244,6 @@ credential_string_to_value (void *cls,
GNUNET_free (tmp_str);
return GNUNET_OK;
}
- case GNUNET_GNSRECORD_TYPE_CREDENTIAL:
- {
- struct GNUNET_CREDENTIAL_Credential *cred;
- cred = GNUNET_CREDENTIAL_credential_from_string (s);
-
- *data_size = GNUNET_CREDENTIAL_credential_serialize (cred, (char **) data);
- return GNUNET_OK;
- }
case GNUNET_GNSRECORD_TYPE_DELEGATE:
{
struct GNUNET_CREDENTIAL_Delegate *cred;
diff --git a/src/credential/test_credential_own.sh b/src/credential/test_credential_own.sh
index d2ed0b0ac..4ff1a8e08 100755
--- a/src/credential/test_credential_own.sh
+++ b/src/credential/test_credential_own.sh
@@ -74,8 +74,10 @@ gnunet-credential --createSubjectSide --ego=f --import "$SIGNED"
gnunet-namestore -D -z f
SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=f --attribute="c" --subject="$GKEY" --ttl="2019-12-12 10:00:00"`
-gnunet-credential --createSubjectSide --ego=g --import "$SIGNED"
+gnunet-credential --createSubjectSide --ego=g --import "$SIGNED" --private
SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=a --attribute="c" --subject="$GKEY" --ttl="2019-12-12 10:00:00"`
+gnunet-credential --createSubjectSide --ego=g --import "$SIGNED" --private
+SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=d --attribute="h.o" --subject="$GKEY" --ttl="2019-12-12 10:00:00"`
gnunet-credential --createSubjectSide --ego=g --import "$SIGNED"
gnunet-namestore -D -z g
@@ -92,20 +94,20 @@ gnunet-credential --createIssuerSide --ego=stateu --attribute=$STATE_STUD_ATTR -
# (4) RegistrarB issues Alice the credential "student"
SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=registrarb --attribute="$REG_STUD_ATTR" --subject="$ALICE_KEY" --ttl="2019-12-12 10:00:00"`
-gnunet-credential --createSubjectSide --ego=alice --import "$SIGNED"
+gnunet-credential --createSubjectSide --ego=alice --import "$SIGNED" --private
# Starting to resolve
echo "+++ Starting to Resolve +++"
-#CREDS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$AKEY --attribute="a" --ego=g -c test_credential_lookup.conf | paste -d, -s`
-#echo $CREDS
-#echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$GKEY --credential=\'$CREDS\' -c test_credential_lookup.conf
-#RES_CRED=`gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$GKEY --credential="$CREDS" -c test_credential_lookup.conf`
+#DELS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$AKEY --attribute="a" --ego=g --forward -c test_credential_lookup.conf | paste -d, -s`
+#echo $DELS
+#echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$GKEY --delegate=\'$DELS\' --forward -c test_credential_lookup.conf
+#RES_DELS=`gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$GKEY --delegate="$DELS" --forward -c test_credential_lookup.conf`
-CREDS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$EPUB_KEY --attribute=$DISC_ATTR --ego=alice -c test_credential_lookup.conf | paste -d, -s`
-echo $CREDS
-echo gnunet-credential --verify --issuer=$EPUB_KEY --attribute=$DISC_ATTR --subject=$ALICE_KEY --credential=\'$CREDS\' -c test_credential_lookup.conf
-RES_CRED=`gnunet-credential --verify --issuer=$EPUB_KEY --attribute=$DISC_ATTR --subject=$ALICE_KEY --credential="$CREDS" -c test_credential_lookup.conf`
+DELS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$EPUB_KEY --attribute=$DISC_ATTR --ego=alice --backward -c test_credential_lookup.conf | paste -d, -s`
+echo $DELS
+echo gnunet-credential --verify --issuer=$EPUB_KEY --attribute=$DISC_ATTR --subject=$ALICE_KEY --delegate=\'$DELS\' --backward -c test_credential_lookup.conf
+RES_DELS=`gnunet-credential --verify --issuer=$EPUB_KEY --attribute=$DISC_ATTR --subject=$ALICE_KEY --delegate="$DELS" --backward -c test_credential_lookup.conf`
# Cleanup properly
@@ -120,13 +122,13 @@ gnunet-namestore -z stateu -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_loo
gnunet-arm -e -c test_credential_lookup.conf
-if [ "$RES_CRED" != "Failed." ]
+if [ "$RES_DELS" != "Failed." ]
then
# TODO: replace echo -e bashism
- echo -e "${RES_CRED}"
+ echo -e "${RES_DELS}"
exit 0
else
- echo "FAIL: Failed to verify credential $RES_CRED."
+ echo "FAIL: Failed to verify credential $RES_DELS."
exit 1
fi
diff --git a/src/include/gnunet_credential_service.h b/src/include/gnunet_credential_service.h
index b64bb350c..be682c3b5 100644
--- a/src/include/gnunet_credential_service.h
+++ b/src/include/gnunet_credential_service.h
@@ -168,43 +168,6 @@ struct GNUNET_CREDENTIAL_Delegation {
/**
- * A credential
- */
-struct GNUNET_CREDENTIAL_Credential {
-
- /**
- * The issuer of the credential
- */
- struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key;
-
- /**
- * Public key of the subject this credential was issued to
- */
- struct GNUNET_CRYPTO_EcdsaPublicKey subject_key;
-
- /**
- * Signature of this credential
- */
- struct GNUNET_CRYPTO_EcdsaSignature signature;
-
- /**
- * Expiration of this credential
- */
- struct GNUNET_TIME_Absolute expiration;
-
- /**
- * Length of the attribute
- */
- uint32_t issuer_attribute_len;
-
- /**
- * The attribute
- */
- const char *issuer_attribute;
-
-};
-
-/**
* A delegate
*/
struct GNUNET_CREDENTIAL_Delegate {
@@ -251,7 +214,18 @@ struct GNUNET_CREDENTIAL_Delegate {
};
+/*
+* Enum used for checking whether the issuer has the authority to issue credentials or is just a subject
+*/
+enum GNUNET_CREDENTIAL_AlgoDirectionFlags {
+ //Subject had credentials before, but have been revoked now
+ GNUNET_CREDENTIAL_FLAG_FORWARD=1 << 0,
+
+ //Subject flag indicates that the subject is a holder of this credential and may present it as such
+ GNUNET_CREDENTIAL_FLAG_BACKWARD=1 << 1
+
+};
/**
* Initialize the connection with the Credential service.
@@ -332,7 +306,8 @@ GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle,
const char *issuer_attribute,
const struct GNUNET_CRYPTO_EcdsaPublicKey *subject_key,
uint32_t credential_count,
- const struct GNUNET_CREDENTIAL_Delegate *credentials,
+ const struct GNUNET_CREDENTIAL_Delegate *delegates,
+ enum GNUNET_CREDENTIAL_AlgoDirectionFlags direction,
GNUNET_CREDENTIAL_CredentialResultProcessor proc,
void *proc_cls);
@@ -341,6 +316,7 @@ GNUNET_CREDENTIAL_collect (struct GNUNET_CREDENTIAL_Handle *handle,
const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
const char *issuer_attribute,
const struct GNUNET_CRYPTO_EcdsaPrivateKey *subject_key,
+ enum GNUNET_CREDENTIAL_AlgoDirectionFlags direction,
GNUNET_CREDENTIAL_CredentialResultProcessor proc,
void *proc_cls);
@@ -393,21 +369,6 @@ GNUNET_CREDENTIAL_remove_delegation (struct GNUNET_CREDENTIAL_Handle *handle,
* @param expiration the TTL of the credential
* @return handle to the queued request
*/
-struct GNUNET_CREDENTIAL_Credential*
-GNUNET_CREDENTIAL_credential_issue (const struct GNUNET_CRYPTO_EcdsaPrivateKey *issuer,
- struct GNUNET_CRYPTO_EcdsaPublicKey *subject,
- const char *attribute,
- struct GNUNET_TIME_Absolute *expiration);
-
-/**
- * Issue an attribute to a subject
- *
- * @param issuer the ego that should be used to issue the attribute
- * @param subject the subject of the attribute
- * @param attribute the name of the attribute
- * @param expiration the TTL of the credential
- * @return handle to the queued request
- */
struct GNUNET_CREDENTIAL_Delegate*
GNUNET_CREDENTIAL_delegate_issue (const struct GNUNET_CRYPTO_EcdsaPrivateKey *issuer,
struct GNUNET_CRYPTO_EcdsaPublicKey *subject,