summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Ebner <pansy007@googlemail.com>2019-08-18 13:46:05 +0200
committerSchanzenbach, Martin <mschanzenbach@posteo.de>2019-10-07 12:17:29 +0200
commit6ad2e1f1dce42e5c998425e80f48d512638e278e (patch)
treebb8e2d7d10aca751dc5711746c802c061846aff0
parent7b749c91759eb75eda5cac1e02954cc82ef27db3 (diff)
Bidirectional implementation finished, more complex tests for bidirectional, cleanup fix, todos done:
- fixed cleanup to not cause errors and uncommented it again - added new tests for AND, linked roles and fw/bw - fixed an older bug to make test ..own_and2.sh work - replaced bidirectional matching of bw with unresolved_attribute.. (because it contains all the subject attributes/roles) - introduced extra function for bidirectional match handling (is the same for bw and fw and pretty long) - commandline: if not specified to use bw or fw search -> assume it's bidirectional - moved the bidirecitonal matching list to vrh and removed it from being global - valgrind on service (one error remaining, to be solved in future commits) - use the vrh->dsq_head/tail for the cleanup stuff
-rw-r--r--src/credential/gnunet-credential.c30
-rw-r--r--src/credential/gnunet-service-credential.c368
-rwxr-xr-xsrc/credential/test_credential_bi_and.sh99
-rwxr-xr-xsrc/credential/test_credential_bi_and2.sh96
-rwxr-xr-xsrc/credential/test_credential_bi_bw.sh (renamed from src/credential/test_credential_bi.sh)0
-rwxr-xr-xsrc/credential/test_credential_bi_bw_link.sh93
-rwxr-xr-xsrc/credential/test_credential_bi_bw_link2.sh94
-rwxr-xr-xsrc/credential/test_credential_bi_fw.sh95
-rwxr-xr-xsrc/credential/test_credential_own_and2.sh88
9 files changed, 792 insertions, 171 deletions
diff --git a/src/credential/gnunet-credential.c b/src/credential/gnunet-credential.c
index 5cc1a791e..f2d967eea 100644
--- a/src/credential/gnunet-credential.c
+++ b/src/credential/gnunet-credential.c
@@ -769,12 +769,9 @@ run (void *cls,
if (GNUNET_NO == forward && GNUNET_NO == backward)
{
- fprintf (
- stderr,
- _ (
- "You must state which search direction: '--forward' or '--backward'\n"));
- GNUNET_SCHEDULER_shutdown ();
- return;
+ // set default: bidirectional
+ forward = GNUNET_YES;
+ backward = GNUNET_YES;
}
if (GNUNET_YES == forward)
direction |= GNUNET_CREDENTIAL_FLAG_FORWARD;
@@ -834,15 +831,6 @@ run (void *cls,
if (GNUNET_YES == verify)
{
- if (GNUNET_NO == forward && GNUNET_NO == backward)
- {
- fprintf (
- stderr,
- _ (
- "You must state which search direction: '-forward' or 'backward'\n"));
- GNUNET_SCHEDULER_shutdown ();
- return;
- }
if (NULL == issuer_key)
{
fprintf (stderr, _ ("Issuer public key not well-formed\n"));
@@ -973,12 +961,12 @@ main (int argc, char *const *argv)
"EGO",
gettext_noop ("The ego/zone name to use"),
&ego_name),
- GNUNET_GETOPT_option_string (
- 'a',
- "attribute",
- "ATTR",
- gettext_noop ("The issuer attribute to verify against or to issue"),
- &issuer_attr),
+ GNUNET_GETOPT_option_string (
+ 'a',
+ "attribute",
+ "ATTR",
+ gettext_noop ("The issuer attribute to verify against or to issue"),
+ &issuer_attr),
GNUNET_GETOPT_option_string ('T',
"ttl",
"EXP",
diff --git a/src/credential/gnunet-service-credential.c b/src/credential/gnunet-service-credential.c
index 9de16bf72..ee02042c8 100644
--- a/src/credential/gnunet-service-credential.c
+++ b/src/credential/gnunet-service-credential.c
@@ -293,6 +293,16 @@ struct VerifyRequestHandle
struct DelegationChainEntry *delegation_chain_tail;
/**
+ * List for bidirectional matching
+ */
+ struct DelegationSetQueueEntry *dsq_head;
+
+ /**
+ * List for bidirectional matching
+ */
+ struct DelegationSetQueueEntry *dsq_tail;
+
+ /**
* Issuer public key
*/
struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key;
@@ -357,12 +367,12 @@ struct VerifyRequestHandle
/**
* Head of the DLL.
*/
-static struct VerifyRequestHandle *vrh_head;
+static struct VerifyRequestHandle *vrh_head = NULL;
/**
* Tail of the DLL.
*/
-static struct VerifyRequestHandle *vrh_tail;
+static struct VerifyRequestHandle *vrh_tail = NULL;
/**
* Handle to the statistics service
@@ -374,11 +384,6 @@ static struct GNUNET_STATISTICS_Handle *statistics;
*/
static struct GNUNET_GNS_Handle *gns;
-//TODO vrh dependent
-static struct DelegationSetQueueEntry *dsq_head;
-static struct DelegationSetQueueEntry *dsq_tail;
-
-
/**
* Handle to namestore service
*/
@@ -429,6 +434,45 @@ cleanup_delegation_set (struct DelegationSetQueueEntry *ds_entry)
}
static void
+cleanup_dsq_list (struct VerifyRequestHandle *vrh)
+{
+ struct DelegationSetQueueEntry *ds_entry;
+
+ if (NULL == vrh->dsq_head)
+ return;
+
+ for (ds_entry = vrh->dsq_head; NULL != vrh->dsq_head;
+ ds_entry = vrh->dsq_head)
+ {
+ GNUNET_CONTAINER_DLL_remove (vrh->dsq_head, vrh->dsq_tail, ds_entry);
+ GNUNET_free_non_null (ds_entry->issuer_key);
+ GNUNET_free_non_null (ds_entry->issuer_attribute);
+ GNUNET_free_non_null (ds_entry->attr_trailer);
+ // those fields are only set/used in bw search
+ if (ds_entry->from_bw)
+ {
+ GNUNET_free_non_null (ds_entry->lookup_attribute);
+ GNUNET_free_non_null (ds_entry->unresolved_attribute_delegation);
+ }
+ if (NULL != ds_entry->lookup_request)
+ {
+ GNUNET_GNS_lookup_cancel (ds_entry->lookup_request);
+ ds_entry->lookup_request = NULL;
+ }
+ if (NULL != ds_entry->delegation_chain_entry)
+ {
+ GNUNET_free_non_null (
+ ds_entry->delegation_chain_entry->subject_attribute);
+ GNUNET_free_non_null (ds_entry->delegation_chain_entry->issuer_attribute);
+ GNUNET_free (ds_entry->delegation_chain_entry);
+ }
+ //TODO: Free dq_entry, how?
+ //GNUNET_free (ds_entry->parent_queue_entry);
+ GNUNET_free (ds_entry);
+ }
+}
+
+static void
cleanup_handle (struct VerifyRequestHandle *vrh)
{
struct DelegateRecordEntry *del_entry;
@@ -438,7 +482,8 @@ cleanup_handle (struct VerifyRequestHandle *vrh)
GNUNET_GNS_lookup_cancel (vrh->lookup_request);
vrh->lookup_request = NULL;
}
- cleanup_delegation_set (vrh->root_set);
+ //cleanup_delegation_set (vrh->root_set);
+ cleanup_dsq_list (vrh);
GNUNET_free_non_null (vrh->issuer_attribute);
for (del_entry = vrh->del_chain_head; NULL != vrh->del_chain_head;
del_entry = vrh->del_chain_head)
@@ -491,7 +536,6 @@ send_lookup_response (struct VerifyRequestHandle *vrh)
struct DelegationChainResultMessage *rmsg;
struct DelegationChainEntry *dce;
struct GNUNET_CREDENTIAL_Delegation dd[vrh->delegation_chain_size];
- //TODO rename all methods using credential
struct GNUNET_CREDENTIAL_Delegate dele[vrh->del_chain_size];
struct DelegateRecordEntry *del;
struct DelegateRecordEntry *tmp;
@@ -574,7 +618,7 @@ send_lookup_response (struct VerifyRequestHandle *vrh)
GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq (vrh->client), env);
GNUNET_CONTAINER_DLL_remove (vrh_head, vrh_tail, vrh);
//TODO fix cleanup with bidirectional
- //cleanup_handle (vrh);
+ cleanup_handle (vrh);
GNUNET_STATISTICS_update (statistics,
"Completed verifications",
@@ -639,6 +683,84 @@ partial_match (char *tmp_trail,
}
static void
+print_deleset (struct DelegationSetQueueEntry *dsentry, char *text)
+{
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "%s %s.%s <- %s.%s\n",
+ text,
+ GNUNET_CRYPTO_ecdsa_public_key_to_string (
+ &dsentry->delegation_chain_entry->issuer_key),
+ dsentry->delegation_chain_entry->issuer_attribute,
+ GNUNET_CRYPTO_ecdsa_public_key_to_string (
+ &dsentry->delegation_chain_entry->subject_key),
+ dsentry->delegation_chain_entry->subject_attribute);
+}
+
+static int
+handle_bidirectional_match (struct DelegationSetQueueEntry *actual_entry,
+ struct DelegationSetQueueEntry *match_entry,
+ struct VerifyRequestHandle *vrh)
+{
+ struct DelegationSetQueueEntry *old_fw_parent;
+ struct DelegationSetQueueEntry *fw_entry = actual_entry;
+ struct DelegationSetQueueEntry *last_entry = match_entry;
+ // parent fixing, combine backward and forward chain parts
+ while (NULL != fw_entry->parent_queue_entry)
+ {
+ old_fw_parent = fw_entry->parent_queue_entry->parent_set;
+ // set parent
+ fw_entry->parent_queue_entry->parent_set = last_entry;
+
+ last_entry = fw_entry;
+ fw_entry = old_fw_parent;
+ }
+ // set last entry of chain as actual_entry
+ //actual_entry = last_entry;
+ // set refcount, loop all delegations
+ for (struct DelegateRecordEntry *del_entry = vrh->del_chain_head;
+ del_entry != NULL;
+ del_entry = del_entry->next)
+ {
+ if (0 != memcmp (&last_entry->delegation_chain_entry->subject_key,
+ &del_entry->delegate->issuer_key,
+ sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
+ continue;
+ if (0 != strcmp (last_entry->delegation_chain_entry->subject_attribute,
+ del_entry->delegate->issuer_attribute))
+ continue;
+
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Found delegate.\n");
+ // increase refcount of the start delegation
+ del_entry->refcount++;
+ }
+ // backtrack
+ for (struct DelegationSetQueueEntry *tmp_set = last_entry;
+ NULL != tmp_set->parent_queue_entry;
+ tmp_set = tmp_set->parent_queue_entry->parent_set)
+ {
+ tmp_set->parent_queue_entry->required_solutions--;
+
+ // add new found entry to vrh
+ vrh->delegation_chain_size++;
+ GNUNET_CONTAINER_DLL_insert (vrh->delegation_chain_head,
+ vrh->delegation_chain_tail,
+ tmp_set->delegation_chain_entry);
+
+ // if one node on the path still needs solutions, this current
+ // patch cannot fullfil the conditions and therefore stops here
+ // however, it is in the vrh and can be used by the other paths
+ // related to this path/collection/verification
+ if (0 < tmp_set->parent_queue_entry->required_solutions)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Chain requires more solutions, waiting...\n");
+ return GNUNET_NO;
+ }
+ }
+ return GNUNET_YES;
+}
+
+static void
forward_resolution (void *cls,
uint32_t rd_count,
const struct GNUNET_GNSRECORD_Data *rd)
@@ -747,7 +869,6 @@ forward_resolution (void *cls,
// Start: Credential Chain Entry
// issuer key is subject key, who needs to be contacted to resolve this (forward, therefore subject)
- // TODO: new ds_entry struct with subject_key (or one for both with contact_key or sth)
ds_entry->issuer_key = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPublicKey);
GNUNET_memcpy (ds_entry->issuer_key,
&del->subject_key,
@@ -816,41 +937,44 @@ forward_resolution (void *cls,
}
}
- // TODO testing area
-
- // Check list
- for (struct DelegationSetQueueEntry *del_entry = dsq_head;
- del_entry != NULL;
- del_entry = del_entry->next)
+ // Check for bidirectional crossmatch
+ for (struct DelegationSetQueueEntry *del_entry = vrh->dsq_head;
+ del_entry != NULL;
+ del_entry = del_entry->next)
{
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"--fw-------- %s.%s <- %s.%s\n",
- GNUNET_CRYPTO_ecdsa_public_key_to_string(&del_entry->delegation_chain_entry->issuer_key),
- del_entry->delegation_chain_entry->issuer_attribute,
- GNUNET_CRYPTO_ecdsa_public_key_to_string(&del_entry->delegation_chain_entry->subject_key),
- del_entry->delegation_chain_entry->subject_attribute);
-
- // only check entries not added by forward algorithm
- if(del_entry->from_bw)
+ // only check entries not by backward algorithm
+ if (del_entry->from_bw)
{
// key of list entry matches actual key
if (0 == memcmp (&del_entry->delegation_chain_entry->subject_key,
- &ds_entry->delegation_chain_entry->issuer_key,
- sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
+ &ds_entry->delegation_chain_entry->issuer_key,
+ sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
{
// compare entry subject attributes to this trailer (iss attr + old trailer)
- if (0 == strcmp (del_entry->delegation_chain_entry->subject_attribute,
- ds_entry->attr_trailer))
+ if (0 == strcmp (del_entry->unresolved_attribute_delegation,
+ ds_entry->attr_trailer))
{
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"--fw-------- Found match with above!\n");
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Forward: %s!\n",
+ del_entry->unresolved_attribute_delegation);
+ print_deleset (del_entry, "Forward:");
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Forward: Found match with above!\n");
+
+ // one node on the path still needs solutions: return
+ if (GNUNET_NO ==
+ handle_bidirectional_match (ds_entry, del_entry, vrh))
+ return;
+
send_lookup_response (vrh);
return;
}
}
}
}
- // No crossmatch/bidirectional result, add this ds_entry for the bw algo to match
- ds_entry->from_bw = false;
- GNUNET_CONTAINER_DLL_insert (dsq_head, dsq_tail, ds_entry);
+ // No crossmatch/bidirectional found, add this ds_entry for the bw algo to match
+ ds_entry->from_bw = false;
+ GNUNET_CONTAINER_DLL_insert (vrh->dsq_head, vrh->dsq_tail, ds_entry);
// Starting a new GNS lookup
vrh->pending_lookups++;
@@ -879,17 +1003,6 @@ forward_resolution (void *cls,
}
static void
-print_deleset(struct DelegationSetQueueEntry *dsentry, char* text)
-{
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"%s %s.%s <- %s.%s\n",
- text,
- GNUNET_CRYPTO_ecdsa_public_key_to_string(&dsentry->delegation_chain_entry->issuer_key),
- dsentry->delegation_chain_entry->issuer_attribute,
- GNUNET_CRYPTO_ecdsa_public_key_to_string(&dsentry->delegation_chain_entry->subject_key),
- dsentry->delegation_chain_entry->subject_attribute);
-}
-
-static void
backward_resolution (void *cls,
uint32_t rd_count,
const struct GNUNET_GNSRECORD_Data *rd)
@@ -987,9 +1100,10 @@ backward_resolution (void *cls,
ds_entry->parent_queue_entry = dq_entry; // current_delegation;
- GNUNET_CONTAINER_DLL_insert (dq_entry->set_entries_head,
+ // TODO required? everything in dsq_head list, change cleanup
+ /*GNUNET_CONTAINER_DLL_insert (dq_entry->set_entries_head,
dq_entry->set_entries_tail,
- ds_entry);
+ ds_entry);*/
/**
* Check if this delegation already matches one of our credentials
@@ -1000,7 +1114,7 @@ backward_resolution (void *cls,
del_pointer = del_pointer->next)
{
// If key and attribute match credential: continue and backtrack
- if (0 != memcmp (&set->subject_key,
+ if (0 != memcmp (&set[j].subject_key,
&del_pointer->delegate->issuer_key,
sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
continue;
@@ -1033,7 +1147,7 @@ backward_resolution (void *cls,
break;
}
- // if the break above is not called the condition of the for is met
+ // if the break above is not called the condition of the for is met
if (NULL == tmp_set->parent_queue_entry)
{
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "All solutions found\n");
@@ -1073,94 +1187,33 @@ backward_resolution (void *cls,
ds_entry->attr_trailer = GNUNET_strdup (next_attr);
}
-
- // TODO testing area
- // Check list
- for (struct DelegationSetQueueEntry *del_entry = dsq_head;
- del_entry != NULL;
- del_entry = del_entry->next)
+ // Check for bidirectional crossmatch
+ for (struct DelegationSetQueueEntry *del_entry = vrh->dsq_head;
+ del_entry != NULL;
+ del_entry = del_entry->next)
{
- print_deleset(del_entry, "-----bw----- ");
-
- // only check entries not added by forward algorithm
- if(!del_entry->from_bw)
+ // only check entries added by forward algorithm
+ if (!del_entry->from_bw)
{
// key of list entry matches actual key
if (0 == memcmp (&del_entry->delegation_chain_entry->issuer_key,
- &ds_entry->delegation_chain_entry->subject_key,
- sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
+ &ds_entry->delegation_chain_entry->subject_key,
+ sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
{
// compare entry subject attributes to this trailer (iss attr + old trailer)
if (0 == strcmp (del_entry->attr_trailer,
- ds_entry->delegation_chain_entry->subject_attribute))
+ ds_entry->unresolved_attribute_delegation))
{
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"--bw-------- Found match with above!\n");
-
- //TODO parents are not set correctly, for FW parents are going down in the chain
- // and for BW parents are going up
- // therefore: parent fixing needs to be done and then the stuff from above
- // backtrack(required solutions) and refcount++
- // might need some functions cuz its getting real big in here
-
- struct DelegationSetQueueEntry *old_fw_parent;
- struct DelegationSetQueueEntry *fw_entry = del_entry;
- struct DelegationSetQueueEntry *bw_entry = ds_entry;
- // parentset and add
- while(NULL != fw_entry->parent_queue_entry)
- {
- print_deleset(fw_entry, "-----in while----- ");
- old_fw_parent = fw_entry->parent_queue_entry->parent_set;
- // set parent
- fw_entry->parent_queue_entry->parent_set = bw_entry;
+ print_deleset (del_entry, "Backward:");
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Backward: Found match with above!\n");
- bw_entry = fw_entry;
- fw_entry = old_fw_parent;
- }
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "NACH WHILE\n");
- // set last entry of chain as actual ds_entry
- ds_entry = bw_entry;
- // set refcount, loop all delegations
- for (del_pointer = vrh->del_chain_head; del_pointer != NULL;
- del_pointer = del_pointer->next)
- {
- if (0 != memcmp (&ds_entry->delegation_chain_entry->subject_key,
- &del_pointer->delegate->issuer_key,
- sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
- continue;
- if (0 != strcmp (ds_entry->delegation_chain_entry->subject_attribute,
- del_pointer->delegate->issuer_attribute))
- continue;
-
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Found delegate.\n");
- // increase refcount of the start delegation
- del_pointer->refcount++;
- }
- // backtrack
- for (tmp_set = ds_entry; NULL != tmp_set->parent_queue_entry;
- tmp_set = tmp_set->parent_queue_entry->parent_set)
- {
- //TODO set refcount
- print_deleset(tmp_set, "-----ENDSET----- ");
- tmp_set->parent_queue_entry->required_solutions--;
+ // if one node on the path still needs solutions: return
+ if (GNUNET_NO ==
+ handle_bidirectional_match (del_entry, ds_entry, vrh))
+ break;
- // add new found entry to vrh
- vrh->delegation_chain_size++;
- GNUNET_CONTAINER_DLL_insert (vrh->delegation_chain_head,
- vrh->delegation_chain_tail,
- tmp_set->delegation_chain_entry);
-
- // if one node on the path still needs solutions, this current
- // patch cannot fullfil the conditions and therefore stops here
- // however, it is in the vrh and can be used by the other paths
- // related to this path/collection/verification
- if (0 < tmp_set->parent_queue_entry->required_solutions)
- {
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Chain requires more solutions, waiting...\n");
- return;
- }
- }
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "NACH FOR\n");
-
+ // Send lookup response
send_lookup_response (vrh);
return;
}
@@ -1168,11 +1221,11 @@ backward_resolution (void *cls,
}
}
// No crossmatch/bidirectional result, add this ds_entry for the bw algo to match
- ds_entry->from_bw = true;
- GNUNET_CONTAINER_DLL_insert (dsq_head, dsq_tail, ds_entry);
-
+ ds_entry->from_bw = true;
+ GNUNET_CONTAINER_DLL_insert (vrh->dsq_head, vrh->dsq_tail, ds_entry);
+ // Starting a new GNS lookup
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Looking up %s\n",
ds_entry->lookup_attribute);
@@ -1225,6 +1278,13 @@ delegation_chain_bw_resolution_start (void *cls)
return;
}
+ // Pre-check with vrh->dele_chain_.. if match issuer_key
+ // Backward: check every cred entry if match issuer key
+ // otherwise: start at issuer and go down till match
+ // A.a <- ...
+ // X.x <- C
+ // Y.y <- C
+ // if not X.x or Y.y == A.a stat at A
for (del_entry = vrh->del_chain_head; del_entry != NULL;
del_entry = del_entry->next)
{
@@ -1283,19 +1343,6 @@ delegation_chain_fw_resolution_start (void *cls)
// set to 0 and increase on each lookup: for fw multiple lookups (may be) started
vrh->pending_lookups = 0;
- //TODO no pre-check with vrh->dele_chain_bla if match issuer_key
- //otherwise: start mutliple lookups for each vrh->dele_chain
- // A.a <- ...
- // X.x <- C
- // Y.y <- C
- // wenn X.x oder Y.y nicht == A.a dann starte bei X und bei Y
-
- // bei backward: check every cred entry if match issuer key
- // otherwise: start at issuer and go down till match
- // A.a <- ...
- // X.x <- C
- // Y.y <- C
- // wenn X.x oder Y.y nicht == A.a dann starte von A
if (0 == vrh->del_chain_size)
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No delegations found\n");
@@ -1303,7 +1350,12 @@ delegation_chain_fw_resolution_start (void *cls)
return;
}
- // Check if one of the delegations of the subject already match
+ // Pre-check with vrh->dele_chain_.. if match issuer_key
+ // otherwise FW: start mutliple lookups for each vrh->dele_chain
+ // A.a <- ...
+ // X.x <- C
+ // Y.y <- C
+ // if not X.x or Y.y == A.a start at X and at Y
for (del_entry = vrh->del_chain_head; del_entry != NULL;
del_entry = del_entry->next)
{
@@ -1337,7 +1389,6 @@ delegation_chain_fw_resolution_start (void *cls)
ds_entry = GNUNET_new (struct DelegationSetQueueEntry);
ds_entry->issuer_key = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPublicKey);
- // TODO: new ds_entry struct with subject_key (or one for both with contact_key or sth)
GNUNET_memcpy (ds_entry->issuer_key,
&del_entry->delegate->subject_key,
sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
@@ -1416,6 +1467,13 @@ handle_verify (void *cls, const struct VerifyMessage *v_msg)
vrh->issuer_attribute = GNUNET_strdup (issuer_attribute);
vrh->resolution_algo = ntohs (v_msg->resolution_algo);
+ vrh->del_chain_head = NULL;
+ vrh->del_chain_tail = NULL;
+ vrh->dsq_head = NULL;
+ vrh->dsq_tail = NULL;
+ vrh->del_chain_head = NULL;
+ vrh->del_chain_tail = NULL;
+
GNUNET_SERVICE_client_continue (vrh->client);
if (0 == strlen (issuer_attribute))
{
@@ -1467,12 +1525,14 @@ handle_verify (void *cls, const struct VerifyMessage *v_msg)
}
// Switch resolution algo
- if(GNUNET_CREDENTIAL_FLAG_BACKWARD & vrh->resolution_algo && GNUNET_CREDENTIAL_FLAG_FORWARD & vrh->resolution_algo)
+ if (GNUNET_CREDENTIAL_FLAG_BACKWARD & vrh->resolution_algo &&
+ GNUNET_CREDENTIAL_FLAG_FORWARD & vrh->resolution_algo)
{
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "--------BOTH\n");
delegation_chain_fw_resolution_start (vrh);
delegation_chain_bw_resolution_start (vrh);
- } else if (GNUNET_CREDENTIAL_FLAG_BACKWARD & vrh->resolution_algo)
+ }
+ else if (GNUNET_CREDENTIAL_FLAG_BACKWARD & vrh->resolution_algo)
{
delegation_chain_bw_resolution_start (vrh);
}
@@ -1498,13 +1558,14 @@ delegate_collection_finished (void *cls)
struct VerifyRequestHandle *vrh = cls;
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Done collecting delegates.\n");
- //TODO correct calls
- if(GNUNET_CREDENTIAL_FLAG_BACKWARD & vrh->resolution_algo && GNUNET_CREDENTIAL_FLAG_FORWARD & vrh->resolution_algo)
+ // if both are set: bidirectional search, meaning start both chain resolutions
+ if (GNUNET_CREDENTIAL_FLAG_BACKWARD & vrh->resolution_algo &&
+ GNUNET_CREDENTIAL_FLAG_FORWARD & vrh->resolution_algo)
{
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "--------BOTH\n");
delegation_chain_fw_resolution_start (vrh);
delegation_chain_bw_resolution_start (vrh);
- }else if (GNUNET_CREDENTIAL_FLAG_BACKWARD & vrh->resolution_algo)
+ }
+ else if (GNUNET_CREDENTIAL_FLAG_BACKWARD & vrh->resolution_algo)
{
delegation_chain_bw_resolution_start (vrh);
}
@@ -1581,6 +1642,13 @@ handle_collect (void *cls, const struct CollectMessage *c_msg)
vrh->issuer_attribute = GNUNET_strdup (issuer_attribute);
vrh->resolution_algo = ntohs (c_msg->resolution_algo);
+ vrh->del_chain_head = NULL;
+ vrh->del_chain_tail = NULL;
+ vrh->dsq_head = NULL;
+ vrh->dsq_tail = NULL;
+ vrh->del_chain_head = NULL;
+ vrh->del_chain_tail = NULL;
+
if (0 == strlen (issuer_attribute))
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No issuer attribute provided!\n");
diff --git a/src/credential/test_credential_bi_and.sh b/src/credential/test_credential_bi_and.sh
new file mode 100755
index 000000000..c69aea53f
--- /dev/null
+++ b/src/credential/test_credential_bi_and.sh
@@ -0,0 +1,99 @@
+#!/usr/bin/env bash
+trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
+
+LOCATION=$(which gnunet-config)
+if [ -z $LOCATION ]
+then
+ LOCATION="gnunet-config"
+fi
+$LOCATION --version 1> /dev/null
+if test $? != 0
+then
+ echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
+ exit 77
+fi
+
+rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
+
+
+
+
+which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 10"
+gnunet-arm -s -c test_credential_lookup.conf
+
+gnunet-identity -C a -c test_credential_lookup.conf
+gnunet-identity -C b -c test_credential_lookup.conf
+gnunet-identity -C c -c test_credential_lookup.conf
+gnunet-identity -C d -c test_credential_lookup.conf
+gnunet-identity -C e -c test_credential_lookup.conf
+gnunet-identity -C f -c test_credential_lookup.conf
+gnunet-identity -C g -c test_credential_lookup.conf
+gnunet-identity -C h -c test_credential_lookup.conf
+AKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep a | awk '{print $3}')
+BKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep b | awk '{print $3}')
+CKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep c | awk '{print $3}')
+DKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep d | awk '{print $3}')
+EKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep e | awk '{print $3}')
+FKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep f | awk '{print $3}')
+GKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep g | awk '{print $3}')
+HKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep h | awk '{print $3}')
+
+# (1) (A.a) <- B.b
+# (2) (B.b) <- C.c AND G.g
+# (3) C.c <- (D.D)
+# (4) D.d <- (E.e)
+# (5) E.e <- (F) priv
+# (6) (G.g) <- H.h
+# (7) H.h <- (F) priv
+
+# BIDIRECTIONAL
+gnunet-credential --createIssuerSide --ego=a --attribute="a" --subject="$BKEY b" --ttl=5m -c test_credential_lookup.conf
+gnunet-namestore -D -z a
+gnunet-credential --createIssuerSide --ego=b --attribute="b" --subject="$CKEY c, $GKEY g" --ttl=5m -c test_credential_lookup.conf
+gnunet-namestore -D -z b
+gnunet-credential --createIssuerSide --ego=g --attribute="g" --subject="$HKEY h" --ttl=5m -c test_credential_lookup.conf
+gnunet-namestore -D -z b
+
+SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=c --attribute="c" --subject="$DKEY d" --ttl="2019-12-12 10:00:00"`
+gnunet-credential --createSubjectSide --ego=d --import "$SIGNED"
+gnunet-namestore -D -z d
+SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=d --attribute="d" --subject="$EKEY e" --ttl="2019-12-12 10:00:00"`
+gnunet-credential --createSubjectSide --ego=e --import "$SIGNED"
+gnunet-namestore -D -z e
+SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=e --attribute="e" --subject="$FKEY" --ttl="2019-12-12 10:00:00"`
+gnunet-credential --createSubjectSide --ego=f --import "$SIGNED" --private
+gnunet-namestore -D -z f
+SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=h --attribute="h" --subject="$FKEY" --ttl="2019-12-12 10:00:00"`
+gnunet-credential --createSubjectSide --ego=f --import "$SIGNED" --private
+gnunet-namestore -D -z h
+
+# Starting to resolve
+echo "+++ Starting to Resolve +++"
+
+DELS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$AKEY --attribute="a" --ego=f --forward --backward -c test_credential_lookup.conf | paste -d, -s`
+echo $DELS
+echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate=\'$DELS\' --forward --backward -c test_credential_lookup.conf
+RES_DELS=`gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate="$DELS" --forward --backward -c test_credential_lookup.conf`
+
+# Cleanup properly
+gnunet-namestore -z epub -d -n $DISC_ATTR -t ATTR -c test_credential_lookup.conf
+gnunet-namestore -z eorg -d -n $PREF_ATTR -t ATTR -c test_credential_lookup.conf
+gnunet-namestore -z stateu -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z a -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z d -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z e -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z f -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z g -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+
+gnunet-arm -e -c test_credential_lookup.conf
+
+if [ "$RES_DELS" != "Failed." ]
+then
+ # TODO: replace echo -e bashism
+ echo -e "${RES_DELS}"
+ exit 0
+else
+ echo "FAIL: Failed to verify credential $RES_DELS."
+ exit 1
+fi
+
diff --git a/src/credential/test_credential_bi_and2.sh b/src/credential/test_credential_bi_and2.sh
new file mode 100755
index 000000000..de3e718aa
--- /dev/null
+++ b/src/credential/test_credential_bi_and2.sh
@@ -0,0 +1,96 @@
+#!/usr/bin/env bash
+trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
+
+LOCATION=$(which gnunet-config)
+if [ -z $LOCATION ]
+then
+ LOCATION="gnunet-config"
+fi
+$LOCATION --version 1> /dev/null
+if test $? != 0
+then
+ echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
+ exit 77
+fi
+
+rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
+
+
+
+
+which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 10"
+gnunet-arm -s -c test_credential_lookup.conf
+
+gnunet-identity -C a -c test_credential_lookup.conf
+gnunet-identity -C b -c test_credential_lookup.conf
+gnunet-identity -C c -c test_credential_lookup.conf
+gnunet-identity -C d -c test_credential_lookup.conf
+gnunet-identity -C e -c test_credential_lookup.conf
+gnunet-identity -C f -c test_credential_lookup.conf
+gnunet-identity -C g -c test_credential_lookup.conf
+gnunet-identity -C h -c test_credential_lookup.conf
+AKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep a | awk '{print $3}')
+BKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep b | awk '{print $3}')
+CKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep c | awk '{print $3}')
+DKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep d | awk '{print $3}')
+EKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep e | awk '{print $3}')
+FKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep f | awk '{print $3}')
+GKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep g | awk '{print $3}')
+HKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep h | awk '{print $3}')
+
+# (1) (A.a) <- B.b
+# (2) (B.b) <- C.c AND G.g
+# (3) C.c <- (D.D)
+# (4) D.d <- (E.e)
+# (5) E.e <- (F) priv
+# (6) G.g <- (F) priv
+
+# BIDIRECTIONAL
+gnunet-credential --createIssuerSide --ego=a --attribute="a" --subject="$BKEY b" --ttl=5m -c test_credential_lookup.conf
+gnunet-namestore -D -z a
+gnunet-credential --createIssuerSide --ego=b --attribute="b" --subject="$CKEY c, $GKEY g" --ttl=5m -c test_credential_lookup.conf
+gnunet-namestore -D -z b
+
+SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=c --attribute="c" --subject="$DKEY d" --ttl="2019-12-12 10:00:00"`
+gnunet-credential --createSubjectSide --ego=d --import "$SIGNED"
+gnunet-namestore -D -z d
+SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=d --attribute="d" --subject="$EKEY e" --ttl="2019-12-12 10:00:00"`
+gnunet-credential --createSubjectSide --ego=e --import "$SIGNED"
+gnunet-namestore -D -z e
+SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=e --attribute="e" --subject="$FKEY" --ttl="2019-12-12 10:00:00"`
+gnunet-credential --createSubjectSide --ego=f --import "$SIGNED" --private
+gnunet-namestore -D -z f
+SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=g --attribute="g" --subject="$FKEY" --ttl="2019-12-12 10:00:00"`
+gnunet-credential --createSubjectSide --ego=f --import "$SIGNED" --private
+gnunet-namestore -D -z h
+
+# Starting to resolve
+echo "+++ Starting to Resolve +++"
+
+DELS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$AKEY --attribute="a" --ego=f -c test_credential_lookup.conf | paste -d, -s`
+echo $DELS
+echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate=\'$DELS\' -c test_credential_lookup.conf
+RES_DELS=`gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate="$DELS" -c test_credential_lookup.conf`
+
+# Cleanup properly
+gnunet-namestore -z epub -d -n $DISC_ATTR -t ATTR -c test_credential_lookup.conf
+gnunet-namestore -z eorg -d -n $PREF_ATTR -t ATTR -c test_credential_lookup.conf
+gnunet-namestore -z stateu -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z a -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z d -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z e -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z f -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z g -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+
+gnunet-arm -e -c test_credential_lookup.conf
+
+if [ "$RES_DELS" != "Failed." ]
+then
+ # TODO: replace echo -e bashism
+ echo -e "${RES_DELS}"
+ exit 0
+else
+ echo "FAIL: Failed to verify credential $RES_DELS."
+ exit 1
+fi
+
diff --git a/src/credential/test_credential_bi.sh b/src/credential/test_credential_bi_bw.sh
index 2b8cfc452..2b8cfc452 100755
--- a/src/credential/test_credential_bi.sh
+++ b/src/credential/test_credential_bi_bw.sh
diff --git a/src/credential/test_credential_bi_bw_link.sh b/src/credential/test_credential_bi_bw_link.sh
new file mode 100755
index 000000000..dd66741fa
--- /dev/null
+++ b/src/credential/test_credential_bi_bw_link.sh
@@ -0,0 +1,93 @@
+#!/usr/bin/env bash
+trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
+
+LOCATION=$(which gnunet-config)
+if [ -z $LOCATION ]
+then
+ LOCATION="gnunet-config"
+fi
+$LOCATION --version 1> /dev/null
+if test $? != 0
+then
+ echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
+ exit 77
+fi
+
+rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
+
+
+
+
+which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 10"
+gnunet-arm -s -c test_credential_lookup.conf
+
+gnunet-identity -C a -c test_credential_lookup.conf
+gnunet-identity -C b -c test_credential_lookup.conf
+gnunet-identity -C c -c test_credential_lookup.conf
+gnunet-identity -C d -c test_credential_lookup.conf
+gnunet-identity -C e -c test_credential_lookup.conf
+gnunet-identity -C f -c test_credential_lookup.conf
+gnunet-identity -C g -c test_credential_lookup.conf
+AKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep a | awk '{print $3}')
+BKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep b | awk '{print $3}')
+CKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep c | awk '{print $3}')
+DKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep d | awk '{print $3}')
+EKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep e | awk '{print $3}')
+FKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep f | awk '{print $3}')
+GKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep g | awk '{print $3}')
+
+# (1) (A.a) <- B.b
+# (2) (B.b) <- G.g.c
+# (3) (G.g) <- C
+# (3) C.c <- (D.D)
+# (4) D.d <- (E.e)
+# (5) E.e <- (F)
+
+# BIDIRECTIONAL
+gnunet-credential --createIssuerSide --ego=a --attribute="a" --subject="$BKEY b" --ttl=5m -c test_credential_lookup.conf
+gnunet-namestore -D -z a
+gnunet-credential --createIssuerSide --ego=b --attribute="b" --subject="$GKEY g.c" --ttl=5m -c test_credential_lookup.conf
+gnunet-namestore -D -z b
+gnunet-credential --createIssuerSide --ego=g --attribute="g" --subject="$CKEY" --ttl=5m -c test_credential_lookup.conf
+gnunet-namestore -D -z b
+
+SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=c --attribute="c" --subject="$DKEY d" --ttl="2019-12-12 10:00:00"`
+gnunet-credential --createSubjectSide --ego=d --import "$SIGNED"
+gnunet-namestore -D -z d
+SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=d --attribute="d" --subject="$EKEY e" --ttl="2019-12-12 10:00:00"`
+gnunet-credential --createSubjectSide --ego=e --import "$SIGNED"
+gnunet-namestore -D -z e
+SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=e --attribute="e" --subject="$FKEY" --ttl="2019-12-12 10:00:00"`
+gnunet-credential --createSubjectSide --ego=f --import "$SIGNED" --private
+gnunet-namestore -D -z f
+
+# Starting to resolve
+echo "+++ Starting to Resolve +++"
+
+DELS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$AKEY --attribute="a" --ego=f --forward --backward -c test_credential_lookup.conf | paste -d, -s`
+echo $DELS
+echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate=\'$DELS\' --forward --backward -c test_credential_lookup.conf
+RES_DELS=`gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate="$DELS" --forward --backward -c test_credential_lookup.conf`
+
+# Cleanup properly
+gnunet-namestore -z epub -d -n $DISC_ATTR -t ATTR -c test_credential_lookup.conf
+gnunet-namestore -z eorg -d -n $PREF_ATTR -t ATTR -c test_credential_lookup.conf
+gnunet-namestore -z stateu -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z a -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z d -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z e -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z f -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z g -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+
+gnunet-arm -e -c test_credential_lookup.conf
+
+if [ "$RES_DELS" != "Failed." ]
+then
+ # TODO: replace echo -e bashism
+ echo -e "${RES_DELS}"
+ exit 0
+else
+ echo "FAIL: Failed to verify credential $RES_DELS."
+ exit 1
+fi
+
diff --git a/src/credential/test_credential_bi_bw_link2.sh b/src/credential/test_credential_bi_bw_link2.sh
new file mode 100755
index 000000000..46a04a26e
--- /dev/null
+++ b/src/credential/test_credential_bi_bw_link2.sh
@@ -0,0 +1,94 @@
+#!/usr/bin/env bash
+trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
+
+LOCATION=$(which gnunet-config)
+if [ -z $LOCATION ]
+then
+ LOCATION="gnunet-config"
+fi
+$LOCATION --version 1> /dev/null
+if test $? != 0
+then
+ echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
+ exit 77
+fi
+
+rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
+
+
+
+
+which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 10"
+gnunet-arm -s -c test_credential_lookup.conf
+
+gnunet-identity -C a -c test_credential_lookup.conf
+gnunet-identity -C b -c test_credential_lookup.conf
+gnunet-identity -C c -c test_credential_lookup.conf
+gnunet-identity -C d -c test_credential_lookup.conf
+gnunet-identity -C e -c test_credential_lookup.conf
+gnunet-identity -C f -c test_credential_lookup.conf
+gnunet-identity -C g -c test_credential_lookup.conf
+AKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep a | awk '{print $3}')
+BKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep b | awk '{print $3}')
+CKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep c | awk '{print $3}')
+DKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep d | awk '{print $3}')
+EKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep e | awk '{print $3}')
+FKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep f | awk '{print $3}')
+GKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep g | awk '{print $3}')
+
+# (1) (A.a) <- B.b
+# (2) (B.b) <- G.g.c
+# (3) G.g <- (C)
+# (3) C.c <- (D.d)
+# (4) D.d <- (E.e)
+# (5) E.e <- (F)
+
+# BIDIRECTIONAL
+gnunet-credential --createIssuerSide --ego=a --attribute="a" --subject="$BKEY b" --ttl=5m -c test_credential_lookup.conf
+gnunet-namestore -D -z a
+gnunet-credential --createIssuerSide --ego=b --attribute="b" --subject="$GKEY g.c" --ttl=5m -c test_credential_lookup.conf
+gnunet-namestore -D -z b
+
+SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=g --attribute="g" --subject="$CKEY" --ttl="2019-12-12 10:00:00"`
+gnunet-credential --createSubjectSide --ego=c --import "$SIGNED"
+gnunet-namestore -D -z c
+SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=c --attribute="c" --subject="$DKEY d" --ttl="2019-12-12 10:00:00"`
+gnunet-credential --createSubjectSide --ego=d --import "$SIGNED"
+gnunet-namestore -D -z d
+SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=d --attribute="d" --subject="$EKEY e" --ttl="2019-12-12 10:00:00"`
+gnunet-credential --createSubjectSide --ego=e --import "$SIGNED"
+gnunet-namestore -D -z e
+SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=e --attribute="e" --subject="$FKEY" --ttl="2019-12-12 10:00:00"`
+gnunet-credential --createSubjectSide --ego=f --import "$SIGNED" --private
+gnunet-namestore -D -z f
+
+# Starting to resolve
+echo "+++ Starting to Resolve +++"
+
+DELS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$AKEY --attribute="a" --ego=f --forward --backward -c test_credential_lookup.conf | paste -d, -s`
+echo $DELS
+echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate=\'$DELS\' --forward --backward -c test_credential_lookup.conf
+RES_DELS=`gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate="$DELS" --forward --backward -c test_credential_lookup.conf`
+
+# Cleanup properly
+gnunet-namestore -z epub -d -n $DISC_ATTR -t ATTR -c test_credential_lookup.conf
+gnunet-namestore -z eorg -d -n $PREF_ATTR -t ATTR -c test_credential_lookup.conf
+gnunet-namestore -z stateu -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z a -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z d -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z e -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z f -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z g -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+
+gnunet-arm -e -c test_credential_lookup.conf
+
+if [ "$RES_DELS" != "Failed." ]
+then
+ # TODO: replace echo -e bashism
+ echo -e "${RES_DELS}"
+ exit 0
+else
+ echo "FAIL: Failed to verify credential $RES_DELS."
+ exit 1
+fi
+
diff --git a/src/credential/test_credential_bi_fw.sh b/src/credential/test_credential_bi_fw.sh
new file mode 100755
index 000000000..5df73a4fd
--- /dev/null
+++ b/src/credential/test_credential_bi_fw.sh
@@ -0,0 +1,95 @@
+#!/usr/bin/env bash
+trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
+
+LOCATION=$(which gnunet-config)
+if [ -z $LOCATION ]
+then
+ LOCATION="gnunet-config"
+fi
+$LOCATION --version 1> /dev/null
+if test $? != 0
+then
+ echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
+ exit 77
+fi
+
+rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
+
+
+
+
+which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 10"
+gnunet-arm -s -c test_credential_lookup.conf
+
+gnunet-identity -C a -c test_credential_lookup.conf
+gnunet-identity -C b -c test_credential_lookup.conf
+gnunet-identity -C c -c test_credential_lookup.conf
+gnunet-identity -C d -c test_credential_lookup.conf
+gnunet-identity -C e -c test_credential_lookup.conf
+gnunet-identity -C f -c test_credential_lookup.conf
+gnunet-identity -C g -c test_credential_lookup.conf
+AKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep a | awk '{print $3}')
+BKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep b | awk '{print $3}')
+CKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep c | awk '{print $3}')
+DKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep d | awk '{print $3}')
+EKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep e | awk '{print $3}')
+FKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep f | awk '{print $3}')
+GKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep g | awk '{print $3}')
+
+# (1) (A.a) <- B.b
+# (2) (B.b) <- C.c
+# (3) C.c <- (D.D)
+# (4) D.d <- (E.e)
+# (5) E.e <- (F.f)
+# (6) F.f <- (G)
+
+# BIDIRECTIONAL
+gnunet-credential --createIssuerSide --ego=a --attribute="a" --subject="$BKEY b" --ttl=5m -c test_credential_lookup.conf
+gnunet-namestore -D -z a
+gnunet-credential --createIssuerSide --ego=b --attribute="b" --subject="$CKEY c" --ttl=5m -c test_credential_lookup.conf
+gnunet-namestore -D -z b
+
+SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=c --attribute="c" --subject="$DKEY d" --ttl="2019-12-12 10:00:00"`
+gnunet-credential --createSubjectSide --ego=d --import "$SIGNED"
+gnunet-namestore -D -z d
+SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=d --attribute="d" --subject="$EKEY e" --ttl="2019-12-12 10:00:00"`
+gnunet-credential --createSubjectSide --ego=e --import "$SIGNED"
+gnunet-namestore -D -z e
+SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=e --attribute="e" --subject="$FKEY f" --ttl="2019-12-12 10:00:00"`
+gnunet-credential --createSubjectSide --ego=f --import "$SIGNED"
+gnunet-namestore -D -z f
+SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=f --attribute="f" --subject="$GKEY" --ttl="2019-12-12 10:00:00"`
+gnunet-credential --createSubjectSide --ego=g --import "$SIGNED" --private
+gnunet-namestore -D -z g
+
+# Starting to resolve
+echo "+++ Starting to Resolve +++"
+
+DELS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$AKEY --attribute="a" --ego=g --forward --backward -c test_credential_lookup.conf | paste -d, -s`
+echo $DELS
+echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$GKEY --delegate=\'$DELS\' --forward --backward -c test_credential_lookup.conf
+RES_DELS=`gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$GKEY --delegate="$DELS" --forward --backward -c test_credential_lookup.conf`
+
+# Cleanup properly
+gnunet-namestore -z a -d -n "@"-t DELE -c test_credential_lookup.conf
+gnunet-namestore -z epub -d -n $DISC_ATTR -t ATTR -c test_credential_lookup.conf
+gnunet-namestore -z eorg -d -n $PREF_ATTR -t ATTR -c test_credential_lookup.conf
+gnunet-namestore -z stateu -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z a -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z d -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z e -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z f -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z g -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+
+gnunet-arm -e -c test_credential_lookup.conf
+
+if [ "$RES_DELS" != "Failed." ]
+then
+ # TODO: replace echo -e bashism
+ echo -e "${RES_DELS}"
+ exit 0
+else
+ echo "FAIL: Failed to verify credential $RES_DELS."
+ exit 1
+fi
+
diff --git a/src/credential/test_credential_own_and2.sh b/src/credential/test_credential_own_and2.sh
new file mode 100755
index 000000000..bbce251ec
--- /dev/null
+++ b/src/credential/test_credential_own_and2.sh
@@ -0,0 +1,88 @@
+#!/usr/bin/env bash
+trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
+
+LOCATION=$(which gnunet-config)
+if [ -z $LOCATION ]
+then
+ LOCATION="gnunet-config"
+fi
+$LOCATION --version 1> /dev/null
+if test $? != 0
+then
+ echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
+ exit 77
+fi
+
+rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
+
+
+
+
+which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 10"
+gnunet-arm -s -c test_credential_lookup.conf
+
+gnunet-identity -C a -c test_credential_lookup.conf
+gnunet-identity -C b -c test_credential_lookup.conf
+gnunet-identity -C c -c test_credential_lookup.conf
+gnunet-identity -C d -c test_credential_lookup.conf
+gnunet-identity -C e -c test_credential_lookup.conf
+gnunet-identity -C f -c test_credential_lookup.conf
+gnunet-identity -C g -c test_credential_lookup.conf
+gnunet-identity -C h -c test_credential_lookup.conf
+AKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep a | awk '{print $3}')
+BKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep b | awk '{print $3}')
+CKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep c | awk '{print $3}')
+DKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep d | awk '{print $3}')
+EKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep e | awk '{print $3}')
+FKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep f | awk '{print $3}')
+GKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep g | awk '{print $3}')
+HKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep h | awk '{print $3}')
+
+# (1) (A.a) <- B.b
+# (2) (B.b) <- C.c AND G.g
+# (3) C.c <- (F) priv
+# (4) G.g <- (F) priv
+
+# BIDIRECTIONAL
+gnunet-credential --createIssuerSide --ego=a --attribute="a" --subject="$BKEY b" --ttl=5m -c test_credential_lookup.conf
+gnunet-namestore -D -z a
+gnunet-credential --createIssuerSide --ego=b --attribute="b" --subject="$CKEY c, $GKEY g" --ttl=5m -c test_credential_lookup.conf
+gnunet-namestore -D -z b
+
+SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=g --attribute="g" --subject="$FKEY" --ttl="2019-12-12 10:00:00"`
+gnunet-credential --createSubjectSide --ego=f --import "$SIGNED" --private
+gnunet-namestore -D -z h
+SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=c --attribute="c" --subject="$FKEY" --ttl="2019-12-12 10:00:00"`
+gnunet-credential --createSubjectSide --ego=f --import "$SIGNED" --private
+gnunet-namestore -D -z f
+
+# Starting to resolve
+echo "+++ Starting to Resolve +++"
+
+DELS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$AKEY --attribute="a" --ego=f --backward -c test_credential_lookup.conf | paste -d, -s`
+echo $DELS
+echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate=\'$DELS\' --backward -c test_credential_lookup.conf
+RES_DELS=`gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate="$DELS" --backward -c test_credential_lookup.conf`
+
+# Cleanup properly
+gnunet-namestore -z epub -d -n $DISC_ATTR -t ATTR -c test_credential_lookup.conf
+gnunet-namestore -z eorg -d -n $PREF_ATTR -t ATTR -c test_credential_lookup.conf
+gnunet-namestore -z stateu -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z a -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z d -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z e -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z f -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+#gnunet-namestore -z g -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
+
+gnunet-arm -e -c test_credential_lookup.conf
+
+if [ "$RES_DELS" != "Failed." ]
+then
+ # TODO: replace echo -e bashism
+ echo -e "${RES_DELS}"
+ exit 0
+else
+ echo "FAIL: Failed to verify credential $RES_DELS."
+ exit 1
+fi
+