diff options
author | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2017-09-18 00:23:19 +0200 |
---|---|---|
committer | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2017-09-18 00:23:19 +0200 |
commit | ca10195d9af33c557b57f16b8bb93df1066ab0ee (patch) | |
tree | 354f992af3fe91894135d820612909ff84987058 | |
parent | 3777e05a09dc9f375354bf01542f4fd6807e58c5 (diff) | |
download | gnunet-ca10195d9af33c557b57f16b8bb93df1066ab0ee.tar.gz gnunet-ca10195d9af33c557b57f16b8bb93df1066ab0ee.zip |
-add consume API
-rw-r--r-- | src/identity-provider/gnunet-idp.c | 53 | ||||
-rw-r--r-- | src/identity-provider/gnunet-service-identity-provider.c | 360 | ||||
-rw-r--r-- | src/identity-provider/identity_attribute.c | 6 | ||||
-rw-r--r-- | src/identity-provider/identity_provider.h | 4 | ||||
-rw-r--r-- | src/identity-provider/identity_provider_api.c | 63 | ||||
-rwxr-xr-x | src/identity-provider/test_idp_issue.sh | 8 | ||||
-rw-r--r-- | src/include/gnunet_identity_provider_service.h | 2 | ||||
-rw-r--r-- | src/include/gnunet_protocols.h | 2 |
8 files changed, 442 insertions, 56 deletions
diff --git a/src/identity-provider/gnunet-idp.c b/src/identity-provider/gnunet-idp.c index f85ede7aa..a8739e6f6 100644 --- a/src/identity-provider/gnunet-idp.c +++ b/src/identity-provider/gnunet-idp.c | |||
@@ -57,6 +57,11 @@ static char* attr_value; | |||
57 | static char* issue_attrs; | 57 | static char* issue_attrs; |
58 | 58 | ||
59 | /** | 59 | /** |
60 | * Ticket to consume | ||
61 | */ | ||
62 | static char* consume_ticket; | ||
63 | |||
64 | /** | ||
60 | * Ego name | 65 | * Ego name |
61 | */ | 66 | */ |
62 | static char* ego_name; | 67 | static char* ego_name; |
@@ -96,6 +101,10 @@ static const struct GNUNET_CRYPTO_EcdsaPrivateKey *pkey; | |||
96 | */ | 101 | */ |
97 | static struct GNUNET_CRYPTO_EcdsaPublicKey rp_key; | 102 | static struct GNUNET_CRYPTO_EcdsaPublicKey rp_key; |
98 | 103 | ||
104 | /** | ||
105 | * Ticket to consume | ||
106 | */ | ||
107 | static struct GNUNET_IDENTITY_PROVIDER_Ticket2 ticket; | ||
99 | 108 | ||
100 | /** | 109 | /** |
101 | * Attribute list | 110 | * Attribute list |
@@ -123,11 +132,10 @@ ticket_issue_cb (void* cls, | |||
123 | { | 132 | { |
124 | char* ticket_str; | 133 | char* ticket_str; |
125 | if (NULL != ticket) { | 134 | if (NULL != ticket) { |
126 | ticket_str = GNUNET_STRINGS_data_to_string_alloc (&ticket->rnd, | 135 | ticket_str = GNUNET_STRINGS_data_to_string_alloc (ticket, |
127 | sizeof (uint64_t)); | 136 | sizeof (struct GNUNET_IDENTITY_PROVIDER_Ticket2)); |
128 | GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, | 137 | printf("%s\n", |
129 | "Got ticket, %s\n", | 138 | ticket_str); |
130 | ticket_str); | ||
131 | GNUNET_free (ticket_str); | 139 | GNUNET_free (ticket_str); |
132 | } | 140 | } |
133 | GNUNET_SCHEDULER_add_now (&do_cleanup, NULL); | 141 | GNUNET_SCHEDULER_add_now (&do_cleanup, NULL); |
@@ -150,6 +158,21 @@ store_attr_cont (void *cls, | |||
150 | } | 158 | } |
151 | 159 | ||
152 | static void | 160 | static void |
161 | process_attrs (void *cls, | ||
162 | const struct GNUNET_CRYPTO_EcdsaPublicKey *identity, | ||
163 | const struct GNUNET_IDENTITY_PROVIDER_Attribute *attr) | ||
164 | { | ||
165 | if (NULL == identity) | ||
166 | { | ||
167 | GNUNET_SCHEDULER_add_now (&do_cleanup, NULL); | ||
168 | return; | ||
169 | } | ||
170 | GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, | ||
171 | "%s: %s\n", attr->name, (char*)attr->data); | ||
172 | } | ||
173 | |||
174 | |||
175 | static void | ||
153 | iter_error (void *cls) | 176 | iter_error (void *cls) |
154 | { | 177 | { |
155 | attr_iterator = NULL; | 178 | attr_iterator = NULL; |
@@ -178,6 +201,14 @@ iter_finished (void *cls) | |||
178 | NULL); | 201 | NULL); |
179 | return; | 202 | return; |
180 | } | 203 | } |
204 | if (consume_ticket) { | ||
205 | idp_op = GNUNET_IDENTITY_PROVIDER_rp_ticket_consume (idp_handle, | ||
206 | pkey, | ||
207 | &ticket, | ||
208 | &process_attrs, | ||
209 | NULL); | ||
210 | return; | ||
211 | } | ||
181 | attr = GNUNET_IDENTITY_PROVIDER_attribute_new (attr_name, | 212 | attr = GNUNET_IDENTITY_PROVIDER_attribute_new (attr_name, |
182 | GNUNET_IDENTITY_PROVIDER_AT_STRING, | 213 | GNUNET_IDENTITY_PROVIDER_AT_STRING, |
183 | attr_value, | 214 | attr_value, |
@@ -193,7 +224,7 @@ iter_finished (void *cls) | |||
193 | 224 | ||
194 | static void | 225 | static void |
195 | iter_cb (void *cls, | 226 | iter_cb (void *cls, |
196 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *identity, | 227 | const struct GNUNET_CRYPTO_EcdsaPublicKey *identity, |
197 | const struct GNUNET_IDENTITY_PROVIDER_Attribute *attr) | 228 | const struct GNUNET_IDENTITY_PROVIDER_Attribute *attr) |
198 | { | 229 | { |
199 | struct GNUNET_IDENTITY_PROVIDER_AttributeListEntry *le; | 230 | struct GNUNET_IDENTITY_PROVIDER_AttributeListEntry *le; |
@@ -243,6 +274,11 @@ ego_cb (void *cls, | |||
243 | GNUNET_CRYPTO_ecdsa_public_key_from_string (rp, | 274 | GNUNET_CRYPTO_ecdsa_public_key_from_string (rp, |
244 | strlen (rp), | 275 | strlen (rp), |
245 | &rp_key); | 276 | &rp_key); |
277 | if (NULL != consume_ticket) | ||
278 | GNUNET_STRINGS_string_to_data (consume_ticket, | ||
279 | strlen (consume_ticket), | ||
280 | &ticket, | ||
281 | sizeof (struct GNUNET_IDENTITY_PROVIDER_Ticket2)); | ||
246 | 282 | ||
247 | attr_list = GNUNET_new (struct GNUNET_IDENTITY_PROVIDER_AttributeList); | 283 | attr_list = GNUNET_new (struct GNUNET_IDENTITY_PROVIDER_AttributeList); |
248 | 284 | ||
@@ -317,6 +353,11 @@ main(int argc, char *const argv[]) | |||
317 | NULL, | 353 | NULL, |
318 | gettext_noop ("Issue a ticket"), | 354 | gettext_noop ("Issue a ticket"), |
319 | &issue_attrs), | 355 | &issue_attrs), |
356 | GNUNET_GETOPT_option_string ('C', | ||
357 | "consume", | ||
358 | NULL, | ||
359 | gettext_noop ("Consume a ticket"), | ||
360 | &consume_ticket), | ||
320 | GNUNET_GETOPT_OPTION_END | 361 | GNUNET_GETOPT_OPTION_END |
321 | }; | 362 | }; |
322 | return GNUNET_PROGRAM_run (argc, argv, "ct", | 363 | return GNUNET_PROGRAM_run (argc, argv, "ct", |
diff --git a/src/identity-provider/gnunet-service-identity-provider.c b/src/identity-provider/gnunet-service-identity-provider.c index 0eb6599e6..9a919102f 100644 --- a/src/identity-provider/gnunet-service-identity-provider.c +++ b/src/identity-provider/gnunet-service-identity-provider.c | |||
@@ -310,7 +310,65 @@ struct VerifiedAttributeEntry | |||
310 | char* name; | 310 | char* name; |
311 | }; | 311 | }; |
312 | 312 | ||
313 | struct ParallelLookups; | 313 | struct ParallelLookup; |
314 | struct ParallelLookup2; | ||
315 | |||
316 | struct ConsumeTicketHandle | ||
317 | { | ||
318 | |||
319 | /** | ||
320 | * Client connection | ||
321 | */ | ||
322 | struct IdpClient *client; | ||
323 | |||
324 | /** | ||
325 | * Ticket | ||
326 | */ | ||
327 | struct GNUNET_IDENTITY_PROVIDER_Ticket2 ticket; | ||
328 | |||
329 | /** | ||
330 | * LookupRequest | ||
331 | */ | ||
332 | struct GNUNET_GNS_LookupRequest *lookup_request; | ||
333 | |||
334 | /** | ||
335 | * Audience Key | ||
336 | */ | ||
337 | struct GNUNET_CRYPTO_EcdsaPrivateKey identity; | ||
338 | |||
339 | /** | ||
340 | * Audience Key | ||
341 | */ | ||
342 | struct GNUNET_CRYPTO_EcdsaPublicKey identity_pub; | ||
343 | |||
344 | /** | ||
345 | * ParallelLookups DLL | ||
346 | */ | ||
347 | struct ParallelLookup2 *parallel_lookups_head; | ||
348 | struct ParallelLookup2 *parallel_lookups_tail; | ||
349 | |||
350 | struct GNUNET_SCHEDULER_Task *kill_task; | ||
351 | struct GNUNET_CRYPTO_AbeKey *key; | ||
352 | |||
353 | /** | ||
354 | * request id | ||
355 | */ | ||
356 | uint32_t r_id; | ||
357 | }; | ||
358 | |||
359 | struct ParallelLookup2 | ||
360 | { | ||
361 | struct ParallelLookup2 *next; | ||
362 | |||
363 | struct ParallelLookup2 *prev; | ||
364 | |||
365 | struct GNUNET_GNS_LookupRequest *lookup_request; | ||
366 | |||
367 | struct ConsumeTicketHandle *handle; | ||
368 | |||
369 | char *label; | ||
370 | }; | ||
371 | |||
314 | 372 | ||
315 | struct ExchangeHandle | 373 | struct ExchangeHandle |
316 | { | 374 | { |
@@ -1657,28 +1715,6 @@ store_ticket_issue_cont (void *cls, | |||
1657 | 1715 | ||
1658 | 1716 | ||
1659 | 1717 | ||
1660 | /** | ||
1661 | * Checks a ticket issue message | ||
1662 | * | ||
1663 | * @param cls client sending the message | ||
1664 | * @param im message of type `struct TicketIssueMessage` | ||
1665 | * @return #GNUNET_OK if @a im is well-formed | ||
1666 | */ | ||
1667 | static int | ||
1668 | check_ticket_issue_message(void *cls, | ||
1669 | const struct TicketIssueMessage *im) | ||
1670 | { | ||
1671 | uint16_t size; | ||
1672 | |||
1673 | size = ntohs (im->header.size); | ||
1674 | if (size <= sizeof (struct IssueMessage)) | ||
1675 | { | ||
1676 | GNUNET_break (0); | ||
1677 | return GNUNET_SYSERR; | ||
1678 | } | ||
1679 | return GNUNET_OK; | ||
1680 | } | ||
1681 | |||
1682 | int | 1718 | int |
1683 | serialize_abe_keyinfo2 (const struct TicketIssueHandle *handle, | 1719 | serialize_abe_keyinfo2 (const struct TicketIssueHandle *handle, |
1684 | const struct GNUNET_CRYPTO_AbeKey *rp_key, | 1720 | const struct GNUNET_CRYPTO_AbeKey *rp_key, |
@@ -1707,7 +1743,13 @@ serialize_abe_keyinfo2 (const struct TicketIssueHandle *handle, | |||
1707 | } | 1743 | } |
1708 | buf = GNUNET_malloc (attrs_str_len + size); | 1744 | buf = GNUNET_malloc (attrs_str_len + size); |
1709 | write_ptr = buf; | 1745 | write_ptr = buf; |
1746 | GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, | ||
1747 | "Writing attributes\n"); | ||
1710 | for (le = handle->attrs->list_head; NULL != le; le = le->next) { | 1748 | for (le = handle->attrs->list_head; NULL != le; le = le->next) { |
1749 | GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, | ||
1750 | "%s\n", le->attribute->name); | ||
1751 | |||
1752 | |||
1711 | GNUNET_memcpy (write_ptr, | 1753 | GNUNET_memcpy (write_ptr, |
1712 | le->attribute->name, | 1754 | le->attribute->name, |
1713 | strlen (le->attribute->name)); | 1755 | strlen (le->attribute->name)); |
@@ -1750,7 +1792,7 @@ serialize_abe_keyinfo2 (const struct TicketIssueHandle *handle, | |||
1750 | 1792 | ||
1751 | static void | 1793 | static void |
1752 | issue_ticket_after_abe_bootstrap (void *cls, | 1794 | issue_ticket_after_abe_bootstrap (void *cls, |
1753 | struct GNUNET_CRYPTO_AbeMasterKey *abe_key) | 1795 | struct GNUNET_CRYPTO_AbeMasterKey *abe_key) |
1754 | { | 1796 | { |
1755 | struct TicketIssueHandle *ih = cls; | 1797 | struct TicketIssueHandle *ih = cls; |
1756 | struct GNUNET_IDENTITY_PROVIDER_AttributeListEntry *le; | 1798 | struct GNUNET_IDENTITY_PROVIDER_AttributeListEntry *le; |
@@ -1768,15 +1810,16 @@ issue_ticket_after_abe_bootstrap (void *cls, | |||
1768 | attrs_len = 0; | 1810 | attrs_len = 0; |
1769 | for (le = ih->attrs->list_head; NULL != le; le = le->next) | 1811 | for (le = ih->attrs->list_head; NULL != le; le = le->next) |
1770 | attrs_len++; | 1812 | attrs_len++; |
1771 | attrs = GNUNET_malloc (attrs_len); | 1813 | attrs = GNUNET_malloc ((attrs_len + 1)*sizeof (char*)); |
1772 | i = 0; | 1814 | i = 0; |
1773 | for (le = ih->attrs->list_head; NULL != le; le = le->next) { | 1815 | for (le = ih->attrs->list_head; NULL != le; le = le->next) { |
1774 | attrs[i] = (char*) le->attribute->name; | 1816 | attrs[i] = (char*) le->attribute->name; |
1775 | i++; | 1817 | i++; |
1776 | } | 1818 | } |
1819 | attrs[i] = NULL; | ||
1777 | rp_key = GNUNET_CRYPTO_cpabe_create_key (abe_key, | 1820 | rp_key = GNUNET_CRYPTO_cpabe_create_key (abe_key, |
1778 | attrs); | 1821 | attrs); |
1779 | 1822 | ||
1780 | //TODO review this wireformat | 1823 | //TODO review this wireformat |
1781 | code_record_len = serialize_abe_keyinfo2 (ih, | 1824 | code_record_len = serialize_abe_keyinfo2 (ih, |
1782 | rp_key, | 1825 | rp_key, |
@@ -1805,6 +1848,29 @@ issue_ticket_after_abe_bootstrap (void *cls, | |||
1805 | 1848 | ||
1806 | 1849 | ||
1807 | /** | 1850 | /** |
1851 | * Checks a ticket issue message | ||
1852 | * | ||
1853 | * @param cls client sending the message | ||
1854 | * @param im message of type `struct TicketIssueMessage` | ||
1855 | * @return #GNUNET_OK if @a im is well-formed | ||
1856 | */ | ||
1857 | static int | ||
1858 | check_ticket_issue_message(void *cls, | ||
1859 | const struct TicketIssueMessage *im) | ||
1860 | { | ||
1861 | uint16_t size; | ||
1862 | |||
1863 | size = ntohs (im->header.size); | ||
1864 | if (size <= sizeof (struct TicketIssueMessage)) | ||
1865 | { | ||
1866 | GNUNET_break (0); | ||
1867 | return GNUNET_SYSERR; | ||
1868 | } | ||
1869 | return GNUNET_OK; | ||
1870 | } | ||
1871 | |||
1872 | |||
1873 | /** | ||
1808 | * | 1874 | * |
1809 | * Handler for ticket issue message | 1875 | * Handler for ticket issue message |
1810 | * | 1876 | * |
@@ -1849,7 +1915,242 @@ cleanup_as_handle (struct AttributeStoreHandle *handle) | |||
1849 | GNUNET_free (handle); | 1915 | GNUNET_free (handle); |
1850 | } | 1916 | } |
1851 | 1917 | ||
1918 | /** | ||
1919 | * Checks a ticket consume message | ||
1920 | * | ||
1921 | * @param cls client sending the message | ||
1922 | * @param im message of type `struct ConsumeTicketMessage` | ||
1923 | * @return #GNUNET_OK if @a im is well-formed | ||
1924 | */ | ||
1925 | static int | ||
1926 | check_consume_ticket_message(void *cls, | ||
1927 | const struct ConsumeTicketMessage *cm) | ||
1928 | { | ||
1929 | uint16_t size; | ||
1930 | |||
1931 | size = ntohs (cm->header.size); | ||
1932 | if (size <= sizeof (struct ConsumeTicketMessage)) | ||
1933 | { | ||
1934 | GNUNET_break (0); | ||
1935 | return GNUNET_SYSERR; | ||
1936 | } | ||
1937 | return GNUNET_OK; | ||
1938 | } | ||
1852 | 1939 | ||
1940 | static void | ||
1941 | process_parallel_lookup2 (void *cls, uint32_t rd_count, | ||
1942 | const struct GNUNET_GNSRECORD_Data *rd) | ||
1943 | { | ||
1944 | GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, | ||
1945 | "Parallel lookup finished (count=%u)\n", rd_count); | ||
1946 | struct ParallelLookup2 *parallel_lookup = cls; | ||
1947 | struct ConsumeTicketHandle *handle = parallel_lookup->handle; | ||
1948 | struct AttributeResultMessage *arm; | ||
1949 | struct GNUNET_MQ_Envelope *env; | ||
1950 | char *data; | ||
1951 | char *data_tmp; | ||
1952 | size_t msg_extra_len; | ||
1953 | |||
1954 | GNUNET_CONTAINER_DLL_remove (handle->parallel_lookups_head, | ||
1955 | handle->parallel_lookups_tail, | ||
1956 | parallel_lookup); | ||
1957 | GNUNET_free (parallel_lookup); | ||
1958 | if (1 != rd_count) | ||
1959 | GNUNET_break(0);//TODO | ||
1960 | if (rd->record_type == GNUNET_GNSRECORD_TYPE_ID_ATTR) | ||
1961 | { | ||
1962 | msg_extra_len = GNUNET_CRYPTO_cpabe_decrypt (rd->data, | ||
1963 | rd->data_size, | ||
1964 | handle->key, | ||
1965 | (void**)&data); | ||
1966 | env = GNUNET_MQ_msg_extra (arm, | ||
1967 | msg_extra_len, | ||
1968 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_RESULT); | ||
1969 | arm->id = htonl (handle->r_id); | ||
1970 | arm->attr_len = htons (msg_extra_len); | ||
1971 | arm->identity = handle->ticket.identity; | ||
1972 | data_tmp = (char *) &arm[1]; | ||
1973 | GNUNET_memcpy (data_tmp, | ||
1974 | data, | ||
1975 | msg_extra_len); | ||
1976 | GNUNET_MQ_send (handle->client->mq, env); | ||
1977 | GNUNET_free (data); | ||
1978 | } | ||
1979 | if (NULL != handle->parallel_lookups_head) | ||
1980 | return; //Wait for more | ||
1981 | //Else we are done | ||
1982 | GNUNET_SCHEDULER_cancel (handle->kill_task); | ||
1983 | env = GNUNET_MQ_msg (arm, | ||
1984 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_RESULT); | ||
1985 | arm->id = htonl (handle->r_id); | ||
1986 | arm->attr_len = htons (0); | ||
1987 | GNUNET_MQ_send (handle->client->mq, env); | ||
1988 | } | ||
1989 | |||
1990 | void | ||
1991 | abort_parallel_lookups2 (void *cls) | ||
1992 | { | ||
1993 | struct ConsumeTicketHandle *handle = cls; | ||
1994 | struct ParallelLookup2 *lu; | ||
1995 | struct ParallelLookup2 *tmp; | ||
1996 | struct AttributeResultMessage *arm; | ||
1997 | struct GNUNET_MQ_Envelope *env; | ||
1998 | |||
1999 | for (lu = handle->parallel_lookups_head; | ||
2000 | NULL != lu;) { | ||
2001 | GNUNET_GNS_lookup_cancel (lu->lookup_request); | ||
2002 | GNUNET_free (lu->label); | ||
2003 | tmp = lu->next; | ||
2004 | GNUNET_CONTAINER_DLL_remove (handle->parallel_lookups_head, | ||
2005 | handle->parallel_lookups_tail, | ||
2006 | lu); | ||
2007 | GNUNET_free (lu); | ||
2008 | lu = tmp; | ||
2009 | } | ||
2010 | env = GNUNET_MQ_msg (arm, | ||
2011 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_RESULT); | ||
2012 | arm->id = htonl (handle->r_id); | ||
2013 | arm->attr_len = htons (0); | ||
2014 | GNUNET_MQ_send (handle->client->mq, env); | ||
2015 | |||
2016 | } | ||
2017 | |||
2018 | static void | ||
2019 | cleanup_consume_ticket_handle (struct ConsumeTicketHandle *handle) | ||
2020 | { | ||
2021 | if (NULL != handle->key) | ||
2022 | GNUNET_free (handle->key); | ||
2023 | GNUNET_free (handle); | ||
2024 | } | ||
2025 | |||
2026 | |||
2027 | static void | ||
2028 | process_consume_abe_key (void *cls, uint32_t rd_count, | ||
2029 | const struct GNUNET_GNSRECORD_Data *rd) | ||
2030 | { | ||
2031 | struct ConsumeTicketHandle *handle = cls; | ||
2032 | struct GNUNET_HashCode new_key_hash; | ||
2033 | struct GNUNET_CRYPTO_SymmetricSessionKey enc_key; | ||
2034 | struct GNUNET_CRYPTO_SymmetricInitializationVector enc_iv; | ||
2035 | struct GNUNET_CRYPTO_EcdhePublicKey *ecdh_key; | ||
2036 | struct ParallelLookup2 *parallel_lookup; | ||
2037 | size_t size; | ||
2038 | char *buf; | ||
2039 | char *scope; | ||
2040 | char *lookup_query; | ||
2041 | |||
2042 | handle->lookup_request = NULL; | ||
2043 | if (1 != rd_count) | ||
2044 | { | ||
2045 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
2046 | "Number of keys %d != 1.", | ||
2047 | rd_count); | ||
2048 | cleanup_consume_ticket_handle (handle); | ||
2049 | GNUNET_SCHEDULER_add_now (&do_shutdown, NULL); | ||
2050 | return; | ||
2051 | } | ||
2052 | |||
2053 | //Decrypt | ||
2054 | ecdh_key = (struct GNUNET_CRYPTO_EcdhePublicKey *)rd->data; | ||
2055 | |||
2056 | buf = GNUNET_malloc (rd->data_size - sizeof (struct GNUNET_CRYPTO_EcdhePublicKey)); | ||
2057 | |||
2058 | //Calculate symmetric key from ecdh parameters | ||
2059 | GNUNET_assert (GNUNET_OK == | ||
2060 | GNUNET_CRYPTO_ecdsa_ecdh (&handle->identity, | ||
2061 | ecdh_key, | ||
2062 | &new_key_hash)); | ||
2063 | create_sym_key_from_ecdh (&new_key_hash, | ||
2064 | &enc_key, | ||
2065 | &enc_iv); | ||
2066 | size = GNUNET_CRYPTO_symmetric_decrypt (rd->data + sizeof (struct GNUNET_CRYPTO_EcdhePublicKey), | ||
2067 | rd->data_size - sizeof (struct GNUNET_CRYPTO_EcdhePublicKey), | ||
2068 | &enc_key, | ||
2069 | &enc_iv, | ||
2070 | buf); | ||
2071 | |||
2072 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2073 | "Decrypted bytes: %zd Expected bytes: %zd\n", | ||
2074 | size, rd->data_size - sizeof (struct GNUNET_CRYPTO_EcdhePublicKey)); | ||
2075 | |||
2076 | scopes = GNUNET_strdup (buf); | ||
2077 | GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, | ||
2078 | "Scopes %s\n", scopes); | ||
2079 | handle->key = GNUNET_CRYPTO_cpabe_deserialize_key ((void*)(buf + strlen (scopes) + 1), | ||
2080 | rd->data_size - sizeof (struct GNUNET_CRYPTO_EcdhePublicKey) | ||
2081 | - strlen (scopes) - 1); | ||
2082 | |||
2083 | for (scope = strtok (scopes, ","); NULL != scope; scope = strtok (NULL, ",")) | ||
2084 | { | ||
2085 | GNUNET_asprintf (&lookup_query, | ||
2086 | "%s.gnu", | ||
2087 | scope); | ||
2088 | GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, | ||
2089 | "Looking up %s\n", lookup_query); | ||
2090 | parallel_lookup = GNUNET_new (struct ParallelLookup2); | ||
2091 | parallel_lookup->handle = handle; | ||
2092 | parallel_lookup->label = GNUNET_strdup (scope); | ||
2093 | parallel_lookup->lookup_request | ||
2094 | = GNUNET_GNS_lookup (gns_handle, | ||
2095 | lookup_query, | ||
2096 | &handle->ticket.identity, | ||
2097 | GNUNET_GNSRECORD_TYPE_ID_ATTR, | ||
2098 | GNUNET_GNS_LO_LOCAL_MASTER, | ||
2099 | &process_parallel_lookup2, | ||
2100 | parallel_lookup); | ||
2101 | GNUNET_CONTAINER_DLL_insert (handle->parallel_lookups_head, | ||
2102 | handle->parallel_lookups_tail, | ||
2103 | parallel_lookup); | ||
2104 | } | ||
2105 | handle->kill_task = GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_relative_multiply(GNUNET_TIME_UNIT_MINUTES,3), | ||
2106 | &abort_parallel_lookups2, | ||
2107 | handle); | ||
2108 | } | ||
2109 | |||
2110 | |||
2111 | /** | ||
2112 | * | ||
2113 | * Handler for ticket issue message | ||
2114 | * | ||
2115 | * @param cls unused | ||
2116 | * @param client who sent the message | ||
2117 | * @param message the message | ||
2118 | */ | ||
2119 | static void | ||
2120 | handle_consume_ticket_message (void *cls, | ||
2121 | const struct ConsumeTicketMessage *cm) | ||
2122 | { | ||
2123 | struct ConsumeTicketHandle *ch; | ||
2124 | struct IdpClient *idp = cls; | ||
2125 | char* lookup_query; | ||
2126 | char* rnd_label; | ||
2127 | |||
2128 | ch = GNUNET_new (struct ConsumeTicketHandle); | ||
2129 | ch->r_id = ntohl (cm->id); | ||
2130 | ch->client = idp; | ||
2131 | ch->identity = cm->identity; | ||
2132 | GNUNET_CRYPTO_ecdsa_key_get_public (&ch->identity, | ||
2133 | &ch->identity_pub); | ||
2134 | ch->ticket = *((struct GNUNET_IDENTITY_PROVIDER_Ticket2*)&cm[1]); | ||
2135 | rnd_label = GNUNET_STRINGS_data_to_string_alloc (&ch->ticket.rnd, | ||
2136 | sizeof (uint64_t)); | ||
2137 | GNUNET_asprintf (&lookup_query, | ||
2138 | "%s.gnu", | ||
2139 | rnd_label); | ||
2140 | GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, | ||
2141 | "Looking for ABE key under %s\n", lookup_query); | ||
2142 | |||
2143 | ch->lookup_request | ||
2144 | = GNUNET_GNS_lookup (gns_handle, | ||
2145 | lookup_query, | ||
2146 | &ch->ticket.identity, | ||
2147 | GNUNET_GNSRECORD_TYPE_ABE_KEY, | ||
2148 | GNUNET_GNS_LO_LOCAL_MASTER, | ||
2149 | &process_consume_abe_key, | ||
2150 | ch); | ||
2151 | GNUNET_free (lookup_query); | ||
2152 | GNUNET_SERVICE_client_continue (idp->client); | ||
2153 | } | ||
1853 | 2154 | ||
1854 | void | 2155 | void |
1855 | attr_store_cont (void *cls, | 2156 | attr_store_cont (void *cls, |
@@ -2066,7 +2367,8 @@ attr_iter_cb (void *cls, | |||
2066 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_RESULT); | 2367 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_RESULT); |
2067 | arm->id = htonl (ai->request_id); | 2368 | arm->id = htonl (ai->request_id); |
2068 | arm->attr_len = htons (msg_extra_len); | 2369 | arm->attr_len = htons (msg_extra_len); |
2069 | arm->identity = *zone; | 2370 | GNUNET_CRYPTO_ecdsa_key_get_public (zone, |
2371 | &arm->identity); | ||
2070 | data_tmp = (char *) &arm[1]; | 2372 | data_tmp = (char *) &arm[1]; |
2071 | GNUNET_memcpy (data_tmp, | 2373 | GNUNET_memcpy (data_tmp, |
2072 | attr_ser, | 2374 | attr_ser, |
@@ -2339,5 +2641,9 @@ GNUNET_SERVICE_MAIN | |||
2339 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ISSUE, | 2641 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ISSUE, |
2340 | struct TicketIssueMessage, | 2642 | struct TicketIssueMessage, |
2341 | NULL), | 2643 | NULL), |
2644 | GNUNET_MQ_hd_var_size (consume_ticket_message, | ||
2645 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_CONSUME_TICKET, | ||
2646 | struct ConsumeTicketMessage, | ||
2647 | NULL), | ||
2342 | GNUNET_MQ_handler_end()); | 2648 | GNUNET_MQ_handler_end()); |
2343 | /* end of gnunet-service-identity-provider.c */ | 2649 | /* end of gnunet-service-identity-provider.c */ |
diff --git a/src/identity-provider/identity_attribute.c b/src/identity-provider/identity_attribute.c index 8cc94a731..916386754 100644 --- a/src/identity-provider/identity_attribute.c +++ b/src/identity-provider/identity_attribute.c | |||
@@ -110,9 +110,15 @@ attribute_list_deserialize (const char* data, | |||
110 | read_ptr = data; | 110 | read_ptr = data; |
111 | while (((data + data_size) - read_ptr) >= sizeof (struct Attribute)) | 111 | while (((data + data_size) - read_ptr) >= sizeof (struct Attribute)) |
112 | { | 112 | { |
113 | |||
113 | le = GNUNET_new (struct GNUNET_IDENTITY_PROVIDER_AttributeListEntry); | 114 | le = GNUNET_new (struct GNUNET_IDENTITY_PROVIDER_AttributeListEntry); |
114 | le->attribute = attribute_deserialize (read_ptr, | 115 | le->attribute = attribute_deserialize (read_ptr, |
115 | data_size - (read_ptr - data)); | 116 | data_size - (read_ptr - data)); |
117 | GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, | ||
118 | "Deserialized attribute %s\n", le->attribute->name); | ||
119 | GNUNET_CONTAINER_DLL_insert (attrs->list_head, | ||
120 | attrs->list_tail, | ||
121 | le); | ||
116 | attr_len = attribute_serialize_get_size (le->attribute); | 122 | attr_len = attribute_serialize_get_size (le->attribute); |
117 | read_ptr += attr_len; | 123 | read_ptr += attr_len; |
118 | } | 124 | } |
diff --git a/src/identity-provider/identity_provider.h b/src/identity-provider/identity_provider.h index 9b6fe6237..dcad35118 100644 --- a/src/identity-provider/identity_provider.h +++ b/src/identity-provider/identity_provider.h | |||
@@ -250,9 +250,9 @@ struct AttributeResultMessage | |||
250 | uint16_t reserved GNUNET_PACKED; | 250 | uint16_t reserved GNUNET_PACKED; |
251 | 251 | ||
252 | /** | 252 | /** |
253 | * The private key of the identity. | 253 | * The public key of the identity. |
254 | */ | 254 | */ |
255 | struct GNUNET_CRYPTO_EcdsaPrivateKey identity; | 255 | struct GNUNET_CRYPTO_EcdsaPublicKey identity; |
256 | 256 | ||
257 | /* followed by: | 257 | /* followed by: |
258 | * serialized attribute data | 258 | * serialized attribute data |
diff --git a/src/identity-provider/identity_provider_api.c b/src/identity-provider/identity_provider_api.c index 25c14793d..7c9576d05 100644 --- a/src/identity-provider/identity_provider_api.c +++ b/src/identity-provider/identity_provider_api.c | |||
@@ -556,30 +556,52 @@ handle_attribute_result (void *cls, | |||
556 | static struct GNUNET_CRYPTO_EcdsaPrivateKey identity_dummy; | 556 | static struct GNUNET_CRYPTO_EcdsaPrivateKey identity_dummy; |
557 | struct GNUNET_IDENTITY_PROVIDER_Handle *h = cls; | 557 | struct GNUNET_IDENTITY_PROVIDER_Handle *h = cls; |
558 | struct GNUNET_IDENTITY_PROVIDER_AttributeIterator *it; | 558 | struct GNUNET_IDENTITY_PROVIDER_AttributeIterator *it; |
559 | struct GNUNET_IDENTITY_PROVIDER_Operation *op; | ||
559 | size_t attr_len; | 560 | size_t attr_len; |
560 | uint32_t r_id = ntohl (msg->id); | 561 | uint32_t r_id = ntohl (msg->id); |
561 | 562 | ||
562 | attr_len = ntohs (msg->attr_len); | 563 | attr_len = ntohs (msg->attr_len); |
563 | 564 | LOG (GNUNET_ERROR_TYPE_MESSAGE, | |
564 | for (it = h->it_head; NULL != it; it = it->next) | 565 | "Processing attribute result.\n"); |
566 | |||
567 | |||
568 | for (it = h->it_head; NULL != it; it = it->next) | ||
565 | if (it->r_id == r_id) | 569 | if (it->r_id == r_id) |
566 | break; | 570 | break; |
567 | if (NULL == it) | 571 | for (op = h->op_head; NULL != op; op = op->next) |
572 | if (op->r_id == r_id) | ||
573 | break; | ||
574 | if ((NULL == it) && (NULL == op)) | ||
568 | return; | 575 | return; |
569 | 576 | ||
570 | if ( (0 == (memcmp (&msg->identity, | 577 | if ( (0 == (memcmp (&msg->identity, |
571 | &identity_dummy, | 578 | &identity_dummy, |
572 | sizeof (identity_dummy)))) ) | 579 | sizeof (identity_dummy)))) ) |
573 | { | 580 | { |
574 | if (NULL == it) | 581 | if ((NULL == it) && (NULL == op)) |
575 | { | 582 | { |
576 | GNUNET_break (0); | 583 | GNUNET_break (0); |
577 | force_reconnect (h); | 584 | force_reconnect (h); |
578 | return; | 585 | return; |
579 | } | 586 | } |
580 | if (NULL != it->finish_cb) | 587 | if (NULL != it) |
581 | it->finish_cb (it->finish_cb_cls); | 588 | { |
582 | free_it (it); | 589 | if (NULL != it->finish_cb) |
590 | it->finish_cb (it->finish_cb_cls); | ||
591 | free_it (it); | ||
592 | } | ||
593 | if (NULL != op) | ||
594 | { | ||
595 | if (NULL != op->ar_cb) | ||
596 | op->ar_cb (op->cls, | ||
597 | NULL, | ||
598 | NULL); | ||
599 | GNUNET_CONTAINER_DLL_remove (h->op_head, | ||
600 | h->op_tail, | ||
601 | op); | ||
602 | GNUNET_free (op); | ||
603 | |||
604 | } | ||
583 | return; | 605 | return; |
584 | } | 606 | } |
585 | 607 | ||
@@ -593,9 +615,16 @@ handle_attribute_result (void *cls, | |||
593 | it->proc (it->proc_cls, | 615 | it->proc (it->proc_cls, |
594 | &msg->identity, | 616 | &msg->identity, |
595 | attr); | 617 | attr); |
596 | GNUNET_free (attr); | 618 | } else if (NULL != op) |
597 | return; | 619 | { |
620 | if (NULL != op->ar_cb) | ||
621 | op->ar_cb (op->cls, | ||
622 | &msg->identity, | ||
623 | attr); | ||
624 | |||
598 | } | 625 | } |
626 | GNUNET_free (attr); | ||
627 | return; | ||
599 | } | 628 | } |
600 | GNUNET_assert (0); | 629 | GNUNET_assert (0); |
601 | } | 630 | } |
@@ -610,7 +639,7 @@ handle_attribute_result (void *cls, | |||
610 | */ | 639 | */ |
611 | static int | 640 | static int |
612 | check_ticket_result (void *cls, | 641 | check_ticket_result (void *cls, |
613 | const struct TicketResultMessage *msg) | 642 | const struct TicketResultMessage *msg) |
614 | { | 643 | { |
615 | size_t msg_len; | 644 | size_t msg_len; |
616 | 645 | ||
@@ -634,7 +663,7 @@ check_ticket_result (void *cls, | |||
634 | */ | 663 | */ |
635 | static void | 664 | static void |
636 | handle_ticket_result (void *cls, | 665 | handle_ticket_result (void *cls, |
637 | const struct TicketResultMessage *msg) | 666 | const struct TicketResultMessage *msg) |
638 | { | 667 | { |
639 | struct GNUNET_IDENTITY_PROVIDER_Handle *handle = cls; | 668 | struct GNUNET_IDENTITY_PROVIDER_Handle *handle = cls; |
640 | struct GNUNET_IDENTITY_PROVIDER_Operation *op; | 669 | struct GNUNET_IDENTITY_PROVIDER_Operation *op; |
@@ -684,9 +713,9 @@ reconnect (struct GNUNET_IDENTITY_PROVIDER_Handle *h) | |||
684 | struct AttributeResultMessage, | 713 | struct AttributeResultMessage, |
685 | h), | 714 | h), |
686 | GNUNET_MQ_hd_var_size (ticket_result, | 715 | GNUNET_MQ_hd_var_size (ticket_result, |
687 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_RESULT, | 716 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_RESULT, |
688 | struct TicketResultMessage, | 717 | struct TicketResultMessage, |
689 | h), | 718 | h), |
690 | GNUNET_MQ_handler_end () | 719 | GNUNET_MQ_handler_end () |
691 | }; | 720 | }; |
692 | struct GNUNET_IDENTITY_PROVIDER_Operation *op; | 721 | struct GNUNET_IDENTITY_PROVIDER_Operation *op; |
@@ -1224,7 +1253,7 @@ GNUNET_IDENTITY_PROVIDER_rp_ticket_consume (struct GNUNET_IDENTITY_PROVIDER_Hand | |||
1224 | op); | 1253 | op); |
1225 | op->env = GNUNET_MQ_msg_extra (ctm, | 1254 | op->env = GNUNET_MQ_msg_extra (ctm, |
1226 | sizeof (const struct GNUNET_IDENTITY_PROVIDER_Ticket2), | 1255 | sizeof (const struct GNUNET_IDENTITY_PROVIDER_Ticket2), |
1227 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ISSUE); | 1256 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_CONSUME_TICKET); |
1228 | ctm->identity = *identity; | 1257 | ctm->identity = *identity; |
1229 | ctm->id = htonl (op->r_id); | 1258 | ctm->id = htonl (op->r_id); |
1230 | 1259 | ||
diff --git a/src/identity-provider/test_idp_issue.sh b/src/identity-provider/test_idp_issue.sh index 306f238d9..aca98e390 100755 --- a/src/identity-provider/test_idp_issue.sh +++ b/src/identity-provider/test_idp_issue.sh | |||
@@ -27,9 +27,11 @@ gnunet-arm -s -c test_idp.conf | |||
27 | gnunet-identity -C testego -c test_idp.conf | 27 | gnunet-identity -C testego -c test_idp.conf |
28 | gnunet-identity -C rpego -c test_idp.conf | 28 | gnunet-identity -C rpego -c test_idp.conf |
29 | SUBJECT_KEY=$(gnunet-identity -d -c test_idp.conf | grep rpego | awk '{print $3}') | 29 | SUBJECT_KEY=$(gnunet-identity -d -c test_idp.conf | grep rpego | awk '{print $3}') |
30 | TEST_KEY=$(gnunet-identity -d -c test_idp.conf | grep testego | awk '{print $3}') | ||
30 | gnunet-idp -e testego -a email -V john@doe.gnu -c test_idp.conf | 31 | gnunet-idp -e testego -a email -V john@doe.gnu -c test_idp.conf |
31 | gnunet-idp -e testego -a name -V John -c test_idp.conf | 32 | gnunet-idp -e testego -a name -V John -c test_idp.conf |
32 | gnunet-idp -e testego -D -c test_idp.conf | 33 | #gnunet-idp -e testego -D -c test_idp.conf |
33 | gnunet-idp -e testego -i "email,name" -r $SUBJECT_KEY -c test_idp.conf | 34 | TICKET=$(gnunet-idp -e testego -i "email,name" -r $SUBJECT_KEY -c test_idp.conf | awk '{print $1}') |
34 | gnunet-namestore -z testego -D -c test_idp.conf | 35 | echo "Consuming $TICKET" |
36 | gnunet-idp -e rpego -C $TICKET -c test_idp.conf | ||
35 | gnunet-arm -e -c test_idp.conf | 37 | gnunet-arm -e -c test_idp.conf |
diff --git a/src/include/gnunet_identity_provider_service.h b/src/include/gnunet_identity_provider_service.h index 4b1dcd641..049f891cc 100644 --- a/src/include/gnunet_identity_provider_service.h +++ b/src/include/gnunet_identity_provider_service.h | |||
@@ -268,7 +268,7 @@ GNUNET_IDENTITY_PROVIDER_attribute_new (const char* attr_name, | |||
268 | */ | 268 | */ |
269 | typedef void | 269 | typedef void |
270 | (*GNUNET_IDENTITY_PROVIDER_AttributeResult) (void *cls, | 270 | (*GNUNET_IDENTITY_PROVIDER_AttributeResult) (void *cls, |
271 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *identity, | 271 | const struct GNUNET_CRYPTO_EcdsaPublicKey *identity, |
272 | const struct GNUNET_IDENTITY_PROVIDER_Attribute *attr); | 272 | const struct GNUNET_IDENTITY_PROVIDER_Attribute *attr); |
273 | 273 | ||
274 | 274 | ||
diff --git a/src/include/gnunet_protocols.h b/src/include/gnunet_protocols.h index 1a7df377c..63afeba8d 100644 --- a/src/include/gnunet_protocols.h +++ b/src/include/gnunet_protocols.h | |||
@@ -2644,6 +2644,8 @@ extern "C" | |||
2644 | 2644 | ||
2645 | #define GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_RESULT 972 | 2645 | #define GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_RESULT 972 |
2646 | 2646 | ||
2647 | #define GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_CONSUME_TICKET 973 | ||
2648 | |||
2647 | /************************************************** | 2649 | /************************************************** |
2648 | * | 2650 | * |
2649 | * CREDENTIAL MESSAGE TYPES | 2651 | * CREDENTIAL MESSAGE TYPES |