diff options
author | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2016-12-06 22:21:49 +0100 |
---|---|---|
committer | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2016-12-06 22:21:49 +0100 |
commit | 1be263982990fc0650c30fb5f758d4100540561d (patch) | |
tree | ca7823ac9906822cc88e6a3e0c40b215796e0b95 | |
parent | 14045cba92ab8167e1371f2e2447a5bcdd71f12a (diff) | |
download | gnunet-1be263982990fc0650c30fb5f758d4100540561d.tar.gz gnunet-1be263982990fc0650c30fb5f758d4100540561d.zip |
- add simple verification
-rw-r--r-- | src/credential/credential.h | 8 | ||||
-rw-r--r-- | src/credential/credential_api.c | 17 | ||||
-rw-r--r-- | src/credential/gnunet-credential.c | 7 | ||||
-rw-r--r-- | src/credential/gnunet-service-credential.c | 221 | ||||
-rw-r--r-- | src/credential/plugin_gnsrecord_credential.c | 3 | ||||
-rwxr-xr-x | src/credential/test_credential_verify_simple.sh | 8 | ||||
-rw-r--r-- | src/include/gnunet_credential_service.h | 5 |
7 files changed, 163 insertions, 106 deletions
diff --git a/src/credential/credential.h b/src/credential/credential.h index 8b5cf6db9..d52776cfa 100644 --- a/src/credential/credential.h +++ b/src/credential/credential.h | |||
@@ -83,12 +83,16 @@ struct VerifyResultMessage | |||
83 | * Unique identifier for this request (for key collisions). | 83 | * Unique identifier for this request (for key collisions). |
84 | */ | 84 | */ |
85 | uint32_t id GNUNET_PACKED; | 85 | uint32_t id GNUNET_PACKED; |
86 | 86 | ||
87 | /** | ||
88 | * Indicates if credential has been found at all | ||
89 | */ | ||
90 | uint32_t cred_found GNUNET_PACKED; | ||
87 | 91 | ||
88 | /** | 92 | /** |
89 | * The number of credentials in the response | 93 | * The number of credentials in the response |
90 | */ | 94 | */ |
91 | uint32_t ad_count GNUNET_PACKED; | 95 | uint32_t cd_count GNUNET_PACKED; |
92 | 96 | ||
93 | /* followed by ad_count GNUNET_CREDENTIAL_RecordData structs*/ | 97 | /* followed by ad_count GNUNET_CREDENTIAL_RecordData structs*/ |
94 | 98 | ||
diff --git a/src/credential/credential_api.c b/src/credential/credential_api.c index eb7af5b53..5bc1e52f1 100644 --- a/src/credential/credential_api.c +++ b/src/credential/credential_api.c | |||
@@ -236,9 +236,18 @@ handle_result (void *cls, | |||
236 | rd_count, | 236 | rd_count, |
237 | rd)); | 237 | rd)); |
238 | */ | 238 | */ |
239 | proc (proc_cls, | 239 | if (GNUNET_NO == ntohl (vr_msg->cred_found)) |
240 | NULL, | 240 | { |
241 | GNUNET_NO); // TODO | 241 | proc (proc_cls, |
242 | NULL, | ||
243 | 0, | ||
244 | NULL); // TODO | ||
245 | } else { | ||
246 | proc (proc_cls, | ||
247 | (struct GNUNET_CREDENTIAL_CredentialRecordData*) &vr_msg[1], | ||
248 | 0, | ||
249 | NULL); | ||
250 | } | ||
242 | } | 251 | } |
243 | 252 | ||
244 | 253 | ||
@@ -254,7 +263,7 @@ reconnect (struct GNUNET_CREDENTIAL_Handle *handle) | |||
254 | GNUNET_MQ_hd_var_size (result, | 263 | GNUNET_MQ_hd_var_size (result, |
255 | GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT, | 264 | GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT, |
256 | struct VerifyResultMessage, | 265 | struct VerifyResultMessage, |
257 | NULL), | 266 | handle), |
258 | GNUNET_MQ_handler_end () | 267 | GNUNET_MQ_handler_end () |
259 | }; | 268 | }; |
260 | struct GNUNET_CREDENTIAL_Request *vr; | 269 | struct GNUNET_CREDENTIAL_Request *vr; |
diff --git a/src/credential/gnunet-credential.c b/src/credential/gnunet-credential.c index a2d494f2a..d728f533d 100644 --- a/src/credential/gnunet-credential.c +++ b/src/credential/gnunet-credential.c | |||
@@ -157,13 +157,14 @@ do_timeout (void *cls) | |||
157 | */ | 157 | */ |
158 | static void | 158 | static void |
159 | handle_verify_result (void *cls, | 159 | handle_verify_result (void *cls, |
160 | struct GNUNET_CRYPTO_EcdsaPublicKey *issuer, | 160 | struct GNUNET_CREDENTIAL_CredentialRecordData *cred, |
161 | uint32_t status) | 161 | uint32_t delegation_count, |
162 | struct GNUNET_CREDENTIAL_AttributeRecordData *deleg) | ||
162 | { | 163 | { |
163 | 164 | ||
164 | 165 | ||
165 | verify_request = NULL; | 166 | verify_request = NULL; |
166 | if (GNUNET_NO == status) | 167 | if (NULL == cred) |
167 | printf ("Verify failed.\n"); | 168 | printf ("Verify failed.\n"); |
168 | else | 169 | else |
169 | printf ("Successful.\n"); | 170 | printf ("Successful.\n"); |
diff --git a/src/credential/gnunet-service-credential.c b/src/credential/gnunet-service-credential.c index ce040fe2b..4f06806d1 100644 --- a/src/credential/gnunet-service-credential.c +++ b/src/credential/gnunet-service-credential.c | |||
@@ -63,6 +63,11 @@ struct CredentialRecordEntry | |||
63 | * Payload | 63 | * Payload |
64 | */ | 64 | */ |
65 | struct GNUNET_CREDENTIAL_CredentialRecordData record_data; | 65 | struct GNUNET_CREDENTIAL_CredentialRecordData record_data; |
66 | |||
67 | /** | ||
68 | * Size | ||
69 | */ | ||
70 | uint64_t record_data_size; | ||
66 | }; | 71 | }; |
67 | 72 | ||
68 | /** | 73 | /** |
@@ -140,6 +145,11 @@ struct VerifyRequestHandle | |||
140 | struct CredentialRecordEntry *cred_chain_tail; | 145 | struct CredentialRecordEntry *cred_chain_tail; |
141 | 146 | ||
142 | /** | 147 | /** |
148 | * Number of chain entries | ||
149 | */ | ||
150 | uint32_t cred_chain_entries; | ||
151 | |||
152 | /** | ||
143 | * Attribute Queue | 153 | * Attribute Queue |
144 | */ | 154 | */ |
145 | struct AttributeRecordEntry *attr_queue_head; | 155 | struct AttributeRecordEntry *attr_queue_head; |
@@ -152,7 +162,17 @@ struct VerifyRequestHandle | |||
152 | /** | 162 | /** |
153 | * Current Attribute Pointer | 163 | * Current Attribute Pointer |
154 | */ | 164 | */ |
155 | struct AttributeRecordEntry* attr_pointer; | 165 | struct AttributeRecordEntry* attr_pointer; |
166 | |||
167 | /** | ||
168 | * The found credential | ||
169 | */ | ||
170 | struct GNUNET_CREDENTIAL_CredentialRecordData *credential; | ||
171 | |||
172 | /** | ||
173 | * Length of the credential | ||
174 | */ | ||
175 | uint32_t credential_size; | ||
156 | 176 | ||
157 | /** | 177 | /** |
158 | * request id | 178 | * request id |
@@ -206,7 +226,11 @@ shutdown_task (void *cls) | |||
206 | GNUNET_free (vrh); | 226 | GNUNET_free (vrh); |
207 | } | 227 | } |
208 | 228 | ||
209 | 229 | if (NULL != gns) | |
230 | { | ||
231 | GNUNET_GNS_disconnect (gns); | ||
232 | gns = NULL; | ||
233 | } | ||
210 | if (NULL != statistics) | 234 | if (NULL != statistics) |
211 | { | 235 | { |
212 | GNUNET_STATISTICS_destroy (statistics, | 236 | GNUNET_STATISTICS_destroy (statistics, |
@@ -259,28 +283,20 @@ start_backward_resolution (void* cls, | |||
259 | const struct GNUNET_GNSRECORD_Data *rd) | 283 | const struct GNUNET_GNSRECORD_Data *rd) |
260 | { | 284 | { |
261 | struct VerifyRequestHandle *vrh = cls; | 285 | struct VerifyRequestHandle *vrh = cls; |
262 | int i; | ||
263 | struct GNUNET_CREDENTIAL_CredentialRecordData *cred; | 286 | struct GNUNET_CREDENTIAL_CredentialRecordData *cred; |
264 | struct GNUNET_CREDENTIAL_AttributeRecordData *attr; | ||
265 | struct CredentialRecordEntry *cred_pointer; | 287 | struct CredentialRecordEntry *cred_pointer; |
266 | const char *attribute; | ||
267 | const char *cred_attribute; | ||
268 | 288 | ||
269 | for(cred_pointer = vrh->cred_chain_head; cred_pointer != NULL; | 289 | for(cred_pointer = vrh->cred_chain_head; cred_pointer != NULL; |
270 | cred_pointer = cred_pointer->next){ | 290 | cred_pointer = cred_pointer->next){ |
271 | cred = &cred_pointer->record_data; | 291 | cred = &cred_pointer->record_data; |
272 | 292 | ||
273 | if(0 == memcmp (&vrh->attr_pointer->record_data.subject_key, | 293 | if(0 != memcmp (&vrh->attr_pointer->record_data.subject_key, |
274 | &cred_pointer->record_data.issuer_key, | 294 | &cred_pointer->record_data.issuer_key, |
275 | sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey))){ | 295 | sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey))) |
276 | 296 | continue; | |
277 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
278 | "Found issuer\n"); | ||
279 | |||
280 | } | ||
281 | 297 | ||
282 | 298 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | |
283 | 299 | "Found issuer\n"); | |
284 | 300 | ||
285 | } | 301 | } |
286 | 302 | ||
@@ -307,6 +323,77 @@ start_backward_resolution (void* cls, | |||
307 | 323 | ||
308 | } | 324 | } |
309 | 325 | ||
326 | |||
327 | /** | ||
328 | * Send. | ||
329 | * | ||
330 | * @param handle the handle to the request | ||
331 | */ | ||
332 | static void | ||
333 | send_lookup_response (struct VerifyRequestHandle *vrh) | ||
334 | { | ||
335 | size_t len; | ||
336 | struct GNUNET_MQ_Envelope *env; | ||
337 | struct VerifyResultMessage *rmsg; | ||
338 | struct CredentialRecordEntry *cr_entry; | ||
339 | uint32_t cred_verified; | ||
340 | |||
341 | |||
342 | /** | ||
343 | * Get serialized record data size | ||
344 | */ | ||
345 | len = vrh->credential_size; //TODO max length of attr | ||
346 | |||
347 | //TODO add attr chain | ||
348 | /** | ||
349 | * Prepare a lookup result response message for the client | ||
350 | */ | ||
351 | env = GNUNET_MQ_msg_extra (rmsg, | ||
352 | len, | ||
353 | GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT); | ||
354 | //Assign id so that client can find associated request | ||
355 | rmsg->id = vrh->request_id; | ||
356 | rmsg->cd_count = htonl (vrh->cred_chain_entries); | ||
357 | |||
358 | /** | ||
359 | * Get serialized record data | ||
360 | * Append at the end of rmsg | ||
361 | */ | ||
362 | rmsg->cred_found = htonl (GNUNET_NO); | ||
363 | if (NULL != vrh->credential) | ||
364 | { | ||
365 | memcpy (&rmsg[1], | ||
366 | vrh->credential, | ||
367 | vrh->credential_size); | ||
368 | rmsg->cred_found = htonl (GNUNET_YES); | ||
369 | } | ||
370 | |||
371 | /*char* tmp_entry = (char*)&rmsg[1]; | ||
372 | for (cr_entry = vrh->cred_chain_head; NULL != cr_entry; cr_entry = cr_entry->next) | ||
373 | { | ||
374 | memcpy (tmp_entry, | ||
375 | &cr_entry->record_data, | ||
376 | cr_entry->record_data_size); | ||
377 | tmp_entry += cr_entry->record_data_size; | ||
378 | }*/ | ||
379 | GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq(vrh->client), | ||
380 | env); | ||
381 | |||
382 | GNUNET_CONTAINER_DLL_remove (vrh_head, vrh_tail, vrh); | ||
383 | |||
384 | /** | ||
385 | * TODO: | ||
386 | * - Free DLL | ||
387 | * - Refactor into cleanup_handle() function for this | ||
388 | */ | ||
389 | GNUNET_free (vrh); | ||
390 | |||
391 | GNUNET_STATISTICS_update (statistics, | ||
392 | "Completed verifications", 1, | ||
393 | GNUNET_NO); | ||
394 | } | ||
395 | |||
396 | |||
310 | /** | 397 | /** |
311 | * Result from GNS lookup. | 398 | * Result from GNS lookup. |
312 | * | 399 | * |
@@ -315,31 +402,18 @@ start_backward_resolution (void* cls, | |||
315 | * @param rd the record data | 402 | * @param rd the record data |
316 | */ | 403 | */ |
317 | static void | 404 | static void |
318 | send_lookup_response (void* cls, | 405 | handle_credential_query (void* cls, |
319 | uint32_t rd_count, | 406 | uint32_t rd_count, |
320 | const struct GNUNET_GNSRECORD_Data *rd) | 407 | const struct GNUNET_GNSRECORD_Data *rd) |
321 | { | 408 | { |
322 | struct VerifyRequestHandle *vrh = cls; | 409 | struct VerifyRequestHandle *vrh = cls; |
323 | size_t len; | ||
324 | int i; | ||
325 | int cred_record_count; | 410 | int cred_record_count; |
326 | struct GNUNET_MQ_Envelope *env; | 411 | int i; |
327 | struct VerifyResultMessage *rmsg; | ||
328 | const struct GNUNET_CREDENTIAL_CredentialRecordData *crd; | 412 | const struct GNUNET_CREDENTIAL_CredentialRecordData *crd; |
329 | struct CredentialRecordEntry *cr_entry; | 413 | struct CredentialRecordEntry *cr_entry; |
330 | uint32_t cred_verified; | 414 | uint32_t cred_verified; |
331 | 415 | ||
332 | cred_record_count = 0; | 416 | cred_record_count = 0; |
333 | struct AttributeRecordEntry *attr_entry; | ||
334 | |||
335 | struct GNUNET_CREDENTIAL_AttributeRecordData *ard = | ||
336 | GNUNET_new(struct GNUNET_CREDENTIAL_AttributeRecordData); | ||
337 | |||
338 | attr_entry->record_data = *ard; | ||
339 | ard->subject_key = vrh->issuer_key; | ||
340 | GNUNET_CONTAINER_DLL_insert_tail (vrh->attr_queue_head, | ||
341 | vrh->attr_queue_tail, | ||
342 | attr_entry); | ||
343 | for (i=0; i < rd_count; i++) | 417 | for (i=0; i < rd_count; i++) |
344 | { | 418 | { |
345 | if (GNUNET_GNSRECORD_TYPE_CREDENTIAL != rd[i].record_type) | 419 | if (GNUNET_GNSRECORD_TYPE_CREDENTIAL != rd[i].record_type) |
@@ -356,19 +430,37 @@ send_lookup_response (void* cls, | |||
356 | */ | 430 | */ |
357 | cr_entry = GNUNET_new (struct CredentialRecordEntry); | 431 | cr_entry = GNUNET_new (struct CredentialRecordEntry); |
358 | cr_entry->record_data = *crd; | 432 | cr_entry->record_data = *crd; |
433 | cr_entry->record_data_size = rd[i].data_size; | ||
359 | GNUNET_CONTAINER_DLL_insert_tail (vrh->cred_chain_head, | 434 | GNUNET_CONTAINER_DLL_insert_tail (vrh->cred_chain_head, |
360 | vrh->cred_chain_tail, | 435 | vrh->cred_chain_tail, |
361 | cr_entry); | 436 | cr_entry); |
362 | if(GNUNET_OK == GNUNET_CRYPTO_ecdsa_verify(GNUNET_SIGNATURE_PURPOSE_CREDENTIAL, | 437 | /*if(GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify(GNUNET_SIGNATURE_PURPOSE_CREDENTIAL, |
363 | &crd->purpose, | 438 | &crd->purpose, |
364 | &crd->sig, | 439 | &crd->sig, |
365 | &crd->issuer_key)) | 440 | &crd->issuer_key)) |
366 | { | 441 | { |
367 | break; | 442 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, |
368 | } | 443 | "Invalid credential found\n"); |
444 | continue; | ||
445 | }*/ | ||
446 | if (0 != memcmp (&crd->issuer_key, | ||
447 | &vrh->issuer_key, | ||
448 | sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey))) | ||
449 | continue; | ||
450 | if (0 != strcmp ((char*)&crd[1], vrh->issuer_attribute)) | ||
451 | continue; | ||
452 | vrh->credential = GNUNET_malloc (rd[i].data_size); | ||
453 | memcpy (vrh->credential, | ||
454 | rd[i].data, | ||
455 | rd[i].data_size); | ||
456 | vrh->credential_size = rd[i].data_size; | ||
457 | //Found match prematurely | ||
458 | send_lookup_response (vrh); | ||
459 | return; | ||
369 | 460 | ||
370 | } | 461 | } |
371 | 462 | ||
463 | GNUNET_break (0); //TODO remove when implemented | ||
372 | 464 | ||
373 | /** | 465 | /** |
374 | * Check for attributes from the issuer and follow the chain | 466 | * Check for attributes from the issuer and follow the chain |
@@ -403,56 +495,9 @@ send_lookup_response (void* cls, | |||
403 | * - return one found credential chain | 495 | * - return one found credential chain |
404 | * | 496 | * |
405 | */ | 497 | */ |
406 | |||
407 | /** | ||
408 | * Get serialized record data size | ||
409 | */ | ||
410 | len = cred_record_count * sizeof (struct GNUNET_CREDENTIAL_CredentialRecordData); | ||
411 | |||
412 | /** | ||
413 | * Prepare a lookup result response message for the client | ||
414 | */ | ||
415 | env = GNUNET_MQ_msg_extra (rmsg, | ||
416 | len, | ||
417 | GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT); | ||
418 | //Assign id so that client can find associated request | ||
419 | rmsg->id = vrh->request_id; | ||
420 | rmsg->ad_count = htonl (cred_record_count); | ||
421 | |||
422 | /** | ||
423 | * Get serialized record data | ||
424 | * Append at the end of rmsg | ||
425 | */ | ||
426 | i = 0; | ||
427 | struct GNUNET_CREDENTIAL_CredentialRecordData *tmp_record = (struct GNUNET_CREDENTIAL_CredentialRecordData*) &rmsg[1]; | ||
428 | for (cr_entry = vrh->cred_chain_head; NULL != cr_entry; cr_entry = cr_entry->next) | ||
429 | { | ||
430 | memcpy (tmp_record, | ||
431 | &cr_entry->record_data, | ||
432 | sizeof (struct GNUNET_CREDENTIAL_CredentialRecordData)); | ||
433 | tmp_record++; | ||
434 | } | ||
435 | GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq(vrh->client), | ||
436 | env); | ||
437 | |||
438 | GNUNET_CONTAINER_DLL_remove (vrh_head, vrh_tail, vrh); | ||
439 | |||
440 | /** | ||
441 | * TODO: | ||
442 | * - Free DLL | ||
443 | * - Refactor into cleanup_handle() function for this | ||
444 | */ | ||
445 | GNUNET_free (vrh); | ||
446 | |||
447 | GNUNET_STATISTICS_update (statistics, | ||
448 | "Completed verifications", 1, | ||
449 | GNUNET_NO); | ||
450 | GNUNET_STATISTICS_update (statistics, | ||
451 | "Credentials resolved", | ||
452 | rd_count, | ||
453 | GNUNET_NO); | ||
454 | } | 498 | } |
455 | 499 | ||
500 | |||
456 | /** | 501 | /** |
457 | * Handle Credential verification requests from client | 502 | * Handle Credential verification requests from client |
458 | * | 503 | * |
@@ -466,7 +511,7 @@ handle_verify (void *cls, | |||
466 | { | 511 | { |
467 | char attrs[GNUNET_CREDENTIAL_MAX_LENGTH*2 + 1]; | 512 | char attrs[GNUNET_CREDENTIAL_MAX_LENGTH*2 + 1]; |
468 | char issuer_attribute[GNUNET_CREDENTIAL_MAX_LENGTH + 1]; | 513 | char issuer_attribute[GNUNET_CREDENTIAL_MAX_LENGTH + 1]; |
469 | char subject_attribute[GNUNET_CREDENTIAL_MAX_LENGTH + 1]; | 514 | char subject_attribute[GNUNET_CREDENTIAL_MAX_LENGTH + 1 + 4]; |
470 | struct VerifyRequestHandle *vrh; | 515 | struct VerifyRequestHandle *vrh; |
471 | struct GNUNET_SERVICE_Client *client = cls; | 516 | struct GNUNET_SERVICE_Client *client = cls; |
472 | char *attrptr = attrs; | 517 | char *attrptr = attrs; |
@@ -481,27 +526,29 @@ handle_verify (void *cls, | |||
481 | GNUNET_memcpy (issuer_attribute, attrs, ntohs (v_msg->issuer_attribute_len)); | 526 | GNUNET_memcpy (issuer_attribute, attrs, ntohs (v_msg->issuer_attribute_len)); |
482 | issuer_attribute[ntohs (v_msg->issuer_attribute_len)] = '\0'; | 527 | issuer_attribute[ntohs (v_msg->issuer_attribute_len)] = '\0'; |
483 | GNUNET_memcpy (subject_attribute, attrs+strlen(issuer_attribute), ntohs (v_msg->subject_attribute_len)); | 528 | GNUNET_memcpy (subject_attribute, attrs+strlen(issuer_attribute), ntohs (v_msg->subject_attribute_len)); |
484 | subject_attribute[ntohs (v_msg->subject_attribute_len)] = '\0'; | 529 | strcpy (subject_attribute+ntohs (v_msg->subject_attribute_len), |
530 | ".gnu"); | ||
531 | subject_attribute[ntohs (v_msg->subject_attribute_len)+4] = '\0'; | ||
485 | vrh = GNUNET_new (struct VerifyRequestHandle); | 532 | vrh = GNUNET_new (struct VerifyRequestHandle); |
486 | GNUNET_CONTAINER_DLL_insert (vrh_head, vrh_tail, vrh); | 533 | GNUNET_CONTAINER_DLL_insert (vrh_head, vrh_tail, vrh); |
487 | vrh->client = client; | 534 | vrh->client = client; |
488 | vrh->request_id = v_msg->id; | 535 | vrh->request_id = v_msg->id; |
489 | vrh->issuer_key = v_msg->issuer_key; | 536 | vrh->issuer_key = v_msg->issuer_key; |
490 | vrh->subject_key = v_msg->subject_key; | 537 | vrh->subject_key = v_msg->subject_key; |
491 | vrh->issuer_attribute = issuer_attribute; | 538 | vrh->issuer_attribute = GNUNET_strdup (issuer_attribute); |
492 | 539 | ||
493 | if (NULL == subject_attribute) | 540 | if (NULL == subject_attribute) |
494 | { | 541 | { |
495 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 542 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
496 | "No subject attribute provided!\n"); | 543 | "No subject attribute provided!\n"); |
497 | send_lookup_response (vrh, 0, NULL); | 544 | send_lookup_response (vrh); |
498 | return; | 545 | return; |
499 | } | 546 | } |
500 | if (NULL == issuer_attribute) | 547 | if (NULL == issuer_attribute) |
501 | { | 548 | { |
502 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 549 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
503 | "No issuer attribute provided!\n"); | 550 | "No issuer attribute provided!\n"); |
504 | send_lookup_response (vrh, 0, NULL); | 551 | send_lookup_response (vrh); |
505 | return; | 552 | return; |
506 | } | 553 | } |
507 | /** | 554 | /** |
@@ -513,7 +560,7 @@ handle_verify (void *cls, | |||
513 | GNUNET_GNSRECORD_TYPE_CREDENTIAL, | 560 | GNUNET_GNSRECORD_TYPE_CREDENTIAL, |
514 | GNUNET_GNS_LO_DEFAULT, | 561 | GNUNET_GNS_LO_DEFAULT, |
515 | NULL, //shorten_key, always NULL | 562 | NULL, //shorten_key, always NULL |
516 | &send_lookup_response, | 563 | &handle_credential_query, |
517 | vrh); | 564 | vrh); |
518 | } | 565 | } |
519 | 566 | ||
diff --git a/src/credential/plugin_gnsrecord_credential.c b/src/credential/plugin_gnsrecord_credential.c index 93d8b8e83..ff95ec119 100644 --- a/src/credential/plugin_gnsrecord_credential.c +++ b/src/credential/plugin_gnsrecord_credential.c | |||
@@ -166,9 +166,6 @@ credential_string_to_value (void *cls, | |||
166 | s); | 166 | s); |
167 | return GNUNET_SYSERR; | 167 | return GNUNET_SYSERR; |
168 | } | 168 | } |
169 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
170 | "Found %s, %s, %s, %s, %s\n", | ||
171 | issuer_pkey, name, subject_pkey, signature, expiration); | ||
172 | *data_size = sizeof (struct GNUNET_CREDENTIAL_CredentialRecordData) + strlen (name) + 1; | 169 | *data_size = sizeof (struct GNUNET_CREDENTIAL_CredentialRecordData) + strlen (name) + 1; |
173 | *data = cred = GNUNET_malloc (*data_size); | 170 | *data = cred = GNUNET_malloc (*data_size); |
174 | GNUNET_CRYPTO_ecdsa_public_key_from_string (subject_pkey, | 171 | GNUNET_CRYPTO_ecdsa_public_key_from_string (subject_pkey, |
diff --git a/src/credential/test_credential_verify_simple.sh b/src/credential/test_credential_verify_simple.sh index 73ea24137..ce0a2207a 100755 --- a/src/credential/test_credential_verify_simple.sh +++ b/src/credential/test_credential_verify_simple.sh | |||
@@ -26,14 +26,14 @@ gnunet-identity -C testsubject -c test_credential_lookup.conf | |||
26 | TEST_ATTR="user" | 26 | TEST_ATTR="user" |
27 | SUBJECT_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep testsubject | awk '{print $3}') | 27 | SUBJECT_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep testsubject | awk '{print $3}') |
28 | ISSUER_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep testissuer | awk '{print $3}') | 28 | ISSUER_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep testissuer | awk '{print $3}') |
29 | CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=testissuer --subject=$SUBJECT_KEY --attribute=$TEST_ATTR -c test_credential_lookup.conf` | 29 | CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=testissuer --subject=$SUBJECT_KEY --attribute=$TEST_ATTR --ttl=5m -c test_credential_lookup.conf` |
30 | 30 | ||
31 | TEST_CREDENTIAL="t1" | 31 | TEST_CREDENTIAL="t1" |
32 | gnunet-namestore -p -z testsubject -a -n $TEST_CREDENTIAL -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf | 32 | gnunet-namestore -p -z testsubject -a -n $TEST_CREDENTIAL -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf |
33 | 33 | ||
34 | #TODO2 Add -z swich like in gnunet-gns | 34 | #TODO2 Add -z swich like in gnunet-gns |
35 | #RES_CRED=`$DO_TIMEOUT gnunet-credential --verify --issuer=$ISSUER_KEY --attribute="$TEST_ATTR" --subject=$SUBJECT_KEY --credential=$TEST_CREDENTIAL -c test_credential_lookup.conf` | 35 | #RES_CRED=`$DO_TIMEOUT gnunet-credential --verify --issuer=$ISSUER_KEY --attribute="$TEST_ATTR" --subject=$SUBJECT_KEY --credential=$TEST_CREDENTIAL -c test_credential_lookup.conf` |
36 | valgrind gnunet-credential --verify --issuer=$ISSUER_KEY --attribute=$TEST_ATTR --subject=$SUBJECT_KEY --credential=$TEST_CREDENTIAL -c test_credential_lookup.conf | 36 | RES_CRED=`gnunet-credential --verify --issuer=$ISSUER_KEY --attribute=$TEST_ATTR --subject=$SUBJECT_KEY --credential=$TEST_CREDENTIAL -c test_credential_lookup.conf` |
37 | 37 | ||
38 | #TODO cleanup properly | 38 | #TODO cleanup properly |
39 | gnunet-namestore -z testsubject -d -n $TEST_CREDENTIAL -t CRED -e never -c test_credential_lookup.conf | 39 | gnunet-namestore -z testsubject -d -n $TEST_CREDENTIAL -t CRED -e never -c test_credential_lookup.conf |
@@ -41,9 +41,7 @@ gnunet-identity -D testsubject -c test_credential_lookup.conf | |||
41 | gnunet-arm -e -c test_credential_lookup.conf | 41 | gnunet-arm -e -c test_credential_lookup.conf |
42 | 42 | ||
43 | #TODO3 proper test | 43 | #TODO3 proper test |
44 | exit 0 | 44 | if [ "$RES_CRED" == "Successful." ] |
45 | |||
46 | if [ "$RES_CRED" == "Ok!" ] | ||
47 | then | 45 | then |
48 | exit 0 | 46 | exit 0 |
49 | else | 47 | else |
diff --git a/src/include/gnunet_credential_service.h b/src/include/gnunet_credential_service.h index a7de3c822..f7b09b3ff 100644 --- a/src/include/gnunet_credential_service.h +++ b/src/include/gnunet_credential_service.h | |||
@@ -159,8 +159,9 @@ GNUNET_CREDENTIAL_disconnect (struct GNUNET_CREDENTIAL_Handle *handle); | |||
159 | * @param rd the records in reply | 159 | * @param rd the records in reply |
160 | */ | 160 | */ |
161 | typedef void (*GNUNET_CREDENTIAL_VerifyResultProcessor) (void *cls, | 161 | typedef void (*GNUNET_CREDENTIAL_VerifyResultProcessor) (void *cls, |
162 | struct GNUNET_CRYPTO_EcdsaPublicKey *issuer, | 162 | struct GNUNET_CREDENTIAL_CredentialRecordData *credential, |
163 | uint32_t result); | 163 | uint32_t delegation_length, |
164 | struct GNUNET_CREDENTIAL_AttributeRecordData *delegation_chain); | ||
164 | 165 | ||
165 | /** | 166 | /** |
166 | * Iterator called on obtained result for an attribute delegation. | 167 | * Iterator called on obtained result for an attribute delegation. |