aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMartin Schanzenbach <mschanzenbach@posteo.de>2016-01-07 21:02:11 +0000
committerMartin Schanzenbach <mschanzenbach@posteo.de>2016-01-07 21:02:11 +0000
commit4c2b05fe49e5ee49c69337e763a3572af59e78d5 (patch)
tree0eef93b4e14e7dcd971546f69cc7eab0271da096
parentf278bb4ea15e3fec5fd426d40a460ddaf1e68f8c (diff)
downloadgnunet-4c2b05fe49e5ee49c69337e763a3572af59e78d5.tar.gz
gnunet-4c2b05fe49e5ee49c69337e763a3572af59e78d5.zip
- Start commenting. Major refactor
Diffstat
-rw-r--r--src/identity-token/Makefile.am17
-rw-r--r--src/identity-token/gnunet-service-identity-token.c48
-rw-r--r--src/identity-token/identity-token.c269
-rw-r--r--src/identity-token/identity-token.h190
-rw-r--r--src/identity-token/plugin_rest_identity_token.c107
5 files changed, 393 insertions, 238 deletions
diff --git a/src/identity-token/Makefile.am b/src/identity-token/Makefile.am
index 974de98d9..a9338ba59 100644
--- a/src/identity-token/Makefile.am
+++ b/src/identity-token/Makefile.am
@@ -19,10 +19,10 @@ libexecdir= $(pkglibdir)/libexec/
19pkgcfg_DATA = \ 19pkgcfg_DATA = \
20 identity-token.conf 20 identity-token.conf
21 21
22if HAVE_REST
23plugin_LTLIBRARIES = \ 22plugin_LTLIBRARIES = \
24 libgnunet_plugin_rest_identity_token.la 23 libgnunet_plugin_rest_identity_token.la
25endif 24lib_LTLIBRARIES = \
25 libgnunetidentityprovider.la
26 26
27bin_PROGRAMS = \ 27bin_PROGRAMS = \
28 gnunet-identity-token 28 gnunet-identity-token
@@ -31,9 +31,9 @@ libexec_PROGRAMS = \
31 gnunet-service-identity-token 31 gnunet-service-identity-token
32 32
33gnunet_service_identity_token_SOURCES = \ 33gnunet_service_identity_token_SOURCES = \
34 gnunet-service-identity-token.c \ 34 gnunet-service-identity-token.c
35 identity-token.c
36gnunet_service_identity_token_LDADD = \ 35gnunet_service_identity_token_LDADD = \
36 libgnunetidentityprovider.la \
37 $(top_builddir)/src/gnsrecord/libgnunetgnsrecord.la \ 37 $(top_builddir)/src/gnsrecord/libgnunetgnsrecord.la \
38 $(top_builddir)/src/util/libgnunetutil.la \ 38 $(top_builddir)/src/util/libgnunetutil.la \
39 $(top_builddir)/src/namestore/libgnunetnamestore.la \ 39 $(top_builddir)/src/namestore/libgnunetnamestore.la \
@@ -41,9 +41,14 @@ gnunet_service_identity_token_LDADD = \
41 $(GN_LIBINTL) \ 41 $(GN_LIBINTL) \
42 -ljansson 42 -ljansson
43 43
44libgnunetidentityprovider_la_SOURCES = \
45 identity-token.c
46libgnunetidentityprovider_la_LIBADD = \
47 $(top_builddir)/src/util/libgnunetutil.la $(XLIBS) \
48 $(LTLIBINTL) -ljansson
49
44libgnunet_plugin_rest_identity_token_la_SOURCES = \ 50libgnunet_plugin_rest_identity_token_la_SOURCES = \
45 plugin_rest_identity_token.c \ 51 plugin_rest_identity_token.c
46 identity-token.c
47libgnunet_plugin_rest_identity_token_la_LIBADD = \ 52libgnunet_plugin_rest_identity_token_la_LIBADD = \
48 $(top_builddir)/src/identity/libgnunetidentity.la \ 53 $(top_builddir)/src/identity/libgnunetidentity.la \
49 $(top_builddir)/src/rest/libgnunetrest.la \ 54 $(top_builddir)/src/rest/libgnunetrest.la \
diff --git a/src/identity-token/gnunet-service-identity-token.c b/src/identity-token/gnunet-service-identity-token.c
index 00fc25852..039d1c7e0 100644
--- a/src/identity-token/gnunet-service-identity-token.c
+++ b/src/identity-token/gnunet-service-identity-token.c
@@ -30,7 +30,7 @@
30#include "gnunet_namestore_service.h" 30#include "gnunet_namestore_service.h"
31#include <jansson.h> 31#include <jansson.h>
32#include "gnunet_signatures.h" 32#include "gnunet_signatures.h"
33#include "identity-token.h" 33#include "gnunet_identity_provider_lib.h"
34 34
35/** 35/**
36 * First pass state 36 * First pass state
@@ -102,7 +102,7 @@ static struct GNUNET_TIME_Relative min_rel_exp;
102/** 102/**
103 * Currently processed token 103 * Currently processed token
104 */ 104 */
105static struct IdentityToken *token; 105static struct GNUNET_IDENTITY_PROVIDER_Token *token;
106 106
107/** 107/**
108 * Label for currently processed token 108 * Label for currently processed token
@@ -201,9 +201,8 @@ handle_token_update (void *cls,
201 char *write_ptr; 201 char *write_ptr;
202 char *enc_token_str; 202 char *enc_token_str;
203 const char *key; 203 const char *key;
204 const char *iss;
205 const char *aud;
206 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key; 204 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key;
205 struct GNUNET_CRYPTO_EcdsaPublicKey pub_key;
207 struct GNUNET_CRYPTO_EcdhePrivateKey *new_ecdhe_privkey; 206 struct GNUNET_CRYPTO_EcdhePrivateKey *new_ecdhe_privkey;
208 struct EgoEntry *ego_entry = cls; 207 struct EgoEntry *ego_entry = cls;
209 struct GNUNET_GNSRECORD_Data token_record[2]; 208 struct GNUNET_GNSRECORD_Data token_record[2];
@@ -215,7 +214,7 @@ handle_token_update (void *cls,
215 struct GNUNET_TIME_Absolute new_exp; 214 struct GNUNET_TIME_Absolute new_exp;
216 struct GNUNET_TIME_Absolute new_iat; 215 struct GNUNET_TIME_Absolute new_iat;
217 struct GNUNET_TIME_Absolute new_nbf; 216 struct GNUNET_TIME_Absolute new_nbf;
218 struct IdentityToken *new_token; 217 struct GNUNET_IDENTITY_PROVIDER_Token *new_token;
219 json_t *payload_json; 218 json_t *payload_json;
220 json_t *value; 219 json_t *value;
221 json_t *cur_value; 220 json_t *cur_value;
@@ -224,6 +223,8 @@ handle_token_update (void *cls,
224 size_t token_metadata_len; 223 size_t token_metadata_len;
225 224
226 priv_key = GNUNET_IDENTITY_ego_get_private_key (ego_entry->ego); 225 priv_key = GNUNET_IDENTITY_ego_get_private_key (ego_entry->ego);
226 GNUNET_IDENTITY_ego_get_public_key (ego_entry->ego,
227 &pub_key);
227 228
228 //Note: We need the token expiration time here. Not the record expiration 229 //Note: We need the token expiration time here. Not the record expiration
229 //time. 230 //time.
@@ -262,9 +263,8 @@ handle_token_update (void *cls,
262 } 263 }
263 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 264 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
264 "Token is expired. Create a new one\n"); 265 "Token is expired. Create a new one\n");
265 iss = json_string_value (json_object_get (payload_json, "iss")); 266 new_token = GNUNET_IDENTITY_PROVIDER_token_create (&pub_key,
266 aud = json_string_value (json_object_get (payload_json, "aud")); 267 &token->aud_key);
267 new_token = identity_token_create (iss, aud);
268 new_exp = GNUNET_TIME_relative_to_absolute (token_rel_exp); 268 new_exp = GNUNET_TIME_relative_to_absolute (token_rel_exp);
269 new_nbf = GNUNET_TIME_absolute_get (); 269 new_nbf = GNUNET_TIME_absolute_get ();
270 new_iat = new_nbf; 270 new_iat = new_nbf;
@@ -272,15 +272,15 @@ handle_token_update (void *cls,
272 json_object_foreach(payload_json, key, value) { 272 json_object_foreach(payload_json, key, value) {
273 if (0 == strcmp (key, "exp")) 273 if (0 == strcmp (key, "exp"))
274 { 274 {
275 identity_token_add_json (new_token, key, json_integer (new_exp.abs_value_us)); 275 GNUNET_IDENTITY_PROVIDER_token_add_json (new_token, key, json_integer (new_exp.abs_value_us));
276 } 276 }
277 else if (0 == strcmp (key, "nbf")) 277 else if (0 == strcmp (key, "nbf"))
278 { 278 {
279 identity_token_add_json (new_token, key, json_integer (new_nbf.abs_value_us)); 279 GNUNET_IDENTITY_PROVIDER_token_add_json (new_token, key, json_integer (new_nbf.abs_value_us));
280 } 280 }
281 else if (0 == strcmp (key, "iat")) 281 else if (0 == strcmp (key, "iat"))
282 { 282 {
283 identity_token_add_json (new_token, key, json_integer (new_iat.abs_value_us)); 283 GNUNET_IDENTITY_PROVIDER_token_add_json (new_token, key, json_integer (new_iat.abs_value_us));
284 } 284 }
285 else if ((0 == strcmp (key, "iss")) 285 else if ((0 == strcmp (key, "iss"))
286 || (0 == strcmp (key, "aud"))) 286 || (0 == strcmp (key, "aud")))
@@ -290,7 +290,7 @@ handle_token_update (void *cls,
290 else if ((0 == strcmp (key, "sub")) 290 else if ((0 == strcmp (key, "sub"))
291 || (0 == strcmp (key, "rnl"))) 291 || (0 == strcmp (key, "rnl")))
292 { 292 {
293 identity_token_add_json (new_token, key, value); 293 GNUNET_IDENTITY_PROVIDER_token_add_json (new_token, key, value);
294 } 294 }
295 else { 295 else {
296 GNUNET_CRYPTO_hash (key, 296 GNUNET_CRYPTO_hash (key,
@@ -302,16 +302,16 @@ handle_token_update (void *cls,
302 { 302 {
303 cur_value = GNUNET_CONTAINER_multihashmap_get (ego_entry->attr_map, 303 cur_value = GNUNET_CONTAINER_multihashmap_get (ego_entry->attr_map,
304 &key_hash); 304 &key_hash);
305 identity_token_add_json (new_token, key, cur_value); 305 GNUNET_IDENTITY_PROVIDER_token_add_json (new_token, key, cur_value);
306 } 306 }
307 } 307 }
308 } 308 }
309 309
310 // reassemble and set 310 // reassemble and set
311 GNUNET_assert (identity_token_serialize (new_token, 311 GNUNET_assert (GNUNET_IDENTITY_PROVIDER_token_serialize (new_token,
312 priv_key, 312 priv_key,
313 &new_ecdhe_privkey, 313 &new_ecdhe_privkey,
314 &enc_token_str)); 314 &enc_token_str));
315 315
316 json_decref (payload_json); 316 json_decref (payload_json);
317 317
@@ -347,10 +347,10 @@ handle_token_update (void *cls,
347 &store_token_cont, 347 &store_token_cont,
348 ego_entry); 348 ego_entry);
349 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, ">>> Updating Token w/ %s\n", new_token); 349 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, ">>> Updating Token w/ %s\n", new_token);
350 identity_token_destroy (new_token); 350 GNUNET_IDENTITY_PROVIDER_token_destroy (new_token);
351 GNUNET_IDENTITY_PROVIDER_token_destroy (token);
351 GNUNET_free (new_ecdhe_privkey); 352 GNUNET_free (new_ecdhe_privkey);
352 GNUNET_free (enc_token_str); 353 GNUNET_free (enc_token_str);
353 GNUNET_free (token);
354 token = NULL; 354 token = NULL;
355 GNUNET_free (label); 355 GNUNET_free (label);
356 label = NULL; 356 label = NULL;
@@ -438,16 +438,16 @@ token_collect (void *cls,
438 } 438 }
439 GNUNET_assert (token_metadata_record->record_type == GNUNET_GNSRECORD_TYPE_ID_TOKEN_METADATA); 439 GNUNET_assert (token_metadata_record->record_type == GNUNET_GNSRECORD_TYPE_ID_TOKEN_METADATA);
440 GNUNET_assert (token_record->record_type == GNUNET_GNSRECORD_TYPE_ID_TOKEN); 440 GNUNET_assert (token_record->record_type == GNUNET_GNSRECORD_TYPE_ID_TOKEN);
441 441
442 //Get metadata and decrypt token 442 //Get metadata and decrypt token
443 ecdhe_privkey = *((struct GNUNET_CRYPTO_EcdhePrivateKey *)token_metadata_record->data); 443 ecdhe_privkey = *((struct GNUNET_CRYPTO_EcdhePrivateKey *)token_metadata_record->data);
444 aud_key = (struct GNUNET_CRYPTO_EcdsaPublicKey *)&ecdhe_privkey+sizeof(struct GNUNET_CRYPTO_EcdhePrivateKey); 444 aud_key = (struct GNUNET_CRYPTO_EcdsaPublicKey *)&ecdhe_privkey+sizeof(struct GNUNET_CRYPTO_EcdhePrivateKey);
445 scopes = GNUNET_strdup ((char*) aud_key+sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)); 445 scopes = GNUNET_strdup ((char*) aud_key+sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
446 446
447 identity_token_parse2 (token_record->data, 447 GNUNET_IDENTITY_PROVIDER_token_parse2 (token_record->data,
448 &ecdhe_privkey, 448 &ecdhe_privkey,
449 aud_key, 449 aud_key,
450 &token); 450 &token);
451 451
452 //token = GNUNET_GNSRECORD_value_to_string (rd->record_type, 452 //token = GNUNET_GNSRECORD_value_to_string (rd->record_type,
453 // rd->data, 453 // rd->data,
diff --git a/src/identity-token/identity-token.c b/src/identity-token/identity-token.c
index dc0154c21..a9f210b14 100644
--- a/src/identity-token/identity-token.c
+++ b/src/identity-token/identity-token.c
@@ -26,7 +26,7 @@
26#include "platform.h" 26#include "platform.h"
27#include "gnunet_util_lib.h" 27#include "gnunet_util_lib.h"
28#include "gnunet_signatures.h" 28#include "gnunet_signatures.h"
29#include "identity-token.h" 29#include "gnunet_identity_provider_lib.h"
30#include <jansson.h> 30#include <jansson.h>
31 31
32 32
@@ -189,13 +189,22 @@ encrypt_str_ecdhe (const char *plaintext,
189 * @param id the JSON API resource id 189 * @param id the JSON API resource id
190 * @return a new JSON API resource or NULL on error. 190 * @return a new JSON API resource or NULL on error.
191 */ 191 */
192struct IdentityToken* 192struct GNUNET_IDENTITY_PROVIDER_Token*
193identity_token_create (const char* issuer, 193GNUNET_IDENTITY_PROVIDER_token_create (const struct GNUNET_CRYPTO_EcdsaPublicKey* iss,
194 const char* audience) 194 const struct GNUNET_CRYPTO_EcdsaPublicKey* aud)
195{ 195{
196 struct IdentityToken *token; 196 struct GNUNET_IDENTITY_PROVIDER_Token *token;
197 char* audience;
198 char* issuer;
197 199
198 token = GNUNET_malloc (sizeof (struct IdentityToken)); 200 issuer = GNUNET_STRINGS_data_to_string_alloc (iss,
201 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
202 audience = GNUNET_STRINGS_data_to_string_alloc (aud,
203 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
204
205
206
207 token = GNUNET_malloc (sizeof (struct GNUNET_IDENTITY_PROVIDER_Token));
199 208
200 token->header = json_object(); 209 token->header = json_object();
201 token->payload = json_object(); 210 token->payload = json_object();
@@ -206,16 +215,14 @@ identity_token_create (const char* issuer,
206 json_object_set_new (token->payload, "iss", json_string (issuer)); 215 json_object_set_new (token->payload, "iss", json_string (issuer));
207 json_object_set_new (token->payload, "aud", json_string (audience)); 216 json_object_set_new (token->payload, "aud", json_string (audience));
208 217
209 GNUNET_STRINGS_string_to_data (audience, 218 token->aud_key = *aud;
210 strlen (audience), 219 GNUNET_free (issuer);
211 &token->aud_key, 220 GNUNET_free (audience);
212 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
213
214 return token; 221 return token;
215} 222}
216 223
217void 224void
218identity_token_destroy (struct IdentityToken *token) 225GNUNET_IDENTITY_PROVIDER_token_destroy (struct GNUNET_IDENTITY_PROVIDER_Token *token)
219{ 226{
220 json_decref (token->header); 227 json_decref (token->header);
221 json_decref (token->payload); 228 json_decref (token->payload);
@@ -223,9 +230,9 @@ identity_token_destroy (struct IdentityToken *token)
223} 230}
224 231
225void 232void
226identity_token_add_attr (const struct IdentityToken *token, 233GNUNET_IDENTITY_PROVIDER_token_add_attr (const struct GNUNET_IDENTITY_PROVIDER_Token *token,
227 const char* key, 234 const char* key,
228 const char* value) 235 const char* value)
229{ 236{
230 GNUNET_assert (NULL != token); 237 GNUNET_assert (NULL != token);
231 GNUNET_assert (NULL != token->payload); 238 GNUNET_assert (NULL != token->payload);
@@ -234,9 +241,9 @@ identity_token_add_attr (const struct IdentityToken *token,
234} 241}
235 242
236void 243void
237identity_token_add_json (const struct IdentityToken *token, 244GNUNET_IDENTITY_PROVIDER_token_add_json (const struct GNUNET_IDENTITY_PROVIDER_Token *token,
238 const char* key, 245 const char* key,
239 json_t* value) 246 json_t* value)
240{ 247{
241 GNUNET_assert (NULL != token); 248 GNUNET_assert (NULL != token);
242 GNUNET_assert (NULL != token->payload); 249 GNUNET_assert (NULL != token->payload);
@@ -246,10 +253,10 @@ identity_token_add_json (const struct IdentityToken *token,
246 253
247 254
248int 255int
249identity_token_parse2 (const char* raw_data, 256GNUNET_IDENTITY_PROVIDER_token_parse2 (const char* raw_data,
250 const struct GNUNET_CRYPTO_EcdhePrivateKey *priv_key, 257 const struct GNUNET_CRYPTO_EcdhePrivateKey *priv_key,
251 const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key, 258 const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
252 struct IdentityToken **result) 259 struct GNUNET_IDENTITY_PROVIDER_Token **result)
253{ 260{
254 char *enc_token_str; 261 char *enc_token_str;
255 char *tmp_buf; 262 char *tmp_buf;
@@ -292,7 +299,7 @@ identity_token_parse2 (const char* raw_data,
292 //TODO signature 299 //TODO signature
293 300
294 301
295 *result = GNUNET_malloc (sizeof (struct IdentityToken)); 302 *result = GNUNET_malloc (sizeof (struct GNUNET_IDENTITY_PROVIDER_Token));
296 (*result)->aud_key = *aud_key; 303 (*result)->aud_key = *aud_key;
297 (*result)->header = json_loads (header, JSON_DECODE_ANY, &err_json); 304 (*result)->header = json_loads (header, JSON_DECODE_ANY, &err_json);
298 (*result)->payload = json_loads (payload, JSON_DECODE_ANY, &err_json); 305 (*result)->payload = json_loads (payload, JSON_DECODE_ANY, &err_json);
@@ -305,9 +312,9 @@ identity_token_parse2 (const char* raw_data,
305} 312}
306 313
307int 314int
308identity_token_parse (const char* raw_data, 315GNUNET_IDENTITY_PROVIDER_token_parse (const char* raw_data,
309 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, 316 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
310 struct IdentityToken **result) 317 struct GNUNET_IDENTITY_PROVIDER_Token **result)
311{ 318{
312 char *ecdh_pubkey_str; 319 char *ecdh_pubkey_str;
313 char *enc_token_str; 320 char *enc_token_str;
@@ -356,7 +363,7 @@ identity_token_parse (const char* raw_data,
356 //TODO signature and aud key 363 //TODO signature and aud key
357 364
358 365
359 *result = GNUNET_malloc (sizeof (struct IdentityToken)); 366 *result = GNUNET_malloc (sizeof (struct GNUNET_IDENTITY_PROVIDER_Token));
360 (*result)->header = json_loads (header, JSON_DECODE_ANY, &err_json); 367 (*result)->header = json_loads (header, JSON_DECODE_ANY, &err_json);
361 (*result)->payload = json_loads (payload, JSON_DECODE_ANY, &err_json); 368 (*result)->payload = json_loads (payload, JSON_DECODE_ANY, &err_json);
362 GNUNET_free (enc_token); 369 GNUNET_free (enc_token);
@@ -368,9 +375,9 @@ identity_token_parse (const char* raw_data,
368} 375}
369 376
370int 377int
371identity_token_to_string (const struct IdentityToken *token, 378GNUNET_IDENTITY_PROVIDER_token_to_string (const struct GNUNET_IDENTITY_PROVIDER_Token *token,
372 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, 379 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
373 char **result) 380 char **result)
374{ 381{
375 char *payload_str; 382 char *payload_str;
376 char *header_str; 383 char *header_str;
@@ -436,10 +443,10 @@ identity_token_to_string (const struct IdentityToken *token,
436} 443}
437 444
438int 445int
439identity_token_serialize (const struct IdentityToken *token, 446GNUNET_IDENTITY_PROVIDER_token_serialize (const struct GNUNET_IDENTITY_PROVIDER_Token *token,
440 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, 447 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
441 struct GNUNET_CRYPTO_EcdhePrivateKey **ecdh_privkey, 448 struct GNUNET_CRYPTO_EcdhePrivateKey **ecdh_privkey,
442 char **result) 449 char **result)
443{ 450{
444 char *token_str; 451 char *token_str;
445 char *enc_token; 452 char *enc_token;
@@ -447,9 +454,9 @@ identity_token_serialize (const struct IdentityToken *token,
447 char *enc_token_base64; 454 char *enc_token_base64;
448 struct GNUNET_CRYPTO_EcdhePublicKey ecdh_pubkey; 455 struct GNUNET_CRYPTO_EcdhePublicKey ecdh_pubkey;
449 456
450 GNUNET_assert (GNUNET_OK == identity_token_to_string (token, 457 GNUNET_assert (GNUNET_OK == GNUNET_IDENTITY_PROVIDER_token_to_string (token,
451 priv_key, 458 priv_key,
452 &token_str)); 459 &token_str));
453 460
454 GNUNET_assert (GNUNET_OK == encrypt_str_ecdhe (token_str, 461 GNUNET_assert (GNUNET_OK == encrypt_str_ecdhe (token_str,
455 &token->aud_key, 462 &token->aud_key,
@@ -469,14 +476,14 @@ identity_token_serialize (const struct IdentityToken *token,
469 return GNUNET_OK; 476 return GNUNET_OK;
470} 477}
471 478
472struct IdentityTokenCodePayload* 479struct GNUNET_IDENTITY_PROVIDER_TokenTicketPayload*
473identity_token_code_payload_create (const char* nonce, 480GNUNET_IDENTITY_PROVIDER_ticket_payload_create (const char* nonce,
474 const struct GNUNET_CRYPTO_EcdsaPublicKey* identity_pkey, 481 const struct GNUNET_CRYPTO_EcdsaPublicKey* identity_pkey,
475 const char* lbl_str) 482 const char* lbl_str)
476{ 483{
477 struct IdentityTokenCodePayload* payload; 484 struct GNUNET_IDENTITY_PROVIDER_TokenTicketPayload* payload;
478 485
479 payload = GNUNET_malloc (sizeof (struct IdentityTokenCodePayload)); 486 payload = GNUNET_malloc (sizeof (struct GNUNET_IDENTITY_PROVIDER_TokenTicketPayload));
480 GNUNET_asprintf (&payload->nonce, nonce, strlen (nonce)); 487 GNUNET_asprintf (&payload->nonce, nonce, strlen (nonce));
481 payload->identity_key = *identity_pkey; 488 payload->identity_key = *identity_pkey;
482 GNUNET_asprintf (&payload->label, lbl_str, strlen (lbl_str)); 489 GNUNET_asprintf (&payload->label, lbl_str, strlen (lbl_str));
@@ -484,7 +491,7 @@ identity_token_code_payload_create (const char* nonce,
484} 491}
485 492
486void 493void
487identity_token_code_payload_destroy (struct IdentityTokenCodePayload* payload) 494GNUNET_IDENTITY_PROVIDER_ticket_payload_destroy (struct GNUNET_IDENTITY_PROVIDER_TokenTicketPayload* payload)
488{ 495{
489 GNUNET_free (payload->nonce); 496 GNUNET_free (payload->nonce);
490 GNUNET_free (payload->label); 497 GNUNET_free (payload->label);
@@ -492,8 +499,8 @@ identity_token_code_payload_destroy (struct IdentityTokenCodePayload* payload)
492} 499}
493 500
494void 501void
495identity_token_code_payload_serialize (struct IdentityTokenCodePayload *payload, 502GNUNET_IDENTITY_PROVIDER_ticket_payload_serialize (struct GNUNET_IDENTITY_PROVIDER_TokenTicketPayload *payload,
496 char **result) 503 char **result)
497{ 504{
498 char* identity_key_str; 505 char* identity_key_str;
499 506
@@ -512,60 +519,60 @@ identity_token_code_payload_serialize (struct IdentityTokenCodePayload *payload,
512 * Create the token code 519 * Create the token code
513 * The metadata is encrypted with a share ECDH derived secret using B (aud_key) 520 * The metadata is encrypted with a share ECDH derived secret using B (aud_key)
514 * and e (ecdh_privkey) 521 * and e (ecdh_privkey)
515 * The token_code also contains E (ecdh_pubkey) and a signature over the 522 * The ticket also contains E (ecdh_pubkey) and a signature over the
516 * metadata and E 523 * metadata and E
517 */ 524 */
518struct IdentityTokenCode* 525struct GNUNET_IDENTITY_PROVIDER_TokenTicket*
519identity_token_code_create (const char* nonce_str, 526GNUNET_IDENTITY_PROVIDER_ticket_create (const char* nonce_str,
520 const struct GNUNET_CRYPTO_EcdsaPublicKey* identity_pkey, 527 const struct GNUNET_CRYPTO_EcdsaPublicKey* identity_pkey,
521 const char* lbl_str, 528 const char* lbl_str,
522 const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key) 529 const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key)
523{ 530{
524 struct IdentityTokenCode *token_code; 531 struct GNUNET_IDENTITY_PROVIDER_TokenTicket *ticket;
525 struct IdentityTokenCodePayload *code_payload; 532 struct GNUNET_IDENTITY_PROVIDER_TokenTicketPayload *code_payload;
526 533
527 token_code = GNUNET_malloc (sizeof (struct IdentityTokenCode)); 534 ticket = GNUNET_malloc (sizeof (struct GNUNET_IDENTITY_PROVIDER_TokenTicket));
528 code_payload = identity_token_code_payload_create (nonce_str, 535 code_payload = GNUNET_IDENTITY_PROVIDER_ticket_payload_create (nonce_str,
529 identity_pkey, 536 identity_pkey,
530 lbl_str); 537 lbl_str);
531 token_code->aud_key = *aud_key; 538 ticket->aud_key = *aud_key;
532 token_code->payload = code_payload; 539 ticket->payload = code_payload;
533 540
534 541
535 return token_code; 542 return ticket;
536} 543}
537 544
538void 545void
539identity_token_code_destroy (struct IdentityTokenCode *token_code) 546GNUNET_IDENTITY_PROVIDER_ticket_destroy (struct GNUNET_IDENTITY_PROVIDER_TokenTicket *ticket)
540{ 547{
541 identity_token_code_payload_destroy (token_code->payload); 548 GNUNET_IDENTITY_PROVIDER_ticket_payload_destroy (ticket->payload);
542 GNUNET_free (token_code); 549 GNUNET_free (ticket);
543} 550}
544 551
545int 552int
546identity_token_code_serialize (struct IdentityTokenCode *identity_token_code, 553GNUNET_IDENTITY_PROVIDER_ticket_serialize (struct GNUNET_IDENTITY_PROVIDER_TokenTicket *ticket,
547 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, 554 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
548 char **result) 555 char **result)
549{ 556{
550 char *code_payload_str; 557 char *code_payload_str;
551 char *enc_token_code_payload; 558 char *enc_ticket_payload;
552 char *token_code_payload_str; 559 char *ticket_payload_str;
553 char *token_code_sig_str; 560 char *ticket_sig_str;
554 char *token_code_str; 561 char *ticket_str;
555 char *dh_key_str; 562 char *dh_key_str;
556 char *write_ptr; 563 char *write_ptr;
557 struct GNUNET_CRYPTO_EcdhePrivateKey *ecdhe_privkey; 564 struct GNUNET_CRYPTO_EcdhePrivateKey *ecdhe_privkey;
558 565
559 struct GNUNET_CRYPTO_EccSignaturePurpose *purpose; 566 struct GNUNET_CRYPTO_EccSignaturePurpose *purpose;
560 567
561 identity_token_code_payload_serialize (identity_token_code->payload, 568 GNUNET_IDENTITY_PROVIDER_ticket_payload_serialize (ticket->payload,
562 &code_payload_str); 569 &code_payload_str);
563 570
564 GNUNET_assert (GNUNET_OK == encrypt_str_ecdhe (code_payload_str, 571 GNUNET_assert (GNUNET_OK == encrypt_str_ecdhe (code_payload_str,
565 &identity_token_code->aud_key, 572 &ticket->aud_key,
566 &enc_token_code_payload, 573 &enc_ticket_payload,
567 &ecdhe_privkey, 574 &ecdhe_privkey,
568 &identity_token_code->ecdh_pubkey)); 575 &ticket->ecdh_pubkey));
569 576
570 GNUNET_free (ecdhe_privkey); 577 GNUNET_free (ecdhe_privkey);
571 578
@@ -577,44 +584,44 @@ identity_token_code_serialize (struct IdentityTokenCode *identity_token_code,
577 htonl (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) + 584 htonl (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) +
578 sizeof (struct GNUNET_CRYPTO_EcdhePublicKey) + 585 sizeof (struct GNUNET_CRYPTO_EcdhePublicKey) +
579 strlen (code_payload_str)); 586 strlen (code_payload_str));
580 purpose->purpose = htonl(GNUNET_SIGNATURE_PURPOSE_GNUID_TOKEN_CODE); 587 purpose->purpose = htonl(GNUNET_SIGNATURE_PURPOSE_GNUID_TICKET);
581 write_ptr = (char*) &purpose[1]; 588 write_ptr = (char*) &purpose[1];
582 memcpy (write_ptr, 589 memcpy (write_ptr,
583 &identity_token_code->ecdh_pubkey, 590 &ticket->ecdh_pubkey,
584 sizeof (struct GNUNET_CRYPTO_EcdhePublicKey)); 591 sizeof (struct GNUNET_CRYPTO_EcdhePublicKey));
585 write_ptr += sizeof (struct GNUNET_CRYPTO_EcdhePublicKey); 592 write_ptr += sizeof (struct GNUNET_CRYPTO_EcdhePublicKey);
586 memcpy (write_ptr, enc_token_code_payload, strlen (code_payload_str)); 593 memcpy (write_ptr, enc_ticket_payload, strlen (code_payload_str));
587 GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_ecdsa_sign (priv_key, 594 GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_ecdsa_sign (priv_key,
588 purpose, 595 purpose,
589 &identity_token_code->signature)); 596 &ticket->signature));
590 GNUNET_STRINGS_base64_encode (enc_token_code_payload, 597 GNUNET_STRINGS_base64_encode (enc_ticket_payload,
591 strlen (code_payload_str), 598 strlen (code_payload_str),
592 &token_code_payload_str); 599 &ticket_payload_str);
593 token_code_sig_str = GNUNET_STRINGS_data_to_string_alloc (&identity_token_code->signature, 600 ticket_sig_str = GNUNET_STRINGS_data_to_string_alloc (&ticket->signature,
594 sizeof (struct GNUNET_CRYPTO_EcdsaSignature)); 601 sizeof (struct GNUNET_CRYPTO_EcdsaSignature));
595 602
596 dh_key_str = GNUNET_STRINGS_data_to_string_alloc (&identity_token_code->ecdh_pubkey, 603 dh_key_str = GNUNET_STRINGS_data_to_string_alloc (&ticket->ecdh_pubkey,
597 sizeof (struct GNUNET_CRYPTO_EcdhePublicKey)); 604 sizeof (struct GNUNET_CRYPTO_EcdhePublicKey));
598 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Using ECDH pubkey %s to encrypt\n", dh_key_str); 605 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Using ECDH pubkey %s to encrypt\n", dh_key_str);
599 GNUNET_asprintf (&token_code_str, "{\"meta\": \"%s\", \"ecdh\": \"%s\", \"signature\": \"%s\"}", 606 GNUNET_asprintf (&ticket_str, "{\"meta\": \"%s\", \"ecdh\": \"%s\", \"signature\": \"%s\"}",
600 token_code_payload_str, dh_key_str, token_code_sig_str); 607 ticket_payload_str, dh_key_str, ticket_sig_str);
601 GNUNET_STRINGS_base64_encode (token_code_str, strlen (token_code_str), result); 608 GNUNET_STRINGS_base64_encode (ticket_str, strlen (ticket_str), result);
602 GNUNET_free (dh_key_str); 609 GNUNET_free (dh_key_str);
603 GNUNET_free (purpose); 610 GNUNET_free (purpose);
604 GNUNET_free (token_code_str); 611 GNUNET_free (ticket_str);
605 GNUNET_free (token_code_sig_str); 612 GNUNET_free (ticket_sig_str);
606 GNUNET_free (code_payload_str); 613 GNUNET_free (code_payload_str);
607 GNUNET_free (enc_token_code_payload); 614 GNUNET_free (enc_ticket_payload);
608 GNUNET_free (token_code_payload_str); 615 GNUNET_free (ticket_payload_str);
609 return GNUNET_OK; 616 return GNUNET_OK;
610} 617}
611 618
612int 619int
613identity_token_code_payload_parse(const char *raw_data, 620GNUNET_IDENTITY_PROVIDER_ticket_payload_parse(const char *raw_data,
614 ssize_t data_len, 621 ssize_t data_len,
615 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, 622 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
616 const struct GNUNET_CRYPTO_EcdhePublicKey *ecdhe_pkey, 623 const struct GNUNET_CRYPTO_EcdhePublicKey *ecdhe_pkey,
617 struct IdentityTokenCodePayload **result) 624 struct GNUNET_IDENTITY_PROVIDER_TokenTicketPayload **result)
618{ 625{
619 const char* label_str; 626 const char* label_str;
620 const char* nonce_str; 627 const char* nonce_str;
@@ -690,9 +697,9 @@ identity_token_code_payload_parse(const char *raw_data,
690 nonce_str = json_string_value (nonce_json); 697 nonce_str = json_string_value (nonce_json);
691 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Found nonce: %s\n", nonce_str); 698 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Found nonce: %s\n", nonce_str);
692 699
693 *result = identity_token_code_payload_create (nonce_str, 700 *result = GNUNET_IDENTITY_PROVIDER_ticket_payload_create (nonce_str,
694 (const struct GNUNET_CRYPTO_EcdsaPublicKey*)&id_pkey, 701 (const struct GNUNET_CRYPTO_EcdsaPublicKey*)&id_pkey,
695 label_str); 702 label_str);
696 GNUNET_free (meta_str); 703 GNUNET_free (meta_str);
697 json_decref (root); 704 json_decref (root);
698 return GNUNET_OK; 705 return GNUNET_OK;
@@ -700,9 +707,9 @@ identity_token_code_payload_parse(const char *raw_data,
700} 707}
701 708
702int 709int
703identity_token_code_parse (const char *raw_data, 710GNUNET_IDENTITY_PROVIDER_ticket_parse (const char *raw_data,
704 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, 711 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
705 struct IdentityTokenCode **result) 712 struct GNUNET_IDENTITY_PROVIDER_TokenTicket **result)
706{ 713{
707 const char* enc_meta_str; 714 const char* enc_meta_str;
708 const char* ecdh_enc_str; 715 const char* ecdh_enc_str;
@@ -714,17 +721,17 @@ identity_token_code_parse (const char *raw_data,
714 json_t *enc_meta_json; 721 json_t *enc_meta_json;
715 json_error_t err_json; 722 json_error_t err_json;
716 char* enc_meta; 723 char* enc_meta;
717 char* token_code_decoded; 724 char* ticket_decoded;
718 char* write_ptr; 725 char* write_ptr;
719 size_t enc_meta_len; 726 size_t enc_meta_len;
720 struct GNUNET_CRYPTO_EccSignaturePurpose *purpose; 727 struct GNUNET_CRYPTO_EccSignaturePurpose *purpose;
721 struct IdentityTokenCode *token_code; 728 struct GNUNET_IDENTITY_PROVIDER_TokenTicket *ticket;
722 struct IdentityTokenCodePayload *token_code_payload; 729 struct GNUNET_IDENTITY_PROVIDER_TokenTicketPayload *ticket_payload;
723 730
724 token_code_decoded = NULL; 731 ticket_decoded = NULL;
725 GNUNET_STRINGS_base64_decode (raw_data, strlen (raw_data), &token_code_decoded); 732 GNUNET_STRINGS_base64_decode (raw_data, strlen (raw_data), &ticket_decoded);
726 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Token Code: %s\n", token_code_decoded); 733 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Token Code: %s\n", ticket_decoded);
727 root = json_loads (token_code_decoded, JSON_DECODE_ANY, &err_json); 734 root = json_loads (ticket_decoded, JSON_DECODE_ANY, &err_json);
728 if (!root) 735 if (!root)
729 { 736 {
730 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 737 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
@@ -740,27 +747,27 @@ identity_token_code_parse (const char *raw_data,
740 ecdh_enc_str = json_string_value (ecdh_json); 747 ecdh_enc_str = json_string_value (ecdh_json);
741 enc_meta_str = json_string_value (enc_meta_json); 748 enc_meta_str = json_string_value (enc_meta_json);
742 749
743 token_code = GNUNET_malloc (sizeof (struct IdentityTokenCode)); 750 ticket = GNUNET_malloc (sizeof (struct GNUNET_IDENTITY_PROVIDER_TokenTicket));
744 751
745 if (GNUNET_OK != GNUNET_STRINGS_string_to_data (ecdh_enc_str, 752 if (GNUNET_OK != GNUNET_STRINGS_string_to_data (ecdh_enc_str,
746 strlen (ecdh_enc_str), 753 strlen (ecdh_enc_str),
747 &token_code->ecdh_pubkey, 754 &ticket->ecdh_pubkey,
748 sizeof (struct GNUNET_CRYPTO_EcdhePublicKey))) 755 sizeof (struct GNUNET_CRYPTO_EcdhePublicKey)))
749 { 756 {
750 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "ECDH PKEY %s invalid in metadata\n", ecdh_enc_str); 757 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "ECDH PKEY %s invalid in metadata\n", ecdh_enc_str);
751 json_decref (root); 758 json_decref (root);
752 GNUNET_free (token_code); 759 GNUNET_free (ticket);
753 return GNUNET_SYSERR; 760 return GNUNET_SYSERR;
754 } 761 }
755 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Using ECDH pubkey %s for metadata decryption\n", ecdh_enc_str); 762 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Using ECDH pubkey %s for metadata decryption\n", ecdh_enc_str);
756 if (GNUNET_OK != GNUNET_STRINGS_string_to_data (signature_enc_str, 763 if (GNUNET_OK != GNUNET_STRINGS_string_to_data (signature_enc_str,
757 strlen (signature_enc_str), 764 strlen (signature_enc_str),
758 &token_code->signature, 765 &ticket->signature,
759 sizeof (struct GNUNET_CRYPTO_EcdsaSignature))) 766 sizeof (struct GNUNET_CRYPTO_EcdsaSignature)))
760 { 767 {
761 json_decref (root); 768 json_decref (root);
762 GNUNET_free (token_code_decoded); 769 GNUNET_free (ticket_decoded);
763 GNUNET_free (token_code); 770 GNUNET_free (ticket);
764 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "ECDH signature invalid in metadata\n"); 771 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "ECDH signature invalid in metadata\n");
765 return GNUNET_SYSERR; 772 return GNUNET_SYSERR;
766 } 773 }
@@ -770,13 +777,13 @@ identity_token_code_parse (const char *raw_data,
770 &enc_meta); 777 &enc_meta);
771 778
772 779
773 identity_token_code_payload_parse (enc_meta, 780 GNUNET_IDENTITY_PROVIDER_ticket_payload_parse (enc_meta,
774 enc_meta_len, 781 enc_meta_len,
775 priv_key, 782 priv_key,
776 (const struct GNUNET_CRYPTO_EcdhePublicKey*)&token_code->ecdh_pubkey, 783 (const struct GNUNET_CRYPTO_EcdhePublicKey*)&ticket->ecdh_pubkey,
777 &token_code_payload); 784 &ticket_payload);
778 785
779 token_code->payload = token_code_payload; 786 ticket->payload = ticket_payload;
780 //TODO: check signature here 787 //TODO: check signature here
781 purpose = 788 purpose =
782 GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) + 789 GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) +
@@ -786,30 +793,30 @@ identity_token_code_parse (const char *raw_data,
786 htonl (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) + 793 htonl (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) +
787 sizeof (struct GNUNET_CRYPTO_EcdhePublicKey) + 794 sizeof (struct GNUNET_CRYPTO_EcdhePublicKey) +
788 enc_meta_len); 795 enc_meta_len);
789 purpose->purpose = htonl(GNUNET_SIGNATURE_PURPOSE_GNUID_TOKEN_CODE); 796 purpose->purpose = htonl(GNUNET_SIGNATURE_PURPOSE_GNUID_TICKET);
790 write_ptr = (char*) &purpose[1]; 797 write_ptr = (char*) &purpose[1];
791 memcpy (write_ptr, &token_code->ecdh_pubkey, sizeof (struct GNUNET_CRYPTO_EcdhePublicKey)); 798 memcpy (write_ptr, &ticket->ecdh_pubkey, sizeof (struct GNUNET_CRYPTO_EcdhePublicKey));
792 write_ptr += sizeof (struct GNUNET_CRYPTO_EcdhePublicKey); 799 write_ptr += sizeof (struct GNUNET_CRYPTO_EcdhePublicKey);
793 memcpy (write_ptr, enc_meta, enc_meta_len); 800 memcpy (write_ptr, enc_meta, enc_meta_len);
794 801
795 if (GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify (GNUNET_SIGNATURE_PURPOSE_GNUID_TOKEN_CODE, 802 if (GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify (GNUNET_SIGNATURE_PURPOSE_GNUID_TICKET,
796 purpose, 803 purpose,
797 &token_code->signature, 804 &ticket->signature,
798 &token_code_payload->identity_key)) 805 &ticket_payload->identity_key))
799 { 806 {
800 identity_token_code_destroy (token_code); 807 GNUNET_IDENTITY_PROVIDER_ticket_destroy (ticket);
801 GNUNET_free (token_code_decoded); 808 GNUNET_free (ticket_decoded);
802 json_decref (root); 809 json_decref (root);
803 GNUNET_free (purpose); 810 GNUNET_free (purpose);
804 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 811 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
805 "Error verifying signature for token code\n"); 812 "Error verifying signature for token code\n");
806 return GNUNET_SYSERR; 813 return GNUNET_SYSERR;
807 } 814 }
808 *result = token_code; 815 *result = ticket;
809 GNUNET_free (purpose); 816 GNUNET_free (purpose);
810 817
811 GNUNET_free (enc_meta); 818 GNUNET_free (enc_meta);
812 GNUNET_free (token_code_decoded); 819 GNUNET_free (ticket_decoded);
813 json_decref (root); 820 json_decref (root);
814 return GNUNET_OK; 821 return GNUNET_OK;
815 822
diff --git a/src/identity-token/identity-token.h b/src/identity-token/identity-token.h
index 1520dcf6a..6e41a009d 100644
--- a/src/identity-token/identity-token.h
+++ b/src/identity-token/identity-token.h
@@ -1,13 +1,35 @@
1/*
2 This file is part of GNUnet.
3 Copyright (C) 2012-2015 Christian Grothoff (and other contributing authors)
1 4
2#ifndef GNUNET_IDENTITY_TOKEN_H 5 GNUnet is free software; you can redistribute it and/or modify
3#define GNUNET_IDENTITY_TOKEN_H 6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
4 9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
5 14
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
18 Boston, MA 02110-1301, USA.
19 */
20/**
21 * @author Martin Schanzenbach
22 * @file include/gnunet_identity_provider_lib.h
23 * @brief GNUnet Identity Provider library
24 *
25 */
26#ifndef GNUNET_IDENTITY_PROVIDER_LIB_H
27#define GNUNET_IDENTITY_PROVIDER_LIB_H
6 28
7#include "gnunet_crypto_lib.h" 29#include "gnunet_crypto_lib.h"
8#include <jansson.h> 30#include <jansson.h>
9 31
10struct IdentityToken 32struct GNUNET_IDENTITY_PROVIDER_Token
11{ 33{
12 /** 34 /**
13 * JSON header 35 * JSON header
@@ -30,7 +52,7 @@ struct IdentityToken
30 struct GNUNET_CRYPTO_EcdsaPublicKey aud_key; 52 struct GNUNET_CRYPTO_EcdsaPublicKey aud_key;
31}; 53};
32 54
33struct IdentityTokenCodePayload 55struct GNUNET_IDENTITY_PROVIDER_TokenTicketPayload
34{ 56{
35 /** 57 /**
36 * Nonce 58 * Nonce
@@ -49,12 +71,12 @@ struct IdentityTokenCodePayload
49}; 71};
50 72
51 73
52struct IdentityTokenCode 74struct GNUNET_IDENTITY_PROVIDER_TokenTicket
53{ 75{
54 /** 76 /**
55 * Meta info 77 * Meta info
56 */ 78 */
57 struct IdentityTokenCodePayload *payload; 79 struct GNUNET_IDENTITY_PROVIDER_TokenTicketPayload *payload;
58 80
59 /** 81 /**
60 * ECDH Pubkey 82 * ECDH Pubkey
@@ -74,62 +96,174 @@ struct IdentityTokenCode
74 96
75 97
76 98
77struct IdentityToken* 99/**
78identity_token_create (const char* issuer, 100 * Create an identity token
79 const char* audience); 101 *
102 * @param iss the issuer string for the token
103 * @param aud the audience of the token
104 *
105 * @return a new token
106 */
107struct GNUNET_IDENTITY_PROVIDER_Token*
108GNUNET_IDENTITY_PROVIDER_token_create (const struct GNUNET_CRYPTO_EcdsaPublicKey *iss,
109 const struct GNUNET_CRYPTO_EcdsaPublicKey* aud);
80 110
111/**
112 * Destroy an identity token
113 *
114 * @param token the token to destroy
115 */
81void 116void
82identity_token_destroy (struct IdentityToken *token); 117GNUNET_IDENTITY_PROVIDER_token_destroy (struct GNUNET_IDENTITY_PROVIDER_Token *token);
83 118
119/**
120 * Add a new key value pair to the token
121 *
122 * @param token the token to modify
123 * @param key the key
124 * @param value the value
125 */
84void 126void
85identity_token_add_attr (const struct IdentityToken *token, 127GNUNET_IDENTITY_PROVIDER_token_add_attr (const struct GNUNET_IDENTITY_PROVIDER_Token *token,
86 const char* key, 128 const char* key,
87 const char* value); 129 const char* value);
130
131/**
132 * Add a new key value pair to the token with the value as json
133 *
134 * @param the token to modify
135 * @param key the key
136 * @param value the value
137 *
138 */
88void 139void
89identity_token_add_json (const struct IdentityToken *token, 140GNUNET_IDENTITY_PROVIDER_token_add_json (const struct GNUNET_IDENTITY_PROVIDER_Token *token,
90 const char* key, 141 const char* key,
91 json_t* value); 142 json_t* value);
92 143
144/**
145 * Serialize a token. The token will be signed and base64 according to the
146 * JWT format. The signature is base32-encoded ECDSA.
147 * The resulting JWT is encrypted using
148 * ECDHE for the audience and Base64
149 * encoded in result. The audience requires the ECDHE public key P
150 * to decrypt the token T. The key P is included in the result and prepended
151 * before the token
152 *
153 * @param token the token to serialize
154 * @param priv_key the private key used to sign the token
155 * @param ecdhe_privkey the ECDHE private key used to encrypt the token
156 * @param result P,Base64(E(T))
157 *
158 * @return GNUNET_OK on success
159 */
93int 160int
94identity_token_serialize (const struct IdentityToken *token, 161GNUNET_IDENTITY_PROVIDER_token_serialize (const struct GNUNET_IDENTITY_PROVIDER_Token *token,
95 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, 162 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
96 struct GNUNET_CRYPTO_EcdhePrivateKey **ecdhe_privkey, 163 struct GNUNET_CRYPTO_EcdhePrivateKey **ecdhe_privkey,
97 char **result); 164 char **result);
98 165
166/**
167 * Parses the serialized token and returns a token
168 *
169 * @param data the serialized token
170 * @param priv_key the private key of the audience
171 * @param result the token
172 *
173 * @return GNUNET_OK on success
174 */
99int 175int
100identity_token_parse (const char* raw_data, 176GNUNET_IDENTITY_PROVIDER_token_parse (const char* data,
101 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, 177 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
102 struct IdentityToken **result); 178 struct GNUNET_IDENTITY_PROVIDER_Token **result);
103 179
180/**
181 * Parses the serialized token and returns a token
182 * This variant is intended for the party that issued the token and also
183 * wants to decrypt the serialized token.
184 *
185 * @param data the serialized token
186 * @param priv_key the private (!) ECDHE key
187 * @param aud_key the identity of the audience
188 * @param result the token
189 *
190 * @return GNUNET_OK on success
191 */
104int 192int
105identity_token_parse2 (const char* raw_data, 193GNUNET_IDENTITY_PROVIDER_token_parse2 (const char* data,
106 const struct GNUNET_CRYPTO_EcdhePrivateKey *priv_key, 194 const struct GNUNET_CRYPTO_EcdhePrivateKey *priv_key,
107 const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key, 195 const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
108 struct IdentityToken **result); 196 struct GNUNET_IDENTITY_PROVIDER_Token **result);
109 197
198
199/**
200 *
201 * Returns a JWT-string representation of the token
202 *
203 * @param token the token
204 * @param priv_key the private key used to sign the JWT
205 * @param result the JWT
206 *
207 * @return GNUNET_OK on success
208 */
110int 209int
111identity_token_to_string (const struct IdentityToken *token, 210GNUNET_IDENTITY_PROVIDER_token_to_string (const struct GNUNET_IDENTITY_PROVIDER_Token *token,
112 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, 211 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
113 char **result); 212 char **result);
114 213
115struct IdentityTokenCode* 214/**
116identity_token_code_create (const char* nonce_str, 215 *
117 const struct GNUNET_CRYPTO_EcdsaPublicKey* identity_pkey, 216 * Creates a ticket that can be exchanged by the audience for
217 * the token. The token must be placed under the label
218 *
219 * @param nonce_str nonce provided by the audience that requested the ticket
220 * @param iss_pkey the issuer pubkey used to sign the ticket
221 * @param label the label encoded in the ticket
222 * @param aud_ley the audience pubkey used to encrypt the ticket payload
223 *
224 * @return the ticket
225 */
226struct GNUNET_IDENTITY_PROVIDER_TokenTicket*
227GNUNET_IDENTITY_PROVIDER_ticket_create (const char* nonce_str,
228 const struct GNUNET_CRYPTO_EcdsaPublicKey* iss_pkey,
118 const char* lbl_str, 229 const char* lbl_str,
119 const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key); 230 const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key);
120 231
232/**
233 * Serialize a ticket. Returns the Base64 representation of the ticket.
234 * Format: Base64( { payload: E(Payload), ecdhe: K, signature: signature } )
235 *
236 * @param ticket the ticket to serialize
237 * @param priv_key the issuer private key to sign the ticket payload
238 * @param result the serialized ticket
239 *
240 * @return GNUNET_OK on success
241 */
121int 242int
122identity_token_code_serialize (struct IdentityTokenCode *identity_token_code, 243GNUNET_IDENTITY_PROVIDER_ticket_serialize (struct GNUNET_IDENTITY_PROVIDER_TokenTicket *ticket,
123 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, 244 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
124 char **result); 245 char **result);
125 246
247/**
248 * Destroys a ticket
249 *
250 * @param the ticket to destroy
251 */
126void 252void
127identity_token_code_destroy (struct IdentityTokenCode *token_code); 253GNUNET_IDENTITY_PROVIDER_ticket_destroy (struct GNUNET_IDENTITY_PROVIDER_TokenTicket *ticket);
128
129 254
255/**
256 * Parses a serialized ticket
257 *
258 * @param data the serialized ticket
259 * @param priv_key the audience private key
260 * @param ticket the ticket
261 *
262 * @return GNUNET_OK on success
263 */
130int 264int
131identity_token_code_parse (const char* raw_data, 265GNUNET_IDENTITY_PROVIDER_ticket_parse (const char* raw_data,
132 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, 266 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
133 struct IdentityTokenCode **result); 267 struct GNUNET_IDENTITY_PROVIDER_TokenTicket **ticket);
134 268
135#endif 269#endif
diff --git a/src/identity-token/plugin_rest_identity_token.c b/src/identity-token/plugin_rest_identity_token.c
index 580d34ed0..d2c1b6c5d 100644
--- a/src/identity-token/plugin_rest_identity_token.c
+++ b/src/identity-token/plugin_rest_identity_token.c
@@ -34,7 +34,7 @@
34#include "microhttpd.h" 34#include "microhttpd.h"
35#include <jansson.h> 35#include <jansson.h>
36#include "gnunet_signatures.h" 36#include "gnunet_signatures.h"
37#include "identity-token.h" 37#include "gnunet_identity_provider_lib.h"
38 38
39/** 39/**
40 * REST root namespace 40 * REST root namespace
@@ -61,7 +61,7 @@
61 */ 61 */
62#define GNUNET_REST_API_NS_IDENTITY_OAUTH2_AUTHORIZE "/gnuid/authorize" 62#define GNUNET_REST_API_NS_IDENTITY_OAUTH2_AUTHORIZE "/gnuid/authorize"
63 63
64#define GNUNET_REST_JSONAPI_IDENTITY_TOKEN_CODE "code" 64#define GNUNET_REST_JSONAPI_IDENTITY_token_ticket "code"
65 65
66#define GNUNET_REST_JSONAPI_IDENTITY_OAUTH2_GRANT_TYPE_CODE "authorization_code" 66#define GNUNET_REST_JSONAPI_IDENTITY_OAUTH2_GRANT_TYPE_CODE "authorization_code"
67 67
@@ -290,12 +290,12 @@ struct RequestHandle
290 /** 290 /**
291 * Identity Token 291 * Identity Token
292 */ 292 */
293 struct IdentityToken *token; 293 struct GNUNET_IDENTITY_PROVIDER_Token *token;
294 294
295 /** 295 /**
296 * Identity Token Code 296 * Identity Token Code
297 */ 297 */
298 struct IdentityTokenCode *token_code; 298 struct GNUNET_IDENTITY_PROVIDER_TokenTicket *token_ticket;
299 299
300 /** 300 /**
301 * Response object 301 * Response object
@@ -341,9 +341,9 @@ cleanup_handle (struct RequestHandle *handle)
341 if (NULL != handle->attr_map) 341 if (NULL != handle->attr_map)
342 GNUNET_CONTAINER_multihashmap_destroy (handle->attr_map); 342 GNUNET_CONTAINER_multihashmap_destroy (handle->attr_map);
343 if (NULL != handle->token) 343 if (NULL != handle->token)
344 identity_token_destroy (handle->token); 344 GNUNET_IDENTITY_PROVIDER_token_destroy (handle->token);
345 if (NULL != handle->token_code) 345 if (NULL != handle->token_ticket)
346 identity_token_code_destroy (handle->token_code); 346 GNUNET_IDENTITY_PROVIDER_ticket_destroy (handle->token_ticket);
347 if (NULL != handle->url) 347 if (NULL != handle->url)
348 GNUNET_free (handle->url); 348 GNUNET_free (handle->url);
349 if (NULL != handle->emsg) 349 if (NULL != handle->emsg)
@@ -455,10 +455,10 @@ sign_and_return_token (void *cls,
455 struct GNUNET_TIME_Relative etime_rel; 455 struct GNUNET_TIME_Relative etime_rel;
456 json_t *token_str; 456 json_t *token_str;
457 json_t *name_str; 457 json_t *name_str;
458 json_t *token_code_json; 458 json_t *token_ticket_json;
459 char *lbl_str; 459 char *lbl_str;
460 char *exp_str; 460 char *exp_str;
461 char *token_code_str; 461 char *token_ticket_str;
462 char *audience; 462 char *audience;
463 char *nonce_str; 463 char *nonce_str;
464 char *enc_token_str; 464 char *enc_token_str;
@@ -520,14 +520,14 @@ sign_and_return_token (void *cls,
520 GNUNET_CRYPTO_ecdsa_key_get_public (priv_key, 520 GNUNET_CRYPTO_ecdsa_key_get_public (priv_key,
521 &pub_key); 521 &pub_key);
522 522
523 handle->token_code = identity_token_code_create (nonce_str, 523 handle->token_ticket = GNUNET_IDENTITY_PROVIDER_ticket_create (nonce_str,
524 &pub_key, 524 &pub_key,
525 lbl_str, 525 lbl_str,
526 &aud_pkey); 526 &aud_pkey);
527 527
528 if (GNUNET_OK != identity_token_code_serialize (handle->token_code, 528 if (GNUNET_OK != GNUNET_IDENTITY_PROVIDER_ticket_serialize (handle->token_ticket,
529 priv_key, 529 priv_key,
530 &token_code_str)) 530 &token_ticket_str))
531 { 531 {
532 handle->emsg = GNUNET_strdup ("Unable to create ref token!\n"); 532 handle->emsg = GNUNET_strdup ("Unable to create ref token!\n");
533 GNUNET_SCHEDULER_add_now (&do_error, handle); 533 GNUNET_SCHEDULER_add_now (&do_error, handle);
@@ -563,11 +563,11 @@ sign_and_return_token (void *cls,
563 exp_time = time + etime_rel.rel_value_us; 563 exp_time = time + etime_rel.rel_value_us;
564 564
565 //json_object_set_new (handle->payload, "lbl", json_string (lbl_str)); 565 //json_object_set_new (handle->payload, "lbl", json_string (lbl_str));
566 identity_token_add_attr (handle->token, "sub", handle->ego_entry->identifier); 566 GNUNET_IDENTITY_PROVIDER_token_add_attr (handle->token, "sub", handle->ego_entry->identifier);
567 identity_token_add_json (handle->token, "nbf", json_integer (time)); 567 GNUNET_IDENTITY_PROVIDER_token_add_json (handle->token, "nbf", json_integer (time));
568 identity_token_add_json (handle->token, "iat", json_integer (time)); 568 GNUNET_IDENTITY_PROVIDER_token_add_json (handle->token, "iat", json_integer (time));
569 identity_token_add_json (handle->token, "exp", json_integer (exp_time)); 569 GNUNET_IDENTITY_PROVIDER_token_add_json (handle->token, "exp", json_integer (exp_time));
570 identity_token_add_attr (handle->token, "nonce", nonce_str); 570 GNUNET_IDENTITY_PROVIDER_token_add_attr (handle->token, "nonce", nonce_str);
571 571
572 572
573 handle->resp_object = GNUNET_REST_jsonapi_object_new (); 573 handle->resp_object = GNUNET_REST_jsonapi_object_new ();
@@ -583,18 +583,18 @@ sign_and_return_token (void *cls,
583 GNUNET_REST_jsonapi_resource_add_attr (json_resource, 583 GNUNET_REST_jsonapi_resource_add_attr (json_resource,
584 GNUNET_REST_JSONAPI_IDENTITY_TOKEN, 584 GNUNET_REST_JSONAPI_IDENTITY_TOKEN,
585 token_str); 585 token_str);
586 token_code_json = json_string (token_code_str); 586 token_ticket_json = json_string (token_ticket_str);
587 GNUNET_REST_jsonapi_resource_add_attr (json_resource, 587 GNUNET_REST_jsonapi_resource_add_attr (json_resource,
588 GNUNET_REST_JSONAPI_IDENTITY_TOKEN_CODE, 588 GNUNET_REST_JSONAPI_IDENTITY_token_ticket,
589 token_code_json); 589 token_ticket_json);
590 GNUNET_free (token_code_str); 590 GNUNET_free (token_ticket_str);
591 json_decref (token_code_json); 591 json_decref (token_ticket_json);
592 GNUNET_REST_jsonapi_object_resource_add (handle->resp_object, json_resource); 592 GNUNET_REST_jsonapi_object_resource_add (handle->resp_object, json_resource);
593 //Token in a serialized encrypted format 593 //Token in a serialized encrypted format
594 GNUNET_assert (identity_token_serialize (handle->token, 594 GNUNET_assert (GNUNET_IDENTITY_PROVIDER_token_serialize (handle->token,
595 priv_key, 595 priv_key,
596 &ecdhe_privkey, 596 &ecdhe_privkey,
597 &enc_token_str)); 597 &enc_token_str));
598 598
599 //Token record E,E_K (Token) 599 //Token record E,E_K (Token)
600 token_record[0].data = enc_token_str; 600 token_record[0].data = enc_token_str;
@@ -703,7 +703,7 @@ attr_collect (void *cls,
703 rd->data, 703 rd->data,
704 rd->data_size); 704 rd->data_size);
705 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Adding value: %s\n", data); 705 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Adding value: %s\n", data);
706 identity_token_add_attr (handle->token, label, data); 706 GNUNET_IDENTITY_PROVIDER_token_add_attr (handle->token, label, data);
707 GNUNET_free (data); 707 GNUNET_free (data);
708 } 708 }
709 GNUNET_NAMESTORE_zone_iterator_next (handle->ns_it); 709 GNUNET_NAMESTORE_zone_iterator_next (handle->ns_it);
@@ -727,7 +727,7 @@ attr_collect (void *cls,
727 727
728 if (0 < json_array_size (attr_arr)) 728 if (0 < json_array_size (attr_arr))
729 { 729 {
730 identity_token_add_json (handle->token, label, attr_arr); 730 GNUNET_IDENTITY_PROVIDER_token_add_json (handle->token, label, attr_arr);
731 } 731 }
732 json_decref (attr_arr); 732 json_decref (attr_arr);
733 GNUNET_NAMESTORE_zone_iterator_next (handle->ns_it); 733 GNUNET_NAMESTORE_zone_iterator_next (handle->ns_it);
@@ -754,6 +754,8 @@ issue_token_cont (struct RestConnectionDataHandle *con,
754 struct GNUNET_HashCode key; 754 struct GNUNET_HashCode key;
755 struct MHD_Response *resp; 755 struct MHD_Response *resp;
756 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key; 756 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key;
757 struct GNUNET_CRYPTO_EcdsaPublicKey pub_key;
758 struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key;
757 759
758 if (GNUNET_NO == GNUNET_REST_namespace_match (handle->url, 760 if (GNUNET_NO == GNUNET_REST_namespace_match (handle->url,
759 GNUNET_REST_API_NS_IDENTITY_TOKEN_ISSUE)) 761 GNUNET_REST_API_NS_IDENTITY_TOKEN_ISSUE))
@@ -820,13 +822,20 @@ issue_token_cont (struct RestConnectionDataHandle *con,
820 &key); 822 &key);
821 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Audience to issue token for: %s\n", audience); 823 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Audience to issue token for: %s\n", audience);
822 824
823 handle->token = identity_token_create (ego_entry->keystring, 825 priv_key = GNUNET_IDENTITY_ego_get_private_key (ego_entry->ego);
824 audience); 826 GNUNET_IDENTITY_ego_get_public_key (ego_entry->ego,
827 &pub_key);
828 GNUNET_STRINGS_string_to_data (audience,
829 strlen (audience),
830 &aud_key,
831 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
832 handle->token = GNUNET_IDENTITY_PROVIDER_token_create (&pub_key,
833 aud_key);
834 GNUNET_free (aud_key);
825 835
826 836
827 //Get identity attributes 837 //Get identity attributes
828 handle->ns_handle = GNUNET_NAMESTORE_connect (cfg); 838 handle->ns_handle = GNUNET_NAMESTORE_connect (cfg);
829 priv_key = GNUNET_IDENTITY_ego_get_private_key (ego_entry->ego);
830 handle->ego_entry = ego_entry; 839 handle->ego_entry = ego_entry;
831 handle->ns_it = GNUNET_NAMESTORE_zone_iteration_start (handle->ns_handle, 840 handle->ns_it = GNUNET_NAMESTORE_zone_iteration_start (handle->ns_handle,
832 priv_key, 841 priv_key,
@@ -1033,14 +1042,14 @@ process_lookup_result (void *cls, uint32_t rd_count,
1033 rd->data_size); 1042 rd->data_size);
1034 1043
1035 //Decrypt and parse 1044 //Decrypt and parse
1036 GNUNET_assert (GNUNET_OK == identity_token_parse (record_str, 1045 GNUNET_assert (GNUNET_OK == GNUNET_IDENTITY_PROVIDER_token_parse (record_str,
1037 handle->priv_key, 1046 handle->priv_key,
1038 &handle->token)); 1047 &handle->token));
1039 1048
1040 //Readable 1049 //Readable
1041 GNUNET_assert (GNUNET_OK == identity_token_to_string (handle->token, 1050 GNUNET_assert (GNUNET_OK == GNUNET_IDENTITY_PROVIDER_token_to_string (handle->token,
1042 handle->priv_key, 1051 handle->priv_key,
1043 &token_str)); 1052 &token_str));
1044 1053
1045 json_object_set_new (root, "access_token", json_string (token_str)); 1054 json_object_set_new (root, "access_token", json_string (token_str));
1046 json_object_set_new (root, "token_type", json_string ("gnuid")); 1055 json_object_set_new (root, "token_type", json_string ("gnuid"));
@@ -1058,7 +1067,7 @@ process_lookup_result (void *cls, uint32_t rd_count,
1058 1067
1059 1068
1060static void 1069static void
1061exchange_token_code_cb (void *cls, 1070exchange_token_ticket_cb (void *cls,
1062 struct GNUNET_IDENTITY_Ego *ego, 1071 struct GNUNET_IDENTITY_Ego *ego,
1063 void **ctx, 1072 void **ctx,
1064 const char *name) 1073 const char *name)
@@ -1077,8 +1086,8 @@ exchange_token_code_cb (void *cls,
1077 return; 1086 return;
1078 } 1087 }
1079 1088
1080 GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_IDENTITY_TOKEN_CODE, 1089 GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_IDENTITY_token_ticket,
1081 strlen (GNUNET_REST_JSONAPI_IDENTITY_TOKEN_CODE), 1090 strlen (GNUNET_REST_JSONAPI_IDENTITY_token_ticket),
1082 &key); 1091 &key);
1083 1092
1084 if ( GNUNET_NO == 1093 if ( GNUNET_NO ==
@@ -1094,21 +1103,21 @@ exchange_token_code_cb (void *cls,
1094 1103
1095 handle->priv_key = GNUNET_IDENTITY_ego_get_private_key (ego); 1104 handle->priv_key = GNUNET_IDENTITY_ego_get_private_key (ego);
1096 1105
1097 if (GNUNET_SYSERR == identity_token_code_parse (code, 1106 if (GNUNET_SYSERR == GNUNET_IDENTITY_PROVIDER_ticket_parse (code,
1098 handle->priv_key, 1107 handle->priv_key,
1099 &handle->token_code)) 1108 &handle->token_ticket))
1100 { 1109 {
1101 handle->emsg = GNUNET_strdup ("Error extracting values from token code."); 1110 handle->emsg = GNUNET_strdup ("Error extracting values from token code.");
1102 GNUNET_SCHEDULER_add_now (&do_error, handle); 1111 GNUNET_SCHEDULER_add_now (&do_error, handle);
1103 return; 1112 return;
1104 } 1113 }
1105 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Looking for token under %s\n", 1114 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Looking for token under %s\n",
1106 handle->token_code->payload->label); 1115 handle->token_ticket->payload->label);
1107 handle->gns_handle = GNUNET_GNS_connect (cfg); 1116 handle->gns_handle = GNUNET_GNS_connect (cfg);
1108 GNUNET_asprintf (&lookup_query, "%s.gnu", handle->token_code->payload->label); 1117 GNUNET_asprintf (&lookup_query, "%s.gnu", handle->token_ticket->payload->label);
1109 handle->lookup_request = GNUNET_GNS_lookup (handle->gns_handle, 1118 handle->lookup_request = GNUNET_GNS_lookup (handle->gns_handle,
1110 lookup_query, 1119 lookup_query,
1111 &handle->token_code->payload->identity_key, 1120 &handle->token_ticket->payload->identity_key,
1112 GNUNET_GNSRECORD_TYPE_ID_TOKEN, 1121 GNUNET_GNSRECORD_TYPE_ID_TOKEN,
1113 GNUNET_GNS_LO_LOCAL_MASTER, 1122 GNUNET_GNS_LO_LOCAL_MASTER,
1114 NULL, 1123 NULL,
@@ -1125,7 +1134,7 @@ exchange_token_code_cb (void *cls,
1125 * @param cls the RequestHandle 1134 * @param cls the RequestHandle
1126 */ 1135 */
1127static void 1136static void
1128exchange_token_code_cont (struct RestConnectionDataHandle *con_handle, 1137exchange_token_ticket_cont (struct RestConnectionDataHandle *con_handle,
1129 const char* url, 1138 const char* url,
1130 void *cls) 1139 void *cls)
1131{ 1140{
@@ -1149,7 +1158,7 @@ exchange_token_code_cont (struct RestConnectionDataHandle *con_handle,
1149 //Get token from GNS 1158 //Get token from GNS
1150 handle->op = GNUNET_IDENTITY_get (handle->identity_handle, 1159 handle->op = GNUNET_IDENTITY_get (handle->identity_handle,
1151 "gns-master", 1160 "gns-master",
1152 &exchange_token_code_cb, 1161 &exchange_token_ticket_cb,
1153 handle); 1162 handle);
1154 } 1163 }
1155 1164
@@ -1194,7 +1203,7 @@ init_cont (struct RequestHandle *handle)
1194 //{MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_IDENTITY_TOKEN_CHECK, &check_token_cont}, 1203 //{MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_IDENTITY_TOKEN_CHECK, &check_token_cont},
1195 {MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_IDENTITY_TOKEN, &list_token_cont}, 1204 {MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_IDENTITY_TOKEN, &list_token_cont},
1196 {MHD_HTTP_METHOD_OPTIONS, GNUNET_REST_API_NS_IDENTITY_TOKEN, &options_cont}, 1205 {MHD_HTTP_METHOD_OPTIONS, GNUNET_REST_API_NS_IDENTITY_TOKEN, &options_cont},
1197 {MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_IDENTITY_OAUTH2_TOKEN, &exchange_token_code_cont}, 1206 {MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_IDENTITY_OAUTH2_TOKEN, &exchange_token_ticket_cont},
1198 GNUNET_REST_HANDLER_END 1207 GNUNET_REST_HANDLER_END
1199 }; 1208 };
1200 1209
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-09 06:20:26 +0000