aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Ebner <pansy007@googlemail.com>2019-08-03 13:01:22 +0200
committerSchanzenbach, Martin <mschanzenbach@posteo.de>2019-10-07 12:16:50 +0200
commit93cd93a1330fb38add615f797ac9a87fc252ff98 (patch)
tree89766b502d47d576531dc481fd488a9bdb1a701e
parent40624873cbd2eaf3a94185995b14899ea6ab36bf (diff)
downloadgnunet-93cd93a1330fb38add615f797ac9a87fc252ff98.tar.gz
gnunet-93cd93a1330fb38add615f797ac9a87fc252ff98.zip
Updated fw/bw algo, collect, and verify (still some things left to do)
- collect/verify now use delegate instead of credential - parameter in api messages to indicate the direction of the resolution - fw algo sets delegation_chain and ref_count on solution find - namestore lookup instead of iteration to get all delegates from starting/goal subject
-rw-r--r--src/credential/credential.h12
-rw-r--r--src/credential/credential_api.c73
-rw-r--r--src/credential/credential_serialization.c23
-rw-r--r--src/credential/credential_serialization.h150
-rw-r--r--src/credential/gnunet-credential.c16
-rw-r--r--src/credential/gnunet-service-credential.c596
-rwxr-xr-xsrc/credential/test_credential_own.sh21
-rw-r--r--src/include/gnunet_credential_service.h73
8 files changed, 573 insertions, 391 deletions
diff --git a/src/credential/credential.h b/src/credential/credential.h
index 9de137275..97fdfecbf 100644
--- a/src/credential/credential.h
+++ b/src/credential/credential.h
@@ -29,6 +29,8 @@
29 29
30GNUNET_NETWORK_STRUCT_BEGIN 30GNUNET_NETWORK_STRUCT_BEGIN
31 31
32enum direction{Backward, Forward, Bidirectional};
33
32/** 34/**
33 * Message from client to Credential service to collect credentials. 35 * Message from client to Credential service to collect credentials.
34 */ 36 */
@@ -55,6 +57,11 @@ struct CollectMessage
55 uint16_t issuer_attribute_len; 57 uint16_t issuer_attribute_len;
56 58
57 /** 59 /**
60 * Direction of the resolution algo
61 */
62 uint16_t resolution_algo;
63
64 /**
58 * Unique identifier for this request (for key collisions). 65 * Unique identifier for this request (for key collisions).
59 */ 66 */
60 uint32_t id GNUNET_PACKED; 67 uint32_t id GNUNET_PACKED;
@@ -94,6 +101,11 @@ struct VerifyMessage
94 uint16_t issuer_attribute_len; 101 uint16_t issuer_attribute_len;
95 102
96 /** 103 /**
104 * Direction of the resolution algo
105 */
106 uint16_t resolution_algo;
107
108 /**
97 * Unique identifier for this request (for key collisions). 109 * Unique identifier for this request (for key collisions).
98 */ 110 */
99 uint32_t id GNUNET_PACKED; 111 uint32_t id GNUNET_PACKED;
diff --git a/src/credential/credential_api.c b/src/credential/credential_api.c
index 3cbaf6c21..7323d3b1c 100644
--- a/src/credential/credential_api.c
+++ b/src/credential/credential_api.c
@@ -11,12 +11,12 @@
11 WITHOUT ANY WARRANTY; without even the implied warranty of 11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details. 13 Affero General Public License for more details.
14 14
15 You should have received a copy of the GNU Affero General Public License 15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>. 16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17 17
18 SPDX-License-Identifier: AGPL3.0-or-later 18 SPDX-License-Identifier: AGPL3.0-or-later
19 */ 19*/
20/** 20/**
21 * @file credential/credential_api.c 21 * @file credential/credential_api.c
22 * @brief library to access the CREDENTIAL service 22 * @brief library to access the CREDENTIAL service
@@ -35,13 +35,14 @@
35#include "gnunet_identity_service.h" 35#include "gnunet_identity_service.h"
36 36
37 37
38#define LOG(kind, ...) GNUNET_log_from (kind, "credential-api", __VA_ARGS__) 38#define LOG(kind,...) GNUNET_log_from (kind, "credential-api",__VA_ARGS__)
39 39
40/** 40/**
41 * Handle to a verify request 41 * Handle to a verify request
42 */ 42 */
43struct GNUNET_CREDENTIAL_Request 43struct GNUNET_CREDENTIAL_Request
44{ 44{
45
45 /** 46 /**
46 * DLL 47 * DLL
47 */ 48 */
@@ -76,6 +77,7 @@ struct GNUNET_CREDENTIAL_Request
76 * request id 77 * request id
77 */ 78 */
78 uint32_t r_id; 79 uint32_t r_id;
80
79}; 81};
80 82
81 83
@@ -84,6 +86,7 @@ struct GNUNET_CREDENTIAL_Request
84 */ 86 */
85struct GNUNET_CREDENTIAL_Handle 87struct GNUNET_CREDENTIAL_Handle
86{ 88{
89
87 /** 90 /**
88 * Configuration to use. 91 * Configuration to use.
89 */ 92 */
@@ -118,6 +121,7 @@ struct GNUNET_CREDENTIAL_Handle
118 * Request Id generator. Incremented by one for each request. 121 * Request Id generator. Incremented by one for each request.
119 */ 122 */
120 uint32_t r_id_gen; 123 uint32_t r_id_gen;
124
121}; 125};
122 126
123 127
@@ -159,8 +163,8 @@ force_reconnect (struct GNUNET_CREDENTIAL_Handle *handle)
159 = GNUNET_TIME_STD_BACKOFF (handle->reconnect_backoff); 163 = GNUNET_TIME_STD_BACKOFF (handle->reconnect_backoff);
160 handle->reconnect_task 164 handle->reconnect_task
161 = GNUNET_SCHEDULER_add_delayed (handle->reconnect_backoff, 165 = GNUNET_SCHEDULER_add_delayed (handle->reconnect_backoff,
162 &reconnect_task, 166 &reconnect_task,
163 handle); 167 handle);
164} 168}
165 169
166 170
@@ -191,7 +195,7 @@ static int
191check_result (void *cls, 195check_result (void *cls,
192 const struct DelegationChainResultMessage *vr_msg) 196 const struct DelegationChainResultMessage *vr_msg)
193{ 197{
194 // TODO 198 //TODO
195 return GNUNET_OK; 199 return GNUNET_OK;
196} 200}
197 201
@@ -209,11 +213,12 @@ handle_result (void *cls,
209 struct GNUNET_CREDENTIAL_Handle *handle = cls; 213 struct GNUNET_CREDENTIAL_Handle *handle = cls;
210 uint32_t r_id = ntohl (vr_msg->id); 214 uint32_t r_id = ntohl (vr_msg->id);
211 struct GNUNET_CREDENTIAL_Request *vr; 215 struct GNUNET_CREDENTIAL_Request *vr;
212 size_t mlen = ntohs (vr_msg->header.size) - sizeof(*vr_msg); 216 size_t mlen = ntohs (vr_msg->header.size) - sizeof (*vr_msg);
213 uint32_t d_count = ntohl (vr_msg->d_count); 217 uint32_t d_count = ntohl (vr_msg->d_count);
214 uint32_t c_count = ntohl (vr_msg->c_count); 218 uint32_t c_count = ntohl (vr_msg->c_count);
215 struct GNUNET_CREDENTIAL_Delegation d_chain[d_count]; 219 struct GNUNET_CREDENTIAL_Delegation d_chain[d_count];
216 struct GNUNET_CREDENTIAL_Credential creds[c_count]; 220 //TODO rename creds
221 struct GNUNET_CREDENTIAL_Delegate creds[c_count];
217 GNUNET_CREDENTIAL_CredentialResultProcessor proc; 222 GNUNET_CREDENTIAL_CredentialResultProcessor proc;
218 void *proc_cls; 223 void *proc_cls;
219 224
@@ -233,9 +238,7 @@ handle_result (void *cls,
233 GNUNET_free (vr); 238 GNUNET_free (vr);
234 GNUNET_assert (GNUNET_OK == 239 GNUNET_assert (GNUNET_OK ==
235 GNUNET_CREDENTIAL_delegation_chain_deserialize (mlen, 240 GNUNET_CREDENTIAL_delegation_chain_deserialize (mlen,
236 (const 241 (const char*) &vr_msg[1],
237 char*) &vr_msg
238 [1],
239 d_count, 242 d_count,
240 d_chain, 243 d_chain,
241 c_count, 244 c_count,
@@ -246,10 +249,8 @@ handle_result (void *cls,
246 0, 249 0,
247 NULL, 250 NULL,
248 0, 251 0,
249 NULL); // TODO 252 NULL); // TODO
250 } 253 } else {
251 else
252 {
253 proc (proc_cls, 254 proc (proc_cls,
254 d_count, 255 d_count,
255 d_chain, 256 d_chain,
@@ -362,7 +363,7 @@ GNUNET_CREDENTIAL_request_cancel (struct GNUNET_CREDENTIAL_Request *lr)
362 363
363/** 364/**
364 * Performs attribute collection. 365 * Performs attribute collection.
365 * Collects all credentials of subject to fulfill the 366 * Collects all credentials of subject to fulfill the
366 * attribute, if possible 367 * attribute, if possible
367 * 368 *
368 * @param handle handle to the Credential service 369 * @param handle handle to the Credential service
@@ -375,11 +376,9 @@ GNUNET_CREDENTIAL_request_cancel (struct GNUNET_CREDENTIAL_Request *lr)
375 */ 376 */
376struct GNUNET_CREDENTIAL_Request* 377struct GNUNET_CREDENTIAL_Request*
377GNUNET_CREDENTIAL_collect (struct GNUNET_CREDENTIAL_Handle *handle, 378GNUNET_CREDENTIAL_collect (struct GNUNET_CREDENTIAL_Handle *handle,
378 const struct 379 const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
379 GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
380 const char *issuer_attribute, 380 const char *issuer_attribute,
381 const struct 381 const struct GNUNET_CRYPTO_EcdsaPrivateKey *subject_key,
382 GNUNET_CRYPTO_EcdsaPrivateKey *subject_key,
383 GNUNET_CREDENTIAL_CredentialResultProcessor proc, 382 GNUNET_CREDENTIAL_CredentialResultProcessor proc,
384 void *proc_cls) 383 void *proc_cls)
385{ 384{
@@ -394,12 +393,12 @@ GNUNET_CREDENTIAL_collect (struct GNUNET_CREDENTIAL_Handle *handle,
394 return NULL; 393 return NULL;
395 } 394 }
396 395
397 // DEBUG LOG 396 //DEBUG LOG
398 LOG (GNUNET_ERROR_TYPE_DEBUG, 397 LOG (GNUNET_ERROR_TYPE_DEBUG,
399 "Trying to collect `%s' in CREDENTIAL\n", 398 "Trying to collect `%s' in CREDENTIAL\n",
400 issuer_attribute); 399 issuer_attribute);
401 nlen = strlen (issuer_attribute) + 1; 400 nlen = strlen (issuer_attribute) + 1;
402 if (nlen >= GNUNET_MAX_MESSAGE_SIZE - sizeof(*vr)) 401 if (nlen >= GNUNET_MAX_MESSAGE_SIZE - sizeof (*vr))
403 { 402 {
404 GNUNET_break (0); 403 GNUNET_break (0);
405 return NULL; 404 return NULL;
@@ -414,8 +413,11 @@ GNUNET_CREDENTIAL_collect (struct GNUNET_CREDENTIAL_Handle *handle,
414 GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT); 413 GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT);
415 c_msg->id = htonl (vr->r_id); 414 c_msg->id = htonl (vr->r_id);
416 c_msg->subject_key = *subject_key; 415 c_msg->subject_key = *subject_key;
417 c_msg->issuer_key = *issuer_key; 416 c_msg->issuer_key = *issuer_key;
418 c_msg->issuer_attribute_len = htons (strlen (issuer_attribute)); 417 c_msg->issuer_attribute_len = htons(strlen(issuer_attribute));
418 //c_msg->resolution_algo = htons(Backward);
419 c_msg->resolution_algo = htons(Forward);
420
419 GNUNET_memcpy (&c_msg[1], 421 GNUNET_memcpy (&c_msg[1],
420 issuer_attribute, 422 issuer_attribute,
421 strlen (issuer_attribute)); 423 strlen (issuer_attribute));
@@ -449,11 +451,9 @@ struct GNUNET_CREDENTIAL_Request*
449GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle, 451GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle,
450 const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key, 452 const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
451 const char *issuer_attribute, 453 const char *issuer_attribute,
452 const struct 454 const struct GNUNET_CRYPTO_EcdsaPublicKey *subject_key,
453 GNUNET_CRYPTO_EcdsaPublicKey *subject_key,
454 uint32_t credential_count, 455 uint32_t credential_count,
455 const struct 456 const struct GNUNET_CREDENTIAL_Delegate *credentials,
456 GNUNET_CREDENTIAL_Credential *credentials,
457 GNUNET_CREDENTIAL_CredentialResultProcessor proc, 457 GNUNET_CREDENTIAL_CredentialResultProcessor proc,
458 void *proc_cls) 458 void *proc_cls)
459{ 459{
@@ -463,7 +463,7 @@ GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle,
463 size_t nlen; 463 size_t nlen;
464 size_t clen; 464 size_t clen;
465 465
466 if ((NULL == issuer_attribute)||(NULL == credentials)) 466 if (NULL == issuer_attribute || NULL == credentials)
467 { 467 {
468 GNUNET_break (0); 468 GNUNET_break (0);
469 return NULL; 469 return NULL;
@@ -472,12 +472,12 @@ GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle,
472 clen = GNUNET_CREDENTIAL_credentials_get_size (credential_count, 472 clen = GNUNET_CREDENTIAL_credentials_get_size (credential_count,
473 credentials); 473 credentials);
474 474
475 // DEBUG LOG 475 //DEBUG LOG
476 LOG (GNUNET_ERROR_TYPE_DEBUG, 476 LOG (GNUNET_ERROR_TYPE_DEBUG,
477 "Trying to verify `%s' in CREDENTIAL\n", 477 "Trying to verify `%s' in CREDENTIAL\n",
478 issuer_attribute); 478 issuer_attribute);
479 nlen = strlen (issuer_attribute) + 1 + clen; 479 nlen = strlen (issuer_attribute) + 1 + clen;
480 if (nlen >= GNUNET_MAX_MESSAGE_SIZE - sizeof(*vr)) 480 if (nlen >= GNUNET_MAX_MESSAGE_SIZE - sizeof (*vr))
481 { 481 {
482 GNUNET_break (0); 482 GNUNET_break (0);
483 return NULL; 483 return NULL;
@@ -492,16 +492,19 @@ GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle,
492 GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY); 492 GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY);
493 v_msg->id = htonl (vr->r_id); 493 v_msg->id = htonl (vr->r_id);
494 v_msg->subject_key = *subject_key; 494 v_msg->subject_key = *subject_key;
495 v_msg->c_count = htonl (credential_count); 495 v_msg->c_count = htonl(credential_count);
496 v_msg->issuer_key = *issuer_key; 496 v_msg->issuer_key = *issuer_key;
497 v_msg->issuer_attribute_len = htons (strlen (issuer_attribute)); 497 v_msg->issuer_attribute_len = htons(strlen(issuer_attribute));
498 //v_msg->resolution_algo = htons(Backward);
499 v_msg->resolution_algo = htons(Forward);
500
498 GNUNET_memcpy (&v_msg[1], 501 GNUNET_memcpy (&v_msg[1],
499 issuer_attribute, 502 issuer_attribute,
500 strlen (issuer_attribute)); 503 strlen (issuer_attribute));
501 GNUNET_CREDENTIAL_credentials_serialize (credential_count, 504 GNUNET_CREDENTIAL_credentials_serialize (credential_count,
502 credentials, 505 credentials,
503 clen, 506 clen,
504 ((char*) &v_msg[1]) 507 ((char*)&v_msg[1])
505 + strlen (issuer_attribute) + 1); 508 + strlen (issuer_attribute) + 1);
506 GNUNET_CONTAINER_DLL_insert (handle->request_head, 509 GNUNET_CONTAINER_DLL_insert (handle->request_head,
507 handle->request_tail, 510 handle->request_tail,
diff --git a/src/credential/credential_serialization.c b/src/credential/credential_serialization.c
index b14ec26f2..4f3b11450 100644
--- a/src/credential/credential_serialization.c
+++ b/src/credential/credential_serialization.c
@@ -149,12 +149,12 @@ GNUNET_CREDENTIAL_delegation_set_deserialize (
149size_t 149size_t
150GNUNET_CREDENTIAL_credentials_get_size ( 150GNUNET_CREDENTIAL_credentials_get_size (
151 unsigned int c_count, 151 unsigned int c_count,
152 const struct GNUNET_CREDENTIAL_Credential *cd) 152 const struct GNUNET_CREDENTIAL_Delegate *cd)
153{ 153{
154 unsigned int i; 154 unsigned int i;
155 size_t ret; 155 size_t ret;
156 156
157 ret = sizeof (struct CredentialEntry) * (c_count); 157 ret = sizeof (struct DelegateEntry) * (c_count);
158 158
159 for (i = 0; i < c_count; i++) 159 for (i = 0; i < c_count; i++)
160 { 160 {
@@ -175,11 +175,11 @@ GNUNET_CREDENTIAL_credentials_get_size (
175ssize_t 175ssize_t
176GNUNET_CREDENTIAL_credentials_serialize ( 176GNUNET_CREDENTIAL_credentials_serialize (
177 unsigned int c_count, 177 unsigned int c_count,
178 const struct GNUNET_CREDENTIAL_Credential *cd, 178 const struct GNUNET_CREDENTIAL_Delegate *cd,
179 size_t dest_size, 179 size_t dest_size,
180 char *dest) 180 char *dest)
181{ 181{
182 struct CredentialEntry c_rec; 182 struct DelegateEntry c_rec;
183 unsigned int i; 183 unsigned int i;
184 size_t off; 184 size_t off;
185 185
@@ -192,7 +192,7 @@ GNUNET_CREDENTIAL_credentials_serialize (
192 c_rec.signature = cd[i].signature; 192 c_rec.signature = cd[i].signature;
193 c_rec.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_CREDENTIAL); 193 c_rec.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_CREDENTIAL);
194 c_rec.purpose.size = 194 c_rec.purpose.size =
195 htonl ((sizeof (struct CredentialEntry) + cd[i].issuer_attribute_len) - 195 htonl ((sizeof (struct DelegateEntry) + cd[i].issuer_attribute_len) -
196 sizeof (struct GNUNET_CRYPTO_EcdsaSignature)); 196 sizeof (struct GNUNET_CRYPTO_EcdsaSignature));
197 c_rec.expiration = GNUNET_htonll (cd[i].expiration.abs_value_us); 197 c_rec.expiration = GNUNET_htonll (cd[i].expiration.abs_value_us);
198 if (off + sizeof (c_rec) > dest_size) 198 if (off + sizeof (c_rec) > dest_size)
@@ -225,9 +225,9 @@ GNUNET_CREDENTIAL_credentials_deserialize (
225 size_t len, 225 size_t len,
226 const char *src, 226 const char *src,
227 unsigned int c_count, 227 unsigned int c_count,
228 struct GNUNET_CREDENTIAL_Credential *cd) 228 struct GNUNET_CREDENTIAL_Delegate *cd)
229{ 229{
230 struct CredentialEntry c_rec; 230 struct DelegateEntry c_rec;
231 unsigned int i; 231 unsigned int i;
232 size_t off; 232 size_t off;
233 233
@@ -247,6 +247,7 @@ GNUNET_CREDENTIAL_credentials_deserialize (
247 return GNUNET_SYSERR; 247 return GNUNET_SYSERR;
248 cd[i].issuer_attribute = &src[off]; 248 cd[i].issuer_attribute = &src[off];
249 off += cd[i].issuer_attribute_len; 249 off += cd[i].issuer_attribute_len;
250 cd[i].subject_attribute_len = 0;
250 } 251 }
251 return GNUNET_OK; 252 return GNUNET_OK;
252} 253}
@@ -267,7 +268,7 @@ GNUNET_CREDENTIAL_delegation_chain_get_size (
267 unsigned int d_count, 268 unsigned int d_count,
268 const struct GNUNET_CREDENTIAL_Delegation *dd, 269 const struct GNUNET_CREDENTIAL_Delegation *dd,
269 unsigned int c_count, 270 unsigned int c_count,
270 const struct GNUNET_CREDENTIAL_Credential *cd) 271 const struct GNUNET_CREDENTIAL_Delegate *cd)
271{ 272{
272 unsigned int i; 273 unsigned int i;
273 size_t ret; 274 size_t ret;
@@ -299,7 +300,7 @@ GNUNET_CREDENTIAL_delegation_chain_serialize (
299 unsigned int d_count, 300 unsigned int d_count,
300 const struct GNUNET_CREDENTIAL_Delegation *dd, 301 const struct GNUNET_CREDENTIAL_Delegation *dd,
301 unsigned int c_count, 302 unsigned int c_count,
302 const struct GNUNET_CREDENTIAL_Credential *cd, 303 const struct GNUNET_CREDENTIAL_Delegate *cd,
303 size_t dest_size, 304 size_t dest_size,
304 char *dest) 305 char *dest)
305{ 306{
@@ -358,7 +359,7 @@ GNUNET_CREDENTIAL_delegation_chain_deserialize (
358 unsigned int d_count, 359 unsigned int d_count,
359 struct GNUNET_CREDENTIAL_Delegation *dd, 360 struct GNUNET_CREDENTIAL_Delegation *dd,
360 unsigned int c_count, 361 unsigned int c_count,
361 struct GNUNET_CREDENTIAL_Credential *cd) 362 struct GNUNET_CREDENTIAL_Delegate *cd)
362{ 363{
363 struct ChainEntry rec; 364 struct ChainEntry rec;
364 unsigned int i; 365 unsigned int i;
@@ -460,8 +461,6 @@ GNUNET_CREDENTIAL_credential_deserialize (const char *data, size_t data_size)
460 return cred; 461 return cred;
461} 462}
462 463
463//TODO own file for delegate de/serialization
464
465int 464int
466GNUNET_CREDENTIAL_delegate_serialize (struct GNUNET_CREDENTIAL_Delegate *dele, 465GNUNET_CREDENTIAL_delegate_serialize (struct GNUNET_CREDENTIAL_Delegate *dele,
467 char **data) 466 char **data)
diff --git a/src/credential/credential_serialization.h b/src/credential/credential_serialization.h
index ebeae0d89..072beb44e 100644
--- a/src/credential/credential_serialization.h
+++ b/src/credential/credential_serialization.h
@@ -11,17 +11,17 @@
11 WITHOUT ANY WARRANTY; without even the implied warranty of 11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details. 13 Affero General Public License for more details.
14 14
15 You should have received a copy of the GNU Affero General Public License 15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>. 16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17 17
18 SPDX-License-Identifier: AGPL3.0-or-later 18 SPDX-License-Identifier: AGPL3.0-or-later
19 */ 19*/
20 20
21 21
22/** 22/**
23 * @file credential/credential_serialization.h 23 * @file credential/credential_serialization.h
24 * @brief API to serialize and deserialize delegation chains 24 * @brief API to serialize and deserialize delegation chains
25 * and credentials 25 * and credentials
26 * @author Martin Schanzenbach 26 * @author Martin Schanzenbach
27 */ 27 */
@@ -43,8 +43,7 @@
43 */ 43 */
44size_t 44size_t
45GNUNET_CREDENTIAL_delegation_set_get_size (unsigned int ds_count, 45GNUNET_CREDENTIAL_delegation_set_get_size (unsigned int ds_count,
46 const struct 46 const struct GNUNET_CREDENTIAL_DelegationSet *dsr);
47 GNUNET_CREDENTIAL_DelegationSet *dsr);
48 47
49/** 48/**
50 * Serizalize the given delegation record entries 49 * Serizalize the given delegation record entries
@@ -57,8 +56,7 @@ GNUNET_CREDENTIAL_delegation_set_get_size (unsigned int ds_count,
57 */ 56 */
58ssize_t 57ssize_t
59GNUNET_CREDENTIAL_delegation_set_serialize (unsigned int d_count, 58GNUNET_CREDENTIAL_delegation_set_serialize (unsigned int d_count,
60 const struct 59 const struct GNUNET_CREDENTIAL_DelegationSet *dsr,
61 GNUNET_CREDENTIAL_DelegationSet *dsr,
62 size_t dest_size, 60 size_t dest_size,
63 char *dest); 61 char *dest);
64 62
@@ -76,79 +74,69 @@ int
76GNUNET_CREDENTIAL_delegation_set_deserialize (size_t len, 74GNUNET_CREDENTIAL_delegation_set_deserialize (size_t len,
77 const char *src, 75 const char *src,
78 unsigned int d_count, 76 unsigned int d_count,
79 struct 77 struct GNUNET_CREDENTIAL_DelegationSet *dsr);
80 GNUNET_CREDENTIAL_DelegationSet * 78
81 dsr); 79 /**
82 80 * Calculate how many bytes we will need to serialize
83/** 81 * the given delegation chain and credential
84 * Calculate how many bytes we will need to serialize 82 *
85 * the given delegation chain and credential 83 * @param d_count number of delegation chain entries
86 * 84 * @param dd array of #GNUNET_CREDENTIAL_Delegation
87 * @param d_count number of delegation chain entries 85 * @param c_count number of credential entries
88 * @param dd array of #GNUNET_CREDENTIAL_Delegation 86 * @param cd a #GNUNET_CREDENTIAL_Credential
89 * @param c_count number of credential entries 87 * @return the required size to serialize
90 * @param cd a #GNUNET_CREDENTIAL_Credential 88 */
91 * @return the required size to serialize 89 size_t
92 */ 90 GNUNET_CREDENTIAL_delegation_chain_get_size (unsigned int d_count,
93size_t 91 const struct GNUNET_CREDENTIAL_Delegation *dd,
94GNUNET_CREDENTIAL_delegation_chain_get_size (unsigned int d_count, 92 unsigned int c_count,
95 const struct 93 const struct GNUNET_CREDENTIAL_Delegate *cd);
96 GNUNET_CREDENTIAL_Delegation *dd, 94
97 unsigned int c_count, 95 /**
98 const struct 96 * Serizalize the given delegation chain entries and credential
99 GNUNET_CREDENTIAL_Credential *cd); 97 *
100 98 * @param d_count number of delegation chain entries
101/** 99 * @param dd array of #GNUNET_CREDENTIAL_Delegation
102 * Serizalize the given delegation chain entries and credential 100 * @param c_count number of credential entries
103 * 101 * @param cd a #GNUNET_CREDENTIAL_Credential
104 * @param d_count number of delegation chain entries 102 * @param dest_size size of the destination
105 * @param dd array of #GNUNET_CREDENTIAL_Delegation 103 * @param dest where to store the result
106 * @param c_count number of credential entries 104 * @return the size of the data, -1 on failure
107 * @param cd a #GNUNET_CREDENTIAL_Credential 105 */
108 * @param dest_size size of the destination 106 ssize_t
109 * @param dest where to store the result 107 GNUNET_CREDENTIAL_delegation_chain_serialize (unsigned int d_count,
110 * @return the size of the data, -1 on failure 108 const struct GNUNET_CREDENTIAL_Delegation *dd,
111 */ 109 unsigned int c_count,
112ssize_t 110 const struct GNUNET_CREDENTIAL_Delegate *cd,
113GNUNET_CREDENTIAL_delegation_chain_serialize (unsigned int d_count, 111 size_t dest_size,
114 const struct 112 char *dest);
115 GNUNET_CREDENTIAL_Delegation *dd, 113
116 unsigned int c_count, 114
117 const struct 115 /**
118 GNUNET_CREDENTIAL_Credential *cd, 116 * Deserialize the given destination
119 size_t dest_size, 117 *
120 char *dest); 118 * @param len size of the serialized delegation chain and cred
121 119 * @param src the serialized data
122 120 * @param d_count the number of delegation chain entries
123/** 121 * @param dd where to put the delegation chain entries
124 * Deserialize the given destination 122 * @param c_count number of credential entries
125 * 123 * @param cd where to put the credential data
126 * @param len size of the serialized delegation chain and cred 124 * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
127 * @param src the serialized data 125 */
128 * @param d_count the number of delegation chain entries 126 int
129 * @param dd where to put the delegation chain entries 127 GNUNET_CREDENTIAL_delegation_chain_deserialize (size_t len,
130 * @param c_count number of credential entries 128 const char *src,
131 * @param cd where to put the credential data 129 unsigned int d_count,
132 * @return #GNUNET_OK on success, #GNUNET_SYSERR on error 130 struct GNUNET_CREDENTIAL_Delegation *dd,
133 */ 131 unsigned int c_count,
134int 132 struct GNUNET_CREDENTIAL_Delegate *cd);
135GNUNET_CREDENTIAL_delegation_chain_deserialize (size_t len, 133 size_t
136 const char *src, 134 GNUNET_CREDENTIAL_credentials_get_size (unsigned int c_count,
137 unsigned int d_count, 135 const struct GNUNET_CREDENTIAL_Delegate *cd);
138 struct
139 GNUNET_CREDENTIAL_Delegation *dd,
140 unsigned int c_count,
141 struct
142 GNUNET_CREDENTIAL_Credential *cd);
143size_t
144GNUNET_CREDENTIAL_credentials_get_size (unsigned int c_count,
145 const struct
146 GNUNET_CREDENTIAL_Credential *cd);
147 136
148ssize_t 137ssize_t
149GNUNET_CREDENTIAL_credentials_serialize (unsigned int c_count, 138GNUNET_CREDENTIAL_credentials_serialize (unsigned int c_count,
150 const struct 139 const struct GNUNET_CREDENTIAL_Delegate *cd,
151 GNUNET_CREDENTIAL_Credential *cd,
152 size_t dest_size, 140 size_t dest_size,
153 char *dest); 141 char *dest);
154 142
@@ -157,17 +145,15 @@ int
157GNUNET_CREDENTIAL_credentials_deserialize (size_t len, 145GNUNET_CREDENTIAL_credentials_deserialize (size_t len,
158 const char *src, 146 const char *src,
159 unsigned int c_count, 147 unsigned int c_count,
160 struct GNUNET_CREDENTIAL_Credential * 148 struct GNUNET_CREDENTIAL_Delegate *cd);
161 cd);
162 149
163 150
164int 151int
165GNUNET_CREDENTIAL_credential_serialize (struct 152GNUNET_CREDENTIAL_credential_serialize (struct GNUNET_CREDENTIAL_Credential *cred,
166 GNUNET_CREDENTIAL_Credential *cred,
167 char **data); 153 char **data);
168 154
169struct GNUNET_CREDENTIAL_Credential* 155struct GNUNET_CREDENTIAL_Credential*
170GNUNET_CREDENTIAL_credential_deserialize (const char*data, 156GNUNET_CREDENTIAL_credential_deserialize (const char* data,
171 size_t data_size); 157 size_t data_size);
172 158
173int 159int
diff --git a/src/credential/gnunet-credential.c b/src/credential/gnunet-credential.c
index 55a4653fb..64f5c5a5f 100644
--- a/src/credential/gnunet-credential.c
+++ b/src/credential/gnunet-credential.c
@@ -254,7 +254,7 @@ handle_collect_result (void *cls,
254 unsigned int d_count, 254 unsigned int d_count,
255 struct GNUNET_CREDENTIAL_Delegation *dc, 255 struct GNUNET_CREDENTIAL_Delegation *dc,
256 unsigned int c_count, 256 unsigned int c_count,
257 struct GNUNET_CREDENTIAL_Credential *cred) 257 struct GNUNET_CREDENTIAL_Delegate *cred)
258{ 258{
259 int i; 259 int i;
260 char *line; 260 char *line;
@@ -264,10 +264,12 @@ handle_collect_result (void *cls,
264 { 264 {
265 for (i = 0; i < c_count; i++) 265 for (i = 0; i < c_count; i++)
266 { 266 {
267 line = GNUNET_CREDENTIAL_credential_to_string (&cred[i]); 267 line = GNUNET_CREDENTIAL_delegate_to_string (&cred[i]);
268 printf ("%s\n", line); 268 printf ("%s\n", line);
269 GNUNET_free (line); 269 GNUNET_free (line);
270 } 270 }
271 } else {
272 printf("Received NULL\n");
271 } 273 }
272 274
273 275
@@ -280,7 +282,7 @@ handle_verify_result (void *cls,
280 unsigned int d_count, 282 unsigned int d_count,
281 struct GNUNET_CREDENTIAL_Delegation *dc, 283 struct GNUNET_CREDENTIAL_Delegation *dc,
282 unsigned int c_count, 284 unsigned int c_count,
283 struct GNUNET_CREDENTIAL_Credential *cred) 285 struct GNUNET_CREDENTIAL_Delegate *cred)
284{ 286{
285 int i; 287 int i;
286 char *iss_key; 288 char *iss_key;
@@ -886,17 +888,17 @@ run (void *cls,
886 int i; 888 int i;
887 while (NULL != (tok = strtok (NULL, ","))) 889 while (NULL != (tok = strtok (NULL, ",")))
888 count++; 890 count++;
889 struct GNUNET_CREDENTIAL_Credential credentials[count]; 891 struct GNUNET_CREDENTIAL_Delegate credentials[count];
890 struct GNUNET_CREDENTIAL_Credential *cred; 892 struct GNUNET_CREDENTIAL_Delegate *cred;
891 GNUNET_free (tmp); 893 GNUNET_free (tmp);
892 tmp = GNUNET_strdup (subject_credential); 894 tmp = GNUNET_strdup (subject_credential);
893 tok = strtok (tmp, ","); 895 tok = strtok (tmp, ",");
894 for (i = 0; i < count; i++) 896 for (i = 0; i < count; i++)
895 { 897 {
896 cred = GNUNET_CREDENTIAL_credential_from_string (tok); 898 cred = GNUNET_CREDENTIAL_delegate_from_string (tok);
897 GNUNET_memcpy (&credentials[i], 899 GNUNET_memcpy (&credentials[i],
898 cred, 900 cred,
899 sizeof (struct GNUNET_CREDENTIAL_Credential)); 901 sizeof (struct GNUNET_CREDENTIAL_Delegate));
900 credentials[i].issuer_attribute = GNUNET_strdup (cred->issuer_attribute); 902 credentials[i].issuer_attribute = GNUNET_strdup (cred->issuer_attribute);
901 tok = strtok (NULL, ","); 903 tok = strtok (NULL, ",");
902 GNUNET_free (cred); 904 GNUNET_free (cred);
diff --git a/src/credential/gnunet-service-credential.c b/src/credential/gnunet-service-credential.c
index d7f6e34d5..da43334df 100644
--- a/src/credential/gnunet-service-credential.c
+++ b/src/credential/gnunet-service-credential.c
@@ -106,6 +106,32 @@ struct CredentialRecordEntry
106}; 106};
107 107
108/** 108/**
109 * DLL for record
110 */
111struct DelegateRecordEntry
112{
113 /**
114 * DLL
115 */
116 struct DelegateRecordEntry *next;
117
118 /**
119 * DLL
120 */
121 struct DelegateRecordEntry *prev;
122
123 /**
124 * Number of references in delegation chains
125 */
126 uint32_t refcount;
127
128 /**
129 * Payload
130 */
131 struct GNUNET_CREDENTIAL_Delegate *delegate;
132};
133
134/**
109 * DLL used for delegations 135 * DLL used for delegations
110 * Used for OR delegations 136 * Used for OR delegations
111 */ 137 */
@@ -292,6 +318,21 @@ struct VerifyRequestHandle
292 uint32_t cred_chain_size; 318 uint32_t cred_chain_size;
293 319
294 /** 320 /**
321 * Credential DLL
322 */
323 struct DelegateRecordEntry *del_chain_head;
324
325 /**
326 * Credential DLL
327 */
328 struct DelegateRecordEntry *del_chain_tail;
329
330 /**
331 * Credential DLL size
332 */
333 uint32_t del_chain_size;
334
335 /**
295 * Root Delegation Set 336 * Root Delegation Set
296 */ 337 */
297 struct DelegationSetQueueEntry *root_set; 338 struct DelegationSetQueueEntry *root_set;
@@ -312,11 +353,21 @@ struct VerifyRequestHandle
312 uint64_t pending_lookups; 353 uint64_t pending_lookups;
313 354
314 /** 355 /**
356 * Direction of the resolution algo
357 */
358 enum direction resolution_algo;
359
360 /**
315 * Credential iterator 361 * Credential iterator
316 */ 362 */
317 struct GNUNET_NAMESTORE_ZoneIterator *cred_collection_iter; 363 struct GNUNET_NAMESTORE_ZoneIterator *cred_collection_iter;
318 364
319 /** 365 /**
366 * Credential iterator
367 */
368 struct GNUNET_NAMESTORE_QueueEntry *dele_qe;
369
370 /**
320 * Collect task 371 * Collect task
321 */ 372 */
322 struct GNUNET_SCHEDULER_Task *collect_next_task; 373 struct GNUNET_SCHEDULER_Task *collect_next_task;
@@ -446,9 +497,11 @@ send_lookup_response (struct VerifyRequestHandle *vrh)
446 struct DelegationChainResultMessage *rmsg; 497 struct DelegationChainResultMessage *rmsg;
447 struct DelegationChainEntry *dce; 498 struct DelegationChainEntry *dce;
448 struct GNUNET_CREDENTIAL_Delegation dd[vrh->delegation_chain_size]; 499 struct GNUNET_CREDENTIAL_Delegation dd[vrh->delegation_chain_size];
449 struct GNUNET_CREDENTIAL_Credential cred[vrh->cred_chain_size]; 500 //TODO rename cred/cd
450 struct CredentialRecordEntry *cd; 501 //TODO rename all methods using credential
451 struct CredentialRecordEntry *tmp; 502 struct GNUNET_CREDENTIAL_Delegate cred[vrh->del_chain_size];
503 struct DelegateRecordEntry *cd;
504 struct DelegateRecordEntry *tmp;
452 size_t size; 505 size_t size;
453 506
454 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Sending response\n"); 507 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Sending response\n");
@@ -467,43 +520,40 @@ send_lookup_response (struct VerifyRequestHandle *vrh)
467 dce = dce->next; 520 dce = dce->next;
468 } 521 }
469 522
470 /** 523 // Remove all not needed credentials
471 * Remove all credentials not needed 524 for (cd = vrh->del_chain_head; NULL != cd;) {
472 */
473 for (cd = vrh->cred_chain_head; NULL != cd;) {
474 if (cd->refcount > 0) { 525 if (cd->refcount > 0) {
475 cd = cd->next; 526 cd = cd->next;
476 continue; 527 continue;
477 } 528 }
478 tmp = cd; 529 tmp = cd;
479 cd = cd->next; 530 cd = cd->next;
480 GNUNET_CONTAINER_DLL_remove (vrh->cred_chain_head, 531 GNUNET_CONTAINER_DLL_remove (vrh->del_chain_head,
481 vrh->cred_chain_tail, 532 vrh->del_chain_tail,
482 tmp); 533 tmp);
483 GNUNET_free (tmp->credential); 534 GNUNET_free (tmp->delegate);
484 GNUNET_free (tmp); 535 GNUNET_free (tmp);
485 vrh->cred_chain_size--; 536 vrh->del_chain_size--;
486 } 537 }
487 538
488 /** 539 /**
489 * Get serialized record data 540 * Get serialized record data
490 * Append at the end of rmsg 541 * Append at the end of rmsg
491 */ 542 */
492 cd = vrh->cred_chain_head; 543 cd = vrh->del_chain_head;
493 for (uint32_t i = 0; i < vrh->cred_chain_size; i++) { 544 for (uint32_t i = 0; i < vrh->del_chain_size; i++) {
494 cred[i].issuer_key = cd->credential->issuer_key; 545 cred[i].issuer_key = cd->delegate->issuer_key;
495 cred[i].subject_key = cd->credential->subject_key; 546 cred[i].subject_key = cd->delegate->subject_key;
496 cred[i].issuer_attribute_len 547 cred[i].issuer_attribute_len
497 = strlen (cd->credential->issuer_attribute) + 1; 548 = strlen (cd->delegate->issuer_attribute) + 1;
498 cred[i].issuer_attribute = cd->credential->issuer_attribute; 549 cred[i].issuer_attribute = cd->delegate->issuer_attribute;
499 cred[i].expiration = cd->credential->expiration; 550 cred[i].expiration = cd->delegate->expiration;
500 cred[i].signature = cd->credential->signature; 551 cred[i].signature = cd->delegate->signature;
501 cd = cd->next; 552 cd = cd->next;
502 } 553 }
503 size 554 size = GNUNET_CREDENTIAL_delegation_chain_get_size (vrh->delegation_chain_size,
504 = GNUNET_CREDENTIAL_delegation_chain_get_size (vrh->delegation_chain_size,
505 dd, 555 dd,
506 vrh->cred_chain_size, 556 vrh->del_chain_size,
507 cred); 557 cred);
508 env = GNUNET_MQ_msg_extra (rmsg, 558 env = GNUNET_MQ_msg_extra (rmsg,
509 size, 559 size,
@@ -511,9 +561,9 @@ send_lookup_response (struct VerifyRequestHandle *vrh)
511 // Assign id so that client can find associated request 561 // Assign id so that client can find associated request
512 rmsg->id = vrh->request_id; 562 rmsg->id = vrh->request_id;
513 rmsg->d_count = htonl (vrh->delegation_chain_size); 563 rmsg->d_count = htonl (vrh->delegation_chain_size);
514 rmsg->c_count = htonl (vrh->cred_chain_size); 564 rmsg->c_count = htonl (vrh->del_chain_size);
515 565
516 if (0 < vrh->cred_chain_size) 566 if (0 < vrh->del_chain_size)
517 rmsg->cred_found = htonl (GNUNET_YES); 567 rmsg->cred_found = htonl (GNUNET_YES);
518 else 568 else
519 rmsg->cred_found = htonl (GNUNET_NO); 569 rmsg->cred_found = htonl (GNUNET_NO);
@@ -522,7 +572,7 @@ send_lookup_response (struct VerifyRequestHandle *vrh)
522 -1 572 -1
523 != GNUNET_CREDENTIAL_delegation_chain_serialize (vrh->delegation_chain_size, 573 != GNUNET_CREDENTIAL_delegation_chain_serialize (vrh->delegation_chain_size,
524 dd, 574 dd,
525 vrh->cred_chain_size, 575 vrh->del_chain_size,
526 cred, 576 cred,
527 size, 577 size,
528 (char *)&rmsg[1])); 578 (char *)&rmsg[1]));
@@ -537,12 +587,72 @@ send_lookup_response (struct VerifyRequestHandle *vrh)
537 GNUNET_NO); 587 GNUNET_NO);
538} 588}
539 589
590static char*
591partial_match(char *tmp_trail, char *tmp_subattr, char *parent_trail, char *issuer_attribute)
592{
593 char *saveptr1, *saveptr2;
594 char *trail_token;
595 char *sub_token;
596 char *attr_trailer;
597
598 // tok both, parent->attr_trailer and del->sub_attr to see how far they match,
599 // take rest of parent trailer (only when del->sub_attr token is null), and
600 // create new/actual trailer with del->iss_attr
601 trail_token = strtok_r (tmp_trail, ".", &saveptr1);
602 sub_token = strtok_r (tmp_subattr, ".", &saveptr2);
603 while (NULL != trail_token && NULL != sub_token)
604 {
605 if(0 == strcmp(trail_token,sub_token))
606 {
607 // good, matches, remove
608 } else {
609 // not relevant for solving the chain, end for iteration here
610 return NULL;
611 }
612
613 trail_token = strtok_r (NULL, ".", &saveptr1);
614 sub_token = strtok_r (NULL, ".", &saveptr2);
615 }
616 // skip this entry and go to next for if:
617 // 1. at some point the attr of the trailer and the subject dont match
618 // 2. the trailer is NULL, but the subject has more attributes
619 // Reason: This will lead to "startzone.attribute" but we're looking for a solution
620 // for "<- startzone"
621 if(NULL == trail_token)
622 {
623 return NULL;
624 }
625
626 // do not have to check sub_token == NULL, if both would be NULL
627 // at the same time, the complete match part above should have triggered already
628
629 // otherwise, above while only ends when sub_token == NULL
630 GNUNET_asprintf (&attr_trailer,
631 "%s",
632 trail_token);
633 trail_token = strtok_r (NULL, ".", &saveptr1);
634 while(NULL != trail_token)
635 {
636 GNUNET_asprintf (&attr_trailer,
637 "%s.%s",
638 parent_trail,
639 trail_token);
640 trail_token = strtok_r (NULL, ".", &saveptr1);
641
642 }
643 GNUNET_asprintf (&attr_trailer,
644 "%s.%s",
645 issuer_attribute,
646 attr_trailer);
647 return attr_trailer;
648}
649
540static void 650static void
541test_resolution (void *cls, 651test_resolution (void *cls,
542 uint32_t rd_count, 652 uint32_t rd_count,
543 const struct GNUNET_GNSRECORD_Data *rd) 653 const struct GNUNET_GNSRECORD_Data *rd)
544{ 654{
545 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "-----------FW:Got %d entries\n", rd_count); 655 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Received %d entries.\n", rd_count);
546 656
547 struct VerifyRequestHandle *vrh; 657 struct VerifyRequestHandle *vrh;
548 struct DelegationSetQueueEntry *current_set; 658 struct DelegationSetQueueEntry *current_set;
@@ -554,9 +664,7 @@ test_resolution (void *cls,
554 current_set->lookup_request = NULL; 664 current_set->lookup_request = NULL;
555 vrh = current_set->handle; 665 vrh = current_set->handle;
556 vrh->pending_lookups--; 666 vrh->pending_lookups--;
557 //GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "-----------FW:current set %s\n", current_set->issuer_attribute);
558 667
559
560 // Loop record entries 668 // Loop record entries
561 for (uint32_t i = 0; i < rd_count; i++) { 669 for (uint32_t i = 0; i < rd_count; i++) {
562 if (GNUNET_GNSRECORD_TYPE_DELEGATE != rd[i].record_type) 670 if (GNUNET_GNSRECORD_TYPE_DELEGATE != rd[i].record_type)
@@ -566,10 +674,6 @@ test_resolution (void *cls,
566 struct GNUNET_CREDENTIAL_Delegate *del; 674 struct GNUNET_CREDENTIAL_Delegate *del;
567 del = GNUNET_CREDENTIAL_delegate_deserialize(rd[i].data, rd[i].data_size); 675 del = GNUNET_CREDENTIAL_delegate_deserialize(rd[i].data, rd[i].data_size);
568 676
569 // TODO parse subject and issuer attributes which are required for algo solving
570 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "-----------FW:iss %s %s\n", GNUNET_CRYPTO_ecdsa_public_key_to_string(&del->issuer_key), del->issuer_attribute);
571 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "-----------FW:sub %s %s\n", GNUNET_CRYPTO_ecdsa_public_key_to_string(&del->subject_key), del->subject_attribute);
572
573 // Start: Create DQ Entry 677 // Start: Create DQ Entry
574 dq_entry = GNUNET_new (struct DelegationQueueEntry); 678 dq_entry = GNUNET_new (struct DelegationQueueEntry);
575 // AND delegations are not possible, only 1 solution 679 // AND delegations are not possible, only 1 solution
@@ -594,15 +698,13 @@ test_resolution (void *cls,
594 // 2. partial match: replace 698 // 2. partial match: replace
595 // 3. new solution: replace, add trailer 699 // 3. new solution: replace, add trailer
596 700
597 //GNUNET_assert(NULL != current_set->attr_trailer); 701 // At resolution chain start trailer of parent is NULL
598 // TODO only during test
599 if (NULL == current_set->attr_trailer) { 702 if (NULL == current_set->attr_trailer) {
600 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "-----------FW: trailer null\n");
601 // for (5) F.c <- G, remember .c when going upwards 703 // for (5) F.c <- G, remember .c when going upwards
602 ds_entry->attr_trailer = GNUNET_strdup(del->issuer_attribute); 704 ds_entry->attr_trailer = GNUNET_strdup(del->issuer_attribute);
603 } else { 705 } else {
604 if (0 == del->subject_attribute_len){ 706 if (0 == del->subject_attribute_len){
605 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "-----------FW: new solution\n"); 707 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Found: New solution\n");
606 // new solution 708 // new solution
607 // create new trailer del->issuer_attribute, ds_entry->attr_trailer 709 // create new trailer del->issuer_attribute, ds_entry->attr_trailer
608 GNUNET_asprintf (&ds_entry->attr_trailer, 710 GNUNET_asprintf (&ds_entry->attr_trailer,
@@ -610,76 +712,33 @@ test_resolution (void *cls,
610 del->issuer_attribute, 712 del->issuer_attribute,
611 current_set->attr_trailer); 713 current_set->attr_trailer);
612 } else if(0 == strcmp(del->subject_attribute, current_set->attr_trailer)){ 714 } else if(0 == strcmp(del->subject_attribute, current_set->attr_trailer)){
613 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "-----------FW: complete match\n"); 715 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Found: Complete match\n");
614 // complete match 716 // complete match
615 // new trailer == issuer attribute (e.g. (5) to (4)) 717 // new trailer == issuer attribute (e.g. (5) to (4))
616 // TODO memleak, free trailer before 718 // TODO memleak, free trailer before
617 ds_entry->attr_trailer = GNUNET_strdup(del->issuer_attribute); 719 ds_entry->attr_trailer = GNUNET_strdup(del->issuer_attribute);
618 } else { 720 } else {
619 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "-----------FW: partial match\n"); 721 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Found: Partial match\n");
620 // partial match 722 // partial match
621 723
622 // TODO problem when checking with contains: attr = disco or attr = disc both say success 724 char *trail = partial_match(GNUNET_strdup (current_set->attr_trailer),
623 // ==> therefore: split and check the single attributes 725 GNUNET_strdup (del->subject_attribute),
624 // replace/remove partial match trailer and add the new one 726 current_set->attr_trailer,
625 727 GNUNET_strdup (del->issuer_attribute));
626 char *saveptr1, *saveptr2; 728
627 char *trail_token; 729 // if null: skip this record entry (reasons: mismatch or overmatch, both not relevant)
628 char *sub_token; 730 if(NULL == trail) {
629 char *tmp_trail = GNUNET_strdup (current_set->attr_trailer); 731 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Entry not relevant, discarding: %s.%s <- %s.%s\n",
630 char *tmp_subattr = GNUNET_strdup (del->subject_attribute); 732 GNUNET_CRYPTO_ecdsa_public_key_to_string(&del->issuer_key),
631 733 del->issuer_attribute,
632 // tok both, parent->attr_trailer and del->sub_attr to see how far they match, 734 GNUNET_CRYPTO_ecdsa_public_key_to_string(&del->subject_key),
633 // take rest of parent trailer (only when del->sub_attr token is null), and 735 del->subject_attribute);
634 // create new/actual trailer with del->iss_attr 736 continue;
635 trail_token = strtok_r (tmp_trail, ".", &saveptr1); 737 } else
636 sub_token = strtok_r (tmp_subattr, ".", &saveptr2); 738 ds_entry->attr_trailer = trail;
637 while (NULL != trail_token && NULL != sub_token)
638 {
639 if(0 == strcmp(trail_token,sub_token))
640 {
641 // good, matches, remove
642 } else {
643 // not relevant for solving the chain, end function here
644 // TODO how to end this correctly? just return?
645 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "-----------FW:throwing %s %s\n", trail_token, sub_token);
646
647 // TODO break zum nächsten for
648 //return;
649 }
650
651 trail_token = strtok_r (NULL, ".", &saveptr1);
652 sub_token = strtok_r (NULL, ".", &saveptr2);
653 }
654 if(NULL == trail_token)
655 {
656 //TODO error, can't happen
657 }
658 // do not have to check sub_token == NULL, if both would be NULL
659 // at the same time, the complete match part above should have triggered already
660
661 // otherwise, above while only ends when sub_token == NULL
662 GNUNET_asprintf (&ds_entry->attr_trailer,
663 "%s",
664 trail_token);
665 trail_token = strtok_r (NULL, ".", &saveptr1);
666 while(NULL != trail_token)
667 {
668 GNUNET_asprintf (&ds_entry->attr_trailer,
669 "%s.%s",
670 current_set->attr_trailer,
671 trail_token);
672 trail_token = strtok_r (NULL, ".", &saveptr1);
673
674 }
675 GNUNET_asprintf (&ds_entry->attr_trailer,
676 "%s.%s",
677 del->issuer_attribute,
678 ds_entry->attr_trailer);
679
680 } 739 }
681 } 740 }
682 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "-----------FW: new tailer %s\n", ds_entry->attr_trailer); 741
683 742
684 // Start: Credential Chain Entry 743 // Start: Credential Chain Entry
685 // issuer key is subject key, who needs to be contacted to resolve this (forward, therefore subject) 744 // issuer key is subject key, who needs to be contacted to resolve this (forward, therefore subject)
@@ -699,27 +758,75 @@ test_resolution (void *cls,
699 // current delegation as parent 758 // current delegation as parent
700 ds_entry->parent_queue_entry = dq_entry; 759 ds_entry->parent_queue_entry = dq_entry;
701 760
702 // TODO verify if end is reached: 761 // Check for solution
703 // what is required? Only issuer key/attr and attr_trailer new == 0 762 // if: issuer key we looking for
763 if (0 == memcmp (&del->issuer_key,
764 &vrh->issuer_key,
765 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
766 {
767 // if: issuer attr we looking for
768 if (0 == strcmp (del->issuer_attribute,
769 vrh->issuer_attribute))
770 {
771 // if: complete match, meaning new trailer == issuer attr
772 if(0 == strcmp (vrh->issuer_attribute, ds_entry->attr_trailer))
773 {
774 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Found: Solution\n");
775
776 // Add to delegation_chain
777 struct DelegationSetQueueEntry *tmp_set;
778 for (tmp_set = ds_entry; NULL != tmp_set->parent_queue_entry;
779 tmp_set = tmp_set->parent_queue_entry->parent_set) {
780 if (NULL != tmp_set->delegation_chain_entry) {
781 vrh->delegation_chain_size++;
782 GNUNET_CONTAINER_DLL_insert (vrh->delegation_chain_head,
783 vrh->delegation_chain_tail,
784 tmp_set->delegation_chain_entry);
785 }
786 }
787 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "tmpentrylast %s %s\n",
788 GNUNET_CRYPTO_ecdsa_public_key_to_string(&vrh->delegation_chain_head->subject_key),
789 vrh->delegation_chain_head->subject_attribute);
790
791 // Increase refcount for this delegate
792 for (struct DelegateRecordEntry *del_entry = vrh->del_chain_head; del_entry != NULL; del_entry = del_entry->next) {
793 if (0 == memcmp (&del_entry->delegate->issuer_key,
794 &vrh->delegation_chain_head->subject_key,
795 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
796 {
797 if (0 == strcmp (del_entry->delegate->issuer_attribute,
798 vrh->delegation_chain_head->subject_attribute))
799 {
800 del_entry->refcount++;
801 }
802 }
803 }
804
805 send_lookup_response (vrh);
806 return;
807 }
808 }
809 }
704 810
705 // TODO until good verify check: fixed number of lookups 811 // Starting a new GNS lookup
706 //vrh->pending_lookups++; 812 vrh->pending_lookups++;
707 ds_entry->handle = vrh; 813 ds_entry->handle = vrh;
708 814
709 const struct GNUNET_CRYPTO_EcdsaPublicKey *kkey = &del->issuer_key; 815 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Starting to look up trailer %s in zone %s\n", ds_entry->attr_trailer, GNUNET_CRYPTO_ecdsa_public_key_to_string(&del->issuer_key));
710 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "-----------FW: Starting AGAIN %s\n",GNUNET_CRYPTO_ecdsa_public_key_to_string(&del->issuer_key)); 816
711 if (0 == vrh->pending_lookups) {
712 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "We are all out of attributes...\n");
713 return;
714 }
715 GNUNET_GNS_lookup (gns, 817 GNUNET_GNS_lookup (gns,
716 GNUNET_GNS_EMPTY_LABEL_AT, 818 GNUNET_GNS_EMPTY_LABEL_AT,
717 kkey, // subject_key, 819 &del->issuer_key,
718 GNUNET_GNSRECORD_TYPE_DELEGATE, 820 GNUNET_GNSRECORD_TYPE_DELEGATE,
719 GNUNET_GNS_LO_DEFAULT, 821 GNUNET_GNS_LO_DEFAULT,
720 &test_resolution, 822 &test_resolution,
721 ds_entry); 823 ds_entry);
824 }
722 825
826 if (0 == vrh->pending_lookups) {
827 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "We are all out of attributes...\n");
828 send_lookup_response (vrh);
829 return;
723 } 830 }
724} 831}
725 832
@@ -730,7 +837,7 @@ backward_resolution (void *cls,
730{ 837{
731 struct VerifyRequestHandle *vrh; 838 struct VerifyRequestHandle *vrh;
732 const struct GNUNET_CREDENTIAL_DelegationRecord *sets; 839 const struct GNUNET_CREDENTIAL_DelegationRecord *sets;
733 struct CredentialRecordEntry *cred_pointer; 840 struct DelegateRecordEntry *del_pointer;
734 struct DelegationSetQueueEntry *current_set; 841 struct DelegationSetQueueEntry *current_set;
735 struct DelegationSetQueueEntry *ds_entry; 842 struct DelegationSetQueueEntry *ds_entry;
736 struct DelegationSetQueueEntry *tmp_set; 843 struct DelegationSetQueueEntry *tmp_set;
@@ -742,10 +849,6 @@ backward_resolution (void *cls,
742 current_set->lookup_request = NULL; 849 current_set->lookup_request = NULL;
743 vrh = current_set->handle; 850 vrh = current_set->handle;
744 vrh->pending_lookups--; 851 vrh->pending_lookups--;
745 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Got %d attrs\n", rd_count);
746
747 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "# Issuer Att %s\n", current_set->issuer_attribute);
748 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "# Lookup Att %s\n", current_set->lookup_attribute);
749 852
750 // Each OR 853 // Each OR
751 for (uint32_t i = 0; i < rd_count; i++) { 854 for (uint32_t i = 0; i < rd_count; i++) {
@@ -819,10 +922,6 @@ backward_resolution (void *cls,
819 922
820 ds_entry->parent_queue_entry = dq_entry; // current_delegation; 923 ds_entry->parent_queue_entry = dq_entry; // current_delegation;
821 924
822 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "# New AND DS entry into DQ queue\n");
823 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "# DS entry Issuer ATT %s\n", ds_entry->delegation_chain_entry->issuer_attribute);
824 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "# DS entry Subject ATT %s\n", ds_entry->delegation_chain_entry->subject_attribute);
825
826 GNUNET_CONTAINER_DLL_insert (dq_entry->set_entries_head, 925 GNUNET_CONTAINER_DLL_insert (dq_entry->set_entries_head,
827 dq_entry->set_entries_tail, 926 dq_entry->set_entries_tail,
828 ds_entry); 927 ds_entry);
@@ -831,26 +930,26 @@ backward_resolution (void *cls,
831 /** 930 /**
832 * Check if this delegation already matches one of our credentials 931 * Check if this delegation already matches one of our credentials
833 */ 932 */
834 for (cred_pointer = vrh->cred_chain_head; cred_pointer != NULL; 933 for (del_pointer = vrh->del_chain_head; del_pointer != NULL;
835 cred_pointer = cred_pointer->next) { 934 del_pointer = del_pointer->next) {
836 // If key and attribute match credential continue and backtrack 935 // If key and attribute match credential continue and backtrack
837 if (0 936 if (0
838 != memcmp (&set->subject_key, 937 != memcmp (&set->subject_key,
839 &cred_pointer->credential->issuer_key, 938 &del_pointer->delegate->issuer_key,
840 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey))) 939 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
841 continue; 940 continue;
842 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 941 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
843 "Checking if %s matches %s\n", 942 "Checking if %s matches %s\n",
844 ds_entry->unresolved_attribute_delegation, 943 ds_entry->unresolved_attribute_delegation,
845 cred_pointer->credential->issuer_attribute); 944 del_pointer->delegate->issuer_attribute);
846 945
847 if (0 946 if (0
848 != strcmp (ds_entry->unresolved_attribute_delegation, 947 != strcmp (ds_entry->unresolved_attribute_delegation,
849 cred_pointer->credential->issuer_attribute)) 948 del_pointer->delegate->issuer_attribute))
850 continue; 949 continue;
851 950
852 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Found issuer\n"); 951 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Found issuer\n");
853 cred_pointer->refcount++; 952 del_pointer->refcount++;
854 // Backtrack 953 // Backtrack
855 for (tmp_set = ds_entry; NULL != tmp_set->parent_queue_entry; 954 for (tmp_set = ds_entry; NULL != tmp_set->parent_queue_entry;
856 tmp_set = tmp_set->parent_queue_entry->parent_set) { 955 tmp_set = tmp_set->parent_queue_entry->parent_set) {
@@ -910,24 +1009,15 @@ backward_resolution (void *cls,
910 1009
911 vrh->pending_lookups++; 1010 vrh->pending_lookups++;
912 ds_entry->handle = vrh; 1011 ds_entry->handle = vrh;
913 /*ds_entry->lookup_request 1012 ds_entry->lookup_request
914 = GNUNET_GNS_lookup (gns, 1013 = GNUNET_GNS_lookup (gns,
915 lookup_attribute, 1014 lookup_attribute,
916 ds_entry->issuer_key, // issuer_key, 1015 ds_entry->issuer_key, // issuer_key,
917 GNUNET_GNSRECORD_TYPE_ATTRIBUTE, 1016 GNUNET_GNSRECORD_TYPE_ATTRIBUTE,
918 GNUNET_GNS_LO_DEFAULT, 1017 GNUNET_GNS_LO_DEFAULT,
919 &backward_resolution, 1018 &backward_resolution,
920 ds_entry);*/
921 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Starting %s\n", GNUNET_CRYPTO_ecdsa_public_key_to_string(ds_entry->issuer_key));
922 vrh->pending_lookups = 5;
923 ds_entry->lookup_request
924 = GNUNET_GNS_lookup (gns,
925 GNUNET_GNS_EMPTY_LABEL_AT,
926 ds_entry->issuer_key, // issuer_key,
927 GNUNET_GNSRECORD_TYPE_DELEGATE,
928 GNUNET_GNS_LO_DEFAULT,
929 &test_resolution,
930 ds_entry); 1019 ds_entry);
1020
931 GNUNET_free (lookup_attribute); 1021 GNUNET_free (lookup_attribute);
932 } 1022 }
933 } 1023 }
@@ -950,27 +1040,25 @@ delegation_chain_resolution_start (void *cls)
950{ 1040{
951 struct VerifyRequestHandle *vrh = cls; 1041 struct VerifyRequestHandle *vrh = cls;
952 struct DelegationSetQueueEntry *ds_entry; 1042 struct DelegationSetQueueEntry *ds_entry;
953 struct CredentialRecordEntry *cr_entry; 1043 struct DelegateRecordEntry *del_entry;
954 vrh->lookup_request = NULL; 1044 vrh->lookup_request = NULL;
955 1045
956 if (0 == vrh->cred_chain_size) { 1046 if (0 == vrh->del_chain_size) {
957 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No credentials found\n"); 1047 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No delegates found\n");
958 send_lookup_response (vrh); 1048 send_lookup_response (vrh);
959 return; 1049 return;
960 } 1050 }
961 1051
962 for (cr_entry = vrh->cred_chain_head; cr_entry != NULL; 1052 for (del_entry = vrh->del_chain_head; del_entry != NULL;
963 cr_entry = cr_entry->next) { 1053 del_entry = del_entry->next) {
964 if (0 1054 if (0 != memcmp (&del_entry->delegate->issuer_key,
965 != memcmp (&cr_entry->credential->issuer_key,
966 &vrh->issuer_key, 1055 &vrh->issuer_key,
967 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey))) 1056 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
968 continue; 1057 continue;
969 if (0 1058 if (0 != strcmp (del_entry->delegate->issuer_attribute,
970 != strcmp (cr_entry->credential->issuer_attribute,
971 vrh->issuer_attribute)) 1059 vrh->issuer_attribute))
972 continue; 1060 continue;
973 cr_entry->refcount++; 1061 del_entry->refcount++;
974 // Found match prematurely 1062 // Found match prematurely
975 send_lookup_response (vrh); 1063 send_lookup_response (vrh);
976 return; 1064 return;
@@ -1005,18 +1093,91 @@ delegation_chain_resolution_start (void *cls)
1005 GNUNET_GNS_LO_DEFAULT, 1093 GNUNET_GNS_LO_DEFAULT,
1006 &backward_resolution, 1094 &backward_resolution,
1007 ds_entry); 1095 ds_entry);
1008 //GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Starting %s\n", GNUNET_CRYPTO_ecdsa_public_key_to_string(&vrh->issuer_key)); 1096}
1009 1097
1010 // TODO we start with example (5) F.c <- G 1098static void
1011 // => attr_trailer = c 1099delegation_chain_fw_resolution_start (void *cls)
1012 //ds_entry->attr_trailer = "c"; 1100{
1013 /*ds_entry->lookup_request = GNUNET_GNS_lookup (gns, 1101 struct VerifyRequestHandle *vrh = cls;
1014 GNUNET_GNS_EMPTY_LABEL_AT, 1102 struct DelegationSetQueueEntry *ds_entry;
1015 &vrh->issuer_key, // subject_key, 1103 struct DelegateRecordEntry *del_entry;
1016 GNUNET_GNSRECORD_TYPE_DELEGATE, 1104
1017 GNUNET_GNS_LO_DEFAULT, 1105 vrh->lookup_request = NULL;
1018 &test_resolution, 1106 // set to 0 and increase on each lookup: for fw multiple lookups (may be) started
1019 ds_entry);*/ 1107 vrh->pending_lookups = 0;
1108
1109 //TODO no pre-check with vrh->dele_chain_bla if match issuer_key
1110 //otherwise: start mutliple lookups for each vrh->dele_chain
1111 // A.a <- ...
1112 // X.x <- C
1113 // Y.y <- C
1114 // wenn X.x oder Y.y nicht == A.a dann starte bei X und bei Y
1115
1116 // bei backward: check every cred entry if match issuer key
1117 // otherwise: start at issuer and go down till match
1118 // A.a <- ...
1119 // X.x <- C
1120 // Y.y <- C
1121 // wenn X.x oder Y.y nicht == A.a dann starte von A
1122 if (0 == vrh->del_chain_size) {
1123 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No delegations found\n");
1124 send_lookup_response (vrh);
1125 return;
1126 }
1127
1128 // Check if one of the delegations of the subject already match
1129 for (del_entry = vrh->del_chain_head; del_entry != NULL; del_entry = del_entry->next) {
1130 if (0 != memcmp (&del_entry->delegate->issuer_key,
1131 &vrh->issuer_key,
1132 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
1133 continue;
1134 if (0 != strcmp (del_entry->delegate->issuer_attribute,
1135 vrh->issuer_attribute))
1136 continue;
1137 del_entry->refcount++;
1138 // Found match prematurely
1139 send_lookup_response (vrh);
1140 return;
1141 }
1142
1143 // None match, therefore start for every delegation found a lookup chain
1144 // Return and end collect process on first chain iss <-> sub found
1145
1146 // ds_entry created belongs to the first lookup, vrh still has the
1147 // issuer+attr we look for
1148 for (del_entry = vrh->del_chain_head; del_entry != NULL; del_entry = del_entry->next) {
1149 //char issuer_attribute_name[strlen (vrh->issuer_attribute) + 1];
1150 //strcpy (issuer_attribute_name, vrh->issuer_attribute);
1151
1152 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1153 "Looking for %s.%s\n",
1154 GNUNET_CRYPTO_ecdsa_public_key_to_string(&del_entry->delegate->issuer_key), del_entry->delegate->issuer_attribute);
1155
1156 ds_entry = GNUNET_new (struct DelegationSetQueueEntry);
1157 ds_entry->issuer_key = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPublicKey);
1158 // TODO: new ds_entry struct with subject_key (or one for both with contact_key or sth)
1159 GNUNET_memcpy (ds_entry->issuer_key,
1160 &del_entry->delegate->subject_key,
1161 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
1162 //ds_entry->issuer_attribute = GNUNET_strdup (vrh->issuer_attribute);
1163 ds_entry->attr_trailer = GNUNET_strdup(del_entry->delegate->issuer_attribute);
1164 ds_entry->handle = vrh;
1165 // TODO: no lookup attribute for forward?
1166 //ds_entry->lookup_attribute = GNUNET_strdup (vrh->issuer_attribute);
1167
1168 vrh->root_set = ds_entry;
1169 vrh->pending_lookups ++;
1170 // Start with forward resolution
1171 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "# Start Forward Resolution\n");
1172
1173 ds_entry->lookup_request = GNUNET_GNS_lookup (gns,
1174 GNUNET_GNS_EMPTY_LABEL_AT,
1175 &del_entry->delegate->issuer_key, // issuer_key,
1176 GNUNET_GNSRECORD_TYPE_DELEGATE,
1177 GNUNET_GNS_LO_DEFAULT,
1178 &test_resolution,
1179 ds_entry);
1180 }
1020} 1181}
1021 1182
1022static int 1183static int
@@ -1048,7 +1209,7 @@ handle_verify (void *cls, const struct VerifyMessage *v_msg)
1048{ 1209{
1049 struct VerifyRequestHandle *vrh; 1210 struct VerifyRequestHandle *vrh;
1050 struct GNUNET_SERVICE_Client *client = cls; 1211 struct GNUNET_SERVICE_Client *client = cls;
1051 struct CredentialRecordEntry *cr_entry; 1212 struct DelegateRecordEntry *del_entry;
1052 uint32_t credentials_count; 1213 uint32_t credentials_count;
1053 uint32_t credential_data_size; 1214 uint32_t credential_data_size;
1054 char attr[GNUNET_CREDENTIAL_MAX_LENGTH + 1]; 1215 char attr[GNUNET_CREDENTIAL_MAX_LENGTH + 1];
@@ -1069,24 +1230,24 @@ handle_verify (void *cls, const struct VerifyMessage *v_msg)
1069 vrh->issuer_key = v_msg->issuer_key; 1230 vrh->issuer_key = v_msg->issuer_key;
1070 vrh->subject_key = v_msg->subject_key; 1231 vrh->subject_key = v_msg->subject_key;
1071 vrh->issuer_attribute = GNUNET_strdup (issuer_attribute); 1232 vrh->issuer_attribute = GNUNET_strdup (issuer_attribute);
1233 vrh->resolution_algo = ntohs(v_msg->resolution_algo);
1234
1072 GNUNET_SERVICE_client_continue (vrh->client); 1235 GNUNET_SERVICE_client_continue (vrh->client);
1073 if (0 == strlen (issuer_attribute)) { 1236 if (0 == strlen (issuer_attribute)) {
1074 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No issuer attribute provided!\n"); 1237 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No issuer attribute provided!\n");
1075 send_lookup_response (vrh); 1238 send_lookup_response (vrh);
1076 return; 1239 return;
1077 } 1240 }
1078 /** 1241
1079 * First, collect credentials 1242 // Parse delegates from verifaction message
1080 * TODO: cleanup!
1081 */
1082 credentials_count = ntohl (v_msg->c_count); 1243 credentials_count = ntohl (v_msg->c_count);
1083 credential_data_size = ntohs (v_msg->header.size) 1244 credential_data_size = ntohs (v_msg->header.size)
1084 - sizeof (struct VerifyMessage) 1245 - sizeof (struct VerifyMessage)
1085 - ntohs (v_msg->issuer_attribute_len) - 1; 1246 - ntohs (v_msg->issuer_attribute_len) - 1;
1086 struct GNUNET_CREDENTIAL_Credential credentials[credentials_count]; 1247 struct GNUNET_CREDENTIAL_Delegate credentials[credentials_count];
1087 memset (credentials, 1248 memset (credentials,
1088 0, 1249 0,
1089 sizeof (struct GNUNET_CREDENTIAL_Credential) * credentials_count); 1250 sizeof (struct GNUNET_CREDENTIAL_Delegate) * credentials_count);
1090 credential_data = (char *)&v_msg[1] + ntohs (v_msg->issuer_attribute_len) + 1; 1251 credential_data = (char *)&v_msg[1] + ntohs (v_msg->issuer_attribute_len) + 1;
1091 if (GNUNET_OK 1252 if (GNUNET_OK
1092 != GNUNET_CREDENTIAL_credentials_deserialize (credential_data_size, 1253 != GNUNET_CREDENTIAL_credentials_deserialize (credential_data_size,
@@ -1098,27 +1259,37 @@ handle_verify (void *cls, const struct VerifyMessage *v_msg)
1098 return; 1259 return;
1099 } 1260 }
1100 1261
1262 // Prepare vrh delegation chain for later validation
1101 for (uint32_t i = 0; i < credentials_count; i++) { 1263 for (uint32_t i = 0; i < credentials_count; i++) {
1102 cr_entry = GNUNET_new (struct CredentialRecordEntry); 1264 del_entry = GNUNET_new (struct DelegateRecordEntry);
1103 cr_entry->credential 1265 del_entry->delegate
1104 = GNUNET_malloc (sizeof (struct GNUNET_CREDENTIAL_Credential) 1266 = GNUNET_malloc (sizeof (struct GNUNET_CREDENTIAL_Delegate)
1105 + credentials[i].issuer_attribute_len + 1); 1267 + credentials[i].issuer_attribute_len + 1);
1106 GNUNET_memcpy (cr_entry->credential, 1268 GNUNET_memcpy (del_entry->delegate,
1107 &credentials[i], 1269 &credentials[i],
1108 sizeof (struct GNUNET_CREDENTIAL_Credential)); 1270 sizeof (struct GNUNET_CREDENTIAL_Delegate));
1109 GNUNET_memcpy (&cr_entry->credential[1], 1271 GNUNET_memcpy (&del_entry->delegate[1],
1110 credentials[i].issuer_attribute, 1272 credentials[i].issuer_attribute,
1111 credentials[i].issuer_attribute_len); 1273 credentials[i].issuer_attribute_len);
1112 cr_entry->credential->issuer_attribute_len 1274 del_entry->delegate->issuer_attribute_len
1113 = credentials[i].issuer_attribute_len; 1275 = credentials[i].issuer_attribute_len;
1114 cr_entry->credential->issuer_attribute = (char *)&cr_entry->credential[1]; 1276 del_entry->delegate->issuer_attribute = (char *)&del_entry->delegate[1];
1115 GNUNET_CONTAINER_DLL_insert_tail (vrh->cred_chain_head, 1277 GNUNET_CONTAINER_DLL_insert_tail (vrh->del_chain_head,
1116 vrh->cred_chain_tail, 1278 vrh->del_chain_tail,
1117 cr_entry); 1279 del_entry);
1118 vrh->cred_chain_size++; 1280 vrh->del_chain_size++;
1119 } 1281 }
1120 1282
1121 delegation_chain_resolution_start (vrh); 1283 // Switch resolution algo
1284 if(Backward == vrh->resolution_algo){
1285 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "+++++++++++++++++backward\n");
1286 delegation_chain_resolution_start (vrh);
1287 } else if (Forward == vrh->resolution_algo){
1288 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "+++++++++++++++++forward\n");
1289 delegation_chain_fw_resolution_start (vrh);
1290 } else{
1291 //TODO
1292 }
1122} 1293}
1123 1294
1124static void 1295static void
@@ -1132,55 +1303,56 @@ handle_cred_collection_error_cb (void *cls)
1132} 1303}
1133 1304
1134static void 1305static void
1135collect_next (void *cls) 1306handle_cred_collection_finished_cb (void *cls)
1136{ 1307{
1137 struct VerifyRequestHandle *vrh = cls; 1308 struct VerifyRequestHandle *vrh = cls;
1138 vrh->collect_next_task = NULL; 1309 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Done collecting credentials.\n");
1139 GNUNET_assert (NULL != vrh->cred_collection_iter); 1310 vrh->cred_collection_iter = NULL;
1140 GNUNET_NAMESTORE_zone_iterator_next (vrh->cred_collection_iter, 1); 1311 if(Backward == vrh->resolution_algo){
1312 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "+++++++++++++++++backward\n");
1313 delegation_chain_resolution_start (vrh);
1314 } else if (Forward == vrh->resolution_algo){
1315 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "+++++++++++++++++forward\n");
1316 delegation_chain_fw_resolution_start (vrh);
1317 } else{
1318 //TODO
1319 }
1141} 1320}
1142 1321
1143
1144static void 1322static void
1145handle_cred_collection_cb (void *cls, 1323tmp_handle_cred_collection_cb (void *cls,
1146 const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, 1324 const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
1147 const char *label, 1325 const char *label,
1148 unsigned int rd_count, 1326 unsigned int rd_count,
1149 const struct GNUNET_GNSRECORD_Data *rd) 1327 const struct GNUNET_GNSRECORD_Data *rd)
1150{ 1328{
1151 struct VerifyRequestHandle *vrh = cls; 1329 struct VerifyRequestHandle *vrh = cls;
1152 struct GNUNET_CREDENTIAL_Credential *crd; 1330 struct GNUNET_CREDENTIAL_Delegate *del;
1153 struct CredentialRecordEntry *cr_entry; 1331 struct DelegateRecordEntry *del_entry;
1154 int cred_record_count; 1332 int cred_record_count;
1155
1156 cred_record_count = 0; 1333 cred_record_count = 0;
1334 vrh->dele_qe = NULL;
1335
1336 //TODO not all, only private and with sub_attr_len == 0
1157 for (uint32_t i = 0; i < rd_count; i++) { 1337 for (uint32_t i = 0; i < rd_count; i++) {
1158 if (GNUNET_GNSRECORD_TYPE_CREDENTIAL != rd[i].record_type) 1338 if (GNUNET_GNSRECORD_TYPE_DELEGATE != rd[i].record_type)
1159 continue; 1339 continue;
1160 cred_record_count++; 1340 cred_record_count++;
1161 crd 1341 del = GNUNET_CREDENTIAL_delegate_deserialize (rd[i].data, rd[i].data_size);
1162 = GNUNET_CREDENTIAL_credential_deserialize (rd[i].data, rd[i].data_size); 1342 if (NULL == del) {
1163 if (NULL == crd) {
1164 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "Invalid credential found\n"); 1343 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "Invalid credential found\n");
1165 continue; 1344 continue;
1166 } 1345 }
1167 cr_entry = GNUNET_new (struct CredentialRecordEntry); 1346 del_entry = GNUNET_new (struct DelegateRecordEntry);
1168 cr_entry->credential = crd; 1347 del_entry->delegate = del;
1169 GNUNET_CONTAINER_DLL_insert_tail (vrh->cred_chain_head, 1348 GNUNET_CONTAINER_DLL_insert_tail (vrh->del_chain_head,
1170 vrh->cred_chain_tail, 1349 vrh->del_chain_tail,
1171 cr_entry); 1350 del_entry);
1172 vrh->cred_chain_size++; 1351 vrh->del_chain_size++;
1173 } 1352 }
1174 vrh->collect_next_task = GNUNET_SCHEDULER_add_now (&collect_next, vrh); 1353 // No need to collect next, should have all already
1175} 1354 //vrh->collect_next_task = GNUNET_SCHEDULER_add_now (&collect_next, vrh);
1176 1355 handle_cred_collection_finished_cb(vrh);
1177static void
1178handle_cred_collection_finished_cb (void *cls)
1179{
1180 struct VerifyRequestHandle *vrh = cls;
1181 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Done collecting credentials.\n");
1182 vrh->cred_collection_iter = NULL;
1183 delegation_chain_resolution_start (vrh);
1184} 1356}
1185 1357
1186static void 1358static void
@@ -1207,6 +1379,7 @@ handle_collect (void *cls, const struct CollectMessage *c_msg)
1207 vrh->issuer_key = c_msg->issuer_key; 1379 vrh->issuer_key = c_msg->issuer_key;
1208 GNUNET_CRYPTO_ecdsa_key_get_public (&c_msg->subject_key, &vrh->subject_key); 1380 GNUNET_CRYPTO_ecdsa_key_get_public (&c_msg->subject_key, &vrh->subject_key);
1209 vrh->issuer_attribute = GNUNET_strdup (issuer_attribute); 1381 vrh->issuer_attribute = GNUNET_strdup (issuer_attribute);
1382 vrh->resolution_algo = ntohs(c_msg->resolution_algo);
1210 1383
1211 if (0 == strlen (issuer_attribute)) { 1384 if (0 == strlen (issuer_attribute)) {
1212 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No issuer attribute provided!\n"); 1385 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No issuer attribute provided!\n");
@@ -1217,7 +1390,8 @@ handle_collect (void *cls, const struct CollectMessage *c_msg)
1217 /** 1390 /**
1218 * First, get attribute from subject 1391 * First, get attribute from subject
1219 */ 1392 */
1220 vrh->cred_collection_iter = GNUNET_NAMESTORE_zone_iteration_start ( 1393 // TODO NAMESTORE_lookup auf empty label statt iteration, iteration genutzt da nicht wusste welches label
1394 /*vrh->cred_collection_iter = GNUNET_NAMESTORE_zone_iteration_start (
1221 namestore, 1395 namestore,
1222 &c_msg->subject_key, 1396 &c_msg->subject_key,
1223 &handle_cred_collection_error_cb, 1397 &handle_cred_collection_error_cb,
@@ -1225,7 +1399,15 @@ handle_collect (void *cls, const struct CollectMessage *c_msg)
1225 &handle_cred_collection_cb, 1399 &handle_cred_collection_cb,
1226 vrh, 1400 vrh,
1227 &handle_cred_collection_finished_cb, 1401 &handle_cred_collection_finished_cb,
1228 vrh); 1402 vrh);*/
1403 //TODO rename tmp_handle_... and test_resolution..
1404 vrh->dele_qe = GNUNET_NAMESTORE_records_lookup (namestore,
1405 &c_msg->subject_key,
1406 GNUNET_GNS_EMPTY_LABEL_AT,
1407 &handle_cred_collection_error_cb,
1408 vrh,
1409 &tmp_handle_cred_collection_cb,
1410 vrh);
1229 GNUNET_SERVICE_client_continue (vrh->client); 1411 GNUNET_SERVICE_client_continue (vrh->client);
1230} 1412}
1231 1413
diff --git a/src/credential/test_credential_own.sh b/src/credential/test_credential_own.sh
index 23935c75a..19dd686a9 100755
--- a/src/credential/test_credential_own.sh
+++ b/src/credential/test_credential_own.sh
@@ -68,10 +68,14 @@ gnunet-namestore -D -z e
68 68
69SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=e --attribute="c" --subject="$FKEY c" --ttl="2019-12-12 10:00:00"` 69SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=e --attribute="c" --subject="$FKEY c" --ttl="2019-12-12 10:00:00"`
70gnunet-credential --createSubjectSide --ego=f --import "$SIGNED" 70gnunet-credential --createSubjectSide --ego=f --import "$SIGNED"
71SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=e --attribute="k" --subject="$FKEY c.k" --ttl="2019-12-12 10:00:00"`
72gnunet-credential --createSubjectSide --ego=f --import "$SIGNED"
71gnunet-namestore -D -z f 73gnunet-namestore -D -z f
72 74
73SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=f --attribute="c" --subject="$GKEY" --ttl="2019-12-12 10:00:00"` 75SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=f --attribute="c" --subject="$GKEY" --ttl="2019-12-12 10:00:00"`
74gnunet-credential --createSubjectSide --ego=g --import "$SIGNED" 76gnunet-credential --createSubjectSide --ego=g --import "$SIGNED"
77SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=a --attribute="c" --subject="$GKEY" --ttl="2019-12-12 10:00:00"`
78gnunet-credential --createSubjectSide --ego=g --import "$SIGNED"
75gnunet-namestore -D -z g 79gnunet-namestore -D -z g
76 80
77 81
@@ -114,18 +118,23 @@ gnunet-namestore -p -z stateu -a -n $STATE_STUD_ATTR -t ATTR -V "$REGISTRARB_KEY
114CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=registrarb --subject=$ALICE_KEY --attribute=$REG_STUD_ATTR --ttl=5m -c test_credential_lookup.conf` 118CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=registrarb --subject=$ALICE_KEY --attribute=$REG_STUD_ATTR --ttl=5m -c test_credential_lookup.conf`
115 119
116# Alice stores the credential under "mygnunetcreds" 120# Alice stores the credential under "mygnunetcreds"
117gnunet-namestore -p -z alice -a -n $TEST_CREDENTIAL -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf 121#gnunet-namestore -p -z alice -a -n $TEST_CREDENTIAL -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf
122
123SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=registrarb --attribute="$REG_STUD_ATTR" --subject="$ALICE_KEY" --ttl="2019-12-12 10:00:00"`
124gnunet-credential --createSubjectSide --ego=alice --import "$SIGNED"
118 125
119# Starting to resolve 126# Starting to resolve
120echo "+++++Starting Collect" 127echo "+++++Starting Collect"
121 128
122CREDS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$EPUB_KEY --attribute="random" --ego=alice -c test_credential_lookup.conf | paste -d, -s` 129CREDS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$AKEY --attribute="a" --ego=g -c test_credential_lookup.conf | paste -d, -s`
123#CREDS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$EPUB_KEY --attribute=$DISC_ATTR --ego=alice -c test_credential_lookup.conf | paste -d, -s`
124echo $CREDS 130echo $CREDS
125echo gnunet-credential --verify --issuer=$EPUB_KEY --attribute=$DISC_ATTR --subject=$ALICE_KEY --credential=\'$CREDS\' -c test_credential_lookup.conf 131echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$GKEY --credential=\'$CREDS\' -c test_credential_lookup.conf
132RES_CRED=`gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$GKEY --credential="$CREDS" -c test_credential_lookup.conf`
126 133
127RES_CRED=`gnunet-credential --verify --issuer=$EPUB_KEY --attribute="random" --subject=$ALICE_KEY --credential="$CREDS" -c test_credential_lookup.conf` 134#CREDS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$EPUB_KEY --attribute=$DISC_ATTR --ego=alice -c test_credential_lookup.conf | paste -d, -s`
128#RES_CRED=`gnunet-credential --verify --issuer=$GKEY --attribute=$DISC_ATTR --subject=$ALICE_KEY --credential="$CREDS" -c test_credential_lookup.conf` 135#echo $CREDS
136#echo gnunet-credential --verify --issuer=$EPUB_KEY --attribute=$DISC_ATTR --subject=$ALICE_KEY --credential=\'$CREDS\' -c test_credential_lookup.conf
137#RES_CRED=`gnunet-credential --verify --issuer=$EPUB_KEY --attribute=$DISC_ATTR --subject=$ALICE_KEY --credential="$CREDS" -c test_credential_lookup.conf`
129 138
130 139
131# Cleanup properly 140# Cleanup properly
diff --git a/src/include/gnunet_credential_service.h b/src/include/gnunet_credential_service.h
index 7b179e99f..b64bb350c 100644
--- a/src/include/gnunet_credential_service.h
+++ b/src/include/gnunet_credential_service.h
@@ -11,7 +11,7 @@
11 WITHOUT ANY WARRANTY; without even the implied warranty of 11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details. 13 Affero General Public License for more details.
14 14
15 You should have received a copy of the GNU Affero General Public License 15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>. 16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17 17
@@ -56,26 +56,27 @@ struct GNUNET_CREDENTIAL_Handle;
56struct GNUNET_CREDENTIAL_Request; 56struct GNUNET_CREDENTIAL_Request;
57 57
58/* 58/*
59 * Enum used for checking whether the issuer has the authority to issue credentials or is just a subject 59* Enum used for checking whether the issuer has the authority to issue credentials or is just a subject
60 */ 60*/
61enum GNUNET_CREDENTIAL_CredentialFlags 61enum GNUNET_CREDENTIAL_CredentialFlags {
62{ 62
63 // Subject had credentials before, but have been revoked now 63 //Subject had credentials before, but have been revoked now
64 GNUNET_CREDENTIAL_FLAG_REVOKED=0, 64 GNUNET_CREDENTIAL_FLAG_REVOKED=0,
65 65
66 // Subject flag indicates that the subject is a holder of this credential and may present it as such 66 //Subject flag indicates that the subject is a holder of this credential and may present it as such
67 GNUNET_CREDENTIAL_FLAG_SUBJECT=1, 67 GNUNET_CREDENTIAL_FLAG_SUBJECT=1,
68 68
69 // Issuer flag is used to signify that the subject is allowed to issue this credential and delegate issuance 69 //Issuer flag is used to signify that the subject is allowed to issue this credential and delegate issuance
70 GNUNET_CREDENTIAL_FLAG_ISSUER=2 70 GNUNET_CREDENTIAL_FLAG_ISSUER=2
71
71}; 72};
72 73
73GNUNET_NETWORK_STRUCT_BEGIN 74GNUNET_NETWORK_STRUCT_BEGIN
74/** 75/**
75 * The attribute delegation record 76 * The attribute delegation record
76 */ 77 */
77struct GNUNET_CREDENTIAL_DelegationRecord 78struct GNUNET_CREDENTIAL_DelegationRecord {
78{ 79
79 /** 80 /**
80 * Number of delegation sets in this record 81 * Number of delegation sets in this record
81 */ 82 */
@@ -94,8 +95,8 @@ struct GNUNET_CREDENTIAL_DelegationRecord
94/** 95/**
95 * The attribute delegation record 96 * The attribute delegation record
96 */ 97 */
97struct GNUNET_CREDENTIAL_DelegationRecordSet 98struct GNUNET_CREDENTIAL_DelegationRecordSet {
98{ 99
99 /** 100 /**
100 * Public key of the subject this attribute was delegated to 101 * Public key of the subject this attribute was delegated to
101 */ 102 */
@@ -113,8 +114,8 @@ GNUNET_NETWORK_STRUCT_END
113/** 114/**
114 * The attribute delegation record 115 * The attribute delegation record
115 */ 116 */
116struct GNUNET_CREDENTIAL_DelegationSet 117struct GNUNET_CREDENTIAL_DelegationSet {
117{ 118
118 /** 119 /**
119 * Public key of the subject this attribute was delegated to 120 * Public key of the subject this attribute was delegated to
120 */ 121 */
@@ -132,8 +133,8 @@ struct GNUNET_CREDENTIAL_DelegationSet
132/** 133/**
133 * A delegation 134 * A delegation
134 */ 135 */
135struct GNUNET_CREDENTIAL_Delegation 136struct GNUNET_CREDENTIAL_Delegation {
136{ 137
137 /** 138 /**
138 * The issuer of the delegation 139 * The issuer of the delegation
139 */ 140 */
@@ -169,8 +170,8 @@ struct GNUNET_CREDENTIAL_Delegation
169/** 170/**
170 * A credential 171 * A credential
171 */ 172 */
172struct GNUNET_CREDENTIAL_Credential 173struct GNUNET_CREDENTIAL_Credential {
173{ 174
174 /** 175 /**
175 * The issuer of the credential 176 * The issuer of the credential
176 */ 177 */
@@ -200,6 +201,7 @@ struct GNUNET_CREDENTIAL_Credential
200 * The attribute 201 * The attribute
201 */ 202 */
202 const char *issuer_attribute; 203 const char *issuer_attribute;
204
203}; 205};
204 206
205/** 207/**
@@ -280,16 +282,10 @@ GNUNET_CREDENTIAL_disconnect (struct GNUNET_CREDENTIAL_Handle *handle);
280 * @param credential the credentials 282 * @param credential the credentials
281 */ 283 */
282typedef void (*GNUNET_CREDENTIAL_CredentialResultProcessor) (void *cls, 284typedef void (*GNUNET_CREDENTIAL_CredentialResultProcessor) (void *cls,
283 unsigned int 285 unsigned int d_count,
284 d_count, 286 struct GNUNET_CREDENTIAL_Delegation *delegation_chain,
285 struct 287 unsigned int c_count,
286 GNUNET_CREDENTIAL_Delegation 288 struct GNUNET_CREDENTIAL_Delegate *credential);
287 *delegation_chain,
288 unsigned int
289 c_count,
290 struct
291 GNUNET_CREDENTIAL_Credential
292 *credential);
293 289
294/** 290/**
295 * Iterator called on obtained result for an attribute delegation. 291 * Iterator called on obtained result for an attribute delegation.
@@ -309,8 +305,7 @@ typedef void (*GNUNET_CREDENTIAL_DelegateResultProcessor) (void *cls,
309 * @param result the record data that can be handed to the subject 305 * @param result the record data that can be handed to the subject
310 */ 306 */
311typedef void (*GNUNET_CREDENTIAL_RemoveDelegateResultProcessor) (void *cls, 307typedef void (*GNUNET_CREDENTIAL_RemoveDelegateResultProcessor) (void *cls,
312 uint32_t 308 uint32_t success);
313 success);
314 309
315 310
316/** 311/**
@@ -335,21 +330,17 @@ struct GNUNET_CREDENTIAL_Request*
335GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle, 330GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle,
336 const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key, 331 const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
337 const char *issuer_attribute, 332 const char *issuer_attribute,
338 const struct 333 const struct GNUNET_CRYPTO_EcdsaPublicKey *subject_key,
339 GNUNET_CRYPTO_EcdsaPublicKey *subject_key,
340 uint32_t credential_count, 334 uint32_t credential_count,
341 const struct 335 const struct GNUNET_CREDENTIAL_Delegate *credentials,
342 GNUNET_CREDENTIAL_Credential *credentials,
343 GNUNET_CREDENTIAL_CredentialResultProcessor proc, 336 GNUNET_CREDENTIAL_CredentialResultProcessor proc,
344 void *proc_cls); 337 void *proc_cls);
345 338
346struct GNUNET_CREDENTIAL_Request* 339struct GNUNET_CREDENTIAL_Request*
347GNUNET_CREDENTIAL_collect (struct GNUNET_CREDENTIAL_Handle *handle, 340GNUNET_CREDENTIAL_collect (struct GNUNET_CREDENTIAL_Handle *handle,
348 const struct 341 const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
349 GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
350 const char *issuer_attribute, 342 const char *issuer_attribute,
351 const struct 343 const struct GNUNET_CRYPTO_EcdsaPrivateKey *subject_key,
352 GNUNET_CRYPTO_EcdsaPrivateKey *subject_key,
353 GNUNET_CREDENTIAL_CredentialResultProcessor proc, 344 GNUNET_CREDENTIAL_CredentialResultProcessor proc,
354 void *proc_cls); 345 void *proc_cls);
355 346
@@ -388,8 +379,7 @@ struct GNUNET_CREDENTIAL_Request *
388GNUNET_CREDENTIAL_remove_delegation (struct GNUNET_CREDENTIAL_Handle *handle, 379GNUNET_CREDENTIAL_remove_delegation (struct GNUNET_CREDENTIAL_Handle *handle,
389 struct GNUNET_IDENTITY_Ego *issuer, 380 struct GNUNET_IDENTITY_Ego *issuer,
390 const char *attribute, 381 const char *attribute,
391 GNUNET_CREDENTIAL_RemoveDelegateResultProcessor 382 GNUNET_CREDENTIAL_RemoveDelegateResultProcessor proc,
392 proc,
393 void *proc_cls); 383 void *proc_cls);
394 384
395 385
@@ -404,8 +394,7 @@ GNUNET_CREDENTIAL_remove_delegation (struct GNUNET_CREDENTIAL_Handle *handle,
404 * @return handle to the queued request 394 * @return handle to the queued request
405 */ 395 */
406struct GNUNET_CREDENTIAL_Credential* 396struct GNUNET_CREDENTIAL_Credential*
407GNUNET_CREDENTIAL_credential_issue (const struct 397GNUNET_CREDENTIAL_credential_issue (const struct GNUNET_CRYPTO_EcdsaPrivateKey *issuer,
408 GNUNET_CRYPTO_EcdsaPrivateKey *issuer,
409 struct GNUNET_CRYPTO_EcdsaPublicKey *subject, 398 struct GNUNET_CRYPTO_EcdsaPublicKey *subject,
410 const char *attribute, 399 const char *attribute,
411 struct GNUNET_TIME_Absolute *expiration); 400 struct GNUNET_TIME_Absolute *expiration);