diff options
| author | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2016-12-13 10:18:40 +0100 |
|---|---|---|
| committer | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2016-12-13 10:18:40 +0100 |
| commit | d03ce063cf660a1f9f37b917eab3747a40937d68 (patch) | |
| tree | 33248b5727f36bcb2b0f9141e6a4b31d380ea9f5 | |
| parent | 78b7c56bd1502ec87054521970a8e5b9cf225b66 (diff) | |
| download | gnunet-d03ce063cf660a1f9f37b917eab3747a40937d68.tar.gz gnunet-d03ce063cf660a1f9f37b917eab3747a40937d68.zip | |
-more rest
| -rw-r--r-- | src/credential/credential_api.c | 2 | ||||
| -rw-r--r-- | src/credential/gnunet-service-credential.c | 2 | ||||
| -rw-r--r-- | src/credential/plugin_gnsrecord_credential.c | 4 | ||||
| -rw-r--r-- | src/credential/plugin_rest_credential.c | 153 | ||||
| -rw-r--r-- | src/include/gnunet_credential_service.h | 2 |
5 files changed, 153 insertions, 10 deletions
diff --git a/src/credential/credential_api.c b/src/credential/credential_api.c index 5bc1e52f1..54a02484d 100644 --- a/src/credential/credential_api.c +++ b/src/credential/credential_api.c | |||
| @@ -457,7 +457,7 @@ GNUNET_CREDENTIAL_issue (struct GNUNET_CREDENTIAL_Handle *handle, | |||
| 457 | if (GNUNET_OK != | 457 | if (GNUNET_OK != |
| 458 | GNUNET_CRYPTO_ecdsa_sign (issuer, | 458 | GNUNET_CRYPTO_ecdsa_sign (issuer, |
| 459 | &crd->purpose, | 459 | &crd->purpose, |
| 460 | &crd->sig)) | 460 | &crd->signature)) |
| 461 | { | 461 | { |
| 462 | GNUNET_break (0); | 462 | GNUNET_break (0); |
| 463 | GNUNET_free (crd); | 463 | GNUNET_free (crd); |
diff --git a/src/credential/gnunet-service-credential.c b/src/credential/gnunet-service-credential.c index f07c777d6..e0e845468 100644 --- a/src/credential/gnunet-service-credential.c +++ b/src/credential/gnunet-service-credential.c | |||
| @@ -533,7 +533,7 @@ handle_credential_query (void* cls, | |||
| 533 | crd = rd[i].data; | 533 | crd = rd[i].data; |
| 534 | if(GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify(GNUNET_SIGNATURE_PURPOSE_CREDENTIAL, | 534 | if(GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify(GNUNET_SIGNATURE_PURPOSE_CREDENTIAL, |
| 535 | &crd->purpose, | 535 | &crd->purpose, |
| 536 | &crd->sig, | 536 | &crd->signature, |
| 537 | &crd->issuer_key)) | 537 | &crd->issuer_key)) |
| 538 | { | 538 | { |
| 539 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | 539 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, |
diff --git a/src/credential/plugin_gnsrecord_credential.c b/src/credential/plugin_gnsrecord_credential.c index ece4be1e3..281113a34 100644 --- a/src/credential/plugin_gnsrecord_credential.c +++ b/src/credential/plugin_gnsrecord_credential.c | |||
| @@ -98,7 +98,7 @@ credential_value_to_string (void *cls, | |||
| 98 | issuer_pkey = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred.issuer_key); | 98 | issuer_pkey = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred.issuer_key); |
| 99 | etime_abs.abs_value_us = GNUNET_ntohll(cred.expiration); | 99 | etime_abs.abs_value_us = GNUNET_ntohll(cred.expiration); |
| 100 | expiration = GNUNET_STRINGS_absolute_time_to_string (etime_abs); | 100 | expiration = GNUNET_STRINGS_absolute_time_to_string (etime_abs); |
| 101 | GNUNET_STRINGS_base64_encode ((char*)&cred.sig, | 101 | GNUNET_STRINGS_base64_encode ((char*)&cred.signature, |
| 102 | sizeof (struct GNUNET_CRYPTO_EcdsaSignature), | 102 | sizeof (struct GNUNET_CRYPTO_EcdsaSignature), |
| 103 | &signature); | 103 | &signature); |
| 104 | GNUNET_asprintf (&cred_str, | 104 | GNUNET_asprintf (&cred_str, |
| @@ -219,7 +219,7 @@ credential_string_to_value (void *cls, | |||
| 219 | GNUNET_STRINGS_base64_decode (signature, | 219 | GNUNET_STRINGS_base64_decode (signature, |
| 220 | strlen (signature), | 220 | strlen (signature), |
| 221 | (char**)&sig); | 221 | (char**)&sig); |
| 222 | cred->sig = *sig; | 222 | cred->signature = *sig; |
| 223 | cred->expiration = GNUNET_htonll (etime_abs.abs_value_us); | 223 | cred->expiration = GNUNET_htonll (etime_abs.abs_value_us); |
| 224 | cred->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_CREDENTIAL); | 224 | cred->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_CREDENTIAL); |
| 225 | cred->purpose.size = htonl (strlen (name) + 1 + sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) + | 225 | cred->purpose.size = htonl (strlen (name) + 1 + sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) + |
diff --git a/src/credential/plugin_rest_credential.c b/src/credential/plugin_rest_credential.c index 51d91079a..137f55c47 100644 --- a/src/credential/plugin_rest_credential.c +++ b/src/credential/plugin_rest_credential.c | |||
| @@ -37,6 +37,12 @@ | |||
| 37 | 37 | ||
| 38 | #define GNUNET_REST_API_NS_CREDENTIAL "/credential" | 38 | #define GNUNET_REST_API_NS_CREDENTIAL "/credential" |
| 39 | 39 | ||
| 40 | #define GNUNET_REST_JSONAPI_CREDENTIAL "credential" | ||
| 41 | |||
| 42 | #define GNUNET_REST_JSONAPI_CREDENTIAL_TYPEINFO "credential" | ||
| 43 | |||
| 44 | #define GNUNET_REST_JSONAPI_CREDENTIAL_CHAIN "chain" | ||
| 45 | |||
| 40 | #define GNUNET_REST_JSONAPI_CREDENTIAL_ISSUER_ATTR "attribute" | 46 | #define GNUNET_REST_JSONAPI_CREDENTIAL_ISSUER_ATTR "attribute" |
| 41 | 47 | ||
| 42 | #define GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_ATTR "credential" | 48 | #define GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_ATTR "credential" |
| @@ -174,6 +180,143 @@ do_error (void *cls) | |||
| 174 | cleanup_handle (handle); | 180 | cleanup_handle (handle); |
| 175 | } | 181 | } |
| 176 | 182 | ||
| 183 | /** | ||
| 184 | * Attribute delegation to JSON | ||
| 185 | * @param attr the attribute | ||
| 186 | * @return JSON, NULL if failed | ||
| 187 | */ | ||
| 188 | static json_t* | ||
| 189 | attribute_delegation_to_json (struct GNUNET_CREDENTIAL_AttributeRecordData *attr) | ||
| 190 | { | ||
| 191 | char *subject; | ||
| 192 | char *attribute; | ||
| 193 | json_t *attr_obj; | ||
| 194 | |||
| 195 | subject = GNUNET_CRYPTO_ecdsa_public_key_to_string (&attr->subject_key); | ||
| 196 | { | ||
| 197 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
| 198 | "Subject in credential malformed\n"); | ||
| 199 | return NULL; | ||
| 200 | } | ||
| 201 | attribute = (char*)&attr[1]; | ||
| 202 | attr_obj = json_object (); | ||
| 203 | json_object_set_new (attr_obj, "subject", json_string (subject)); | ||
| 204 | json_object_set_new (attr_obj, "attribute", json_string (attribute)); | ||
| 205 | GNUNET_free (subject); | ||
| 206 | return attr_obj; | ||
| 207 | } | ||
| 208 | |||
| 209 | /** | ||
| 210 | * Credential to JSON | ||
| 211 | * @param cred the credential | ||
| 212 | * @return the resulting json, NULL if failed | ||
| 213 | */ | ||
| 214 | static json_t* | ||
| 215 | credential_to_json (struct GNUNET_CREDENTIAL_CredentialRecordData *cred) | ||
| 216 | { | ||
| 217 | struct GNUNET_TIME_Absolute exp; | ||
| 218 | const char* exp_str; | ||
| 219 | char *issuer; | ||
| 220 | char *subject; | ||
| 221 | char *attribute; | ||
| 222 | char *signature; | ||
| 223 | json_t *cred_obj; | ||
| 224 | |||
| 225 | issuer = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->issuer_key); | ||
| 226 | if (NULL == issuer) | ||
| 227 | { | ||
| 228 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
| 229 | "Issuer in credential malformed\n"); | ||
| 230 | return NULL; | ||
| 231 | } | ||
| 232 | subject = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->subject_key); | ||
| 233 | if (NULL == subject) | ||
| 234 | { | ||
| 235 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
| 236 | "Subject in credential malformed\n"); | ||
| 237 | GNUNET_free (issuer); | ||
| 238 | return NULL; | ||
| 239 | } | ||
| 240 | GNUNET_STRINGS_base64_encode ((char*)&cred->signature, | ||
| 241 | sizeof (struct GNUNET_CRYPTO_EcdsaSignature), | ||
| 242 | &signature); | ||
| 243 | attribute = (char*)&cred[1]; | ||
| 244 | exp.abs_value_us = ntohs (cred->expiration); | ||
| 245 | exp_str = GNUNET_STRINGS_absolute_time_to_string (exp); | ||
| 246 | cred_obj = json_object (); | ||
| 247 | json_object_set_new (cred_obj, "issuer", json_string (issuer)); | ||
| 248 | json_object_set_new (cred_obj, "subject", json_string (subject)); | ||
| 249 | json_object_set_new (cred_obj, "attribute", json_string (attribute)); | ||
| 250 | json_object_set_new (cred_obj, "signature", json_string (signature)); | ||
| 251 | json_object_set_new (cred_obj, "expiration", json_string (exp_str)); | ||
| 252 | GNUNET_free (issuer); | ||
| 253 | GNUNET_free (subject); | ||
| 254 | GNUNET_free (signature); | ||
| 255 | return cred_obj; | ||
| 256 | } | ||
| 257 | |||
| 258 | /** | ||
| 259 | * Function called with the result of a Credential lookup. | ||
| 260 | * | ||
| 261 | * @param cls the 'const char *' name that was resolved | ||
| 262 | * @param cd_count number of records returned | ||
| 263 | * @param cd array of @a cd_count records with the results | ||
| 264 | */ | ||
| 265 | static void | ||
| 266 | handle_verify_response (void *cls, | ||
| 267 | struct GNUNET_CREDENTIAL_CredentialRecordData *cred, | ||
| 268 | uint32_t delegation_count, | ||
| 269 | struct GNUNET_CREDENTIAL_AttributeRecordData *deleg) | ||
| 270 | { | ||
| 271 | |||
| 272 | struct VerifyHandle *handle = cls; | ||
| 273 | struct MHD_Response *resp; | ||
| 274 | struct GNUNET_JSONAPI_Document *json_document; | ||
| 275 | struct GNUNET_JSONAPI_Resource *json_resource; | ||
| 276 | json_t *cred_obj; | ||
| 277 | json_t *attr_obj; | ||
| 278 | json_t *result_array; | ||
| 279 | char *result; | ||
| 280 | uint32_t i; | ||
| 281 | |||
| 282 | handle->verify_request = NULL; | ||
| 283 | if (NULL == cred) { | ||
| 284 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
| 285 | "Verify failed.\n"); | ||
| 286 | handle->response_code = MHD_HTTP_NOT_FOUND; | ||
| 287 | GNUNET_SCHEDULER_add_now (&do_error, handle); | ||
| 288 | return; | ||
| 289 | } | ||
| 290 | json_document = GNUNET_JSONAPI_document_new (); | ||
| 291 | json_resource = GNUNET_JSONAPI_resource_new (GNUNET_REST_JSONAPI_CREDENTIAL_TYPEINFO, | ||
| 292 | handle->issuer_attr); | ||
| 293 | cred_obj = credential_to_json (cred); | ||
| 294 | result_array = json_array (); | ||
| 295 | for (i = 0; i < delegation_count; i++) | ||
| 296 | { | ||
| 297 | attr_obj = attribute_delegation_to_json (&(deleg[i])); | ||
| 298 | json_array_append (result_array, attr_obj); | ||
| 299 | json_decref (attr_obj); | ||
| 300 | } | ||
| 301 | GNUNET_JSONAPI_resource_add_attr (json_resource, | ||
| 302 | GNUNET_REST_JSONAPI_CREDENTIAL, | ||
| 303 | cred_obj); | ||
| 304 | GNUNET_JSONAPI_resource_add_attr (json_resource, | ||
| 305 | GNUNET_REST_JSONAPI_CREDENTIAL_CHAIN, | ||
| 306 | result_array); | ||
| 307 | GNUNET_JSONAPI_document_resource_add (json_document, json_resource); | ||
| 308 | GNUNET_JSONAPI_document_serialize (json_document, &result); | ||
| 309 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
| 310 | "Result %s\n", | ||
| 311 | result); | ||
| 312 | json_decref (result_array); | ||
| 313 | GNUNET_JSONAPI_document_delete (json_document); | ||
| 314 | resp = GNUNET_REST_create_response (result); | ||
| 315 | handle->proc (handle->proc_cls, resp, MHD_HTTP_OK); | ||
| 316 | GNUNET_free (result); | ||
| 317 | cleanup_handle (handle); | ||
| 318 | } | ||
| 319 | |||
| 177 | 320 | ||
| 178 | static void | 321 | static void |
| 179 | verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle, | 322 | verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle, |
| @@ -292,14 +435,14 @@ verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle, | |||
| 292 | } | 435 | } |
| 293 | handle->subject_attr = GNUNET_strdup (tmp); | 436 | handle->subject_attr = GNUNET_strdup (tmp); |
| 294 | GNUNET_free (entity_attr); | 437 | GNUNET_free (entity_attr); |
| 295 | 438 | ||
| 296 | handle->verify_request = GNUNET_CREDENTIAL_verify (handle->credential, | 439 | handle->verify_request = GNUNET_CREDENTIAL_verify (handle->credential, |
| 297 | &handle->issuer_key, | 440 | &handle->issuer_key, |
| 298 | handle->issuer_attr, | 441 | handle->issuer_attr, |
| 299 | &handle->subject_key, | 442 | &handle->subject_key, |
| 300 | handle->subject_attr, | 443 | handle->subject_attr, |
| 301 | NULL, | 444 | &handle_verify_response, |
| 302 | NULL); | 445 | handle); |
| 303 | 446 | ||
| 304 | } | 447 | } |
| 305 | 448 | ||
| @@ -341,8 +484,8 @@ options_cont (struct GNUNET_REST_RequestHandle *con_handle, | |||
| 341 | */ | 484 | */ |
| 342 | static void | 485 | static void |
| 343 | rest_credential_process_request(struct GNUNET_REST_RequestHandle *conndata_handle, | 486 | rest_credential_process_request(struct GNUNET_REST_RequestHandle *conndata_handle, |
| 344 | GNUNET_REST_ResultProcessor proc, | 487 | GNUNET_REST_ResultProcessor proc, |
| 345 | void *proc_cls) | 488 | void *proc_cls) |
| 346 | { | 489 | { |
| 347 | struct VerifyHandle *handle = GNUNET_new (struct VerifyHandle); | 490 | struct VerifyHandle *handle = GNUNET_new (struct VerifyHandle); |
| 348 | struct GNUNET_REST_RequestHandlerError err; | 491 | struct GNUNET_REST_RequestHandlerError err; |
diff --git a/src/include/gnunet_credential_service.h b/src/include/gnunet_credential_service.h index f7b09b3ff..549c25ef8 100644 --- a/src/include/gnunet_credential_service.h +++ b/src/include/gnunet_credential_service.h | |||
| @@ -81,7 +81,7 @@ struct GNUNET_CREDENTIAL_CredentialRecordData { | |||
| 81 | /** | 81 | /** |
| 82 | * The signature for this credential by the issuer | 82 | * The signature for this credential by the issuer |
| 83 | */ | 83 | */ |
| 84 | struct GNUNET_CRYPTO_EcdsaSignature sig; | 84 | struct GNUNET_CRYPTO_EcdsaSignature signature; |
| 85 | 85 | ||
| 86 | /** | 86 | /** |
| 87 | * Signature meta | 87 | * Signature meta |