diff options
author | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2016-12-07 11:46:41 +0100 |
---|---|---|
committer | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2016-12-07 11:46:41 +0100 |
commit | 3ea628e269dc3ebec59336cfb2f883161a031662 (patch) | |
tree | 518b90de99d9268455fdd70f40b297d7ef3d2146 /src/credential/gnunet-service-credential.c | |
parent | 68f5813fdac760d6bc8d832b298f2621bc0e7023 (diff) | |
download | gnunet-3ea628e269dc3ebec59336cfb2f883161a031662.tar.gz gnunet-3ea628e269dc3ebec59336cfb2f883161a031662.zip |
-start delegation; cleanup
Diffstat (limited to 'src/credential/gnunet-service-credential.c')
-rw-r--r-- | src/credential/gnunet-service-credential.c | 244 |
1 files changed, 141 insertions, 103 deletions
diff --git a/src/credential/gnunet-service-credential.c b/src/credential/gnunet-service-credential.c index 272ccebdf..662c26a5e 100644 --- a/src/credential/gnunet-service-credential.c +++ b/src/credential/gnunet-service-credential.c | |||
@@ -62,34 +62,44 @@ struct CredentialRecordEntry | |||
62 | /** | 62 | /** |
63 | * Payload | 63 | * Payload |
64 | */ | 64 | */ |
65 | struct GNUNET_CREDENTIAL_CredentialRecordData record_data; | 65 | struct GNUNET_CREDENTIAL_CredentialRecordData *data; |
66 | 66 | ||
67 | /** | 67 | /** |
68 | * Size | 68 | * Size |
69 | */ | 69 | */ |
70 | uint64_t record_data_size; | 70 | uint64_t data_size; |
71 | }; | 71 | }; |
72 | 72 | ||
73 | /** | 73 | /** |
74 | * DLL for attributes - Used as a queue | 74 | * DLL for attributes - Used as a queue |
75 | * Insert tail - Pop head | 75 | * Insert tail - Pop head |
76 | */ | 76 | */ |
77 | struct AttributeRecordEntry | 77 | struct AttributeQueueEntry |
78 | { | 78 | { |
79 | /** | 79 | /** |
80 | * DLL | 80 | * DLL |
81 | */ | 81 | */ |
82 | struct AttributeRecordEntry *next; | 82 | struct AttributeQueueEntry *next; |
83 | 83 | ||
84 | /** | 84 | /** |
85 | * DLL | 85 | * DLL |
86 | */ | 86 | */ |
87 | struct AttributeRecordEntry *prev; | 87 | struct AttributeQueueEntry *prev; |
88 | 88 | ||
89 | /** | 89 | /** |
90 | * Payload | 90 | * Payload |
91 | */ | 91 | */ |
92 | struct GNUNET_CREDENTIAL_AttributeRecordData record_data; | 92 | struct GNUNET_CREDENTIAL_AttributeRecordData *data; |
93 | |||
94 | /** | ||
95 | * Size | ||
96 | */ | ||
97 | uint64_t data_size; | ||
98 | |||
99 | /** | ||
100 | * Parent attribute delegation | ||
101 | */ | ||
102 | struct AttributeQueueEntry *parent; | ||
93 | }; | 103 | }; |
94 | 104 | ||
95 | 105 | ||
@@ -152,17 +162,17 @@ struct VerifyRequestHandle | |||
152 | /** | 162 | /** |
153 | * Attribute Queue | 163 | * Attribute Queue |
154 | */ | 164 | */ |
155 | struct AttributeRecordEntry *attr_queue_head; | 165 | struct AttributeQueueEntry *attr_queue_head; |
156 | 166 | ||
157 | /** | 167 | /** |
158 | * Attribute Queue | 168 | * Attribute Queue |
159 | */ | 169 | */ |
160 | struct AttributeRecordEntry *attr_queue_tail; | 170 | struct AttributeQueueEntry *attr_queue_tail; |
161 | 171 | ||
162 | /** | 172 | /** |
163 | * Current Attribute Pointer | 173 | * Current Attribute Pointer |
164 | */ | 174 | */ |
165 | struct AttributeRecordEntry* attr_pointer; | 175 | struct AttributeQueueEntry *current_attribute; |
166 | 176 | ||
167 | /** | 177 | /** |
168 | * The found credential | 178 | * The found credential |
@@ -277,53 +287,6 @@ check_verify (void *cls, | |||
277 | return GNUNET_OK; | 287 | return GNUNET_OK; |
278 | } | 288 | } |
279 | 289 | ||
280 | static void | ||
281 | start_backward_resolution (void* cls, | ||
282 | uint32_t rd_count, | ||
283 | const struct GNUNET_GNSRECORD_Data *rd) | ||
284 | { | ||
285 | struct VerifyRequestHandle *vrh = cls; | ||
286 | struct GNUNET_CREDENTIAL_CredentialRecordData *cred; | ||
287 | struct CredentialRecordEntry *cred_pointer; | ||
288 | |||
289 | for(cred_pointer = vrh->cred_chain_head; cred_pointer != NULL; | ||
290 | cred_pointer = cred_pointer->next){ | ||
291 | cred = &cred_pointer->record_data; | ||
292 | |||
293 | if(0 != memcmp (&vrh->attr_pointer->record_data.subject_key, | ||
294 | &cred_pointer->record_data.issuer_key, | ||
295 | sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey))) | ||
296 | continue; | ||
297 | |||
298 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
299 | "Found issuer\n"); | ||
300 | |||
301 | } | ||
302 | |||
303 | |||
304 | |||
305 | //Start from next to head | ||
306 | vrh->attr_pointer = vrh->attr_pointer->next; | ||
307 | |||
308 | |||
309 | |||
310 | if(vrh->attr_pointer->next != NULL){ | ||
311 | //Start with backward resolution | ||
312 | vrh->lookup_request = GNUNET_GNS_lookup (gns, | ||
313 | vrh->issuer_attribute, | ||
314 | &vrh->issuer_key, //issuer_key, | ||
315 | GNUNET_GNSRECORD_TYPE_ATTRIBUTE, | ||
316 | GNUNET_GNS_LO_DEFAULT, | ||
317 | NULL, //shorten_key, always NULL | ||
318 | &start_backward_resolution, | ||
319 | vrh); | ||
320 | } | ||
321 | |||
322 | |||
323 | |||
324 | } | ||
325 | |||
326 | |||
327 | /** | 290 | /** |
328 | * Send. | 291 | * Send. |
329 | * | 292 | * |
@@ -335,9 +298,6 @@ send_lookup_response (struct VerifyRequestHandle *vrh) | |||
335 | size_t len; | 298 | size_t len; |
336 | struct GNUNET_MQ_Envelope *env; | 299 | struct GNUNET_MQ_Envelope *env; |
337 | struct VerifyResultMessage *rmsg; | 300 | struct VerifyResultMessage *rmsg; |
338 | struct CredentialRecordEntry *cr_entry; | ||
339 | uint32_t cred_verified; | ||
340 | |||
341 | 301 | ||
342 | /** | 302 | /** |
343 | * Get serialized record data size | 303 | * Get serialized record data size |
@@ -369,13 +329,13 @@ send_lookup_response (struct VerifyRequestHandle *vrh) | |||
369 | } | 329 | } |
370 | 330 | ||
371 | /*char* tmp_entry = (char*)&rmsg[1]; | 331 | /*char* tmp_entry = (char*)&rmsg[1]; |
372 | for (cr_entry = vrh->cred_chain_head; NULL != cr_entry; cr_entry = cr_entry->next) | 332 | for (cr_entry = vrh->cred_chain_head; NULL != cr_entry; cr_entry = cr_entry->next) |
373 | { | 333 | { |
374 | memcpy (tmp_entry, | 334 | memcpy (tmp_entry, |
375 | &cr_entry->record_data, | 335 | &cr_entry->record_data, |
376 | cr_entry->record_data_size); | 336 | cr_entry->record_data_size); |
377 | tmp_entry += cr_entry->record_data_size; | 337 | tmp_entry += cr_entry->record_data_size; |
378 | }*/ | 338 | }*/ |
379 | GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq(vrh->client), | 339 | GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq(vrh->client), |
380 | env); | 340 | env); |
381 | 341 | ||
@@ -394,6 +354,96 @@ send_lookup_response (struct VerifyRequestHandle *vrh) | |||
394 | } | 354 | } |
395 | 355 | ||
396 | 356 | ||
357 | static void | ||
358 | start_backward_resolution (void* cls, | ||
359 | uint32_t rd_count, | ||
360 | const struct GNUNET_GNSRECORD_Data *rd) | ||
361 | { | ||
362 | struct VerifyRequestHandle *vrh = cls; | ||
363 | struct GNUNET_CREDENTIAL_CredentialRecordData *cred; | ||
364 | const struct GNUNET_CREDENTIAL_AttributeRecordData *attr; | ||
365 | struct CredentialRecordEntry *cred_pointer; | ||
366 | struct AttributeQueueEntry *attr_entry; | ||
367 | int i; | ||
368 | |||
369 | for (i=0; i < rd_count; i++) | ||
370 | { | ||
371 | if (GNUNET_GNSRECORD_TYPE_ATTRIBUTE != rd[i].record_type) | ||
372 | continue; | ||
373 | attr = rd[i].data; | ||
374 | for(cred_pointer = vrh->cred_chain_head; cred_pointer != NULL; | ||
375 | cred_pointer = cred_pointer->next){ | ||
376 | cred = cred_pointer->data; | ||
377 | |||
378 | attr_entry = GNUNET_new (struct AttributeQueueEntry); | ||
379 | |||
380 | attr_entry->data = GNUNET_malloc (rd[i].data_size); | ||
381 | memcpy (attr_entry->data, | ||
382 | rd[i].data, | ||
383 | rd[i].data_size); | ||
384 | attr_entry->data_size = rd[i].data_size; | ||
385 | |||
386 | attr_entry->parent = vrh->current_attribute; | ||
387 | |||
388 | GNUNET_CONTAINER_DLL_insert (vrh->attr_queue_head, | ||
389 | vrh->attr_queue_tail, | ||
390 | attr_entry); | ||
391 | |||
392 | if(0 != memcmp (&attr->subject_key, | ||
393 | &cred_pointer->data->issuer_key, | ||
394 | sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey))) | ||
395 | continue; | ||
396 | |||
397 | if (0 != strcmp ((char*)&attr[1], (char*)&cred[1])) | ||
398 | continue; | ||
399 | |||
400 | |||
401 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
402 | "Found issuer\n"); | ||
403 | vrh->credential = GNUNET_malloc (rd[i].data_size); | ||
404 | memcpy (vrh->credential, | ||
405 | rd[i].data, | ||
406 | rd[i].data_size); | ||
407 | vrh->credential_size = rd[i].data_size; | ||
408 | //Found match | ||
409 | send_lookup_response (vrh); | ||
410 | return; | ||
411 | |||
412 | } | ||
413 | } | ||
414 | |||
415 | |||
416 | |||
417 | //Start from next to head | ||
418 | vrh->current_attribute = vrh->attr_queue_head; | ||
419 | |||
420 | if(vrh->current_attribute != NULL) | ||
421 | { | ||
422 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
423 | "We are all out of attributes...\n"); | ||
424 | send_lookup_response (vrh); | ||
425 | return; | ||
426 | } | ||
427 | |||
428 | GNUNET_CONTAINER_DLL_remove (vrh->attr_queue_head, | ||
429 | vrh->attr_queue_tail, | ||
430 | vrh->current_attribute); | ||
431 | |||
432 | |||
433 | |||
434 | //Start with backward resolution | ||
435 | vrh->lookup_request = GNUNET_GNS_lookup (gns, | ||
436 | (char*)&vrh->current_attribute->data[1], | ||
437 | &vrh->current_attribute->data->subject_key, //issuer_key, | ||
438 | GNUNET_GNSRECORD_TYPE_ATTRIBUTE, | ||
439 | GNUNET_GNS_LO_DEFAULT, | ||
440 | NULL, //shorten_key, always NULL | ||
441 | &start_backward_resolution, | ||
442 | vrh); | ||
443 | } | ||
444 | |||
445 | |||
446 | |||
397 | /** | 447 | /** |
398 | * Result from GNS lookup. | 448 | * Result from GNS lookup. |
399 | * | 449 | * |
@@ -403,15 +453,14 @@ send_lookup_response (struct VerifyRequestHandle *vrh) | |||
403 | */ | 453 | */ |
404 | static void | 454 | static void |
405 | handle_credential_query (void* cls, | 455 | handle_credential_query (void* cls, |
406 | uint32_t rd_count, | 456 | uint32_t rd_count, |
407 | const struct GNUNET_GNSRECORD_Data *rd) | 457 | const struct GNUNET_GNSRECORD_Data *rd) |
408 | { | 458 | { |
409 | struct VerifyRequestHandle *vrh = cls; | 459 | struct VerifyRequestHandle *vrh = cls; |
410 | int cred_record_count; | 460 | int cred_record_count; |
411 | int i; | 461 | int i; |
412 | const struct GNUNET_CREDENTIAL_CredentialRecordData *crd; | 462 | const struct GNUNET_CREDENTIAL_CredentialRecordData *crd; |
413 | struct CredentialRecordEntry *cr_entry; | 463 | struct CredentialRecordEntry *cr_entry; |
414 | uint32_t cred_verified; | ||
415 | 464 | ||
416 | cred_record_count = 0; | 465 | cred_record_count = 0; |
417 | for (i=0; i < rd_count; i++) | 466 | for (i=0; i < rd_count; i++) |
@@ -428,12 +477,6 @@ handle_credential_query (void* cls, | |||
428 | * Save all found attributes/issues and prepare forward | 477 | * Save all found attributes/issues and prepare forward |
429 | * resolution of issuer attribute | 478 | * resolution of issuer attribute |
430 | */ | 479 | */ |
431 | cr_entry = GNUNET_new (struct CredentialRecordEntry); | ||
432 | cr_entry->record_data = *crd; | ||
433 | cr_entry->record_data_size = rd[i].data_size; | ||
434 | GNUNET_CONTAINER_DLL_insert_tail (vrh->cred_chain_head, | ||
435 | vrh->cred_chain_tail, | ||
436 | cr_entry); | ||
437 | if(GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify(GNUNET_SIGNATURE_PURPOSE_CREDENTIAL, | 480 | if(GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify(GNUNET_SIGNATURE_PURPOSE_CREDENTIAL, |
438 | &crd->purpose, | 481 | &crd->purpose, |
439 | &crd->sig, | 482 | &crd->sig, |
@@ -443,6 +486,16 @@ handle_credential_query (void* cls, | |||
443 | "Invalid credential found\n"); | 486 | "Invalid credential found\n"); |
444 | continue; | 487 | continue; |
445 | } | 488 | } |
489 | cr_entry = GNUNET_new (struct CredentialRecordEntry); | ||
490 | cr_entry->data = GNUNET_malloc (rd[i].data_size); | ||
491 | memcpy (cr_entry->data, | ||
492 | crd, | ||
493 | rd[i].data_size); | ||
494 | cr_entry->data_size = rd[i].data_size; | ||
495 | GNUNET_CONTAINER_DLL_insert_tail (vrh->cred_chain_head, | ||
496 | vrh->cred_chain_tail, | ||
497 | cr_entry); | ||
498 | |||
446 | if (0 != memcmp (&crd->issuer_key, | 499 | if (0 != memcmp (&crd->issuer_key, |
447 | &vrh->issuer_key, | 500 | &vrh->issuer_key, |
448 | sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey))) | 501 | sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey))) |
@@ -466,35 +519,20 @@ handle_credential_query (void* cls, | |||
466 | * Check for attributes from the issuer and follow the chain | 519 | * Check for attributes from the issuer and follow the chain |
467 | * till you get the required subject's attributes | 520 | * till you get the required subject's attributes |
468 | */ | 521 | */ |
469 | if(cred_verified != GNUNET_YES){ | 522 | char issuer_attribute_name[strlen (vrh->issuer_attribute)]; |
470 | 523 | strcpy (issuer_attribute_name, | |
471 | 524 | vrh->issuer_attribute); | |
472 | vrh->attr_pointer = vrh->attr_pointer->next; | 525 | strcpy (issuer_attribute_name + strlen (vrh->issuer_attribute), |
473 | if(vrh->attr_pointer != NULL){ | 526 | ".gnu"); |
474 | 527 | //Start with backward resolution | |
475 | //Start with backward resolution | 528 | GNUNET_GNS_lookup (gns, |
476 | GNUNET_GNS_lookup (gns, | 529 | issuer_attribute_name, |
477 | vrh->issuer_attribute, | 530 | &vrh->issuer_key, //issuer_key, |
478 | &vrh->issuer_key, //issuer_key, | 531 | GNUNET_GNSRECORD_TYPE_ATTRIBUTE, |
479 | GNUNET_GNSRECORD_TYPE_ATTRIBUTE, | 532 | GNUNET_GNS_LO_DEFAULT, |
480 | GNUNET_GNS_LO_DEFAULT, | 533 | NULL, //shorten_key, always NULL |
481 | NULL, //shorten_key, always NULL | 534 | &start_backward_resolution, |
482 | &start_backward_resolution, | 535 | vrh); |
483 | vrh); | ||
484 | } | ||
485 | } | ||
486 | |||
487 | |||
488 | /** | ||
489 | * TODO | ||
490 | * Start resolution of Attribute delegations from issuer | ||
491 | * | ||
492 | * - Build adequate data structures for attribute(s) to lookup | ||
493 | * - Use GNUNET_GNSRECORD_TYPE_XXX | ||
494 | * - recursively try to find match(es) with results found top | ||
495 | * - return one found credential chain | ||
496 | * | ||
497 | */ | ||
498 | } | 536 | } |
499 | 537 | ||
500 | 538 | ||
@@ -527,7 +565,7 @@ handle_verify (void *cls, | |||
527 | issuer_attribute[ntohs (v_msg->issuer_attribute_len)] = '\0'; | 565 | issuer_attribute[ntohs (v_msg->issuer_attribute_len)] = '\0'; |
528 | GNUNET_memcpy (subject_attribute, attrs+strlen(issuer_attribute), ntohs (v_msg->subject_attribute_len)); | 566 | GNUNET_memcpy (subject_attribute, attrs+strlen(issuer_attribute), ntohs (v_msg->subject_attribute_len)); |
529 | strcpy (subject_attribute+ntohs (v_msg->subject_attribute_len), | 567 | strcpy (subject_attribute+ntohs (v_msg->subject_attribute_len), |
530 | ".gnu"); | 568 | ".gnu"); |
531 | subject_attribute[ntohs (v_msg->subject_attribute_len)+4] = '\0'; | 569 | subject_attribute[ntohs (v_msg->subject_attribute_len)+4] = '\0'; |
532 | vrh = GNUNET_new (struct VerifyRequestHandle); | 570 | vrh = GNUNET_new (struct VerifyRequestHandle); |
533 | GNUNET_CONTAINER_DLL_insert (vrh_head, vrh_tail, vrh); | 571 | GNUNET_CONTAINER_DLL_insert (vrh_head, vrh_tail, vrh); |