diff options
author | Andreas Ebner <pansy007@googlemail.com> | 2019-06-25 15:21:12 +0200 |
---|---|---|
committer | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2019-10-07 12:15:06 +0200 |
commit | d2634b1f96dfd55ae4daef294bb6c05d687354c8 (patch) | |
tree | 85250438ba58e5c33c30003bde8e4a6bccf13ca8 /src/credential/plugin_gnsrecord_credential.c | |
parent | 921b03e4cee5653083e61de42ced85a7278647b2 (diff) | |
download | gnunet-d2634b1f96dfd55ae4daef294bb6c05d687354c8.tar.gz gnunet-d2634b1f96dfd55ae4daef294bb6c05d687354c8.zip |
Handle all credential storage via credential service, prepared for subject side storage
- new commandline parameters
- new gns record type: DELEGATE for subject side storage
- credential connection to namestore
- store all credentials via credential service (replacing namestore)
- stable, but experimental implementation, atm just using existing methods, next step: introduce own methods and replace/rename existing variables
Diffstat (limited to 'src/credential/plugin_gnsrecord_credential.c')
-rw-r--r-- | src/credential/plugin_gnsrecord_credential.c | 387 |
1 files changed, 238 insertions, 149 deletions
diff --git a/src/credential/plugin_gnsrecord_credential.c b/src/credential/plugin_gnsrecord_credential.c index 269e558c2..a4c3a94e8 100644 --- a/src/credential/plugin_gnsrecord_credential.c +++ b/src/credential/plugin_gnsrecord_credential.c | |||
@@ -16,7 +16,7 @@ | |||
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | 16 | along with this program. If not, see <http://www.gnu.org/licenses/>. |
17 | 17 | ||
18 | SPDX-License-Identifier: AGPL3.0-or-later | 18 | SPDX-License-Identifier: AGPL3.0-or-later |
19 | */ | 19 | */ |
20 | 20 | ||
21 | /** | 21 | /** |
22 | * @file credential/plugin_gnsrecord_credential.c | 22 | * @file credential/plugin_gnsrecord_credential.c |
@@ -46,79 +46,72 @@ static char * | |||
46 | credential_value_to_string (void *cls, uint32_t type, const void *data, | 46 | credential_value_to_string (void *cls, uint32_t type, const void *data, |
47 | size_t data_size) | 47 | size_t data_size) |
48 | { | 48 | { |
49 | |||
49 | const char *cdata; | 50 | const char *cdata; |
50 | 51 | ||
51 | switch (type) | 52 | switch (type) { |
52 | { | ||
53 | case GNUNET_GNSRECORD_TYPE_ATTRIBUTE: { | 53 | case GNUNET_GNSRECORD_TYPE_ATTRIBUTE: { |
54 | struct GNUNET_CREDENTIAL_DelegationRecord sets; | 54 | struct GNUNET_CREDENTIAL_DelegationRecord sets; |
55 | char *attr_str; | 55 | char *attr_str; |
56 | char *subject_pkey; | 56 | char *subject_pkey; |
57 | char *tmp_str; | 57 | char *tmp_str; |
58 | int i; | 58 | int i; |
59 | if (data_size < sizeof(struct GNUNET_CREDENTIAL_DelegationRecord)) | 59 | if (data_size < sizeof (struct GNUNET_CREDENTIAL_DelegationRecord)) |
60 | return NULL; /* malformed */ | 60 | return NULL; /* malformed */ |
61 | GNUNET_memcpy (&sets, data, sizeof(sets)); | 61 | |
62 | cdata = data; | 62 | GNUNET_memcpy (&sets, data, sizeof (sets)); |
63 | struct GNUNET_CREDENTIAL_DelegationSet set[ntohl (sets.set_count)]; | 63 | cdata = data; |
64 | if (GNUNET_OK != GNUNET_CREDENTIAL_delegation_set_deserialize ( | 64 | |
65 | GNUNET_ntohll (sets.data_size), &cdata[sizeof(sets)], | 65 | struct GNUNET_CREDENTIAL_DelegationSet set[ntohl (sets.set_count)]; |
66 | ntohl (sets.set_count), set)) | 66 | if (GNUNET_OK != GNUNET_CREDENTIAL_delegation_set_deserialize ( |
67 | return NULL; | 67 | GNUNET_ntohll (sets.data_size), &cdata[sizeof (sets)], |
68 | 68 | ntohl (sets.set_count), set)) | |
69 | for (i = 0; i < ntohl (sets.set_count); i++) | 69 | return NULL; |
70 | { | 70 | |
71 | subject_pkey = | 71 | for (i = 0; i < ntohl (sets.set_count); i++) { |
72 | subject_pkey = | ||
72 | GNUNET_CRYPTO_ecdsa_public_key_to_string (&set[i].subject_key); | 73 | GNUNET_CRYPTO_ecdsa_public_key_to_string (&set[i].subject_key); |
73 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "%d len attr\n", | 74 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "%d len attr\n", |
74 | set[i].subject_attribute_len); | 75 | set[i].subject_attribute_len); |
75 | if (0 == set[i].subject_attribute_len) | 76 | if (0 == set[i].subject_attribute_len) { |
76 | { | 77 | if (0 == i) { |
77 | if (0 == i) | 78 | GNUNET_asprintf (&attr_str, "%s", subject_pkey); |
78 | { | 79 | } else { |
79 | GNUNET_asprintf (&attr_str, "%s", subject_pkey); | 80 | GNUNET_asprintf (&tmp_str, "%s,%s", attr_str, subject_pkey); |
80 | } | 81 | GNUNET_free (attr_str); |
81 | else | 82 | attr_str = tmp_str; |
82 | { | ||
83 | GNUNET_asprintf (&tmp_str, "%s,%s", attr_str, subject_pkey); | ||
84 | GNUNET_free (attr_str); | ||
85 | attr_str = tmp_str; | ||
86 | } | ||
87 | } | 83 | } |
88 | else | 84 | } else { |
89 | { | 85 | if (0 == i) { |
90 | if (0 == i) | 86 | GNUNET_asprintf (&attr_str, "%s %s", subject_pkey, |
91 | { | 87 | set[i].subject_attribute); |
92 | GNUNET_asprintf (&attr_str, "%s %s", subject_pkey, | 88 | } else { |
93 | set[i].subject_attribute); | 89 | GNUNET_asprintf (&tmp_str, "%s,%s %s", attr_str, subject_pkey, |
94 | } | 90 | set[i].subject_attribute); |
95 | else | 91 | GNUNET_free (attr_str); |
96 | { | 92 | attr_str = tmp_str; |
97 | GNUNET_asprintf (&tmp_str, "%s,%s %s", attr_str, subject_pkey, | ||
98 | set[i].subject_attribute); | ||
99 | GNUNET_free (attr_str); | ||
100 | attr_str = tmp_str; | ||
101 | } | ||
102 | } | 93 | } |
103 | GNUNET_free (subject_pkey); | ||
104 | } | 94 | } |
105 | return attr_str; | 95 | GNUNET_free (subject_pkey); |
106 | } | 96 | } |
107 | 97 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "############### attr str: %s \n", attr_str); | |
98 | //DEBUG ############### attr str: BKX50FK9QYNTFGPR6647CDASM63G21NEJC02QP58NHN7B7M8TKT0 student | ||
99 | return attr_str; | ||
100 | } | ||
108 | case GNUNET_GNSRECORD_TYPE_CREDENTIAL: { | 101 | case GNUNET_GNSRECORD_TYPE_CREDENTIAL: { |
109 | struct GNUNET_CREDENTIAL_Credential *cred; | 102 | struct GNUNET_CREDENTIAL_Credential *cred; |
110 | char *cred_str; | 103 | char *cred_str; |
111 | |||
112 | cred = GNUNET_CREDENTIAL_credential_deserialize (data, data_size); | ||
113 | cred_str = GNUNET_CREDENTIAL_credential_to_string (cred); | ||
114 | GNUNET_free (cred); | ||
115 | return cred_str; | ||
116 | } | ||
117 | 104 | ||
118 | case GNUNET_GNSRECORD_TYPE_POLICY: { | 105 | cred = GNUNET_CREDENTIAL_credential_deserialize (data, data_size); |
119 | return GNUNET_strndup (data, data_size); | 106 | cred_str = GNUNET_CREDENTIAL_credential_to_string (cred); |
120 | } | 107 | GNUNET_free (cred); |
108 | return cred_str; | ||
109 | } | ||
110 | case GNUNET_GNSRECORD_TYPE_DELEGATE: { | ||
111 | printf("####################################vts\n"); | ||
121 | 112 | ||
113 | return GNUNET_strndup (data, data_size); | ||
114 | } | ||
122 | default: | 115 | default: |
123 | return NULL; | 116 | return NULL; |
124 | } | 117 | } |
@@ -142,107 +135,203 @@ credential_string_to_value (void *cls, uint32_t type, const char *s, | |||
142 | { | 135 | { |
143 | if (NULL == s) | 136 | if (NULL == s) |
144 | return GNUNET_SYSERR; | 137 | return GNUNET_SYSERR; |
145 | switch (type) | 138 | switch (type) { |
146 | { | ||
147 | case GNUNET_GNSRECORD_TYPE_ATTRIBUTE: { | 139 | case GNUNET_GNSRECORD_TYPE_ATTRIBUTE: { |
148 | struct GNUNET_CREDENTIAL_DelegationRecord *sets; | 140 | printf ("Start: string_to_value attribute\n"); |
149 | char attr_str[253 + 1]; | 141 | |
150 | char subject_pkey[52 + 1]; | 142 | struct GNUNET_CREDENTIAL_DelegationRecord *sets; |
151 | char *token; | 143 | char attr_str[253 + 1]; |
152 | char *tmp_str; | 144 | char subject_pkey[52 + 1]; |
153 | int matches = 0; | 145 | char *token; |
154 | int entries; | 146 | char *tmp_str; |
155 | size_t tmp_data_size; | 147 | int matches = 0; |
156 | int i; | 148 | int entries; |
157 | 149 | size_t tmp_data_size; | |
158 | tmp_str = GNUNET_strdup (s); | 150 | int i; |
159 | token = strtok (tmp_str, ","); | 151 | |
160 | entries = 0; | 152 | tmp_str = GNUNET_strdup (s); |
161 | tmp_data_size = 0; | 153 | token = strtok (tmp_str, ","); |
162 | *data_size = sizeof(struct GNUNET_CREDENTIAL_DelegationRecord); | 154 | entries = 0; |
163 | while (NULL != token) | 155 | tmp_data_size = 0; |
164 | { | 156 | *data_size = sizeof (struct GNUNET_CREDENTIAL_DelegationRecord); |
165 | matches = sscanf (token, "%s %s", subject_pkey, attr_str); | 157 | while (NULL != token) { |
166 | if (0 == matches) | 158 | // also fills the variables subject_pley and attr_str if "regex"-like match |
167 | { | 159 | matches = SSCANF (token, "%s %s", subject_pkey, attr_str); |
168 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 160 | |
169 | _ ("Unable to parse ATTR record string `%s'\n"), s); | 161 | if (0 == matches) { |
170 | GNUNET_free (tmp_str); | 162 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
171 | return GNUNET_SYSERR; | 163 | _ ("Unable to parse ATTR record string `%s'\n"), s); |
172 | } | ||
173 | if (1 == matches) | ||
174 | { | ||
175 | tmp_data_size += sizeof(struct GNUNET_CREDENTIAL_DelegationRecordSet); | ||
176 | } | ||
177 | else if (2 == matches) | ||
178 | { | ||
179 | tmp_data_size += sizeof(struct GNUNET_CREDENTIAL_DelegationRecordSet) | ||
180 | + strlen (attr_str) + 1; | ||
181 | } | ||
182 | entries++; | ||
183 | token = strtok (NULL, ","); | ||
184 | } | ||
185 | GNUNET_free (tmp_str); | ||
186 | tmp_str = GNUNET_strdup (s); | ||
187 | token = strtok (tmp_str, ","); | ||
188 | if (NULL == token) | ||
189 | { | ||
190 | GNUNET_free (tmp_str); | 164 | GNUNET_free (tmp_str); |
191 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Malformed string %s\n", s); | ||
192 | return GNUNET_SYSERR; | 165 | return GNUNET_SYSERR; |
193 | } | 166 | } |
194 | struct GNUNET_CREDENTIAL_DelegationSet set[entries]; | 167 | |
195 | memset (set, 0, sizeof(struct GNUNET_CREDENTIAL_DelegationSet) * entries); | 168 | entries++; |
196 | for (i = 0; i < entries; i++) | 169 | token = strtok (NULL, ","); |
197 | { | 170 | } |
198 | matches = sscanf (token, "%s %s", subject_pkey, attr_str); | 171 | GNUNET_free (tmp_str); |
199 | GNUNET_CRYPTO_ecdsa_public_key_from_string ( | 172 | |
200 | subject_pkey, strlen (subject_pkey), &set[i].subject_key); | 173 | tmp_str = GNUNET_strdup (s); |
201 | if (2 == matches) | 174 | token = strtok (tmp_str, ","); |
202 | { | 175 | if (NULL == token) { |
203 | set[i].subject_attribute_len = strlen (attr_str) + 1; | 176 | GNUNET_free (tmp_str); |
204 | set[i].subject_attribute = GNUNET_strdup (attr_str); | 177 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Malformed string %s\n", s); |
205 | } | 178 | return GNUNET_SYSERR; |
206 | token = strtok (NULL, ","); | 179 | } |
180 | |||
181 | struct GNUNET_CREDENTIAL_DelegationSet set[entries]; | ||
182 | // sets memory to be 0, starting at *set for the size of struct * entries | ||
183 | memset (set, 0, sizeof (struct GNUNET_CREDENTIAL_DelegationSet) * entries); | ||
184 | for (i = 0; i < entries; i++) { | ||
185 | matches = SSCANF (token, "%s %s", subject_pkey, attr_str); | ||
186 | |||
187 | // sets the public key for the set entry | ||
188 | GNUNET_CRYPTO_ecdsa_public_key_from_string ( | ||
189 | subject_pkey, strlen (subject_pkey), &set[i].subject_key); | ||
190 | |||
191 | // If not just key, also set subject attribute (Not A.a <- B but A.a <- B.b) | ||
192 | if (2 == matches) { | ||
193 | set[i].subject_attribute_len = strlen (attr_str) + 1; | ||
194 | set[i].subject_attribute = GNUNET_strdup (attr_str); | ||
207 | } | 195 | } |
208 | tmp_data_size = GNUNET_CREDENTIAL_delegation_set_get_size (entries, set); | 196 | // If more entries, then token string can take the next entry (separated by ',') by calling strtok again |
197 | token = strtok (NULL, ","); | ||
198 | } | ||
199 | tmp_data_size = GNUNET_CREDENTIAL_delegation_set_get_size (entries, set); | ||
200 | |||
201 | if (-1 == tmp_data_size) { | ||
202 | GNUNET_free (tmp_str); | ||
203 | return GNUNET_SYSERR; | ||
204 | } | ||
205 | *data_size += tmp_data_size; | ||
206 | *data = sets = GNUNET_malloc (*data_size); | ||
207 | GNUNET_CREDENTIAL_delegation_set_serialize (entries, set, tmp_data_size, | ||
208 | (char *)&sets[1]); | ||
209 | for (i = 0; i < entries; i++) { | ||
210 | if (0 != set[i].subject_attribute_len) | ||
211 | GNUNET_free ((char *)set[i].subject_attribute); | ||
212 | } | ||
213 | sets->set_count = htonl (entries); | ||
214 | sets->data_size = GNUNET_htonll (tmp_data_size); | ||
215 | |||
216 | GNUNET_free (tmp_str); | ||
217 | return GNUNET_OK; | ||
218 | } | ||
219 | case GNUNET_GNSRECORD_TYPE_CREDENTIAL: { | ||
220 | printf ("Start: string_to_value credential\n"); | ||
209 | 221 | ||
210 | if (-1 == tmp_data_size) | 222 | struct GNUNET_CREDENTIAL_Credential *cred; |
211 | { | 223 | cred = GNUNET_CREDENTIAL_credential_from_string (s); |
224 | |||
225 | *data_size = GNUNET_CREDENTIAL_credential_serialize (cred, (char **)data); | ||
226 | return GNUNET_OK; | ||
227 | } | ||
228 | case GNUNET_GNSRECORD_TYPE_DELEGATE: { | ||
229 | printf ("Start: string_to_value delegate\n"); | ||
230 | |||
231 | char* tmp_str; | ||
232 | char* token; | ||
233 | int matches = 0; | ||
234 | int entries = 0; | ||
235 | size_t tmp_data_size = 0; | ||
236 | char issuer_attr_str[253 + 1], subject_attr_str[253 + 1]; | ||
237 | char issuer_pkey[52 + 1], subject_pkey[52 + 1]; | ||
238 | int i; | ||
239 | |||
240 | // Split AND | ||
241 | tmp_str = GNUNET_strdup (s); | ||
242 | // Split string by ',' and first entry stored in token | ||
243 | token = strtok (tmp_str, ","); | ||
244 | // TODO: Use of this except for entry counting and format checking (why tmp_data size in the function above?) | ||
245 | while(NULL != token) { | ||
246 | printf("DEL############### tokenX %s\n", token); | ||
247 | |||
248 | // TODO: only for type A.a <- B.b, missing other types, especially with multiple roles on the right side | ||
249 | // Alles splitten mit "%s %s <- %s %s ..." oder lieber "%s %s <- %s" und das dem lookup überlassen? Dann aber feld größe unknown | ||
250 | |||
251 | // Match with string and fill variables | ||
252 | matches = SSCANF (token, "%s %s <- %s %s", issuer_pkey, issuer_attr_str, subject_pkey, subject_attr_str); | ||
253 | printf("DEL############### issuerpkey %s, issueratt %s, subjectpkey %s, subjectattr %s\n", | ||
254 | issuer_pkey, issuer_attr_str, subject_pkey, subject_attr_str); | ||
255 | |||
256 | // Doesn't match string, DEL record string wrong formatted, throw error | ||
257 | if (2 >= matches) { | ||
258 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
259 | _ ("Unable to parse DEL record string `%s'\n"), s); | ||
212 | GNUNET_free (tmp_str); | 260 | GNUNET_free (tmp_str); |
213 | return GNUNET_SYSERR; | 261 | return GNUNET_SYSERR; |
214 | } | 262 | } |
215 | *data_size += tmp_data_size; | 263 | |
216 | *data = sets = GNUNET_malloc (*data_size); | 264 | printf("DEL############### matches %d\n", matches); |
217 | GNUNET_CREDENTIAL_delegation_set_serialize (entries, set, tmp_data_size, | 265 | if (3 == matches) { |
218 | (char *) &sets[1]); | 266 | // Type A.a <- B |
219 | for (i = 0; i < entries; i++) | 267 | printf("DEL############### A.a <-B found\n"); |
220 | { | 268 | } |
221 | if (0 != set[i].subject_attribute_len) | 269 | if (4 == matches) { |
222 | GNUNET_free ((char *) set[i].subject_attribute); | 270 | printf("DEL############### A.a <- B.b found\n"); |
223 | } | 271 | } |
224 | sets->set_count = htonl (entries); | ||
225 | sets->data_size = GNUNET_htonll (tmp_data_size); | ||
226 | 272 | ||
273 | // Get next entry of tmp_str (pointer still saved), store entry in token, NULL if no more entries | ||
274 | token = strtok(NULL, ","); | ||
275 | entries++; | ||
276 | } | ||
277 | // TODO fill tmp_data_size (but what's that) | ||
278 | |||
279 | tmp_str = GNUNET_strdup (s); | ||
280 | token = strtok (tmp_str, ","); | ||
281 | if (NULL == token) { | ||
227 | GNUNET_free (tmp_str); | 282 | GNUNET_free (tmp_str); |
228 | return GNUNET_OK; | 283 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Malformed string %s\n", s); |
284 | return GNUNET_SYSERR; | ||
229 | } | 285 | } |
230 | 286 | ||
231 | case GNUNET_GNSRECORD_TYPE_CREDENTIAL: { | 287 | // TODO own GNUNET_CREDENTIAL_Delegation struct (when I know the format) |
232 | struct GNUNET_CREDENTIAL_Credential *cred; | 288 | struct GNUNET_CREDENTIAL_Delegation set[entries]; |
233 | cred = GNUNET_CREDENTIAL_credential_from_string (s); | 289 | // sets memory to be 0, starting at *set for the size of struct * entries |
290 | memset (set, 0, sizeof (struct GNUNET_CREDENTIAL_Delegation) * entries); | ||
291 | |||
292 | for (i = 0; i < entries; i++) { | ||
293 | matches = SSCANF (token, "%s %s <- %s %s", issuer_pkey, issuer_attr_str, subject_pkey, subject_attr_str); | ||
294 | |||
295 | // Set public keys of issuer and subject | ||
296 | GNUNET_CRYPTO_ecdsa_public_key_from_string ( | ||
297 | issuer_pkey, strlen (issuer_pkey), &set[i].issuer_key); | ||
298 | GNUNET_CRYPTO_ecdsa_public_key_from_string ( | ||
299 | subject_pkey, strlen (subject_pkey), &set[i].subject_key); | ||
300 | |||
301 | // Set issuer attribute, always present | ||
302 | set[i].issuer_attribute_len = strlen (issuer_attr_str) + 1; | ||
303 | set[i].issuer_attribute = GNUNET_strdup (issuer_attr_str); | ||
304 | |||
305 | if (4 == matches) { | ||
306 | // A.a <- B.b | ||
307 | set[i].subject_attribute_len = strlen (subject_attr_str) + 1; | ||
308 | set[i].subject_attribute = GNUNET_strdup (subject_attr_str); | ||
309 | } | ||
234 | 310 | ||
235 | *data_size = GNUNET_CREDENTIAL_credential_serialize (cred, | 311 | // If more entries, then token string can take the next entry (separated by ',') by calling strtok again |
236 | (char **) data); | 312 | token = strtok (NULL, ","); |
237 | return GNUNET_OK; | ||
238 | } | 313 | } |
314 | //TODO: own method | ||
315 | //tmp_data_size = GNUNET_CREDENTIAL_delegation_set_get_size (entries, set); | ||
239 | 316 | ||
240 | case GNUNET_GNSRECORD_TYPE_POLICY: { | 317 | if (-1 == tmp_data_size) { |
241 | *data_size = strlen (s); | 318 | GNUNET_free (tmp_str); |
242 | *data = GNUNET_strdup (s); | 319 | return GNUNET_SYSERR; |
243 | return GNUNET_OK; | ||
244 | } | 320 | } |
245 | 321 | ||
322 | //TODO: serialize | ||
323 | |||
324 | |||
325 | |||
326 | |||
327 | |||
328 | |||
329 | |||
330 | |||
331 | *data_size = strlen (s); | ||
332 | *data = GNUNET_strdup (s); | ||
333 | return GNUNET_OK; | ||
334 | } | ||
246 | default: | 335 | default: |
247 | return GNUNET_SYSERR; | 336 | return GNUNET_SYSERR; |
248 | } | 337 | } |
@@ -257,10 +346,10 @@ static struct | |||
257 | { | 346 | { |
258 | const char *name; | 347 | const char *name; |
259 | uint32_t number; | 348 | uint32_t number; |
260 | } name_map[] = { { "CRED", GNUNET_GNSRECORD_TYPE_CREDENTIAL }, | 349 | } name_map[] = {{"CRED", GNUNET_GNSRECORD_TYPE_CREDENTIAL}, |
261 | { "ATTR", GNUNET_GNSRECORD_TYPE_ATTRIBUTE }, | 350 | {"ATTR", GNUNET_GNSRECORD_TYPE_ATTRIBUTE}, |
262 | { "POLICY", GNUNET_GNSRECORD_TYPE_POLICY }, | 351 | {"DEL", GNUNET_GNSRECORD_TYPE_DELEGATE}, |
263 | { NULL, UINT32_MAX } }; | 352 | {NULL, UINT32_MAX}}; |
264 | 353 | ||
265 | 354 | ||
266 | /** | 355 | /** |