aboutsummaryrefslogtreecommitdiff
path: root/src/credential/plugin_gnsrecord_credential.c
diff options
context:
space:
mode:
authorAndreas Ebner <pansy007@googlemail.com>2019-06-25 15:21:12 +0200
committerSchanzenbach, Martin <mschanzenbach@posteo.de>2019-10-07 12:15:06 +0200
commitd2634b1f96dfd55ae4daef294bb6c05d687354c8 (patch)
tree85250438ba58e5c33c30003bde8e4a6bccf13ca8 /src/credential/plugin_gnsrecord_credential.c
parent921b03e4cee5653083e61de42ced85a7278647b2 (diff)
downloadgnunet-d2634b1f96dfd55ae4daef294bb6c05d687354c8.tar.gz
gnunet-d2634b1f96dfd55ae4daef294bb6c05d687354c8.zip
Handle all credential storage via credential service, prepared for subject side storage
- new commandline parameters - new gns record type: DELEGATE for subject side storage - credential connection to namestore - store all credentials via credential service (replacing namestore) - stable, but experimental implementation, atm just using existing methods, next step: introduce own methods and replace/rename existing variables
Diffstat (limited to 'src/credential/plugin_gnsrecord_credential.c')
-rw-r--r--src/credential/plugin_gnsrecord_credential.c387
1 files changed, 238 insertions, 149 deletions
diff --git a/src/credential/plugin_gnsrecord_credential.c b/src/credential/plugin_gnsrecord_credential.c
index 269e558c2..a4c3a94e8 100644
--- a/src/credential/plugin_gnsrecord_credential.c
+++ b/src/credential/plugin_gnsrecord_credential.c
@@ -16,7 +16,7 @@
16 along with this program. If not, see <http://www.gnu.org/licenses/>. 16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17 17
18 SPDX-License-Identifier: AGPL3.0-or-later 18 SPDX-License-Identifier: AGPL3.0-or-later
19 */ 19*/
20 20
21/** 21/**
22 * @file credential/plugin_gnsrecord_credential.c 22 * @file credential/plugin_gnsrecord_credential.c
@@ -46,79 +46,72 @@ static char *
46credential_value_to_string (void *cls, uint32_t type, const void *data, 46credential_value_to_string (void *cls, uint32_t type, const void *data,
47 size_t data_size) 47 size_t data_size)
48{ 48{
49
49 const char *cdata; 50 const char *cdata;
50 51
51 switch (type) 52 switch (type) {
52 {
53 case GNUNET_GNSRECORD_TYPE_ATTRIBUTE: { 53 case GNUNET_GNSRECORD_TYPE_ATTRIBUTE: {
54 struct GNUNET_CREDENTIAL_DelegationRecord sets; 54 struct GNUNET_CREDENTIAL_DelegationRecord sets;
55 char *attr_str; 55 char *attr_str;
56 char *subject_pkey; 56 char *subject_pkey;
57 char *tmp_str; 57 char *tmp_str;
58 int i; 58 int i;
59 if (data_size < sizeof(struct GNUNET_CREDENTIAL_DelegationRecord)) 59 if (data_size < sizeof (struct GNUNET_CREDENTIAL_DelegationRecord))
60 return NULL; /* malformed */ 60 return NULL; /* malformed */
61 GNUNET_memcpy (&sets, data, sizeof(sets)); 61
62 cdata = data; 62 GNUNET_memcpy (&sets, data, sizeof (sets));
63 struct GNUNET_CREDENTIAL_DelegationSet set[ntohl (sets.set_count)]; 63 cdata = data;
64 if (GNUNET_OK != GNUNET_CREDENTIAL_delegation_set_deserialize ( 64
65 GNUNET_ntohll (sets.data_size), &cdata[sizeof(sets)], 65 struct GNUNET_CREDENTIAL_DelegationSet set[ntohl (sets.set_count)];
66 ntohl (sets.set_count), set)) 66 if (GNUNET_OK != GNUNET_CREDENTIAL_delegation_set_deserialize (
67 return NULL; 67 GNUNET_ntohll (sets.data_size), &cdata[sizeof (sets)],
68 68 ntohl (sets.set_count), set))
69 for (i = 0; i < ntohl (sets.set_count); i++) 69 return NULL;
70 { 70
71 subject_pkey = 71 for (i = 0; i < ntohl (sets.set_count); i++) {
72 subject_pkey =
72 GNUNET_CRYPTO_ecdsa_public_key_to_string (&set[i].subject_key); 73 GNUNET_CRYPTO_ecdsa_public_key_to_string (&set[i].subject_key);
73 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "%d len attr\n", 74 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "%d len attr\n",
74 set[i].subject_attribute_len); 75 set[i].subject_attribute_len);
75 if (0 == set[i].subject_attribute_len) 76 if (0 == set[i].subject_attribute_len) {
76 { 77 if (0 == i) {
77 if (0 == i) 78 GNUNET_asprintf (&attr_str, "%s", subject_pkey);
78 { 79 } else {
79 GNUNET_asprintf (&attr_str, "%s", subject_pkey); 80 GNUNET_asprintf (&tmp_str, "%s,%s", attr_str, subject_pkey);
80 } 81 GNUNET_free (attr_str);
81 else 82 attr_str = tmp_str;
82 {
83 GNUNET_asprintf (&tmp_str, "%s,%s", attr_str, subject_pkey);
84 GNUNET_free (attr_str);
85 attr_str = tmp_str;
86 }
87 } 83 }
88 else 84 } else {
89 { 85 if (0 == i) {
90 if (0 == i) 86 GNUNET_asprintf (&attr_str, "%s %s", subject_pkey,
91 { 87 set[i].subject_attribute);
92 GNUNET_asprintf (&attr_str, "%s %s", subject_pkey, 88 } else {
93 set[i].subject_attribute); 89 GNUNET_asprintf (&tmp_str, "%s,%s %s", attr_str, subject_pkey,
94 } 90 set[i].subject_attribute);
95 else 91 GNUNET_free (attr_str);
96 { 92 attr_str = tmp_str;
97 GNUNET_asprintf (&tmp_str, "%s,%s %s", attr_str, subject_pkey,
98 set[i].subject_attribute);
99 GNUNET_free (attr_str);
100 attr_str = tmp_str;
101 }
102 } 93 }
103 GNUNET_free (subject_pkey);
104 } 94 }
105 return attr_str; 95 GNUNET_free (subject_pkey);
106 } 96 }
107 97 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "############### attr str: %s \n", attr_str);
98 //DEBUG ############### attr str: BKX50FK9QYNTFGPR6647CDASM63G21NEJC02QP58NHN7B7M8TKT0 student
99 return attr_str;
100 }
108 case GNUNET_GNSRECORD_TYPE_CREDENTIAL: { 101 case GNUNET_GNSRECORD_TYPE_CREDENTIAL: {
109 struct GNUNET_CREDENTIAL_Credential *cred; 102 struct GNUNET_CREDENTIAL_Credential *cred;
110 char *cred_str; 103 char *cred_str;
111
112 cred = GNUNET_CREDENTIAL_credential_deserialize (data, data_size);
113 cred_str = GNUNET_CREDENTIAL_credential_to_string (cred);
114 GNUNET_free (cred);
115 return cred_str;
116 }
117 104
118 case GNUNET_GNSRECORD_TYPE_POLICY: { 105 cred = GNUNET_CREDENTIAL_credential_deserialize (data, data_size);
119 return GNUNET_strndup (data, data_size); 106 cred_str = GNUNET_CREDENTIAL_credential_to_string (cred);
120 } 107 GNUNET_free (cred);
108 return cred_str;
109 }
110 case GNUNET_GNSRECORD_TYPE_DELEGATE: {
111 printf("####################################vts\n");
121 112
113 return GNUNET_strndup (data, data_size);
114 }
122 default: 115 default:
123 return NULL; 116 return NULL;
124 } 117 }
@@ -142,107 +135,203 @@ credential_string_to_value (void *cls, uint32_t type, const char *s,
142{ 135{
143 if (NULL == s) 136 if (NULL == s)
144 return GNUNET_SYSERR; 137 return GNUNET_SYSERR;
145 switch (type) 138 switch (type) {
146 {
147 case GNUNET_GNSRECORD_TYPE_ATTRIBUTE: { 139 case GNUNET_GNSRECORD_TYPE_ATTRIBUTE: {
148 struct GNUNET_CREDENTIAL_DelegationRecord *sets; 140 printf ("Start: string_to_value attribute\n");
149 char attr_str[253 + 1]; 141
150 char subject_pkey[52 + 1]; 142 struct GNUNET_CREDENTIAL_DelegationRecord *sets;
151 char *token; 143 char attr_str[253 + 1];
152 char *tmp_str; 144 char subject_pkey[52 + 1];
153 int matches = 0; 145 char *token;
154 int entries; 146 char *tmp_str;
155 size_t tmp_data_size; 147 int matches = 0;
156 int i; 148 int entries;
157 149 size_t tmp_data_size;
158 tmp_str = GNUNET_strdup (s); 150 int i;
159 token = strtok (tmp_str, ","); 151
160 entries = 0; 152 tmp_str = GNUNET_strdup (s);
161 tmp_data_size = 0; 153 token = strtok (tmp_str, ",");
162 *data_size = sizeof(struct GNUNET_CREDENTIAL_DelegationRecord); 154 entries = 0;
163 while (NULL != token) 155 tmp_data_size = 0;
164 { 156 *data_size = sizeof (struct GNUNET_CREDENTIAL_DelegationRecord);
165 matches = sscanf (token, "%s %s", subject_pkey, attr_str); 157 while (NULL != token) {
166 if (0 == matches) 158 // also fills the variables subject_pley and attr_str if "regex"-like match
167 { 159 matches = SSCANF (token, "%s %s", subject_pkey, attr_str);
168 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 160
169 _ ("Unable to parse ATTR record string `%s'\n"), s); 161 if (0 == matches) {
170 GNUNET_free (tmp_str); 162 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
171 return GNUNET_SYSERR; 163 _ ("Unable to parse ATTR record string `%s'\n"), s);
172 }
173 if (1 == matches)
174 {
175 tmp_data_size += sizeof(struct GNUNET_CREDENTIAL_DelegationRecordSet);
176 }
177 else if (2 == matches)
178 {
179 tmp_data_size += sizeof(struct GNUNET_CREDENTIAL_DelegationRecordSet)
180 + strlen (attr_str) + 1;
181 }
182 entries++;
183 token = strtok (NULL, ",");
184 }
185 GNUNET_free (tmp_str);
186 tmp_str = GNUNET_strdup (s);
187 token = strtok (tmp_str, ",");
188 if (NULL == token)
189 {
190 GNUNET_free (tmp_str); 164 GNUNET_free (tmp_str);
191 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Malformed string %s\n", s);
192 return GNUNET_SYSERR; 165 return GNUNET_SYSERR;
193 } 166 }
194 struct GNUNET_CREDENTIAL_DelegationSet set[entries]; 167
195 memset (set, 0, sizeof(struct GNUNET_CREDENTIAL_DelegationSet) * entries); 168 entries++;
196 for (i = 0; i < entries; i++) 169 token = strtok (NULL, ",");
197 { 170 }
198 matches = sscanf (token, "%s %s", subject_pkey, attr_str); 171 GNUNET_free (tmp_str);
199 GNUNET_CRYPTO_ecdsa_public_key_from_string ( 172
200 subject_pkey, strlen (subject_pkey), &set[i].subject_key); 173 tmp_str = GNUNET_strdup (s);
201 if (2 == matches) 174 token = strtok (tmp_str, ",");
202 { 175 if (NULL == token) {
203 set[i].subject_attribute_len = strlen (attr_str) + 1; 176 GNUNET_free (tmp_str);
204 set[i].subject_attribute = GNUNET_strdup (attr_str); 177 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Malformed string %s\n", s);
205 } 178 return GNUNET_SYSERR;
206 token = strtok (NULL, ","); 179 }
180
181 struct GNUNET_CREDENTIAL_DelegationSet set[entries];
182 // sets memory to be 0, starting at *set for the size of struct * entries
183 memset (set, 0, sizeof (struct GNUNET_CREDENTIAL_DelegationSet) * entries);
184 for (i = 0; i < entries; i++) {
185 matches = SSCANF (token, "%s %s", subject_pkey, attr_str);
186
187 // sets the public key for the set entry
188 GNUNET_CRYPTO_ecdsa_public_key_from_string (
189 subject_pkey, strlen (subject_pkey), &set[i].subject_key);
190
191 // If not just key, also set subject attribute (Not A.a <- B but A.a <- B.b)
192 if (2 == matches) {
193 set[i].subject_attribute_len = strlen (attr_str) + 1;
194 set[i].subject_attribute = GNUNET_strdup (attr_str);
207 } 195 }
208 tmp_data_size = GNUNET_CREDENTIAL_delegation_set_get_size (entries, set); 196 // If more entries, then token string can take the next entry (separated by ',') by calling strtok again
197 token = strtok (NULL, ",");
198 }
199 tmp_data_size = GNUNET_CREDENTIAL_delegation_set_get_size (entries, set);
200
201 if (-1 == tmp_data_size) {
202 GNUNET_free (tmp_str);
203 return GNUNET_SYSERR;
204 }
205 *data_size += tmp_data_size;
206 *data = sets = GNUNET_malloc (*data_size);
207 GNUNET_CREDENTIAL_delegation_set_serialize (entries, set, tmp_data_size,
208 (char *)&sets[1]);
209 for (i = 0; i < entries; i++) {
210 if (0 != set[i].subject_attribute_len)
211 GNUNET_free ((char *)set[i].subject_attribute);
212 }
213 sets->set_count = htonl (entries);
214 sets->data_size = GNUNET_htonll (tmp_data_size);
215
216 GNUNET_free (tmp_str);
217 return GNUNET_OK;
218 }
219 case GNUNET_GNSRECORD_TYPE_CREDENTIAL: {
220 printf ("Start: string_to_value credential\n");
209 221
210 if (-1 == tmp_data_size) 222 struct GNUNET_CREDENTIAL_Credential *cred;
211 { 223 cred = GNUNET_CREDENTIAL_credential_from_string (s);
224
225 *data_size = GNUNET_CREDENTIAL_credential_serialize (cred, (char **)data);
226 return GNUNET_OK;
227 }
228 case GNUNET_GNSRECORD_TYPE_DELEGATE: {
229 printf ("Start: string_to_value delegate\n");
230
231 char* tmp_str;
232 char* token;
233 int matches = 0;
234 int entries = 0;
235 size_t tmp_data_size = 0;
236 char issuer_attr_str[253 + 1], subject_attr_str[253 + 1];
237 char issuer_pkey[52 + 1], subject_pkey[52 + 1];
238 int i;
239
240 // Split AND
241 tmp_str = GNUNET_strdup (s);
242 // Split string by ',' and first entry stored in token
243 token = strtok (tmp_str, ",");
244 // TODO: Use of this except for entry counting and format checking (why tmp_data size in the function above?)
245 while(NULL != token) {
246 printf("DEL############### tokenX %s\n", token);
247
248 // TODO: only for type A.a <- B.b, missing other types, especially with multiple roles on the right side
249 // Alles splitten mit "%s %s <- %s %s ..." oder lieber "%s %s <- %s" und das dem lookup überlassen? Dann aber feld größe unknown
250
251 // Match with string and fill variables
252 matches = SSCANF (token, "%s %s <- %s %s", issuer_pkey, issuer_attr_str, subject_pkey, subject_attr_str);
253 printf("DEL############### issuerpkey %s, issueratt %s, subjectpkey %s, subjectattr %s\n",
254 issuer_pkey, issuer_attr_str, subject_pkey, subject_attr_str);
255
256 // Doesn't match string, DEL record string wrong formatted, throw error
257 if (2 >= matches) {
258 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
259 _ ("Unable to parse DEL record string `%s'\n"), s);
212 GNUNET_free (tmp_str); 260 GNUNET_free (tmp_str);
213 return GNUNET_SYSERR; 261 return GNUNET_SYSERR;
214 } 262 }
215 *data_size += tmp_data_size; 263
216 *data = sets = GNUNET_malloc (*data_size); 264 printf("DEL############### matches %d\n", matches);
217 GNUNET_CREDENTIAL_delegation_set_serialize (entries, set, tmp_data_size, 265 if (3 == matches) {
218 (char *) &sets[1]); 266 // Type A.a <- B
219 for (i = 0; i < entries; i++) 267 printf("DEL############### A.a <-B found\n");
220 { 268 }
221 if (0 != set[i].subject_attribute_len) 269 if (4 == matches) {
222 GNUNET_free ((char *) set[i].subject_attribute); 270 printf("DEL############### A.a <- B.b found\n");
223 } 271 }
224 sets->set_count = htonl (entries);
225 sets->data_size = GNUNET_htonll (tmp_data_size);
226 272
273 // Get next entry of tmp_str (pointer still saved), store entry in token, NULL if no more entries
274 token = strtok(NULL, ",");
275 entries++;
276 }
277 // TODO fill tmp_data_size (but what's that)
278
279 tmp_str = GNUNET_strdup (s);
280 token = strtok (tmp_str, ",");
281 if (NULL == token) {
227 GNUNET_free (tmp_str); 282 GNUNET_free (tmp_str);
228 return GNUNET_OK; 283 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Malformed string %s\n", s);
284 return GNUNET_SYSERR;
229 } 285 }
230 286
231 case GNUNET_GNSRECORD_TYPE_CREDENTIAL: { 287 // TODO own GNUNET_CREDENTIAL_Delegation struct (when I know the format)
232 struct GNUNET_CREDENTIAL_Credential *cred; 288 struct GNUNET_CREDENTIAL_Delegation set[entries];
233 cred = GNUNET_CREDENTIAL_credential_from_string (s); 289 // sets memory to be 0, starting at *set for the size of struct * entries
290 memset (set, 0, sizeof (struct GNUNET_CREDENTIAL_Delegation) * entries);
291
292 for (i = 0; i < entries; i++) {
293 matches = SSCANF (token, "%s %s <- %s %s", issuer_pkey, issuer_attr_str, subject_pkey, subject_attr_str);
294
295 // Set public keys of issuer and subject
296 GNUNET_CRYPTO_ecdsa_public_key_from_string (
297 issuer_pkey, strlen (issuer_pkey), &set[i].issuer_key);
298 GNUNET_CRYPTO_ecdsa_public_key_from_string (
299 subject_pkey, strlen (subject_pkey), &set[i].subject_key);
300
301 // Set issuer attribute, always present
302 set[i].issuer_attribute_len = strlen (issuer_attr_str) + 1;
303 set[i].issuer_attribute = GNUNET_strdup (issuer_attr_str);
304
305 if (4 == matches) {
306 // A.a <- B.b
307 set[i].subject_attribute_len = strlen (subject_attr_str) + 1;
308 set[i].subject_attribute = GNUNET_strdup (subject_attr_str);
309 }
234 310
235 *data_size = GNUNET_CREDENTIAL_credential_serialize (cred, 311 // If more entries, then token string can take the next entry (separated by ',') by calling strtok again
236 (char **) data); 312 token = strtok (NULL, ",");
237 return GNUNET_OK;
238 } 313 }
314 //TODO: own method
315 //tmp_data_size = GNUNET_CREDENTIAL_delegation_set_get_size (entries, set);
239 316
240 case GNUNET_GNSRECORD_TYPE_POLICY: { 317 if (-1 == tmp_data_size) {
241 *data_size = strlen (s); 318 GNUNET_free (tmp_str);
242 *data = GNUNET_strdup (s); 319 return GNUNET_SYSERR;
243 return GNUNET_OK;
244 } 320 }
245 321
322 //TODO: serialize
323
324
325
326
327
328
329
330
331 *data_size = strlen (s);
332 *data = GNUNET_strdup (s);
333 return GNUNET_OK;
334 }
246 default: 335 default:
247 return GNUNET_SYSERR; 336 return GNUNET_SYSERR;
248 } 337 }
@@ -257,10 +346,10 @@ static struct
257{ 346{
258 const char *name; 347 const char *name;
259 uint32_t number; 348 uint32_t number;
260} name_map[] = { { "CRED", GNUNET_GNSRECORD_TYPE_CREDENTIAL }, 349} name_map[] = {{"CRED", GNUNET_GNSRECORD_TYPE_CREDENTIAL},
261 { "ATTR", GNUNET_GNSRECORD_TYPE_ATTRIBUTE }, 350 {"ATTR", GNUNET_GNSRECORD_TYPE_ATTRIBUTE},
262 { "POLICY", GNUNET_GNSRECORD_TYPE_POLICY }, 351 {"DEL", GNUNET_GNSRECORD_TYPE_DELEGATE},
263 { NULL, UINT32_MAX } }; 352 {NULL, UINT32_MAX}};
264 353
265 354
266/** 355/**