summaryrefslogtreecommitdiff
path: root/src/credential
diff options
context:
space:
mode:
authorAndreas Ebner <pansy007@googlemail.com>2019-07-07 15:04:40 +0200
committerSchanzenbach, Martin <mschanzenbach@posteo.de>2019-10-07 12:15:06 +0200
commitfc58d9d4241ed2dcd4b492b4f922ba959449a697 (patch)
tree812713718d2d93d70a3ee1a22b20d55e65969873 /src/credential
parentd2634b1f96dfd55ae4daef294bb6c05d687354c8 (diff)
downloadgnunet-fc58d9d4241ed2dcd4b492b4f922ba959449a697.tar.gz
gnunet-fc58d9d4241ed2dcd4b492b4f922ba959449a697.zip
Implemented delegate sign and store function for GNS entries:
- functions to store and sign delegates (all types) including serialization/string_to_value/.. - solved (almost) all TODOs - some renaming and cleanup in gnunet-credential.c - valgrind checked - test file adapted accordingly
Diffstat (limited to 'src/credential')
-rw-r--r--src/credential/Makefile.am6
-rw-r--r--src/credential/credential_api.c1
-rw-r--r--src/credential/credential_serialization.c118
-rw-r--r--src/credential/credential_serialization.h8
-rw-r--r--src/credential/delegate.h79
-rw-r--r--src/credential/delegate_misc.c250
-rw-r--r--src/credential/delegate_misc.h36
-rw-r--r--src/credential/gnunet-credential.c254
-rw-r--r--src/credential/plugin_gnsrecord_credential.c125
-rwxr-xr-xsrc/credential/test_credential_own.sh34
10 files changed, 599 insertions, 312 deletions
diff --git a/src/credential/Makefile.am b/src/credential/Makefile.am
index 5b14b3def..7d9ab4bea 100644
--- a/src/credential/Makefile.am
+++ b/src/credential/Makefile.am
@@ -69,11 +69,13 @@ gnunet_service_credential_LDADD = \
69 69
70 70
71libgnunetcredential_la_SOURCES = \ 71libgnunetcredential_la_SOURCES = \
72 credential_api.c credential.h \ 72 credential_api.c credential.h deleagte.h\
73 credential_serialization.c \ 73 credential_serialization.c \
74 credential_serialization.h \ 74 credential_serialization.h \
75 credential_misc.c \ 75 credential_misc.c \
76 credential_misc.h 76 credential_misc.h \
77 delegate_misc.c \
78 delegate_misc.h
77libgnunetcredential_la_LIBADD = \ 79libgnunetcredential_la_LIBADD = \
78 $(top_builddir)/src/util/libgnunetutil.la $(XLIB) 80 $(top_builddir)/src/util/libgnunetutil.la $(XLIB)
79libgnunetcredential_la_LDFLAGS = \ 81libgnunetcredential_la_LDFLAGS = \
diff --git a/src/credential/credential_api.c b/src/credential/credential_api.c
index 3cbaf6c21..be5ff25ae 100644
--- a/src/credential/credential_api.c
+++ b/src/credential/credential_api.c
@@ -30,6 +30,7 @@
30#include "gnunet_protocols.h" 30#include "gnunet_protocols.h"
31#include "gnunet_signatures.h" 31#include "gnunet_signatures.h"
32#include "credential.h" 32#include "credential.h"
33#include "delegate.h"
33#include "credential_serialization.h" 34#include "credential_serialization.h"
34#include "gnunet_credential_service.h" 35#include "gnunet_credential_service.h"
35#include "gnunet_identity_service.h" 36#include "gnunet_identity_service.h"
diff --git a/src/credential/credential_serialization.c b/src/credential/credential_serialization.c
index 40fa112dd..95b29a49c 100644
--- a/src/credential/credential_serialization.c
+++ b/src/credential/credential_serialization.c
@@ -31,6 +31,7 @@
31#include "gnunet_credential_service.h" 31#include "gnunet_credential_service.h"
32#include "gnunet_signatures.h" 32#include "gnunet_signatures.h"
33#include "credential.h" 33#include "credential.h"
34#include "delegate.h"
34 35
35/** 36/**
36 * Calculate how many bytes we will need to serialize 37 * Calculate how many bytes we will need to serialize
@@ -402,6 +403,7 @@ GNUNET_CREDENTIAL_delegation_chain_deserialize (size_t len,
402 c_count, 403 c_count,
403 cd); 404 cd);
404} 405}
406
405int 407int
406GNUNET_CREDENTIAL_credential_serialize (struct 408GNUNET_CREDENTIAL_credential_serialize (struct
407 GNUNET_CREDENTIAL_Credential *cred, 409 GNUNET_CREDENTIAL_Credential *cred,
@@ -475,5 +477,121 @@ GNUNET_CREDENTIAL_credential_deserialize (const char*data,
475 return cred; 477 return cred;
476} 478}
477 479
480//TODO own file for delegate de/serialization
481
482int
483GNUNET_CREDENTIAL_delegate_serialize (struct GNUNET_CREDENTIAL_Delegate *cred,
484 char **data)
485{
486 size_t size;
487 struct DelegateEntry *cdata;
488 int attr_len;
489
490 // +1 for \0
491 if (0 == cred->subject_attribute_len){
492 attr_len = cred->issuer_attribute_len + 1;
493 } else {
494 attr_len = cred->issuer_attribute_len + cred->subject_attribute_len + 1;
495 }
496 size = sizeof (struct DelegateEntry) + attr_len;
497
498 char tmp_str[attr_len];
499 GNUNET_memcpy(tmp_str, cred->issuer_attribute, cred->issuer_attribute_len);
500 if (0 != cred->subject_attribute_len){
501 GNUNET_memcpy(tmp_str + cred->issuer_attribute_len, cred->subject_attribute, cred->subject_attribute_len);
502 }
503 tmp_str[attr_len - 1] = '\0';
504
505 *data = GNUNET_malloc (size);
506 cdata = (struct DelegateEntry*)*data;
507 cdata->subject_key = cred->subject_key;
508 cdata->issuer_key = cred->issuer_key;
509 cdata->expiration = GNUNET_htonll (cred->expiration.abs_value_us);
510 cdata->signature = cred->signature;
511 cdata->issuer_attribute_len = htonl (cred->issuer_attribute_len + 1);
512 if (0 == cred->subject_attribute_len){
513 cdata->subject_attribute_len = htonl (0);
514 } else {
515 cdata->subject_attribute_len = htonl (cred->subject_attribute_len + 1);
516 }
517 cdata->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_CREDENTIAL);
518 cdata->purpose.size = htonl (size - sizeof (struct GNUNET_CRYPTO_EcdsaSignature));
519
520 GNUNET_memcpy (&cdata[1],
521 tmp_str,
522 attr_len);
523
524 if(GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify(GNUNET_SIGNATURE_PURPOSE_CREDENTIAL,
525 &cdata->purpose,
526 &cdata->signature,
527 &cdata->issuer_key))
528 {
529 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "Serialize: Invalid delegate\n");
530 //return NULL;
531 }
532 return size;
533}
534
535struct GNUNET_CREDENTIAL_Delegate*
536GNUNET_CREDENTIAL_delegate_deserialize (const char* data,
537 size_t data_size)
538{
539 struct GNUNET_CREDENTIAL_Delegate *cred;
540 struct DelegateEntry *cdata;
541 char *attr_combo_str;
542
543 if (data_size < sizeof (struct DelegateEntry))
544 return NULL;
545 cdata = (struct DelegateEntry*)data;
546 if(GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify(GNUNET_SIGNATURE_PURPOSE_CREDENTIAL,
547 &cdata->purpose,
548 &cdata->signature,
549 &cdata->issuer_key))
550 {
551 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "Deserialize: Invalid delegate\n");
552 //return NULL;
553 }
554 attr_combo_str = (char*)&cdata[1];
555 int iss_len = ntohl(cdata->issuer_attribute_len);
556 int sub_len = ntohl(cdata->subject_attribute_len);
557 int attr_combo_len = iss_len + sub_len;
558
559 cred = GNUNET_malloc (sizeof (struct GNUNET_CREDENTIAL_Delegate) + attr_combo_len);
560
561 cred->issuer_key = cdata->issuer_key;
562 cred->subject_key = cdata->subject_key;
563 GNUNET_memcpy (&cred[1],
564 attr_combo_str,
565 attr_combo_len);
566 cred->signature = cdata->signature;
567
568 // Parse the combo attribute string, split into issuer and subject
569 if(0 == sub_len){
570 cred->issuer_attribute = attr_combo_str;
571 cred->issuer_attribute_len = attr_combo_len;
572 cred->subject_attribute = '\0';
573 cred->subject_attribute_len = 0;
574 } else {
575 // -1: array index starts from 0
576 char *tmp_str = GNUNET_malloc(iss_len);
577 GNUNET_memcpy(tmp_str, attr_combo_str, iss_len - 1);
578 tmp_str[iss_len] = '\0';
579 cred->issuer_attribute = strdup(tmp_str);
580 cred->issuer_attribute_len = iss_len;
581 GNUNET_free(tmp_str);
582
583 // -1: both times, starting from 0
584 tmp_str = GNUNET_malloc(sub_len);
585 GNUNET_memcpy(tmp_str, attr_combo_str + iss_len - 1, sub_len - 1);
586 tmp_str[sub_len] = '\0';
587 cred->subject_attribute = strdup(tmp_str);
588 cred->subject_attribute_len = sub_len;
589 GNUNET_free(tmp_str);
590 }
591
592 cred->expiration.abs_value_us = GNUNET_ntohll (cdata->expiration);
593
594 return cred;
595}
478 596
479/* end of credential_serialization.c */ 597/* end of credential_serialization.c */
diff --git a/src/credential/credential_serialization.h b/src/credential/credential_serialization.h
index 65326de31..ebeae0d89 100644
--- a/src/credential/credential_serialization.h
+++ b/src/credential/credential_serialization.h
@@ -169,5 +169,13 @@ GNUNET_CREDENTIAL_credential_serialize (struct
169struct GNUNET_CREDENTIAL_Credential* 169struct GNUNET_CREDENTIAL_Credential*
170GNUNET_CREDENTIAL_credential_deserialize (const char*data, 170GNUNET_CREDENTIAL_credential_deserialize (const char*data,
171 size_t data_size); 171 size_t data_size);
172
173int
174GNUNET_CREDENTIAL_delegate_serialize (struct GNUNET_CREDENTIAL_Delegate *cred,
175 char **data);
176
177struct GNUNET_CREDENTIAL_Delegate*
178GNUNET_CREDENTIAL_delegate_deserialize (const char* data,
179 size_t data_size);
172#endif 180#endif
173/* end of credential_serialization.h */ 181/* end of credential_serialization.h */
diff --git a/src/credential/delegate.h b/src/credential/delegate.h
new file mode 100644
index 000000000..e1bf112ef
--- /dev/null
+++ b/src/credential/delegate.h
@@ -0,0 +1,79 @@
1/*
2 This file is part of GNUnet
3 Copyright (C) 2012-2013 GNUnet e.V.
4
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
14
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18 SPDX-License-Identifier: AGPL3.0-or-later
19 */
20/**
21 * @file credential/delegate.h
22 * @brief IPC messages between CREDENTIAL API and CREDENTIAL service
23 * @author Martin Schanzenbach
24 */
25#ifndef DELEGATE_H
26#define DELEGATE_H
27
28#include "gnunet_credential_service.h"
29
30GNUNET_NETWORK_STRUCT_BEGIN
31
32struct DelegateEntry
33{
34
35 /**
36 * The signature for this credential by the issuer
37 */
38 struct GNUNET_CRYPTO_EcdsaSignature signature;
39
40 /**
41 * Signature meta
42 */
43 struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
44
45 /**
46 * Public key of the issuer
47 */
48 struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key;
49
50 /**
51 * Public key of the subject this credential was issued to
52 */
53 struct GNUNET_CRYPTO_EcdsaPublicKey subject_key;
54
55 /**
56 * Expiration time of this credential
57 */
58 uint64_t expiration GNUNET_PACKED;
59
60 /**
61 * Issuer subject attribute length
62 */
63 uint32_t issuer_attribute_len;
64
65 /**
66 * Issuer attribute length
67 */
68 uint32_t subject_attribute_len;
69
70 /**
71 * Followed by the subject attribute string
72 */
73};
74
75
76GNUNET_NETWORK_STRUCT_END
77
78#endif
79
diff --git a/src/credential/delegate_misc.c b/src/credential/delegate_misc.c
new file mode 100644
index 000000000..d900ccd1f
--- /dev/null
+++ b/src/credential/delegate_misc.c
@@ -0,0 +1,250 @@
1/*
2 This file is part of GNUnet.
3 Copyright (C) 2009-2013, 2016 GNUnet e.V.
4
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
14
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18 SPDX-License-Identifier: AGPL3.0-or-later
19*/
20
21
22/**
23 * @file credential/delegate_misc.c
24 * @brief Misc API for delegate
25 *
26 * @author Martin Schanzenbach
27 */
28#include "platform.h"
29#include "gnunet_util_lib.h"
30#include "gnunet_constants.h"
31#include "gnunet_credential_service.h"
32#include "gnunet_signatures.h"
33#include "delegate.h"
34#include <inttypes.h>
35
36char*
37GNUNET_CREDENTIAL_delegate_to_string (const struct GNUNET_CREDENTIAL_Delegate *cred)
38{
39 char *cred_str;
40 char *subject_pkey;
41 char *issuer_pkey;
42 char *signature;
43
44 subject_pkey = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->subject_key);
45 issuer_pkey = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->issuer_key);
46 GNUNET_STRINGS_base64_encode ((char*)&cred->signature,
47 sizeof (struct GNUNET_CRYPTO_EcdsaSignature),
48 &signature);
49 if(0 == cred->subject_attribute_len){
50 GNUNET_asprintf (&cred_str,
51 "%s.%s -> %s | %s | %"SCNu64,
52 issuer_pkey,
53 cred->issuer_attribute,
54 subject_pkey,
55 signature,
56 cred->expiration.abs_value_us);
57 } else {
58 GNUNET_asprintf (&cred_str,
59 "%s.%s -> %s.%s | %s | %"SCNu64,
60 issuer_pkey,
61 cred->issuer_attribute,
62 subject_pkey,
63 cred->subject_attribute,
64 signature,
65 cred->expiration.abs_value_us);
66 }
67 GNUNET_free (subject_pkey);
68 GNUNET_free (issuer_pkey);
69 GNUNET_free (signature);
70
71 return cred_str;
72}
73
74struct GNUNET_CREDENTIAL_Delegate*
75GNUNET_CREDENTIAL_delegate_from_string (const char* s)
76{
77 struct GNUNET_CREDENTIAL_Delegate *cred;
78 size_t enclen = (sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)) * 8;
79 if (enclen % 5 > 0)
80 enclen += 5 - enclen % 5;
81 enclen /= 5; /* 260/5 = 52 */
82 char subject_pkey[enclen + 1];
83 char issuer_pkey[enclen + 1];
84 char iss_attr[253 + 1];
85 // Needs to be initialized, in case of Type 1 credential (A.a <- B)
86 char sub_attr[253 + 1] = "";
87 char signature[256]; //TODO max payload size
88
89 struct GNUNET_CRYPTO_EcdsaSignature *sig;
90 struct GNUNET_TIME_Absolute etime_abs;
91
92 // If it's A.a <- B.b...
93 if (6 != SSCANF (s,
94 "%52s.%253s -> %52s.%253s | %s | %"SCNu64,
95 issuer_pkey,
96 iss_attr,
97 subject_pkey,
98 sub_attr,
99 signature,
100 &etime_abs.abs_value_us))
101 {
102 // Try if it's A.a <- B
103 if (5 != SSCANF (s,
104 "%52s.%253s -> %52s | %s | %"SCNu64,
105 issuer_pkey,
106 iss_attr,
107 subject_pkey,
108 signature,
109 &etime_abs.abs_value_us))
110 {
111 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Unable to parse DEL record string `%s'\n", s);
112 return NULL;
113 }
114 }
115
116 // +1 for \0
117 int attr_len;
118 if(strcmp(sub_attr,"") == 0) {
119 attr_len = strlen (iss_attr) + 1;
120 } else {
121 attr_len = strlen (iss_attr) + strlen(sub_attr) + 1;
122 }
123 cred = GNUNET_malloc (sizeof (struct GNUNET_CREDENTIAL_Delegate) + attr_len);
124
125 char tmp_str[attr_len];
126 GNUNET_memcpy(tmp_str, iss_attr, strlen(iss_attr));
127 if(strcmp(sub_attr,"") != 0) {
128 GNUNET_memcpy(tmp_str + strlen(iss_attr), sub_attr, strlen(sub_attr));
129 }
130 tmp_str[attr_len - 1] = '\0';
131
132 GNUNET_CRYPTO_ecdsa_public_key_from_string (subject_pkey,
133 strlen (subject_pkey),
134 &cred->subject_key);
135 GNUNET_CRYPTO_ecdsa_public_key_from_string (issuer_pkey,
136 strlen (issuer_pkey),
137 &cred->issuer_key);
138 GNUNET_assert (sizeof (struct GNUNET_CRYPTO_EcdsaSignature) == GNUNET_STRINGS_base64_decode (signature,
139 strlen (signature),
140 (char**)&sig));
141 cred->signature = *sig;
142 cred->expiration = etime_abs;
143 GNUNET_free (sig);
144 GNUNET_memcpy (&cred[1],
145 tmp_str,
146 attr_len);
147
148 cred->issuer_attribute_len = strlen (iss_attr);
149 cred->issuer_attribute = strdup(iss_attr);
150 if(strcmp(sub_attr,"") == 0) {
151 cred->subject_attribute_len = 0;
152 cred->subject_attribute = '\0';
153 } else {
154 cred->subject_attribute_len = strlen (sub_attr);
155 cred->subject_attribute = strdup(sub_attr);
156 }
157
158 return cred;
159}
160
161/**
162 * Issue an attribute to a subject
163 *
164 * @param issuer the ego that should be used to issue the attribute
165 * @param subject the subject of the attribute
166 * @param attribute the name of the attribute
167 * @return handle to the queued request
168 */
169
170struct GNUNET_CREDENTIAL_Delegate *
171GNUNET_CREDENTIAL_delegate_issue (const struct GNUNET_CRYPTO_EcdsaPrivateKey *issuer,
172 struct GNUNET_CRYPTO_EcdsaPublicKey *subject,
173 const char *iss_attr,
174 const char *sub_attr,
175 struct GNUNET_TIME_Absolute *expiration)
176{
177 struct DelegateEntry *crd;
178 struct GNUNET_CREDENTIAL_Delegate *cred;
179 size_t size;
180 int attr_len;
181
182 if (NULL == sub_attr){
183 // +1 for \0
184 attr_len = strlen (iss_attr) + 1;
185 } else {
186 attr_len = strlen (iss_attr) + strlen(sub_attr) + 1;
187 }
188 size = sizeof (struct DelegateEntry) + attr_len;
189
190 char tmp_str[attr_len];
191 GNUNET_memcpy(tmp_str, iss_attr, strlen(iss_attr));
192 if (NULL != sub_attr){
193 GNUNET_memcpy(tmp_str + strlen(iss_attr), sub_attr, strlen(sub_attr));
194 }
195 tmp_str[attr_len - 1] = '\0';
196
197 crd = GNUNET_malloc (size);
198 crd->purpose.size = htonl (size - sizeof (struct GNUNET_CRYPTO_EcdsaSignature));
199 crd->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_CREDENTIAL);
200 GNUNET_CRYPTO_ecdsa_key_get_public (issuer,
201 &crd->issuer_key);
202 crd->subject_key = *subject;
203 crd->expiration = GNUNET_htonll (expiration->abs_value_us);
204 crd->issuer_attribute_len = htonl (strlen (iss_attr) + 1);
205 if (NULL == sub_attr){
206 crd->subject_attribute_len = htonl (0);
207 } else {
208 crd->subject_attribute_len = htonl (strlen (sub_attr) + 1);
209 }
210
211 GNUNET_memcpy (&crd[1],
212 tmp_str,
213 attr_len);
214
215 if (GNUNET_OK !=
216 GNUNET_CRYPTO_ecdsa_sign (issuer,
217 &crd->purpose,
218 &crd->signature))
219 {
220 GNUNET_break (0);
221 GNUNET_free (crd);
222 return NULL;
223 }
224
225 cred = GNUNET_malloc (sizeof (struct GNUNET_CREDENTIAL_Delegate) + attr_len);
226 cred->signature = crd->signature;
227 cred->expiration = *expiration;
228 GNUNET_CRYPTO_ecdsa_key_get_public (issuer,
229 &cred->issuer_key);
230
231 cred->subject_key = *subject;
232 cred->issuer_attribute = strdup(iss_attr);
233 cred->issuer_attribute_len = strlen(iss_attr);
234 if (NULL == sub_attr){
235 cred->subject_attribute = '\0';
236 cred->subject_attribute_len = 0;
237 } else {
238 cred->subject_attribute = strdup(sub_attr);
239 cred->subject_attribute_len = strlen(sub_attr);
240 }
241
242 GNUNET_memcpy (&cred[1],
243 tmp_str,
244 attr_len);
245
246 GNUNET_free (crd);
247 return cred;
248}
249
250
diff --git a/src/credential/delegate_misc.h b/src/credential/delegate_misc.h
new file mode 100644
index 000000000..936517437
--- /dev/null
+++ b/src/credential/delegate_misc.h
@@ -0,0 +1,36 @@
1/*
2 This file is part of GNUnet
3 Copyright (C) 2012-2013 GNUnet e.V.
4
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
14
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18 SPDX-License-Identifier: AGPL3.0-or-later
19 */
20/**
21 * @file credential/delegate_misc.h
22 * @brief Delegate helper functions
23 */
24#ifndef DELEGATE_MISC_H
25#define DELEGATE_MISC_H
26
27#include "gnunet_credential_service.h"
28
29char *
30GNUNET_CREDENTIAL_delegate_to_string (
31 const struct GNUNET_CREDENTIAL_Delegate *cred);
32
33struct GNUNET_CREDENTIAL_Delegate *
34GNUNET_CREDENTIAL_delegate_from_string (const char *str);
35
36#endif
diff --git a/src/credential/gnunet-credential.c b/src/credential/gnunet-credential.c
index 35fa6ff8a..22fca7b00 100644
--- a/src/credential/gnunet-credential.c
+++ b/src/credential/gnunet-credential.c
@@ -28,6 +28,7 @@
28#include <gnunet_gnsrecord_lib.h> 28#include <gnunet_gnsrecord_lib.h>
29#include <gnunet_namestore_service.h> 29#include <gnunet_namestore_service.h>
30#include "credential_misc.h" 30#include "credential_misc.h"
31#include "delegate_misc.h"
31#include "credential_serialization.h" 32#include "credential_serialization.h"
32 33
33/** 34/**
@@ -78,7 +79,7 @@ static struct GNUNET_SCHEDULER_Task *tt;
78/** 79/**
79 * Subject pubkey string 80 * Subject pubkey string
80 */ 81 */
81static char *subject_key; 82static char *subject;
82 83
83/** 84/**
84 * Subject credential string 85 * Subject credential string
@@ -147,11 +148,6 @@ static int create_ss;
147static int sign_ss; 148static int sign_ss;
148 149
149/** 150/**
150 * Add mode
151 */
152static int add_iss;
153
154/**
155 * Signed issue credentials 151 * Signed issue credentials
156 */ 152 */
157static char *extension; 153static char *extension;
@@ -291,6 +287,7 @@ handle_verify_result (void *cls,
291 { 287 {
292 iss_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dc[i].issuer_key); 288 iss_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dc[i].issuer_key);
293 sub_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dc[i].subject_key); 289 sub_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dc[i].subject_key);
290
294 if (0 != dc[i].subject_attribute_len) 291 if (0 != dc[i].subject_attribute_len)
295 { 292 {
296 printf ("(%d) %s.%s <- %s.%s\n", i, 293 printf ("(%d) %s.%s <- %s.%s\n", i,
@@ -409,108 +406,34 @@ identity_cb (void *cls,
409 &etime_abs); 406 &etime_abs);
410 407
411 res = GNUNET_CREDENTIAL_credential_to_string (crd); 408 res = GNUNET_CREDENTIAL_credential_to_string (crd);
412 fprintf(stderr,"Cred: %s\n", res);
413 GNUNET_free (crd); 409 GNUNET_free (crd);
414 printf ("%s\n", res); 410 printf ("%s\n", res);
415 GNUNET_SCHEDULER_shutdown (); 411 GNUNET_SCHEDULER_shutdown ();
416} 412}
417 413
418
419static char
420*strtokm(char *str, const char *delim)
421{
422 static char *tok;
423 static char *next;
424 char *m;
425
426 if (delim == NULL) return NULL;
427
428 tok = (str) ? str : next;
429 if (tok == NULL) return NULL;
430
431 m = strstr(tok, delim);
432
433 if (m) {
434 next = m + strlen(delim);
435 *m = '\0';
436 } else {
437 next = NULL;
438 }
439
440 if (m == tok || *tok == '\0') return strtokm(NULL, delim);
441
442 return tok;
443}
444
445void topntail(char *str) {
446 size_t len = strlen(str);
447 // check if last char is a space, if yes: remove 2 chars at the end
448 if(str[len-1] == ' ')
449 {
450 len -= 1;
451 }
452 // remove first and last char
453 memmove(str, str+1, len-2);
454 str[len-2] = 0;
455}
456
457static int 414static int
458parse_cmdl_param(const char *extensionstring) 415parse_cmdl_param(const char *extensionstring)
459{ 416{
460 fprintf(stderr, "Starting to parse extension string...\n");
461 fprintf(stderr, "string to parse: %s\n", extensionstring);
462
463 //Example:
464 //--ego=epub --attribute=aasds --subject=DKCC5SMTBNV6W3VXDJ7A1N1YS6TRG7B3XC2S5N4HSXJEYYRFRCCG basd --ttl=60m
465 //--extension=NVTQZA44336VHKCP2SA20BR6899T621B2PJKC3V730AKXC37T6M0.aasds -> DKCC5SMTBNV6W3VXDJ7A1N1YS6TRG7B3XC2S5N4HSXJEYYRFRCCG | D1NuT8hHEUbkCURo1lkcSPKhYiydhv4nMkV042kc9J4MgIhB2/fQKLgJUyuGlJKvYgXLf4jHXNRHJe+aCLG7jw== | 1561126006528100
466
467 //TODO: parse, wenn nicht als argument direkt geparsed werden kann
468
469 char cmd_para[100];
470 char para_str[1024];
471 char *token; 417 char *token;
472 char *tmp_str; 418 char *tmp_str;
473 int matches = 0; 419 int counter = 0;
474 420
475 tmp_str = GNUNET_strdup (extensionstring); 421 tmp_str = GNUNET_strdup (extensionstring);
476 // use special strtok to match multiple characters 422 // split string via strtok, assume parameters are in the right order
477 token = strtokm (tmp_str, "--"); 423 token = strtok (tmp_str, ";");
478 while (NULL != token) { 424 while (NULL != token) {
479 // also fills the variables if "regex"-like match 425
480 fprintf(stderr, "TOKEN: %s\n", token); 426 // fill variables depending on counter
481 // match everything till =, ignore = (%*c), match everything including whitespaces (required for the extension parameter) 427 if(0 == counter) {
482 matches = SSCANF (token, "%[^=]%*c%[^\n]", cmd_para, para_str); 428 expiration = GNUNET_strdup(token);
483 // string not well formatted 429 } else if(1 == counter) {
484 if (0 == matches) { 430 extension = GNUNET_strdup(token);
485 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, ("Failed to parse to extensionstring.\n"));
486 GNUNET_SCHEDULER_shutdown ();
487 GNUNET_free (tmp_str);
488 return GNUNET_SYSERR;
489 } else { 431 } else {
490 fprintf(stderr,"Found command and parameter: %s %s\n", cmd_para, para_str); 432 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Could not parse extension string\n");
491 // assign values to variables, topntail to remove trailing/leading "
492 if(strcmp(cmd_para, "ego") == 0) {
493 fprintf(stderr,"ego found and parsed\n");
494 topntail(para_str);
495 ego_name = GNUNET_strdup(para_str);
496 } else if(strcmp(cmd_para, "attribute") == 0) {
497 fprintf(stderr,"issuer found and parsed\n");
498 topntail(para_str);
499 issuer_attr = GNUNET_strdup(para_str);
500 } else if(strcmp(cmd_para, "subject") == 0) {
501 fprintf(stderr,"subject found and parsed\n");
502 topntail(para_str);
503 subject_key = GNUNET_strdup(para_str);
504 } else if(strcmp(cmd_para, "ttl") == 0) {
505 fprintf(stderr,"ttl found and parsed\n");
506 expiration = GNUNET_strdup(para_str);
507 } else if(strcmp(cmd_para, "extension") == 0) {
508 fprintf(stderr,"extension found and parsed\n");
509 topntail(para_str);
510 extension = GNUNET_strdup(para_str);
511 }
512 } 433 }
513 token = strtokm (NULL, "--"); 434
435 counter++;
436 token = strtok (NULL, ";");
514 } 437 }
515 GNUNET_free (tmp_str); 438 GNUNET_free (tmp_str);
516 439
@@ -531,7 +454,7 @@ parse_expiration (const char *expirationstring,
531 int *etime_is_rel, 454 int *etime_is_rel,
532 uint64_t *etime) 455 uint64_t *etime)
533{ 456{
534 // TODO just copied from gnunet-namestore.c 457 // copied from namestore/gnunet-namestore.c
535 struct GNUNET_TIME_Relative etime_rel; 458 struct GNUNET_TIME_Relative etime_rel;
536 struct GNUNET_TIME_Absolute etime_abs; 459 struct GNUNET_TIME_Absolute etime_abs;
537 460
@@ -574,8 +497,7 @@ parse_expiration (const char *expirationstring,
574static void 497static void
575error_cb (void *cls) 498error_cb (void *cls)
576{ 499{
577 // TODO: Better 500 fprintf(stderr, "Error occured during lookup, shutting down.\n");
578 fprintf(stderr, "In add_error_cb\n");
579 GNUNET_SCHEDULER_shutdown (); 501 GNUNET_SCHEDULER_shutdown ();
580 return; 502 return;
581} 503}
@@ -584,8 +506,7 @@ add_continuation (void *cls,
584 int32_t success, 506 int32_t success,
585 const char *emsg) 507 const char *emsg)
586{ 508{
587 fprintf(stderr, "Start: add_continuation\n"); 509 // TODO what does that do, can I somehow parse an empty callback on success or do I have to set the qe* to NULL?
588
589 struct GNUNET_NAMESTORE_QueueEntry **qe = cls; 510 struct GNUNET_NAMESTORE_QueueEntry **qe = cls;
590 *qe = NULL; 511 *qe = NULL;
591 512
@@ -602,11 +523,6 @@ get_existing_record (void *cls,
602 struct GNUNET_GNSRECORD_Data rdn[rd_count + 1]; 523 struct GNUNET_GNSRECORD_Data rdn[rd_count + 1];
603 struct GNUNET_GNSRECORD_Data *rde; 524 struct GNUNET_GNSRECORD_Data *rde;
604 525
605 fprintf(stderr, "Start: get_existing_record\n");
606
607 fprintf(stderr, "count: %d\n", rd_count);
608
609
610 memset (rdn, 0, sizeof (struct GNUNET_GNSRECORD_Data)); 526 memset (rdn, 0, sizeof (struct GNUNET_GNSRECORD_Data));
611 GNUNET_memcpy (&rdn[1], 527 GNUNET_memcpy (&rdn[1],
612 rd, 528 rd,
@@ -615,7 +531,7 @@ get_existing_record (void *cls,
615 rde->data = data; 531 rde->data = data;
616 rde->data_size = data_size; 532 rde->data_size = data_size;
617 rde->record_type = type; 533 rde->record_type = type;
618 // TODO: flags 534 // Flags not required , TODO what have we said we do with that now? Look it up in my writing
619 /*if (1 == is_shadow) 535 /*if (1 == is_shadow)
620 rde->flags |= GNUNET_GNSRECORD_RF_SHADOW_RECORD; 536 rde->flags |= GNUNET_GNSRECORD_RF_SHADOW_RECORD;
621 if (1 != is_public) 537 if (1 != is_public)
@@ -642,9 +558,8 @@ store_cb (void *cls,
642 const struct GNUNET_IDENTITY_Ego *ego) 558 const struct GNUNET_IDENTITY_Ego *ego)
643{ 559{
644 const struct GNUNET_CONFIGURATION_Handle *cfg = cls; 560 const struct GNUNET_CONFIGURATION_Handle *cfg = cls;
645 struct GNUNET_CRYPTO_EcdsaPublicKey pub;
646 561
647 fprintf(stderr, "Start: store_cb\n"); 562 el = NULL;
648 563
649 ns = GNUNET_NAMESTORE_connect (cfg); 564 ns = GNUNET_NAMESTORE_connect (cfg);
650 if (NULL == ns) 565 if (NULL == ns)
@@ -656,14 +571,9 @@ store_cb (void *cls,
656 } 571 }
657 572
658 // Key handling 573 // Key handling
659 fprintf(stderr, "Connected to ns\n");
660 zone_pkey = *GNUNET_IDENTITY_ego_get_private_key (ego); 574 zone_pkey = *GNUNET_IDENTITY_ego_get_private_key (ego);
661 fprintf(stderr, "Got zone_pkey\n");
662 // TODO rename to zone_pub?
663 GNUNET_CRYPTO_ecdsa_key_get_public (&zone_pkey, &pub);
664 575
665 // Check relevant cmdline parameters 576 // Check relevant cmdline parameters
666 // name ⁼ issuer_attr
667 if (NULL == issuer_attr) 577 if (NULL == issuer_attr)
668 { 578 {
669 fprintf (stderr, "Missing option -attribute for operation 'create'.\n"); 579 fprintf (stderr, "Missing option -attribute for operation 'create'.\n");
@@ -671,9 +581,7 @@ store_cb (void *cls,
671 return; 581 return;
672 } 582 }
673 583
674 // TODO later, rename subject_key to subject 584 if (NULL == subject)
675 // value ⁼ subject_key
676 if (NULL == subject_key)
677 { 585 {
678 fprintf (stderr, "Missing option -subject for operation 'create'.'\n"); 586 fprintf (stderr, "Missing option -subject for operation 'create'.'\n");
679 GNUNET_SCHEDULER_shutdown (); 587 GNUNET_SCHEDULER_shutdown ();
@@ -682,20 +590,18 @@ store_cb (void *cls,
682 590
683 // String to value conversion for storage 591 // String to value conversion for storage
684 if (GNUNET_OK != GNUNET_GNSRECORD_string_to_value (type, 592 if (GNUNET_OK != GNUNET_GNSRECORD_string_to_value (type,
685 subject_key, 593 subject,
686 &data, 594 &data,
687 &data_size)) 595 &data_size))
688 { 596 {
689 fprintf (stderr, "Value `%s' invalid for record type `%s'\n", 597 fprintf (stderr, "Value `%s' invalid for record type `%s'\n",
690 subject_key, 598 subject,
691 typestring); 599 typestring);
692 GNUNET_SCHEDULER_shutdown (); 600 GNUNET_SCHEDULER_shutdown ();
693 return; 601 return;
694 } 602 }
695 fprintf (stderr, "Data size: `%lu'\n", data_size);
696 603
697 // Take care of expiration 604 // Take care of expiration
698
699 if (NULL == expiration) 605 if (NULL == expiration)
700 { 606 {
701 fprintf (stderr, "Missing option -e for operation 'create'\n"); 607 fprintf (stderr, "Missing option -e for operation 'create'\n");
@@ -728,13 +634,12 @@ sign_cb (void *cls,
728 const struct GNUNET_IDENTITY_Ego *ego) 634 const struct GNUNET_IDENTITY_Ego *ego)
729{ 635{
730 const struct GNUNET_CRYPTO_EcdsaPrivateKey *privkey; 636 const struct GNUNET_CRYPTO_EcdsaPrivateKey *privkey;
731 struct GNUNET_CREDENTIAL_Credential *crd; 637 struct GNUNET_CREDENTIAL_Delegate *crd;
732 struct GNUNET_TIME_Absolute etime_abs; 638 struct GNUNET_TIME_Absolute etime_abs;
733 struct GNUNET_TIME_Relative etime_rel; 639 struct GNUNET_TIME_Relative etime_rel;
734 char *res; 640 char *res;
735 641
736 el = NULL; 642 el = NULL;
737
738 643
739 // work on expiration time 644 // work on expiration time
740 if (NULL == expiration) 645 if (NULL == expiration)
@@ -752,19 +657,34 @@ sign_cb (void *cls,
752 return; 657 return;
753 } 658 }
754 659
755 // if contains a space - split it by the first space only - assume first token entry is subject_key 660 // if contains a space - split it by the first space only - assume first entry is subject followed by attribute(s)
756 fprintf (stderr, "Start splitting\n");
757 char *space; 661 char *space;
758 int idx; 662 int idx;
759 space = strchr(subject_key, ' '); 663 char *subject_pubkey_str;
760 idx = (int)(space - subject_key); 664 char *subject_attr;
761 665
762 // TODO rename subject_key to subject 666 space = strchr(subject, ' ');
763 char *subject_pubkey_str = GNUNET_malloc(idx+1); 667 if(NULL == space)
764 GNUNET_memcpy(subject_pubkey_str, subject_key, idx); 668 {
765 subject_pubkey_str[idx] = '\0'; 669 // only contains subject key e.g. A.a <- B
766 670 subject_pubkey_str = subject;
767 fprintf(stderr, "idx: %d, str: %s\n", idx, subject_pubkey_str); 671 subject_attr = '\0';
672 } else {
673 // subject contains: key attr1.attr2.attr3...
674 // split subject into subject_pubkey_str and subject_attr
675 idx = (int)(space - subject);
676
677 subject_pubkey_str = GNUNET_malloc(idx+1);
678 GNUNET_memcpy(subject_pubkey_str, subject, idx);
679 subject_pubkey_str[idx] = '\0';
680
681 int sub_attr_len = strlen(subject) - idx - 1;
682 // +1 for the \0
683 subject_attr = GNUNET_malloc(sub_attr_len + 1);
684 // +1 to remove the space "key attr" (or whatever separator)
685 GNUNET_memcpy(subject_attr, subject + idx + 1, sub_attr_len);
686 subject_attr[sub_attr_len] = '\0';
687 }
768 688
769 // work on keys 689 // work on keys
770 privkey = GNUNET_IDENTITY_ego_get_private_key (ego); 690 privkey = GNUNET_IDENTITY_ego_get_private_key (ego);
@@ -778,18 +698,15 @@ sign_cb (void *cls,
778 return; 698 return;
779 } 699 }
780 700
781 // Sign credential / TODO not credential but delegate (new method), not only pass subject_pkey but also subject_attr 701 // Sign delegate
782 // gnunet-credential --issue --ego=registrarb --subject=$ALICE_KEY --attribute=$REG_STUD_ATTR --ttl=5m -c test_credential_lookup.conf 702 crd = GNUNET_CREDENTIAL_delegate_issue (privkey,
783 // gnunet-credential --create --ego=epub --attribute="a" --subject="B b" --where="ss" -E 60m
784 // TODO: only signs subject_pkey at the moment, also requires subject_attr (or both in subject_key)
785 crd = GNUNET_CREDENTIAL_credential_issue (privkey,
786 &subject_pkey, 703 &subject_pkey,
787 issuer_attr, 704 issuer_attr,
705 subject_attr,
788 &etime_abs); 706 &etime_abs);
789 res = GNUNET_CREDENTIAL_credential_to_string (crd); 707 res = GNUNET_CREDENTIAL_delegate_to_string (crd);
790 fprintf(stderr,"Dele: %s\n", res);
791 GNUNET_free (crd); 708 GNUNET_free (crd);
792 printf ("--ego=\"%s\" --attribute=\"%s\" --subject=\"%s\" --ttl=%s --extension=\"%s\"\n", ego_name, issuer_attr, subject_key, expiration, res); 709 printf ("%s;%s\n", expiration, res);
793 710
794 GNUNET_free_non_null (ego_name); 711 GNUNET_free_non_null (ego_name);
795 ego_name = NULL; 712 ego_name = NULL;
@@ -819,18 +736,14 @@ run (void *cls,
819 GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL); 736 GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL);
820 737
821 if (GNUNET_YES == create_is) { 738 if (GNUNET_YES == create_is) {
822 fprintf(stderr, "Starting to create issuer side...\n");
823
824 if (NULL == ego_name) { 739 if (NULL == ego_name) {
825 fprintf (stderr, "ego required\n"); 740 fprintf (stderr, "ego required\n");
826 GNUNET_SCHEDULER_shutdown (); 741 GNUNET_SCHEDULER_shutdown ();
827 return; 742 return;
828 } 743 }
829 744
745 // Lookup ego, on success call store_cb and store as ATTRIBUTE type
830 type = GNUNET_GNSRECORD_TYPE_ATTRIBUTE; 746 type = GNUNET_GNSRECORD_TYPE_ATTRIBUTE;
831 //TODO: Store normally (at issuer, for backward search)
832 // stuff from gnunet-namestore.c of namestore folder
833 fprintf (stderr, "Start: Store issuer side\n");
834 el = GNUNET_IDENTITY_ego_lookup (cfg, 747 el = GNUNET_IDENTITY_ego_lookup (cfg,
835 ego_name, 748 ego_name,
836 &store_cb, 749 &store_cb,
@@ -839,8 +752,7 @@ run (void *cls,
839 } 752 }
840 753
841 if (GNUNET_YES == create_ss) { 754 if (GNUNET_YES == create_ss) {
842 fprintf(stderr, "Starting to create subject side...\n"); 755 // check if signed parameter has been passed in cmd line call
843 // check if "credential"/signed parameter filled
844 if (NULL == extension) { 756 if (NULL == extension) {
845 fprintf (stderr, "'extension' required\n"); 757 fprintf (stderr, "'extension' required\n");
846 GNUNET_SCHEDULER_shutdown (); 758 GNUNET_SCHEDULER_shutdown ();
@@ -850,19 +762,10 @@ run (void *cls,
850 // parses all the passed parameters 762 // parses all the passed parameters
851 parse_cmdl_param(extension); 763 parse_cmdl_param(extension);
852 764
853 fprintf (stderr,"List of parsed attributes:\n"); 765 type = GNUNET_GNSRECORD_TYPE_DELEGATE;
854 fprintf (stderr,"Ego: %s\n", ego_name); 766 subject = extension;
855 fprintf (stderr,"Attribute: %s\n", issuer_attr); 767 issuer_attr = GNUNET_GNS_EMPTY_LABEL_AT;
856 fprintf (stderr,"Subject: %s\n", subject_key); 768 // Store subject side
857 fprintf (stderr,"ttl: %s\n", expiration);
858 fprintf (stderr,"Extension: %s\n", extension);
859
860 //TODO: subject key does not have to be returned, extension replaces it
861 //TODO: use own delegation type, implement string_to_value and value_to_string methods of plugin
862 //type = GNUNET_GNSRECORD_TYPE_DELEGATE;
863 type = GNUNET_GNSRECORD_TYPE_CREDENTIAL;
864 subject_key = extension;
865 fprintf (stderr, "Start: Store subject side\n");
866 el = GNUNET_IDENTITY_ego_lookup (cfg, 769 el = GNUNET_IDENTITY_ego_lookup (cfg,
867 ego_name, 770 ego_name,
868 &store_cb, 771 &store_cb,
@@ -872,26 +775,19 @@ run (void *cls,
872 } 775 }
873 776
874 if (GNUNET_YES == sign_ss) { 777 if (GNUNET_YES == sign_ss) {
875 fprintf(stderr, "Starting to sign subject side...\n");
876
877 if (NULL == ego_name) { 778 if (NULL == ego_name) {
878 fprintf (stderr, "ego required\n"); 779 fprintf (stderr, "ego required\n");
879 GNUNET_SCHEDULER_shutdown (); 780 GNUNET_SCHEDULER_shutdown ();
880 return; 781 return;
881 } 782 }
882 783 if (NULL == subject)
883 if (NULL == subject_key)
884 { 784 {
885 fprintf (stderr, "Subject public key needed\n"); 785 fprintf (stderr, "Subject public key needed\n");
886 GNUNET_SCHEDULER_shutdown (); 786 GNUNET_SCHEDULER_shutdown ();
887 return; 787 return;
888
889 } 788 }
890 789
891 //TODO: Sign like credential and return to store subject side 790 // lookup ego and call function sign_cb on success
892 //TODO: Return everything as an input for the add
893 //TODO: Idee: Gleich add machen, statt return und neues add
894 fprintf (stderr, "Start: Sign, return and subject side store\n");
895 el = GNUNET_IDENTITY_ego_lookup (cfg, 791 el = GNUNET_IDENTITY_ego_lookup (cfg,
896 ego_name, 792 ego_name,
897 &sign_cb, 793 &sign_cb,
@@ -940,7 +836,7 @@ run (void *cls,
940 836
941 } 837 }
942 838
943 if (NULL == subject_key) 839 if (NULL == subject)
944 { 840 {
945 fprintf (stderr, 841 fprintf (stderr,
946 _("Subject public key needed\n")); 842 _("Subject public key needed\n"));
@@ -949,13 +845,13 @@ run (void *cls,
949 845
950 } 846 }
951 if (GNUNET_OK != 847 if (GNUNET_OK !=
952 GNUNET_CRYPTO_ecdsa_public_key_from_string (subject_key, 848 GNUNET_CRYPTO_ecdsa_public_key_from_string (subject,
953 strlen (subject_key), 849 strlen (subject),
954 &subject_pkey)) 850 &subject_pkey))
955 { 851 {
956 fprintf (stderr, 852 fprintf (stderr,
957 _("Subject public key `%s' is not well-formed\n"), 853 _("Subject public key `%s' is not well-formed\n"),
958 subject_key); 854 subject);
959 GNUNET_SCHEDULER_shutdown (); 855 GNUNET_SCHEDULER_shutdown ();
960 return; 856 return;
961 } 857 }
@@ -1061,7 +957,6 @@ run (void *cls,
1061 _("Please specify name to lookup, subject key and issuer key!\n")); 957 _("Please specify name to lookup, subject key and issuer key!\n"));
1062 GNUNET_SCHEDULER_shutdown (); 958 GNUNET_SCHEDULER_shutdown ();
1063 } 959 }
1064 fprintf (stderr, "In the end it doesnt even shutdown\n");
1065 return; 960 return;
1066} 961}
1067 962
@@ -1088,8 +983,8 @@ main (int argc, char *const *argv)
1088 GNUNET_GETOPT_option_string ('s', 983 GNUNET_GETOPT_option_string ('s',
1089 "subject", 984 "subject",
1090 "PKEY", 985 "PKEY",
1091 gettext_noop ("The public key of the subject to lookup the credential for"), 986 gettext_noop ("The public key of the subject to lookup the credential for, or for issuer side storage: subject and its attributes"),
1092 &subject_key), 987 &subject),
1093 GNUNET_GETOPT_option_string ('b', 988 GNUNET_GETOPT_option_string ('b',
1094 "credential", 989 "credential",
1095 "CRED", 990 "CRED",
@@ -1103,7 +998,7 @@ main (int argc, char *const *argv)
1103 GNUNET_GETOPT_option_string ('e', 998 GNUNET_GETOPT_option_string ('e',
1104 "ego", 999 "ego",
1105 "EGO", 1000 "EGO",
1106 gettext_noop ("The ego to use"), 1001 gettext_noop ("The ego/zone name to use"),
1107 &ego_name), 1002 &ego_name),
1108 GNUNET_GETOPT_option_string ('a', 1003 GNUNET_GETOPT_option_string ('a',
1109 "attribute", 1004 "attribute",
@@ -1119,10 +1014,9 @@ main (int argc, char *const *argv)
1119 "collect", 1014 "collect",
1120 gettext_noop ("collect credentials"), 1015 gettext_noop ("collect credentials"),
1121 &collect), 1016 &collect),
1122
1123 GNUNET_GETOPT_option_flag ('U', 1017 GNUNET_GETOPT_option_flag ('U',
1124 "createIssuerSide", 1018 "createIssuerSide",
1125 gettext_noop ("TODO: rename create to --issue, Create and issue a credential issuer side."), 1019 gettext_noop ("Create and issue a credential issuer side."),
1126 &create_is), 1020 &create_is),
1127 GNUNET_GETOPT_option_flag ('C', 1021 GNUNET_GETOPT_option_flag ('C',
1128 "createSubjectSide", 1022 "createSubjectSide",
@@ -1132,14 +1026,10 @@ main (int argc, char *const *argv)
1132 "signSubjectSide", 1026 "signSubjectSide",
1133 gettext_noop ("Create, sign and return a credential subject side."), 1027 gettext_noop ("Create, sign and return a credential subject side."),
1134 &sign_ss), 1028 &sign_ss),
1135 GNUNET_GETOPT_option_flag ('A',
1136 "add",
1137 gettext_noop ("Add credential to the namestore of an ego"),
1138 &add_iss),
1139 GNUNET_GETOPT_option_string ('x', 1029 GNUNET_GETOPT_option_string ('x',
1140 "extension", 1030 "extension",
1141 "EXT", 1031 "EXT",
1142 gettext_noop ("Signed issue credentials"), 1032 gettext_noop ("Signed credentials that should be issued to a zone/ego"),
1143 &extension), 1033 &extension),
1144 GNUNET_GETOPT_OPTION_END 1034 GNUNET_GETOPT_OPTION_END
1145 }; 1035 };
diff --git a/src/credential/plugin_gnsrecord_credential.c b/src/credential/plugin_gnsrecord_credential.c
index a4c3a94e8..f2fb0b1a6 100644
--- a/src/credential/plugin_gnsrecord_credential.c
+++ b/src/credential/plugin_gnsrecord_credential.c
@@ -28,6 +28,7 @@
28#include "gnunet_util_lib.h" 28#include "gnunet_util_lib.h"
29 29
30#include "credential_misc.h" 30#include "credential_misc.h"
31#include "delegate_misc.h"
31#include "credential_serialization.h" 32#include "credential_serialization.h"
32#include "gnunet_credential_service.h" 33#include "gnunet_credential_service.h"
33#include "gnunet_gnsrecord_lib.h" 34#include "gnunet_gnsrecord_lib.h"
@@ -46,7 +47,6 @@ static char *
46credential_value_to_string (void *cls, uint32_t type, const void *data, 47credential_value_to_string (void *cls, uint32_t type, const void *data,
47 size_t data_size) 48 size_t data_size)
48{ 49{
49
50 const char *cdata; 50 const char *cdata;
51 51
52 switch (type) { 52 switch (type) {
@@ -94,8 +94,6 @@ credential_value_to_string (void *cls, uint32_t type, const void *data,
94 } 94 }
95 GNUNET_free (subject_pkey); 95 GNUNET_free (subject_pkey);
96 } 96 }
97 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "############### attr str: %s \n", attr_str);
98 //DEBUG ############### attr str: BKX50FK9QYNTFGPR6647CDASM63G21NEJC02QP58NHN7B7M8TKT0 student
99 return attr_str; 97 return attr_str;
100 } 98 }
101 case GNUNET_GNSRECORD_TYPE_CREDENTIAL: { 99 case GNUNET_GNSRECORD_TYPE_CREDENTIAL: {
@@ -107,10 +105,14 @@ credential_value_to_string (void *cls, uint32_t type, const void *data,
107 GNUNET_free (cred); 105 GNUNET_free (cred);
108 return cred_str; 106 return cred_str;
109 } 107 }
110 case GNUNET_GNSRECORD_TYPE_DELEGATE: { 108 case GNUNET_GNSRECORD_TYPE_DELEGATE: {
111 printf("####################################vts\n"); 109 struct GNUNET_CREDENTIAL_Delegate *cred;
112 110 char *cred_str;
113 return GNUNET_strndup (data, data_size); 111
112 cred = GNUNET_CREDENTIAL_delegate_deserialize (data, data_size);
113 cred_str = GNUNET_CREDENTIAL_delegate_to_string (cred);
114 GNUNET_free (cred);
115 return cred_str;
114 } 116 }
115 default: 117 default:
116 return NULL; 118 return NULL;
@@ -137,8 +139,6 @@ credential_string_to_value (void *cls, uint32_t type, const char *s,
137 return GNUNET_SYSERR; 139 return GNUNET_SYSERR;
138 switch (type) { 140 switch (type) {
139 case GNUNET_GNSRECORD_TYPE_ATTRIBUTE: { 141 case GNUNET_GNSRECORD_TYPE_ATTRIBUTE: {
140 printf ("Start: string_to_value attribute\n");
141
142 struct GNUNET_CREDENTIAL_DelegationRecord *sets; 142 struct GNUNET_CREDENTIAL_DelegationRecord *sets;
143 char attr_str[253 + 1]; 143 char attr_str[253 + 1];
144 char subject_pkey[52 + 1]; 144 char subject_pkey[52 + 1];
@@ -217,8 +217,6 @@ credential_string_to_value (void *cls, uint32_t type, const char *s,
217 return GNUNET_OK; 217 return GNUNET_OK;
218 } 218 }
219 case GNUNET_GNSRECORD_TYPE_CREDENTIAL: { 219 case GNUNET_GNSRECORD_TYPE_CREDENTIAL: {
220 printf ("Start: string_to_value credential\n");
221
222 struct GNUNET_CREDENTIAL_Credential *cred; 220 struct GNUNET_CREDENTIAL_Credential *cred;
223 cred = GNUNET_CREDENTIAL_credential_from_string (s); 221 cred = GNUNET_CREDENTIAL_credential_from_string (s);
224 222
@@ -226,110 +224,11 @@ credential_string_to_value (void *cls, uint32_t type, const char *s,
226 return GNUNET_OK; 224 return GNUNET_OK;
227 } 225 }
228 case GNUNET_GNSRECORD_TYPE_DELEGATE: { 226 case GNUNET_GNSRECORD_TYPE_DELEGATE: {
229 printf ("Start: string_to_value delegate\n"); 227 struct GNUNET_CREDENTIAL_Delegate *cred;
230 228 cred = GNUNET_CREDENTIAL_delegate_from_string (s);
231 char* tmp_str;
232 char* token;
233 int matches = 0;
234 int entries = 0;
235 size_t tmp_data_size = 0;
236 char issuer_attr_str[253 + 1], subject_attr_str[253 + 1];
237 char issuer_pkey[52 + 1], subject_pkey[52 + 1];
238 int i;
239
240 // Split AND
241 tmp_str = GNUNET_strdup (s);
242 // Split string by ',' and first entry stored in token
243 token = strtok (tmp_str, ",");
244 // TODO: Use of this except for entry counting and format checking (why tmp_data size in the function above?)
245 while(NULL != token) {
246 printf("DEL############### tokenX %s\n", token);
247
248 // TODO: only for type A.a <- B.b, missing other types, especially with multiple roles on the right side
249 // Alles splitten mit "%s %s <- %s %s ..." oder lieber "%s %s <- %s" und das dem lookup überlassen? Dann aber feld größe unknown
250
251 // Match with string and fill variables
252 matches = SSCANF (token, "%s %s <- %s %s", issuer_pkey, issuer_attr_str, subject_pkey, subject_attr_str);
253 printf("DEL############### issuerpkey %s, issueratt %s, subjectpkey %s, subjectattr %s\n",
254 issuer_pkey, issuer_attr_str, subject_pkey, subject_attr_str);
255
256 // Doesn't match string, DEL record string wrong formatted, throw error
257 if (2 >= matches) {
258 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
259 _ ("Unable to parse DEL record string `%s'\n"), s);
260 GNUNET_free (tmp_str);
261 return GNUNET_SYSERR;
262 }
263
264 printf("DEL############### matches %d\n", matches);
265 if (3 == matches) {
266 // Type A.a <- B
267 printf("DEL############### A.a <-B found\n");
268 }
269 if (4 == matches) {
270 printf("DEL############### A.a <- B.b found\n");
271 }
272
273 // Get next entry of tmp_str (pointer still saved), store entry in token, NULL if no more entries
274 token = strtok(NULL, ",");
275 entries++;
276 }
277 // TODO fill tmp_data_size (but what's that)
278
279 tmp_str = GNUNET_strdup (s);
280 token = strtok (tmp_str, ",");
281 if (NULL == token) {
282 GNUNET_free (tmp_str);
283 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Malformed string %s\n", s);
284 return GNUNET_SYSERR;
285 }
286
287 // TODO own GNUNET_CREDENTIAL_Delegation struct (when I know the format)
288 struct GNUNET_CREDENTIAL_Delegation set[entries];
289 // sets memory to be 0, starting at *set for the size of struct * entries
290 memset (set, 0, sizeof (struct GNUNET_CREDENTIAL_Delegation) * entries);
291
292 for (i = 0; i < entries; i++) {
293 matches = SSCANF (token, "%s %s <- %s %s", issuer_pkey, issuer_attr_str, subject_pkey, subject_attr_str);
294
295 // Set public keys of issuer and subject
296 GNUNET_CRYPTO_ecdsa_public_key_from_string (
297 issuer_pkey, strlen (issuer_pkey), &set[i].issuer_key);
298 GNUNET_CRYPTO_ecdsa_public_key_from_string (
299 subject_pkey, strlen (subject_pkey), &set[i].subject_key);
300
301 // Set issuer attribute, always present
302 set[i].issuer_attribute_len = strlen (issuer_attr_str) + 1;
303 set[i].issuer_attribute = GNUNET_strdup (issuer_attr_str);
304
305 if (4 == matches) {
306 // A.a <- B.b
307 set[i].subject_attribute_len = strlen (subject_attr_str) + 1;
308 set[i].subject_attribute = GNUNET_strdup (subject_attr_str);
309 }
310
311 // If more entries, then token string can take the next entry (separated by ',') by calling strtok again
312 token = strtok (NULL, ",");
313 }
314 //TODO: own method
315 //tmp_data_size = GNUNET_CREDENTIAL_delegation_set_get_size (entries, set);
316
317 if (-1 == tmp_data_size) {
318 GNUNET_free (tmp_str);
319 return GNUNET_SYSERR;
320 }
321
322 //TODO: serialize
323
324
325
326
327
328
329 229
230 *data_size = GNUNET_CREDENTIAL_delegate_serialize (cred, (char **)data);
330 231
331 *data_size = strlen (s);
332 *data = GNUNET_strdup (s);
333 return GNUNET_OK; 232 return GNUNET_OK;
334 } 233 }
335 default: 234 default:
diff --git a/src/credential/test_credential_own.sh b/src/credential/test_credential_own.sh
index a5f567511..d10d1b2ea 100755
--- a/src/credential/test_credential_own.sh
+++ b/src/credential/test_credential_own.sh
@@ -43,24 +43,28 @@ REG_STUD_ATTR="student"
43END_ATTR="end" 43END_ATTR="end"
44 44
45TEST_CREDENTIAL="mygnunetcreds" 45TEST_CREDENTIAL="mygnunetcreds"
46# Test for forward search (0) StateU.student -> EOrg.end 46# Own issuer side storage:
47# gnunet-namestore -p -z eorg -a -n "@" -t DEL -V "$STATEU_KEY $STATE_STUD_ATTR <- $EORG_KEY $END_ATTR" -e 60m -c test_credential_lookup.conf 47gnunet-credential --createIssuerSide --ego=epub --attribute="issside" --subject="$EORG_KEY asd" --ttl=5m
48# gnunet-namestore -D -z eorg 48
49 49gnunet-namestore -D -z epub
50# Alternative Format that is being implemented at the moment: 50
51# Issuerside: 51# Own subject side storage:
52# gnunet-credential --create --ego=A --attribute="a" --subject="B.b" --where="is" 52SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=epub --attribute="abcd" --subject="$EORG_KEY" --ttl=5m`
53 gnunet-credential --createIssuerSide --ego=epub --attribute="aasds" --subject="$EORG_KEY basd" --ttl=60m 53gnunet-credential --createSubjectSide --ego=eorg --extension "$SIGNED"
54 SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=epub --attribute="asd" --subject="$EORG_KEY basd" --ttl=60m` 54
55 echo $SIGNED 55SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=epub --attribute="abcd" --subject="$EORG_KEY efghijklmno" --ttl=5m`
56 gnunet-credential --createSubjectSide --extension "$SIGNED" 56gnunet-credential --createSubjectSide --ego=eorg --extension "$SIGNED"
57# Subjectside: 57
58# X = gnunet-credential --create -e E -a "a" -s "B.b" -w ss 58SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=epub --attribute="abcd" --subject="$EORG_KEY efghijklmno.pqr" --ttl=5m`
59# gnunet-credential --add -e E -x X 59gnunet-credential --createSubjectSide --ego=eorg --extension "$SIGNED"
60
61SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=epub --attribute="abcd.stu" --subject="$EORG_KEY efghijklmno.pqr" --ttl=5m`
62gnunet-credential --createSubjectSide --ego=eorg --extension "$SIGNED"
63
64gnunet-namestore -D -z eorg
60 65
61# (1) EPub assigns the attribute "discount" to all entities that have been assigned "preferred" by EOrg 66# (1) EPub assigns the attribute "discount" to all entities that have been assigned "preferred" by EOrg
62gnunet-namestore -p -z epub -a -n $DISC_ATTR -t ATTR -V "$EORG_KEY $PREF_ATTR" -e 5m -c test_credential_lookup.conf 67gnunet-namestore -p -z epub -a -n $DISC_ATTR -t ATTR -V "$EORG_KEY $PREF_ATTR" -e 5m -c test_credential_lookup.conf
63gnunet-namestore -D -z epub
64 68
65# (2) EOrg assigns the attribute "preferred" to all entities that have been assigned "student" by StateU 69# (2) EOrg assigns the attribute "preferred" to all entities that have been assigned "student" by StateU
66gnunet-namestore -p -z eorg -a -n $PREF_ATTR -t ATTR -V "$STATEU_KEY $STATE_STUD_ATTR" -e 5m -c test_credential_lookup.conf 70gnunet-namestore -p -z eorg -a -n $PREF_ATTR -t ATTR -V "$STATEU_KEY $STATE_STUD_ATTR" -e 5m -c test_credential_lookup.conf