aboutsummaryrefslogtreecommitdiff
path: root/src/credential
diff options
context:
space:
mode:
authorAndreas Ebner <a.e.bner@web.de>2019-10-07 11:48:07 +0200
committerSchanzenbach, Martin <mschanzenbach@posteo.de>2019-10-07 12:18:42 +0200
commit1d468ecabd6c2ee5c0eae672292efa0f51bc9e48 (patch)
tree6b527980752f9603945e070c8187bfbb06232b6f /src/credential
parent5cc45c7ee6a3ac522e5a1f58010d4efdf4fd102f (diff)
downloadgnunet-1d468ecabd6c2ee5c0eae672292efa0f51bc9e48.tar.gz
gnunet-1d468ecabd6c2ee5c0eae672292efa0f51bc9e48.zip
Renamed credential service to abd, replaced all related functions, parameters, etc
Diffstat (limited to 'src/credential')
-rw-r--r--src/credential/Makefile.am112
-rw-r--r--src/credential/credential.conf.in5
-rw-r--r--src/credential/credential.h289
-rw-r--r--src/credential/credential_api.c556
-rw-r--r--src/credential/credential_serialization.c508
-rw-r--r--src/credential/credential_serialization.h165
-rw-r--r--src/credential/delegate_misc.c274
-rw-r--r--src/credential/delegate_misc.h36
-rw-r--r--src/credential/gnunet-credential.c1070
-rw-r--r--src/credential/gnunet-service-credential.c1777
-rw-r--r--src/credential/plugin_gnsrecord_credential.c350
-rw-r--r--src/credential/plugin_rest_credential.c1174
-rwxr-xr-xsrc/credential/test_credential_bi_and.sh98
-rwxr-xr-xsrc/credential/test_credential_bi_and2.sh94
-rwxr-xr-xsrc/credential/test_credential_bi_and3.sh96
-rwxr-xr-xsrc/credential/test_credential_bi_and4.sh83
-rwxr-xr-xsrc/credential/test_credential_bi_bw.sh87
-rwxr-xr-xsrc/credential/test_credential_bi_bw_link.sh92
-rwxr-xr-xsrc/credential/test_credential_bi_bw_link2.sh93
-rwxr-xr-xsrc/credential/test_credential_bi_fw.sh92
-rwxr-xr-xsrc/credential/test_credential_collect.sh47
-rwxr-xr-xsrc/credential/test_credential_collect_rest.sh91
-rw-r--r--src/credential/test_credential_defaults.conf24
-rwxr-xr-xsrc/credential/test_credential_issue.sh46
-rwxr-xr-xsrc/credential/test_credential_issue_rest.sh53
-rw-r--r--src/credential/test_credential_lookup.conf28
-rwxr-xr-xsrc/credential/test_credential_own.sh140
-rwxr-xr-xsrc/credential/test_credential_verify.sh87
-rwxr-xr-xsrc/credential/test_credential_verify_and.sh87
-rwxr-xr-xsrc/credential/test_credential_verify_rest.sh88
-rwxr-xr-xsrc/credential/test_credential_verify_simple.sh56
31 files changed, 0 insertions, 7798 deletions
diff --git a/src/credential/Makefile.am b/src/credential/Makefile.am
deleted file mode 100644
index e72cf4f79..000000000
--- a/src/credential/Makefile.am
+++ /dev/null
@@ -1,112 +0,0 @@
1# This Makefile.am is in the public domain
2AM_CPPFLAGS = -I$(top_srcdir)/src/include
3
4EXTRA_DIST = \
5 test_credential_defaults.conf \
6 test_credential_lookup.conf
7
8
9if USE_COVERAGE
10 AM_CFLAGS = --coverage -O0
11endif
12
13pkgcfgdir = $(pkgdatadir)/config.d/
14
15libexecdir= $(pkglibdir)/libexec/
16
17plugindir = $(libdir)/gnunet
18
19pkgcfg_DATA = \
20 credential.conf
21
22
23# /usr/lib - compiles a layer which can be used to be communicagte with the service
24lib_LTLIBRARIES = \
25 libgnunetcredential.la
26
27# /usr/lib/gnunet/libexec - Business logic . Separate process
28libexec_PROGRAMS = \
29 gnunet-service-credential
30
31bin_PROGRAMS = \
32 gnunet-credential
33
34plugin_LTLIBRARIES = \
35 libgnunet_plugin_gnsrecord_credential.la
36
37
38gnunet_credential_SOURCES = \
39 gnunet-credential.c
40gnunet_credential_LDADD = \
41 libgnunetcredential.la \
42 $(top_builddir)/src/util/libgnunetutil.la \
43 $(top_builddir)/src/gnsrecord/libgnunetgnsrecord.la \
44 $(top_builddir)/src/identity/libgnunetidentity.la \
45 $(top_builddir)/src/namestore/libgnunetnamestore.la \
46 $(GN_LIBINTL)
47
48
49libgnunet_plugin_gnsrecord_credential_la_SOURCES = \
50 plugin_gnsrecord_credential.c
51libgnunet_plugin_gnsrecord_credential_la_LIBADD = \
52 libgnunetcredential.la \
53 $(top_builddir)/src/util/libgnunetutil.la \
54 $(LTLIBINTL)
55libgnunet_plugin_gnsrecord_credential_la_LDFLAGS = \
56 $(GN_PLUGIN_LDFLAGS)
57
58
59
60gnunet_service_credential_SOURCES = \
61 gnunet-service-credential.c
62gnunet_service_credential_LDADD = \
63 libgnunetcredential.la \
64 $(top_builddir)/src/util/libgnunetutil.la \
65 $(top_builddir)/src/gns/libgnunetgns.la \
66 $(top_builddir)/src/namestore/libgnunetnamestore.la \
67 $(top_builddir)/src/statistics/libgnunetstatistics.la \
68 $(GN_LIBINTL)
69
70
71libgnunetcredential_la_SOURCES = \
72 credential_api.c credential.h\
73 credential_serialization.c \
74 credential_serialization.h \
75 delegate_misc.c \
76 delegate_misc.h
77libgnunetcredential_la_LIBADD = \
78 $(top_builddir)/src/util/libgnunetutil.la $(XLIB)
79libgnunetcredential_la_LDFLAGS = \
80 $(GN_LIB_LDFLAGS)
81
82
83
84check_SCRIPTS = \
85 test_credential_issue.sh \
86 test_credential_verify_simple.sh \
87 test_credential_verify.sh \
88 test_credential_verify_and.sh
89
90if ENABLE_TEST_RUN
91if HAVE_SQLITE
92 AM_TESTS_ENVIRONMENT=export GNUNET_PREFIX=$${GNUNET_PREFIX:-@libdir@};export PATH=$${GNUNET_PREFIX:-@prefix@}/bin:$$PATH;
93 TESTS = $(check_SCRIPTS)
94endif
95endif
96
97#libgnunet_plugin_rest_credential_la_SOURCES = \
98# plugin_rest_credential.c
99#libgnunet_plugin_rest_credential_la_LIBADD = \
100# $(top_builddir)/src/credential/libgnunetcredential.la \
101# $(top_builddir)/src/rest/libgnunetrest.la \
102# $(top_builddir)/src/identity/libgnunetidentity.la \
103# $(top_builddir)/src/util/libgnunetutil.la $(XLIBS) \
104# $(LTLIBINTL) -ljansson $(MHD_LIBS)
105#libgnunet_plugin_rest_credential_la_LDFLAGS = \
106# $(GN_PLUGIN_LDFLAGS)
107#libgnunet_plugin_rest_credential_la_CFLAGS = $(MHD_CFLAGS) $(AM_CFLAGS)
108
109
110
111
112
diff --git a/src/credential/credential.conf.in b/src/credential/credential.conf.in
deleted file mode 100644
index d5a0b1c88..000000000
--- a/src/credential/credential.conf.in
+++ /dev/null
@@ -1,5 +0,0 @@
1[credential]
2BINARY = gnunet-service-credential
3UNIXPATH = $GNUNET_USER_RUNTIME_DIR/gnunet-service-credential.sock
4RUN_PER_USER = YES
5OPTIONS = -L DEBUG
diff --git a/src/credential/credential.h b/src/credential/credential.h
deleted file mode 100644
index 1dd476814..000000000
--- a/src/credential/credential.h
+++ /dev/null
@@ -1,289 +0,0 @@
1/*
2 This file is part of GNUnet
3 Copyright (C) 2012-2013 GNUnet e.V.
4
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
14
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18 SPDX-License-Identifier: AGPL3.0-or-later
19 */
20/**
21 * @file credential/credential.h
22 * @brief IPC messages between CREDENTIAL API and CREDENTIAL service
23 * @author Martin Schanzenbach
24 */
25#ifndef CREDENTIAL_H
26#define CREDENTIAL_H
27
28#include "gnunet_credential_service.h"
29
30GNUNET_NETWORK_STRUCT_BEGIN
31
32/**
33 * Message from client to Credential service to collect credentials.
34 */
35struct CollectMessage
36{
37 /**
38 * Header of type #GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY
39 */
40 struct GNUNET_MessageHeader header;
41
42 /**
43 * Subject public key
44 */
45 struct GNUNET_CRYPTO_EcdsaPrivateKey subject_key;
46
47 /**
48 * Trust anchor
49 */
50 struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key;
51
52 /**
53 * Length of the issuer attribute
54 */
55 uint16_t issuer_attribute_len;
56
57 /**
58 * Direction of the resolution algo
59 */
60 uint16_t resolution_algo;
61
62 /**
63 * Unique identifier for this request (for key collisions).
64 */
65 uint32_t id GNUNET_PACKED;
66
67 /* Followed by the zero-terminated attribute */
68};
69
70
71/**
72 * Message from client to Credential service to verify attributes.
73 */
74struct VerifyMessage
75{
76 /**
77 * Header of type #GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY
78 */
79 struct GNUNET_MessageHeader header;
80
81 /**
82 * Subject public key
83 */
84 struct GNUNET_CRYPTO_EcdsaPublicKey subject_key;
85
86 /**
87 * Trust anchor
88 */
89 struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key;
90
91 /**
92 * Number of delegates
93 */
94 uint32_t d_count;
95
96 /**
97 * Length of the issuer attribute
98 */
99 uint16_t issuer_attribute_len;
100
101 /**
102 * Direction of the resolution algo
103 */
104 uint16_t resolution_algo;
105
106 /**
107 * Unique identifier for this request (for key collisions).
108 */
109 uint32_t id GNUNET_PACKED;
110
111 /* Followed by the zero-terminated attribute and credentials to look up */
112};
113
114
115/**
116 * Message from CREDENTIAL service to client: new results.
117 */
118struct DelegationChainResultMessage
119{
120 /**
121 * Header of type #GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT
122 */
123 struct GNUNET_MessageHeader header;
124
125 /**
126 * Unique identifier for this request (for key collisions).
127 */
128 uint32_t id GNUNET_PACKED;
129
130 /**
131 * Indicates if credential has been found at all
132 */
133 uint32_t del_found GNUNET_PACKED;
134
135 /**
136 * The number of delegations in the response
137 */
138 uint32_t d_count GNUNET_PACKED;
139
140 /**
141 * The number of credentials in the response
142 */
143 uint32_t c_count GNUNET_PACKED;
144
145 /* followed by ad_count GNUNET_CREDENTIAL_RecordData structs*/
146};
147
148/**
149 * Message from CREDENTIAL service to client: new results.
150 */
151struct DelegationChainIntermediateMessage
152{
153 /**
154 * Header of type #GNUNET_MESSAGE_TYPE_CREDENTIAL_INTERMEDIATE_RESULT
155 */
156 struct GNUNET_MessageHeader header;
157
158 /**
159 * Unique identifier for this request (for key collisions).
160 */
161 uint32_t id GNUNET_PACKED;
162
163 uint16_t is_bw GNUNET_PACKED;
164
165 uint32_t size GNUNET_PACKED;
166};
167
168struct DelegationRecordData
169{
170 /**
171 * Subject key
172 */
173 struct GNUNET_CRYPTO_EcdsaPublicKey subject_key;
174
175 /**
176 * Subject attributes
177 */
178 uint32_t subject_attribute_len GNUNET_PACKED;
179};
180
181
182struct ChainEntry
183{
184 /**
185 * Issuer key
186 */
187 struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key;
188
189 /**
190 * Subject key
191 */
192 struct GNUNET_CRYPTO_EcdsaPublicKey subject_key;
193
194 /**
195 * Issuer attributes
196 */
197 uint32_t issuer_attribute_len GNUNET_PACKED;
198
199 /**
200 * Subject attributes
201 */
202 uint32_t subject_attribute_len GNUNET_PACKED;
203};
204
205
206struct CredentialEntry
207{
208 /**
209 * The signature for this credential by the issuer
210 */
211 struct GNUNET_CRYPTO_EcdsaSignature signature;
212
213 /**
214 * Signature meta
215 */
216 struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
217
218 /**
219 * Public key of the issuer
220 */
221 struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key;
222
223 /**
224 * Public key of the subject this credential was issued to
225 */
226 struct GNUNET_CRYPTO_EcdsaPublicKey subject_key;
227
228 /**
229 * Expiration time of this credential
230 */
231 uint64_t expiration GNUNET_PACKED;
232
233 /**
234 * Issuer attribute length
235 */
236 uint32_t issuer_attribute_len;
237
238 /**
239 * Followed by the attribute string
240 */
241};
242
243struct DelegateEntry
244{
245
246 /**
247 * The signature for this credential by the issuer
248 */
249 struct GNUNET_CRYPTO_EcdsaSignature signature;
250
251 /**
252 * Signature meta
253 */
254 struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
255
256 /**
257 * Public key of the issuer
258 */
259 struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key;
260
261 /**
262 * Public key of the subject this credential was issued to
263 */
264 struct GNUNET_CRYPTO_EcdsaPublicKey subject_key;
265
266 /**
267 * Expiration time of this credential
268 */
269 uint64_t expiration GNUNET_PACKED;
270
271 /**
272 * Issuer subject attribute length
273 */
274 uint32_t issuer_attribute_len;
275
276 /**
277 * Issuer attribute length
278 */
279 uint32_t subject_attribute_len;
280
281 /**
282 * Followed by the subject attribute string
283 */
284};
285
286
287GNUNET_NETWORK_STRUCT_END
288
289#endif
diff --git a/src/credential/credential_api.c b/src/credential/credential_api.c
deleted file mode 100644
index 7acce7d9e..000000000
--- a/src/credential/credential_api.c
+++ /dev/null
@@ -1,556 +0,0 @@
1/*
2 This file is part of GNUnet.
3 Copyright (C) 2009-2013, 2016 GNUnet e.V.
4
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
14
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18 SPDX-License-Identifier: AGPL3.0-or-later
19*/
20/**
21 * @file credential/credential_api.c
22 * @brief library to access the CREDENTIAL service
23 * @author Martin Schanzenbach
24 */
25#include "platform.h"
26#include "gnunet_util_lib.h"
27#include "gnunet_constants.h"
28#include "gnunet_arm_service.h"
29#include "gnunet_hello_lib.h"
30#include "gnunet_protocols.h"
31#include "gnunet_signatures.h"
32#include "credential.h"
33#include "credential_serialization.h"
34#include "gnunet_credential_service.h"
35#include "gnunet_identity_service.h"
36
37
38#define LOG(kind, ...) GNUNET_log_from (kind, "credential-api", __VA_ARGS__)
39
40/**
41 * Handle to a verify request
42 */
43struct GNUNET_CREDENTIAL_Request
44{
45
46 /**
47 * DLL
48 */
49 struct GNUNET_CREDENTIAL_Request *next;
50
51 /**
52 * DLL
53 */
54 struct GNUNET_CREDENTIAL_Request *prev;
55
56 /**
57 * handle to credential service
58 */
59 struct GNUNET_CREDENTIAL_Handle *credential_handle;
60
61 /**
62 * processor to call on verify result
63 */
64 GNUNET_CREDENTIAL_CredentialResultProcessor verify_proc;
65
66 /**
67 * @e verify_proc closure
68 */
69 void *proc_cls;
70
71 /**
72 * processor to call on intermediate result
73 */
74 GNUNET_CREDENTIAL_IntermediateResultProcessor int_proc;
75
76 /**
77 * @e verify_proc2 closure
78 */
79 void *proc2_cls;
80
81 /**
82 * Envelope with the message for this queue entry.
83 */
84 struct GNUNET_MQ_Envelope *env;
85
86 /**
87 * request id
88 */
89 uint32_t r_id;
90};
91
92
93/**
94 * Connection to the CREDENTIAL service.
95 */
96struct GNUNET_CREDENTIAL_Handle
97{
98
99 /**
100 * Configuration to use.
101 */
102 const struct GNUNET_CONFIGURATION_Handle *cfg;
103
104 /**
105 * Connection to service (if available).
106 */
107 struct GNUNET_MQ_Handle *mq;
108
109 /**
110 * Head of linked list of active verify requests.
111 */
112 struct GNUNET_CREDENTIAL_Request *request_head;
113
114 /**
115 * Tail of linked list of active verify requests.
116 */
117 struct GNUNET_CREDENTIAL_Request *request_tail;
118
119 /**
120 * Reconnect task
121 */
122 struct GNUNET_SCHEDULER_Task *reconnect_task;
123
124 /**
125 * How long do we wait until we try to reconnect?
126 */
127 struct GNUNET_TIME_Relative reconnect_backoff;
128
129 /**
130 * Request Id generator. Incremented by one for each request.
131 */
132 uint32_t r_id_gen;
133};
134
135
136/**
137 * Reconnect to CREDENTIAL service.
138 *
139 * @param handle the handle to the CREDENTIAL service
140 */
141static void
142reconnect (struct GNUNET_CREDENTIAL_Handle *handle);
143
144
145/**
146 * Reconnect to CREDENTIAL
147 *
148 * @param cls the handle
149 */
150static void
151reconnect_task (void *cls)
152{
153 struct GNUNET_CREDENTIAL_Handle *handle = cls;
154
155 handle->reconnect_task = NULL;
156 reconnect (handle);
157}
158
159
160/**
161 * Disconnect from service and then reconnect.
162 *
163 * @param handle our handle
164 */
165static void
166force_reconnect (struct GNUNET_CREDENTIAL_Handle *handle)
167{
168 GNUNET_MQ_destroy (handle->mq);
169 handle->mq = NULL;
170 handle->reconnect_backoff =
171 GNUNET_TIME_STD_BACKOFF (handle->reconnect_backoff);
172 handle->reconnect_task =
173 GNUNET_SCHEDULER_add_delayed (handle->reconnect_backoff,
174 &reconnect_task,
175 handle);
176}
177
178
179/**
180 * Generic error handler, called with the appropriate error code and
181 * the same closure specified at the creation of the message queue.
182 * Not every message queue implementation supports an error handler.
183 *
184 * @param cls closure with the `struct GNUNET_CREDENTIAL_Handle *`
185 * @param error error code
186 */
187static void
188mq_error_handler (void *cls, enum GNUNET_MQ_Error error)
189{
190 struct GNUNET_CREDENTIAL_Handle *handle = cls;
191
192 force_reconnect (handle);
193}
194
195/**
196 * Check validity of message received from the CREDENTIAL service
197 *
198 * @param cls the `struct GNUNET_CREDENTIAL_Handle *`
199 * @param vr_msg the incoming message
200 */
201static int
202check_result (void *cls, const struct DelegationChainResultMessage *vr_msg)
203{
204 //TODO
205 return GNUNET_OK;
206}
207
208
209/**
210 * Handler for messages received from the CREDENTIAL service
211 *
212 * @param cls the `struct GNUNET_CREDENTIAL_Handle *`
213 * @param vr_msg the incoming message
214 */
215static void
216handle_result (void *cls, const struct DelegationChainResultMessage *vr_msg)
217{
218 struct GNUNET_CREDENTIAL_Handle *handle = cls;
219 uint32_t r_id = ntohl (vr_msg->id);
220 struct GNUNET_CREDENTIAL_Request *vr;
221 size_t mlen = ntohs (vr_msg->header.size) - sizeof (*vr_msg);
222 uint32_t d_count = ntohl (vr_msg->d_count);
223 uint32_t c_count = ntohl (vr_msg->c_count);
224 struct GNUNET_CREDENTIAL_Delegation d_chain[d_count];
225 struct GNUNET_CREDENTIAL_Delegate dels[c_count];
226 GNUNET_CREDENTIAL_CredentialResultProcessor proc;
227 void *proc_cls;
228
229 LOG (GNUNET_ERROR_TYPE_DEBUG,
230 "Received verify reply from CREDENTIAL service\n");
231 for (vr = handle->request_head; NULL != vr; vr = vr->next)
232 if (vr->r_id == r_id)
233 break;
234 if (NULL == vr)
235 return;
236 proc = vr->verify_proc;
237 proc_cls = vr->proc_cls;
238 GNUNET_CONTAINER_DLL_remove (handle->request_head, handle->request_tail, vr);
239 GNUNET_MQ_discard (vr->env);
240 GNUNET_free (vr);
241 GNUNET_assert (
242 GNUNET_OK ==
243 GNUNET_CREDENTIAL_delegation_chain_deserialize (mlen,
244 (const char *) &vr_msg[1],
245 d_count,
246 d_chain,
247 c_count,
248 dels));
249 if (GNUNET_NO == ntohl (vr_msg->del_found))
250 {
251 proc (proc_cls, 0, NULL, 0,
252 NULL);
253 }
254 else
255 {
256 proc (proc_cls, d_count, d_chain, c_count, dels);
257 }
258}
259
260static int
261check_intermediate (void *cls, const struct DelegationChainIntermediateMessage *vr_msg)
262{
263 //TODO
264 return GNUNET_OK;
265}
266
267static void
268handle_intermediate (void *cls, const struct DelegationChainIntermediateMessage *vr_msg)
269{
270 struct GNUNET_CREDENTIAL_Handle *handle = cls;
271 uint32_t r_id = ntohl (vr_msg->id);
272 uint32_t size = ntohl (vr_msg->size);
273 bool is_bw = ntohs(vr_msg->is_bw);
274 struct GNUNET_CREDENTIAL_Request *vr;
275 GNUNET_CREDENTIAL_IntermediateResultProcessor proc;
276 void *proc_cls;
277 struct GNUNET_CREDENTIAL_Delegation *dd;
278
279
280 LOG (GNUNET_ERROR_TYPE_DEBUG, "Received intermediate reply from CREDENTIAL service\n");
281
282 for (vr = handle->request_head; NULL != vr; vr = vr->next)
283 if (vr->r_id == r_id)
284 break;
285 if (NULL == vr)
286 return;
287
288 proc = vr->int_proc;
289 proc_cls = vr->proc2_cls;
290
291 dd = GNUNET_new (struct GNUNET_CREDENTIAL_Delegation);
292 GNUNET_assert (
293 GNUNET_OK ==
294 GNUNET_CREDENTIAL_delegation_chain_deserialize (size,
295 (const char *) &vr_msg[1],
296 1,
297 dd,
298 0,
299 NULL));
300 proc (proc_cls, dd, is_bw);
301}
302
303
304
305/**
306 * Reconnect to CREDENTIAL service.
307 *
308 * @param handle the handle to the CREDENTIAL service
309 */
310static void
311reconnect (struct GNUNET_CREDENTIAL_Handle *handle)
312{
313 struct GNUNET_MQ_MessageHandler handlers[] =
314 {GNUNET_MQ_hd_var_size (result,
315 GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT,
316 struct DelegationChainResultMessage,
317 handle),
318 GNUNET_MQ_hd_var_size (result,
319 GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT_RESULT,
320 struct DelegationChainResultMessage,
321 handle),
322 GNUNET_MQ_hd_var_size (intermediate,
323 GNUNET_MESSAGE_TYPE_CREDENTIAL_INTERMEDIATE_RESULT,
324 struct DelegationChainIntermediateMessage,
325 handle),
326 GNUNET_MQ_handler_end ()};
327 struct GNUNET_CREDENTIAL_Request *vr;
328
329 GNUNET_assert (NULL == handle->mq);
330 LOG (GNUNET_ERROR_TYPE_DEBUG, "Trying to connect to CREDENTIAL\n");
331 handle->mq = GNUNET_CLIENT_connect (handle->cfg,
332 "credential",
333 handlers,
334 &mq_error_handler,
335 handle);
336 if (NULL == handle->mq)
337 return;
338 for (vr = handle->request_head; NULL != vr; vr = vr->next)
339 GNUNET_MQ_send_copy (handle->mq, vr->env);
340}
341
342
343/**
344 * Initialize the connection with the CREDENTIAL service.
345 *
346 * @param cfg configuration to use
347 * @return handle to the CREDENTIAL service, or NULL on error
348 */
349struct GNUNET_CREDENTIAL_Handle *
350GNUNET_CREDENTIAL_connect (const struct GNUNET_CONFIGURATION_Handle *cfg)
351{
352 struct GNUNET_CREDENTIAL_Handle *handle;
353
354 handle = GNUNET_new (struct GNUNET_CREDENTIAL_Handle);
355 handle->cfg = cfg;
356 reconnect (handle);
357 if (NULL == handle->mq)
358 {
359 GNUNET_free (handle);
360 return NULL;
361 }
362 return handle;
363}
364
365
366/**
367 * Shutdown connection with the CREDENTIAL service.
368 *
369 * @param handle handle of the CREDENTIAL connection to stop
370 */
371void
372GNUNET_CREDENTIAL_disconnect (struct GNUNET_CREDENTIAL_Handle *handle)
373{
374 if (NULL != handle->mq)
375 {
376 GNUNET_MQ_destroy (handle->mq);
377 handle->mq = NULL;
378 }
379 if (NULL != handle->reconnect_task)
380 {
381 GNUNET_SCHEDULER_cancel (handle->reconnect_task);
382 handle->reconnect_task = NULL;
383 }
384 GNUNET_assert (NULL == handle->request_head);
385 GNUNET_free (handle);
386}
387
388
389/**
390 * Cancel pending verify request
391 *
392 * @param lr the verify request to cancel
393 */
394void
395GNUNET_CREDENTIAL_request_cancel (struct GNUNET_CREDENTIAL_Request *lr)
396{
397 struct GNUNET_CREDENTIAL_Handle *handle = lr->credential_handle;
398
399 GNUNET_CONTAINER_DLL_remove (handle->request_head, handle->request_tail, lr);
400 GNUNET_MQ_discard (lr->env);
401 GNUNET_free (lr);
402}
403
404
405/**
406 * Performs attribute collection.
407 * Collects all credentials of subject to fulfill the
408 * attribute, if possible
409 *
410 * @param handle handle to the Credential service
411 * @param issuer_key the issuer public key
412 * @param issuer_attribute the issuer attribute
413 * @param subject_key the subject public key
414 * @param proc function to call on result
415 * @param proc_cls closure for processor
416 * @return handle to the queued request
417 */
418struct GNUNET_CREDENTIAL_Request *
419GNUNET_CREDENTIAL_collect (
420 struct GNUNET_CREDENTIAL_Handle *handle,
421 const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
422 const char *issuer_attribute,
423 const struct GNUNET_CRYPTO_EcdsaPrivateKey *subject_key,
424 enum GNUNET_CREDENTIAL_AlgoDirectionFlags direction,
425 GNUNET_CREDENTIAL_CredentialResultProcessor proc,
426 void *proc_cls,
427 GNUNET_CREDENTIAL_IntermediateResultProcessor proc2,
428 void *proc2_cls)
429{
430 /* IPC to shorten credential names, return shorten_handle */
431 struct CollectMessage *c_msg;
432 struct GNUNET_CREDENTIAL_Request *vr;
433 size_t nlen;
434
435 if (NULL == issuer_attribute)
436 {
437 GNUNET_break (0);
438 return NULL;
439 }
440
441 //DEBUG LOG
442 LOG (GNUNET_ERROR_TYPE_DEBUG,
443 "Trying to collect `%s' in CREDENTIAL\n",
444 issuer_attribute);
445 nlen = strlen (issuer_attribute) + 1;
446 if (nlen >= GNUNET_MAX_MESSAGE_SIZE - sizeof (*vr))
447 {
448 GNUNET_break (0);
449 return NULL;
450 }
451 vr = GNUNET_new (struct GNUNET_CREDENTIAL_Request);
452 vr->credential_handle = handle;
453 vr->verify_proc = proc;
454 vr->proc_cls = proc_cls;
455 vr->int_proc = proc2;
456 vr->proc2_cls = proc2_cls;
457 vr->r_id = handle->r_id_gen++;
458 vr->env =
459 GNUNET_MQ_msg_extra (c_msg, nlen, GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT);
460 c_msg->id = htonl (vr->r_id);
461 c_msg->subject_key = *subject_key;
462 c_msg->issuer_key = *issuer_key;
463 c_msg->issuer_attribute_len = htons (strlen (issuer_attribute));
464 c_msg->resolution_algo = htons (direction);
465
466 GNUNET_memcpy (&c_msg[1], issuer_attribute, strlen (issuer_attribute));
467 GNUNET_CONTAINER_DLL_insert (handle->request_head, handle->request_tail, vr);
468 if (NULL != handle->mq)
469 GNUNET_MQ_send_copy (handle->mq, vr->env);
470 return vr;
471}
472/**
473 * Performs attribute verification.
474 * Checks if there is a delegation chain from
475 * attribute ``issuer_attribute'' issued by the issuer
476 * with public key ``issuer_key'' maps to the attribute
477 * ``subject_attribute'' claimed by the subject with key
478 * ``subject_key''
479 *
480 * @param handle handle to the Credential service
481 * @param issuer_key the issuer public key
482 * @param issuer_attribute the issuer attribute
483 * @param subject_key the subject public key
484 * @param delegate_count number of delegates provided
485 * @param delegates subject delegates
486 * @param proc function to call on result
487 * @param proc_cls closure for processor
488 * @return handle to the queued request
489 */
490struct GNUNET_CREDENTIAL_Request *
491GNUNET_CREDENTIAL_verify (
492 struct GNUNET_CREDENTIAL_Handle *handle,
493 const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
494 const char *issuer_attribute,
495 const struct GNUNET_CRYPTO_EcdsaPublicKey *subject_key,
496 uint32_t delegate_count,
497 const struct GNUNET_CREDENTIAL_Delegate *delegates,
498 enum GNUNET_CREDENTIAL_AlgoDirectionFlags direction,
499 GNUNET_CREDENTIAL_CredentialResultProcessor proc,
500 void *proc_cls,
501 GNUNET_CREDENTIAL_IntermediateResultProcessor proc2,
502 void *proc2_cls)
503{
504 /* IPC to shorten credential names, return shorten_handle */
505 struct VerifyMessage *v_msg;
506 struct GNUNET_CREDENTIAL_Request *vr;
507 size_t nlen;
508 size_t clen;
509
510 if (NULL == issuer_attribute || NULL == delegates)
511 {
512 GNUNET_break (0);
513 return NULL;
514 }
515
516 clen = GNUNET_CREDENTIAL_delegates_get_size (delegate_count, delegates);
517
518 //DEBUG LOG
519 LOG (GNUNET_ERROR_TYPE_DEBUG,
520 "Trying to verify `%s' in CREDENTIAL\n",
521 issuer_attribute);
522 nlen = strlen (issuer_attribute) + 1 + clen;
523 if (nlen >= GNUNET_MAX_MESSAGE_SIZE - sizeof (*vr))
524 {
525 GNUNET_break (0);
526 return NULL;
527 }
528 vr = GNUNET_new (struct GNUNET_CREDENTIAL_Request);
529 vr->credential_handle = handle;
530 vr->verify_proc = proc;
531 vr->proc_cls = proc_cls;
532 vr->int_proc = proc2;
533 vr->proc2_cls = proc2_cls;
534 vr->r_id = handle->r_id_gen++;
535 vr->env =
536 GNUNET_MQ_msg_extra (v_msg, nlen, GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY);
537 v_msg->id = htonl (vr->r_id);
538 v_msg->subject_key = *subject_key;
539 v_msg->d_count = htonl (delegate_count);
540 v_msg->issuer_key = *issuer_key;
541 v_msg->issuer_attribute_len = htons (strlen (issuer_attribute));
542 v_msg->resolution_algo = htons (direction);
543
544 GNUNET_memcpy (&v_msg[1], issuer_attribute, strlen (issuer_attribute));
545 GNUNET_CREDENTIAL_delegates_serialize (delegate_count,
546 delegates,
547 clen,
548 ((char *) &v_msg[1]) +
549 strlen (issuer_attribute) + 1);
550 GNUNET_CONTAINER_DLL_insert (handle->request_head, handle->request_tail, vr);
551 if (NULL != handle->mq)
552 GNUNET_MQ_send_copy (handle->mq, vr->env);
553 return vr;
554}
555
556/* end of credential_api.c */
diff --git a/src/credential/credential_serialization.c b/src/credential/credential_serialization.c
deleted file mode 100644
index 8d8eafa44..000000000
--- a/src/credential/credential_serialization.c
+++ /dev/null
@@ -1,508 +0,0 @@
1/*
2 This file is part of GNUnet.
3 Copyright (C) 2009-2013, 2016 GNUnet e.V.
4
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
14
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18 SPDX-License-Identifier: AGPL3.0-or-later
19*/
20
21
22/**
23 * @file credential/credential_serialization.c
24 * @brief API to serialize and deserialize delegation chains
25 * and credentials
26 * @author Martin Schanzenbach
27 */
28#include "platform.h"
29#include "gnunet_util_lib.h"
30#include "gnunet_constants.h"
31#include "gnunet_credential_service.h"
32#include "gnunet_signatures.h"
33#include "credential.h"
34
35/**
36 * Calculate how many bytes we will need to serialize
37 * the given delegation chain
38 *
39 * @param ds_count number of delegation chain entries
40 * @param dsr array of #GNUNET_CREDENTIAL_DelegationSet
41 * @return the required size to serialize
42 */
43size_t
44GNUNET_CREDENTIAL_delegation_set_get_size (
45 unsigned int ds_count,
46 const struct GNUNET_CREDENTIAL_DelegationSet *dsr)
47{
48 unsigned int i;
49 size_t ret;
50
51 ret = sizeof (struct DelegationRecordData) * (ds_count);
52
53 for (i = 0; i < ds_count; i++)
54 {
55 GNUNET_assert ((ret + dsr[i].subject_attribute_len) >= ret);
56 ret += dsr[i].subject_attribute_len;
57 }
58 return ret;
59}
60
61/**
62 * Serizalize the given delegation chain entries and credential
63 *
64 * @param d_count number of delegation chain entries
65 * @param dsr array of #GNUNET_CREDENTIAL_DelegationSet
66 * @param dest_size size of the destination
67 * @param dest where to store the result
68 * @return the size of the data, -1 on failure
69 */
70ssize_t
71GNUNET_CREDENTIAL_delegation_set_serialize (
72 unsigned int d_count,
73 const struct GNUNET_CREDENTIAL_DelegationSet *dsr,
74 size_t dest_size,
75 char *dest)
76{
77 struct DelegationRecordData rec;
78 unsigned int i;
79 size_t off;
80
81 off = 0;
82 for (i = 0; i < d_count; i++)
83 {
84 rec.subject_attribute_len = htonl ((uint32_t) dsr[i].subject_attribute_len);
85 rec.subject_key = dsr[i].subject_key;
86 if (off + sizeof (rec) > dest_size)
87 return -1;
88 GNUNET_memcpy (&dest[off], &rec, sizeof (rec));
89 off += sizeof (rec);
90 if (0 == dsr[i].subject_attribute_len)
91 continue;
92 if (off + dsr[i].subject_attribute_len > dest_size)
93 return -1;
94 GNUNET_memcpy (&dest[off],
95 dsr[i].subject_attribute,
96 dsr[i].subject_attribute_len);
97 off += dsr[i].subject_attribute_len;
98 }
99 return off;
100}
101
102
103/**
104 * Deserialize the given destination
105 *
106 * @param len size of the serialized delegation chain and cred
107 * @param src the serialized data
108 * @param d_count the number of delegation chain entries
109 * @param dsr where to put the delegation chain entries
110 * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
111 */
112int
113GNUNET_CREDENTIAL_delegation_set_deserialize (
114 size_t len,
115 const char *src,
116 unsigned int d_count,
117 struct GNUNET_CREDENTIAL_DelegationSet *dsr)
118{
119 struct DelegationRecordData rec;
120 unsigned int i;
121 size_t off;
122
123 off = 0;
124 for (i = 0; i < d_count; i++)
125 {
126 if (off + sizeof (rec) > len)
127 return GNUNET_SYSERR;
128 GNUNET_memcpy (&rec, &src[off], sizeof (rec));
129 dsr[i].subject_key = rec.subject_key;
130 off += sizeof (rec);
131 dsr[i].subject_attribute_len = ntohl ((uint32_t) rec.subject_attribute_len);
132 if (off + dsr[i].subject_attribute_len > len)
133 return GNUNET_SYSERR;
134 dsr[i].subject_attribute = (char *) &src[off];
135 off += dsr[i].subject_attribute_len;
136 }
137 return GNUNET_OK;
138}
139
140
141/**
142 * Calculate how many bytes we will need to serialize
143 * the credentials
144 *
145 * @param c_count number of credential entries
146 * @param cd a #GNUNET_CREDENTIAL_Credential
147 * @return the required size to serialize
148 */
149size_t
150GNUNET_CREDENTIAL_delegates_get_size (
151 unsigned int c_count,
152 const struct GNUNET_CREDENTIAL_Delegate *cd)
153{
154 unsigned int i;
155 size_t ret;
156
157 ret = sizeof (struct DelegateEntry) * (c_count);
158
159 for (i = 0; i < c_count; i++)
160 {
161 GNUNET_assert ((ret + cd[i].issuer_attribute_len + cd[i].subject_attribute_len) >= ret);
162 // subject_attribute_len should be 0
163 ret += cd[i].issuer_attribute_len + cd[i].subject_attribute_len;
164 }
165 return ret;
166}
167/**
168 * Serizalize the given credentials
169 *
170 * @param c_count number of credential entries
171 * @param cd a #GNUNET_CREDENTIAL_Credential
172 * @param dest_size size of the destination
173 * @param dest where to store the result
174 * @return the size of the data, -1 on failure
175 */
176ssize_t
177GNUNET_CREDENTIAL_delegates_serialize (
178 unsigned int c_count,
179 const struct GNUNET_CREDENTIAL_Delegate *cd,
180 size_t dest_size,
181 char *dest)
182{
183 struct DelegateEntry c_rec;
184 unsigned int i;
185 size_t off;
186
187 off = 0;
188 for (i = 0; i < c_count; i++)
189 {
190 //c_rec.subject_attribute_len = htonl ((uint32_t) cd[i].subject_attribute_len);
191 c_rec.issuer_attribute_len = htonl ((uint32_t) cd[i].issuer_attribute_len);
192 c_rec.issuer_key = cd[i].issuer_key;
193 c_rec.subject_key = cd[i].subject_key;
194 c_rec.signature = cd[i].signature;
195 c_rec.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_DELEGATE);
196 c_rec.purpose.size =
197 htonl ((sizeof (struct DelegateEntry) + cd[i].issuer_attribute_len) -
198 sizeof (struct GNUNET_CRYPTO_EcdsaSignature));
199 c_rec.expiration = GNUNET_htonll (cd[i].expiration.abs_value_us);
200 if (off + sizeof (c_rec) > dest_size)
201 return -1;
202 GNUNET_memcpy (&dest[off], &c_rec, sizeof (c_rec));
203 off += sizeof (c_rec);
204 if (off + cd[i].issuer_attribute_len > dest_size)
205 return -1;
206 GNUNET_memcpy (&dest[off],
207 cd[i].issuer_attribute,
208 cd[i].issuer_attribute_len);
209 off += cd[i].issuer_attribute_len;
210 }
211
212 return off;
213}
214
215
216/**
217 * Deserialize the given destination
218 *
219 * @param len size of the serialized creds
220 * @param src the serialized data
221 * @param c_count the number of credential entries
222 * @param cd where to put the credential data
223 * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
224 */
225int
226GNUNET_CREDENTIAL_delegates_deserialize (size_t len,
227 const char *src,
228 unsigned int c_count,
229 struct GNUNET_CREDENTIAL_Delegate *cd)
230{
231 struct DelegateEntry c_rec;
232 unsigned int i;
233 size_t off;
234
235 off = 0;
236 for (i = 0; i < c_count; i++)
237 {
238 if (off + sizeof (c_rec) > len)
239 return GNUNET_SYSERR;
240 GNUNET_memcpy (&c_rec, &src[off], sizeof (c_rec));
241 cd[i].issuer_attribute_len = ntohl ((uint32_t) c_rec.issuer_attribute_len);
242 cd[i].issuer_key = c_rec.issuer_key;
243 cd[i].subject_key = c_rec.subject_key;
244 cd[i].signature = c_rec.signature;
245 cd[i].expiration.abs_value_us = GNUNET_ntohll (c_rec.expiration);
246 off += sizeof (c_rec);
247 if (off + cd[i].issuer_attribute_len > len)
248 return GNUNET_SYSERR;
249 cd[i].issuer_attribute = &src[off];
250 off += cd[i].issuer_attribute_len;
251 cd[i].subject_attribute_len = 0;
252 }
253 return GNUNET_OK;
254}
255
256
257/**
258 * Calculate how many bytes we will need to serialize
259 * the given delegation chain and credential
260 *
261 * @param d_count number of delegation chain entries
262 * @param dd array of #GNUNET_CREDENTIAL_Delegation
263 * @param c_count number of credential entries
264 * @param cd a #GNUNET_CREDENTIAL_Credential
265 * @return the required size to serialize
266 */
267size_t
268GNUNET_CREDENTIAL_delegation_chain_get_size (
269 unsigned int d_count,
270 const struct GNUNET_CREDENTIAL_Delegation *dd,
271 unsigned int c_count,
272 const struct GNUNET_CREDENTIAL_Delegate *cd)
273{
274 unsigned int i;
275 size_t ret;
276
277 ret = sizeof (struct ChainEntry) * (d_count);
278
279 for (i = 0; i < d_count; i++)
280 {
281 GNUNET_assert (
282 (ret + dd[i].issuer_attribute_len + dd[i].subject_attribute_len) >= ret);
283 ret += dd[i].issuer_attribute_len + dd[i].subject_attribute_len;
284 }
285 return ret + GNUNET_CREDENTIAL_delegates_get_size (c_count, cd);
286}
287
288/**
289 * Serizalize the given delegation chain entries and credential
290 *
291 * @param d_count number of delegation chain entries
292 * @param dd array of #GNUNET_CREDENTIAL_Delegation
293 * @param c_count number of credential entries
294 * @param cd a #GNUNET_CREDENTIAL_Credential
295 * @param dest_size size of the destination
296 * @param dest where to store the result
297 * @return the size of the data, -1 on failure
298 */
299ssize_t
300GNUNET_CREDENTIAL_delegation_chain_serialize (
301 unsigned int d_count,
302 const struct GNUNET_CREDENTIAL_Delegation *dd,
303 unsigned int c_count,
304 const struct GNUNET_CREDENTIAL_Delegate *cd,
305 size_t dest_size,
306 char *dest)
307{
308 struct ChainEntry rec;
309 unsigned int i;
310 size_t off;
311
312 off = 0;
313 for (i = 0; i < d_count; i++)
314 {
315 rec.issuer_attribute_len = htonl ((uint32_t) dd[i].issuer_attribute_len);
316 rec.subject_attribute_len = htonl ((uint32_t) dd[i].subject_attribute_len);
317 rec.issuer_key = dd[i].issuer_key;
318 rec.subject_key = dd[i].subject_key;
319 if (off + sizeof (rec) > dest_size)
320 return -1;
321 GNUNET_memcpy (&dest[off], &rec, sizeof (rec));
322 off += sizeof (rec);
323 if (off + dd[i].issuer_attribute_len > dest_size)
324 return -1;
325 GNUNET_memcpy (&dest[off],
326 dd[i].issuer_attribute,
327 dd[i].issuer_attribute_len);
328 off += dd[i].issuer_attribute_len;
329 if (0 == dd[i].subject_attribute_len)
330 continue;
331 if (off + dd[i].subject_attribute_len > dest_size)
332 return -1;
333 GNUNET_memcpy (&dest[off],
334 dd[i].subject_attribute,
335 dd[i].subject_attribute_len);
336 off += dd[i].subject_attribute_len;
337 }
338 return off + GNUNET_CREDENTIAL_delegates_serialize (c_count,
339 cd,
340 dest_size - off,
341 &dest[off]);
342}
343
344
345/**
346 * Deserialize the given destination
347 *
348 * @param len size of the serialized delegation chain and cred
349 * @param src the serialized data
350 * @param d_count the number of delegation chain entries
351 * @param dd where to put the delegation chain entries
352 * @param c_count the number of credential entries
353 * @param cd where to put the credential data
354 * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
355 */
356int
357GNUNET_CREDENTIAL_delegation_chain_deserialize (
358 size_t len,
359 const char *src,
360 unsigned int d_count,
361 struct GNUNET_CREDENTIAL_Delegation *dd,
362 unsigned int c_count,
363 struct GNUNET_CREDENTIAL_Delegate *cd)
364{
365 struct ChainEntry rec;
366 unsigned int i;
367 size_t off;
368
369 off = 0;
370 for (i = 0; i < d_count; i++)
371 {
372 if (off + sizeof (rec) > len)
373 return GNUNET_SYSERR;
374 GNUNET_memcpy (&rec, &src[off], sizeof (rec));
375 dd[i].issuer_attribute_len = ntohl ((uint32_t) rec.issuer_attribute_len);
376 dd[i].issuer_key = rec.issuer_key;
377 dd[i].subject_key = rec.subject_key;
378 off += sizeof (rec);
379 if (off + dd[i].issuer_attribute_len > len)
380 return GNUNET_SYSERR;
381 dd[i].issuer_attribute = &src[off];
382 off += dd[i].issuer_attribute_len;
383 dd[i].subject_attribute_len = ntohl ((uint32_t) rec.subject_attribute_len);
384 if (off + dd[i].subject_attribute_len > len)
385 return GNUNET_SYSERR;
386 dd[i].subject_attribute = &src[off];
387 off += dd[i].subject_attribute_len;
388 }
389 return GNUNET_CREDENTIAL_delegates_deserialize (len - off,
390 &src[off],
391 c_count,
392 cd);
393}
394
395int
396GNUNET_CREDENTIAL_delegate_serialize (struct GNUNET_CREDENTIAL_Delegate *dele,
397 char **data)
398{
399 size_t size;
400 struct DelegateEntry *cdata;
401 int attr_len;
402
403 // +1 for \0
404 if (0 == dele->subject_attribute_len)
405 {
406 attr_len = dele->issuer_attribute_len + 1;
407 }
408 else
409 {
410 attr_len = dele->issuer_attribute_len + dele->subject_attribute_len + 2;
411 }
412 size = sizeof (struct DelegateEntry) + attr_len;
413
414 char tmp_str[attr_len];
415 GNUNET_memcpy (tmp_str, dele->issuer_attribute, dele->issuer_attribute_len);
416 if (0 != dele->subject_attribute_len)
417 {
418 tmp_str[dele->issuer_attribute_len] = '\0';
419 GNUNET_memcpy (tmp_str + dele->issuer_attribute_len + 1,
420 dele->subject_attribute,
421 dele->subject_attribute_len);
422 }
423 tmp_str[attr_len - 1] = '\0';
424
425 *data = GNUNET_malloc (size);
426 cdata = (struct DelegateEntry *) *data;
427 cdata->subject_key = dele->subject_key;
428 cdata->issuer_key = dele->issuer_key;
429 cdata->expiration = GNUNET_htonll (dele->expiration.abs_value_us);
430 cdata->signature = dele->signature;
431 cdata->issuer_attribute_len = htonl (dele->issuer_attribute_len + 1);
432 if (0 == dele->subject_attribute_len)
433 {
434 cdata->subject_attribute_len = htonl (0);
435 }
436 else
437 {
438 cdata->subject_attribute_len = htonl (dele->subject_attribute_len + 1);
439 }
440 cdata->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_DELEGATE);
441 cdata->purpose.size =
442 htonl (size - sizeof (struct GNUNET_CRYPTO_EcdsaSignature));
443
444 GNUNET_memcpy (&cdata[1], tmp_str, attr_len);
445
446 if (GNUNET_OK !=
447 GNUNET_CRYPTO_ecdsa_verify (GNUNET_SIGNATURE_PURPOSE_DELEGATE,
448 &cdata->purpose,
449 &cdata->signature,
450 &cdata->issuer_key))
451 {
452 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "Serialize: Invalid delegate\n");
453 return 0;
454 }
455 return size;
456}
457
458struct GNUNET_CREDENTIAL_Delegate *
459GNUNET_CREDENTIAL_delegate_deserialize (const char *data, size_t data_size)
460{
461 struct GNUNET_CREDENTIAL_Delegate *dele;
462 struct DelegateEntry *cdata;
463 char *attr_combo_str;
464
465 if (data_size < sizeof (struct DelegateEntry))
466 return NULL;
467 cdata = (struct DelegateEntry *) data;
468 if (GNUNET_OK !=
469 GNUNET_CRYPTO_ecdsa_verify (GNUNET_SIGNATURE_PURPOSE_DELEGATE,
470 &cdata->purpose,
471 &cdata->signature,
472 &cdata->issuer_key))
473 {
474 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "Deserialize: Invalid delegate\n");
475 return NULL;
476 }
477 attr_combo_str = (char *) &cdata[1];
478 int iss_len = ntohl (cdata->issuer_attribute_len);
479 int sub_len = ntohl (cdata->subject_attribute_len);
480 int attr_combo_len = iss_len + sub_len;
481
482 dele =
483 GNUNET_malloc (sizeof (struct GNUNET_CREDENTIAL_Delegate) + attr_combo_len);
484
485 dele->issuer_key = cdata->issuer_key;
486 dele->subject_key = cdata->subject_key;
487 GNUNET_memcpy (&dele[1], attr_combo_str, attr_combo_len);
488 dele->signature = cdata->signature;
489
490 // Set the pointers for the attributes
491 dele->issuer_attribute = (char *) &dele[1];
492 dele->issuer_attribute_len = iss_len;
493 dele->subject_attribute_len = sub_len;
494 if (0 == sub_len)
495 {
496 dele->subject_attribute = NULL;
497 }
498 else
499 {
500 dele->subject_attribute = (char *) &dele[1] + iss_len;
501 }
502
503 dele->expiration.abs_value_us = GNUNET_ntohll (cdata->expiration);
504
505 return dele;
506}
507
508/* end of credential_serialization.c */
diff --git a/src/credential/credential_serialization.h b/src/credential/credential_serialization.h
deleted file mode 100644
index 0e106caa1..000000000
--- a/src/credential/credential_serialization.h
+++ /dev/null
@@ -1,165 +0,0 @@
1/*
2 This file is part of GNUnet.
3 Copyright (C) 2009-2013, 2016 GNUnet e.V.
4
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
14
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18 SPDX-License-Identifier: AGPL3.0-or-later
19*/
20
21
22/**
23 * @file credential/credential_serialization.h
24 * @brief API to serialize and deserialize delegation chains
25 * and credentials
26 * @author Martin Schanzenbach
27 */
28#ifndef CREDENTIAL_SERIALIZATION_H
29#define CREDENTIAL_SERIALIZATION_H
30
31#include "platform.h"
32#include "gnunet_util_lib.h"
33#include "gnunet_constants.h"
34#include "gnunet_credential_service.h"
35
36/**
37 * Calculate how many bytes we will need to serialize
38 * the given delegation record
39 *
40 * @param ds_count number of delegation chain entries
41 * @param dsr array of #GNUNET_CREDENTIAL_Delegation
42 * @return the required size to serialize
43 */
44size_t
45GNUNET_CREDENTIAL_delegation_set_get_size (
46 unsigned int ds_count,
47 const struct GNUNET_CREDENTIAL_DelegationSet *dsr);
48
49/**
50 * Serizalize the given delegation record entries
51 *
52 * @param d_count number of delegation chain entries
53 * @param dsr array of #GNUNET_CREDENTIAL_Delegation
54 * @param dest_size size of the destination
55 * @param dest where to store the result
56 * @return the size of the data, -1 on failure
57 */
58ssize_t
59GNUNET_CREDENTIAL_delegation_set_serialize (
60 unsigned int d_count,
61 const struct GNUNET_CREDENTIAL_DelegationSet *dsr,
62 size_t dest_size,
63 char *dest);
64
65
66/**
67 * Deserialize the given destination
68 *
69 * @param len size of the serialized delegation recird
70 * @param src the serialized data
71 * @param d_count the number of delegation chain entries
72 * @param dsr where to put the delegation chain entries
73 * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
74 */
75int
76GNUNET_CREDENTIAL_delegation_set_deserialize (
77 size_t len,
78 const char *src,
79 unsigned int d_count,
80 struct GNUNET_CREDENTIAL_DelegationSet *dsr);
81
82/**
83 * Calculate how many bytes we will need to serialize
84 * the given delegation chain and credential
85 *
86 * @param d_count number of delegation chain entries
87 * @param dd array of #GNUNET_CREDENTIAL_Delegation
88 * @param c_count number of credential entries
89 * @param cd a #GNUNET_CREDENTIAL_Delegate
90 * @return the required size to serialize
91 */
92size_t
93GNUNET_CREDENTIAL_delegation_chain_get_size (
94 unsigned int d_count,
95 const struct GNUNET_CREDENTIAL_Delegation *dd,
96 unsigned int c_count,
97 const struct GNUNET_CREDENTIAL_Delegate *cd);
98
99/**
100 * Serizalize the given delegation chain entries and credential
101 *
102 * @param d_count number of delegation chain entries
103 * @param dd array of #GNUNET_CREDENTIAL_Delegation
104 * @param c_count number of credential entries
105 * @param cd a #GNUNET_CREDENTIAL_Delegate
106 * @param dest_size size of the destination
107 * @param dest where to store the result
108 * @return the size of the data, -1 on failure
109 */
110ssize_t
111GNUNET_CREDENTIAL_delegation_chain_serialize (
112 unsigned int d_count,
113 const struct GNUNET_CREDENTIAL_Delegation *dd,
114 unsigned int c_count,
115 const struct GNUNET_CREDENTIAL_Delegate *cd,
116 size_t dest_size,
117 char *dest);
118
119
120/**
121 * Deserialize the given destination
122 *
123 * @param len size of the serialized delegation chain and cred
124 * @param src the serialized data
125 * @param d_count the number of delegation chain entries
126 * @param dd where to put the delegation chain entries
127 * @param c_count number of credential entries
128 * @param cd where to put the credential data
129 * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
130 */
131int
132GNUNET_CREDENTIAL_delegation_chain_deserialize (
133 size_t len,
134 const char *src,
135 unsigned int d_count,
136 struct GNUNET_CREDENTIAL_Delegation *dd,
137 unsigned int c_count,
138 struct GNUNET_CREDENTIAL_Delegate *cd);
139size_t
140GNUNET_CREDENTIAL_delegates_get_size (
141 unsigned int c_count,
142 const struct GNUNET_CREDENTIAL_Delegate *cd);
143
144ssize_t
145GNUNET_CREDENTIAL_delegates_serialize (
146 unsigned int c_count,
147 const struct GNUNET_CREDENTIAL_Delegate *cd,
148 size_t dest_size,
149 char *dest);
150
151
152int
153GNUNET_CREDENTIAL_delegates_deserialize (size_t len,
154 const char *src,
155 unsigned int c_count,
156 struct GNUNET_CREDENTIAL_Delegate *cd);
157
158int
159GNUNET_CREDENTIAL_delegate_serialize (struct GNUNET_CREDENTIAL_Delegate *cred,
160 char **data);
161
162struct GNUNET_CREDENTIAL_Delegate *
163GNUNET_CREDENTIAL_delegate_deserialize (const char *data, size_t data_size);
164#endif
165/* end of credential_serialization.h */
diff --git a/src/credential/delegate_misc.c b/src/credential/delegate_misc.c
deleted file mode 100644
index 80124711a..000000000
--- a/src/credential/delegate_misc.c
+++ /dev/null
@@ -1,274 +0,0 @@
1/*
2 This file is part of GNUnet.
3 Copyright (C) 2009-2013, 2016 GNUnet e.V.
4
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
14
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18 SPDX-License-Identifier: AGPL3.0-or-later
19*/
20
21
22/**
23 * @file credential/delegate_misc.c
24 * @brief Misc API for delegate
25 *
26 * @author Martin Schanzenbach
27 */
28#include "platform.h"
29#include "gnunet_util_lib.h"
30#include "gnunet_constants.h"
31#include "gnunet_credential_service.h"
32#include "gnunet_signatures.h"
33#include "credential.h"
34#include <inttypes.h>
35
36char *
37GNUNET_CREDENTIAL_delegate_to_string (
38 const struct GNUNET_CREDENTIAL_Delegate *cred)
39{
40 char *cred_str;
41 char *subject_pkey;
42 char *issuer_pkey;
43 char *signature;
44
45 subject_pkey = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->subject_key);
46 issuer_pkey = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->issuer_key);
47 GNUNET_STRINGS_base64_encode ((char *) &cred->signature,
48 sizeof (struct GNUNET_CRYPTO_EcdsaSignature),
49 &signature);
50 if (0 == cred->subject_attribute_len)
51 {
52 GNUNET_asprintf (&cred_str,
53 "%s.%s -> %s | %s | %" SCNu64,
54 issuer_pkey,
55 cred->issuer_attribute,
56 subject_pkey,
57 signature,
58 cred->expiration.abs_value_us);
59 }
60 else
61 {
62 GNUNET_asprintf (&cred_str,
63 "%s.%s -> %s.%s | %s | %" SCNu64,
64 issuer_pkey,
65 cred->issuer_attribute,
66 subject_pkey,
67 cred->subject_attribute,
68 signature,
69 cred->expiration.abs_value_us);
70 }
71 GNUNET_free (subject_pkey);
72 GNUNET_free (issuer_pkey);
73 GNUNET_free (signature);
74
75 return cred_str;
76}
77
78struct GNUNET_CREDENTIAL_Delegate *
79GNUNET_CREDENTIAL_delegate_from_string (const char *s)
80{
81 struct GNUNET_CREDENTIAL_Delegate *dele;
82 size_t enclen = (sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)) * 8;
83 if (enclen % 5 > 0)
84 enclen += 5 - enclen % 5;
85 enclen /= 5; /* 260/5 = 52 */
86 char subject_pkey[enclen + 1];
87 char issuer_pkey[enclen + 1];
88 char iss_attr[253 + 1];
89 // Needs to be initialized, in case of Type 1 credential (A.a <- B)
90 char sub_attr[253 + 1] = "";
91 char signature[256]; //TODO max payload size
92
93 struct GNUNET_CRYPTO_EcdsaSignature *sig;
94 struct GNUNET_TIME_Absolute etime_abs;
95
96 // If it's A.a <- B.b...
97 if (6 != SSCANF (s,
98 "%52s.%253s -> %52s.%253s | %s | %" SCNu64,
99 issuer_pkey,
100 iss_attr,
101 subject_pkey,
102 sub_attr,
103 signature,
104 &etime_abs.abs_value_us))
105 {
106 // Try if it's A.a <- B
107 if (5 != SSCANF (s,
108 "%52s.%253s -> %52s | %s | %" SCNu64,
109 issuer_pkey,
110 iss_attr,
111 subject_pkey,
112 signature,
113 &etime_abs.abs_value_us))
114 {
115 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
116 "Unable to parse DEL record string `%s'\n",
117 s);
118 return NULL;
119 }
120 }
121
122 // +1 for \0
123 int attr_len;
124 if (strcmp (sub_attr, "") == 0)
125 {
126 attr_len = strlen (iss_attr) + 1;
127 }
128 else
129 {
130 attr_len = strlen (iss_attr) + strlen (sub_attr) + 2;
131 }
132 dele = GNUNET_malloc (sizeof (struct GNUNET_CREDENTIAL_Delegate) + attr_len);
133
134 char tmp_str[attr_len];
135 GNUNET_memcpy (tmp_str, iss_attr, strlen (iss_attr));
136 if (strcmp (sub_attr, "") != 0)
137 {
138 tmp_str[strlen (iss_attr)] = '\0';
139 GNUNET_memcpy (tmp_str + strlen (iss_attr) + 1,
140 sub_attr,
141 strlen (sub_attr));
142 }
143 tmp_str[attr_len - 1] = '\0';
144
145 GNUNET_CRYPTO_ecdsa_public_key_from_string (subject_pkey,
146 strlen (subject_pkey),
147 &dele->subject_key);
148 GNUNET_CRYPTO_ecdsa_public_key_from_string (issuer_pkey,
149 strlen (issuer_pkey),
150 &dele->issuer_key);
151 GNUNET_assert (sizeof (struct GNUNET_CRYPTO_EcdsaSignature) ==
152 GNUNET_STRINGS_base64_decode (signature,
153 strlen (signature),
154 (void **) &sig));
155 dele->signature = *sig;
156 dele->expiration = etime_abs;
157 GNUNET_free (sig);
158
159 GNUNET_memcpy (&dele[1], tmp_str, attr_len);
160
161 dele->issuer_attribute = (char *) &dele[1];
162 dele->issuer_attribute_len = strlen (iss_attr);
163 if (strcmp (sub_attr, "") == 0)
164 {
165 dele->subject_attribute = NULL;
166 dele->subject_attribute_len = 0;
167 }
168 else
169 {
170 dele->subject_attribute = (char *) &dele[1] + strlen (iss_attr) + 1;
171 dele->subject_attribute_len = strlen (sub_attr);
172 }
173
174 return dele;
175}
176
177/**
178 * Issue an attribute to a subject
179 *
180 * @param issuer the ego that should be used to issue the attribute
181 * @param subject the subject of the attribute
182 * @param iss_attr the name of the attribute
183 * @return handle to the queued request
184 */
185
186struct GNUNET_CREDENTIAL_Delegate *
187GNUNET_CREDENTIAL_delegate_issue (
188 const struct GNUNET_CRYPTO_EcdsaPrivateKey *issuer,
189 struct GNUNET_CRYPTO_EcdsaPublicKey *subject,
190 const char *iss_attr,
191 const char *sub_attr,
192 struct GNUNET_TIME_Absolute *expiration)
193{
194 struct DelegateEntry *del;
195 struct GNUNET_CREDENTIAL_Delegate *dele;
196 size_t size;
197 int attr_len;
198
199 if (NULL == sub_attr)
200 {
201 // +1 for \0
202 attr_len = strlen (iss_attr) + 1;
203 }
204 else
205 {
206 // +2 for both strings need to be terminated with \0
207 attr_len = strlen (iss_attr) + strlen (sub_attr) + 2;
208 }
209 size = sizeof (struct DelegateEntry) + attr_len;
210
211 char tmp_str[attr_len];
212 GNUNET_memcpy (tmp_str, iss_attr, strlen (iss_attr));
213 if (NULL != sub_attr)
214 {
215 tmp_str[strlen (iss_attr)] = '\0';
216 GNUNET_memcpy (tmp_str + strlen (iss_attr) + 1,
217 sub_attr,
218 strlen (sub_attr));
219 }
220 tmp_str[attr_len - 1] = '\0';
221
222 del = GNUNET_malloc (size);
223 del->purpose.size =
224 htonl (size - sizeof (struct GNUNET_CRYPTO_EcdsaSignature));
225 del->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_DELEGATE);
226 GNUNET_CRYPTO_ecdsa_key_get_public (issuer, &del->issuer_key);
227 del->subject_key = *subject;
228 del->expiration = GNUNET_htonll (expiration->abs_value_us);
229 del->issuer_attribute_len = htonl (strlen (iss_attr) + 1);
230 if (NULL == sub_attr)
231 {
232 del->subject_attribute_len = htonl (0);
233 }
234 else
235 {
236 del->subject_attribute_len = htonl (strlen (sub_attr) + 1);
237 }
238
239 GNUNET_memcpy (&del[1], tmp_str, attr_len);
240
241 if (GNUNET_OK !=
242 GNUNET_CRYPTO_ecdsa_sign (issuer, &del->purpose, &del->signature))
243 {
244 GNUNET_break (0);
245 GNUNET_free (del);
246 return NULL;
247 }
248
249 dele = GNUNET_malloc (sizeof (struct GNUNET_CREDENTIAL_Delegate) + attr_len);
250 dele->signature = del->signature;
251 dele->expiration = *expiration;
252 GNUNET_CRYPTO_ecdsa_key_get_public (issuer, &dele->issuer_key);
253
254 dele->subject_key = *subject;
255
256 // Copy the combined string at the part in the memory where the struct ends
257 GNUNET_memcpy (&dele[1], tmp_str, attr_len);
258
259 dele->issuer_attribute = (char *) &dele[1];
260 dele->issuer_attribute_len = strlen (iss_attr);
261 if (NULL == sub_attr)
262 {
263 dele->subject_attribute = NULL;
264 dele->subject_attribute_len = 0;
265 }
266 else
267 {
268 dele->subject_attribute = (char *) &dele[1] + strlen (iss_attr) + 1;
269 dele->subject_attribute_len = strlen (sub_attr);
270 }
271
272 GNUNET_free (del);
273 return dele;
274}
diff --git a/src/credential/delegate_misc.h b/src/credential/delegate_misc.h
deleted file mode 100644
index 936517437..000000000
--- a/src/credential/delegate_misc.h
+++ /dev/null
@@ -1,36 +0,0 @@
1/*
2 This file is part of GNUnet
3 Copyright (C) 2012-2013 GNUnet e.V.
4
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
14
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18 SPDX-License-Identifier: AGPL3.0-or-later
19 */
20/**
21 * @file credential/delegate_misc.h
22 * @brief Delegate helper functions
23 */
24#ifndef DELEGATE_MISC_H
25#define DELEGATE_MISC_H
26
27#include "gnunet_credential_service.h"
28
29char *
30GNUNET_CREDENTIAL_delegate_to_string (
31 const struct GNUNET_CREDENTIAL_Delegate *cred);
32
33struct GNUNET_CREDENTIAL_Delegate *
34GNUNET_CREDENTIAL_delegate_from_string (const char *str);
35
36#endif
diff --git a/src/credential/gnunet-credential.c b/src/credential/gnunet-credential.c
deleted file mode 100644
index 03b017208..000000000
--- a/src/credential/gnunet-credential.c
+++ /dev/null
@@ -1,1070 +0,0 @@
1/*
2 This file is part of GNUnet.
3 Copyright (C) 2012-2013 GNUnet e.V.
4
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
14
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18 SPDX-License-Identifier: AGPL3.0-or-later
19*/
20/**
21 * @file gnunet-credential.c
22 * @brief command line tool to access command line Credential service
23 * @author Martin Schanzenbach
24 */
25#include "platform.h"
26#include <gnunet_util_lib.h>
27#include <gnunet_credential_service.h>
28#include <gnunet_gnsrecord_lib.h>
29#include <gnunet_namestore_service.h>
30#include "delegate_misc.h"
31#include "credential_serialization.h"
32
33/**
34 * Configuration we are using.
35 */
36static const struct GNUNET_CONFIGURATION_Handle *cfg;
37
38/**
39 * Handle to the namestore.
40 */
41static struct GNUNET_NAMESTORE_Handle *ns;
42
43/**
44 * Private key for the our zone.
45 */
46static struct GNUNET_CRYPTO_EcdsaPrivateKey zone_pkey;
47
48/**
49 * EgoLookup
50 */
51static struct GNUNET_IDENTITY_EgoLookup *el;
52
53/**
54 * Handle to Credential service.
55 */
56static struct GNUNET_CREDENTIAL_Handle *credential;
57
58/**
59 * Desired timeout for the lookup (default is no timeout).
60 */
61static struct GNUNET_TIME_Relative timeout;
62
63/**
64 * Handle to verify request
65 */
66static struct GNUNET_CREDENTIAL_Request *verify_request;
67
68/**
69 * Handle to collect request
70 */
71static struct GNUNET_CREDENTIAL_Request *collect_request;
72
73/**
74 * Task scheduled to handle timeout.
75 */
76static struct GNUNET_SCHEDULER_Task *tt;
77
78/**
79 * Return value of the commandline.
80 */
81static int ret = 0;
82
83/**
84 * Subject pubkey string
85 */
86static char *subject;
87
88/**
89 * Subject delegate string
90 */
91static char *subject_delegate;
92
93/**
94 * Credential TTL
95 */
96static char *expiration;
97
98/**
99 * Subject key
100 */
101struct GNUNET_CRYPTO_EcdsaPublicKey subject_pkey;
102
103/**
104 * Issuer key
105 */
106struct GNUNET_CRYPTO_EcdsaPublicKey issuer_pkey;
107
108
109/**
110 * Issuer pubkey string
111 */
112static char *issuer_key;
113
114/**
115 * ego
116 */
117static char *ego_name;
118
119/**
120 * Issuer attribute
121 */
122static char *issuer_attr;
123
124/**
125 * Verify mode
126 */
127static int verify;
128
129/**
130 * Collect mode
131 */
132static int collect;
133
134/**
135 * Create mode
136 */
137static int create_is;
138
139/**
140 * Create mode
141 */
142static int create_ss;
143
144/**
145 * Create mode
146 */
147static int sign_ss;
148
149/**
150 * Signed issue credentials
151 */
152static char *import;
153
154/**
155 * Is record private
156 */
157static int is_private;
158
159/**
160 * Search direction: forward
161 */
162static int forward;
163
164/**
165 * Search direction: backward
166 */
167static int backward;
168
169/**
170 * API enum, filled and passed for collect/verify
171 */
172enum GNUNET_CREDENTIAL_AlgoDirectionFlags direction = 0;
173
174/**
175 * Queue entry for the 'add' operation.
176 */
177static struct GNUNET_NAMESTORE_QueueEntry *add_qe;
178
179/**
180 * Value in binary format.
181 */
182static void *data;
183
184/**
185 * Number of bytes in #data.
186 */
187static size_t data_size;
188
189/**
190 * Type string converted to DNS type value.
191 */
192static uint32_t type;
193
194/**
195 * Type of the record to add/remove, NULL to remove all.
196 */
197static char *typestring;
198/**
199 * Expiration string converted to numeric value.
200 */
201static uint64_t etime;
202
203/**
204 * Is expiration time relative or absolute time?
205 */
206static int etime_is_rel = GNUNET_SYSERR;
207
208/**
209 * Fixed size of the public/private keys
210 */
211static const int key_length = 52;
212
213/**
214 * Record label for storing delegations
215 */
216static char *record_label;
217
218/**
219 * Task run on shutdown. Cleans up everything.
220 *
221 * @param cls unused
222 */
223static void
224do_shutdown (void *cls)
225{
226 if (NULL != verify_request)
227 {
228 GNUNET_CREDENTIAL_request_cancel (verify_request);
229 verify_request = NULL;
230 }
231 if (NULL != credential)
232 {
233 GNUNET_CREDENTIAL_disconnect (credential);
234 credential = NULL;
235 }
236 if (NULL != tt)
237 {
238 GNUNET_SCHEDULER_cancel (tt);
239 tt = NULL;
240 }
241 if (NULL != el)
242 {
243 GNUNET_IDENTITY_ego_lookup_cancel (el);
244 el = NULL;
245 }
246 if (NULL != add_qe)
247 {
248 GNUNET_NAMESTORE_cancel (add_qe);
249 add_qe = NULL;
250 }
251 if (NULL != ns)
252 {
253 GNUNET_NAMESTORE_disconnect (ns);
254 ns = NULL;
255 }
256}
257
258
259/**
260 * Task run on timeout. Triggers shutdown.
261 *
262 * @param cls unused
263 */
264static void
265do_timeout (void *cls)
266{
267 tt = NULL;
268 GNUNET_SCHEDULER_shutdown ();
269}
270
271static void
272handle_intermediate_result(void *cls,
273 struct GNUNET_CREDENTIAL_Delegation *dd,
274 bool is_bw)
275{
276 char *prefix = "";
277 if(is_bw)
278 prefix = "Backward -";
279 else
280 prefix = "Forward -";
281
282 printf ("%s Intermediate result: %s.%s <- %s.%s\n",
283 prefix,
284 GNUNET_CRYPTO_ecdsa_public_key_to_string (&dd->issuer_key),
285 dd->issuer_attribute,
286 GNUNET_CRYPTO_ecdsa_public_key_to_string (&dd->subject_key),
287 dd->subject_attribute);
288}
289
290static void
291handle_collect_result (void *cls,
292 unsigned int d_count,
293 struct GNUNET_CREDENTIAL_Delegation *dc,
294 unsigned int c_count,
295 struct GNUNET_CREDENTIAL_Delegate *dele)
296{
297 int i;
298 char *line;
299
300 verify_request = NULL;
301 if (NULL != dele)
302 {
303 for (i = 0; i < c_count; i++)
304 {
305 line = GNUNET_CREDENTIAL_delegate_to_string (&dele[i]);
306 printf ("%s\n", line);
307 GNUNET_free (line);
308 }
309 }
310 else
311 {
312 printf ("Received NULL\n");
313 }
314
315 GNUNET_SCHEDULER_shutdown ();
316}
317
318
319static void
320handle_verify_result (void *cls,
321 unsigned int d_count,
322 struct GNUNET_CREDENTIAL_Delegation *dc,
323 unsigned int c_count,
324 struct GNUNET_CREDENTIAL_Delegate *dele)
325{
326 int i;
327 char *iss_key;
328 char *sub_key;
329
330 verify_request = NULL;
331 if (NULL == dele)
332 ret = 1;
333 else
334 {
335 printf ("Delegation Chain:\n");
336 for (i = 0; i < d_count; i++)
337 {
338 iss_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dc[i].issuer_key);
339 sub_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dc[i].subject_key);
340
341 if (0 != dc[i].subject_attribute_len)
342 {
343 printf ("(%d) %s.%s <- %s.%s\n",
344 i,
345 iss_key,
346 dc[i].issuer_attribute,
347 sub_key,
348 dc[i].subject_attribute);
349 }
350 else
351 {
352 printf ("(%d) %s.%s <- %s\n",
353 i,
354 iss_key,
355 dc[i].issuer_attribute,
356 sub_key);
357 }
358 GNUNET_free (iss_key);
359 GNUNET_free (sub_key);
360 }
361 printf ("\nDelegate(s):\n");
362 for (i = 0; i < c_count; i++)
363 {
364 iss_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dele[i].issuer_key);
365 sub_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dele[i].subject_key);
366 printf ("%s.%s <- %s\n", iss_key, dele[i].issuer_attribute, sub_key);
367 GNUNET_free (iss_key);
368 GNUNET_free (sub_key);
369 }
370 printf ("Successful.\n");
371 }
372
373 GNUNET_SCHEDULER_shutdown ();
374}
375
376/**
377 * Callback invoked from identity service with ego information.
378 * An @a ego of NULL means the ego was not found.
379 *
380 * @param cls closure with the configuration
381 * @param ego an ego known to identity service, or NULL
382 */
383static void
384identity_cb (void *cls, const struct GNUNET_IDENTITY_Ego *ego)
385{
386 const struct GNUNET_CRYPTO_EcdsaPrivateKey *privkey;
387
388 el = NULL;
389 if (NULL == ego)
390 {
391 if (NULL != ego_name)
392 {
393 fprintf (stderr,
394 _ ("Ego `%s' not known to identity service\n"),
395 ego_name);
396 }
397 GNUNET_SCHEDULER_shutdown ();
398 return;
399 }
400
401 if (GNUNET_YES == collect)
402 {
403
404 if (GNUNET_OK !=
405 GNUNET_CRYPTO_ecdsa_public_key_from_string (issuer_key,
406 strlen (issuer_key),
407 &issuer_pkey))
408 {
409 fprintf (stderr,
410 _ ("Issuer public key `%s' is not well-formed\n"),
411 issuer_key);
412 GNUNET_SCHEDULER_shutdown ();
413 }
414 privkey = GNUNET_IDENTITY_ego_get_private_key (ego);
415
416 collect_request = GNUNET_CREDENTIAL_collect (credential,
417 &issuer_pkey,
418 issuer_attr,
419 privkey,
420 direction,
421 &handle_collect_result,
422 NULL,
423 &handle_intermediate_result,
424 NULL);
425 return;
426 }
427 GNUNET_SCHEDULER_shutdown ();
428}
429
430/**
431 * Parse expiration time.
432 *
433 * @param expirationstring text to parse
434 * @param etime_is_rel[out] set to #GNUNET_YES if time is relative
435 * @param etime[out] set to expiration time (abs or rel)
436 * @return #GNUNET_OK on success
437 */
438static int
439parse_expiration (const char *expirationstring,
440 int *etime_is_rel,
441 uint64_t *etime)
442{
443 // copied from namestore/gnunet-namestore.c
444 struct GNUNET_TIME_Relative etime_rel;
445 struct GNUNET_TIME_Absolute etime_abs;
446
447 if (0 == strcmp (expirationstring, "never"))
448 {
449 *etime = GNUNET_TIME_UNIT_FOREVER_ABS.abs_value_us;
450 *etime_is_rel = GNUNET_NO;
451 return GNUNET_OK;
452 }
453 if (GNUNET_OK ==
454 GNUNET_STRINGS_fancy_time_to_relative (expirationstring, &etime_rel))
455 {
456 *etime_is_rel = GNUNET_YES;
457 *etime = etime_rel.rel_value_us;
458 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
459 "Storing record with relative expiration time of %s\n",
460 GNUNET_STRINGS_relative_time_to_string (etime_rel, GNUNET_NO));
461 return GNUNET_OK;
462 }
463 if (GNUNET_OK ==
464 GNUNET_STRINGS_fancy_time_to_absolute (expirationstring, &etime_abs))
465 {
466 *etime_is_rel = GNUNET_NO;
467 *etime = etime_abs.abs_value_us;
468 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
469 "Storing record with absolute expiration time of %s\n",
470 GNUNET_STRINGS_absolute_time_to_string (etime_abs));
471 return GNUNET_OK;
472 }
473 return GNUNET_SYSERR;
474}
475
476/**
477 * Function called if lookup fails.
478 */
479static void
480error_cb (void *cls)
481{
482 fprintf (stderr, "Error occured during lookup, shutting down.\n");
483 GNUNET_SCHEDULER_shutdown ();
484 return;
485}
486static void
487add_continuation (void *cls, int32_t success, const char *emsg)
488{
489 struct GNUNET_NAMESTORE_QueueEntry **qe = cls;
490 *qe = NULL;
491
492 if(GNUNET_OK == success)
493 printf ("Adding successful.\n");
494 else
495 fprintf (stderr, "Error occured during adding, shutting down.\n");
496
497 GNUNET_SCHEDULER_shutdown ();
498}
499
500static void
501get_existing_record (void *cls,
502 const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone_key,
503 const char *rec_name,
504 unsigned int rd_count,
505 const struct GNUNET_GNSRECORD_Data *rd)
506{
507 struct GNUNET_GNSRECORD_Data rdn[rd_count + 1];
508 struct GNUNET_GNSRECORD_Data *rde;
509
510 memset (rdn, 0, sizeof (struct GNUNET_GNSRECORD_Data));
511 GNUNET_memcpy (&rdn[1], rd, rd_count * sizeof (struct GNUNET_GNSRECORD_Data));
512 rde = &rdn[0];
513 rde->data = data;
514 rde->data_size = data_size;
515 rde->record_type = type;
516
517 // Set flags
518 if (GNUNET_YES == is_private)
519 rde->flags |= GNUNET_GNSRECORD_RF_PRIVATE;
520 rde->expiration_time = etime;
521 if (GNUNET_YES == etime_is_rel)
522 rde->flags |= GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION;
523 else if (GNUNET_NO != etime_is_rel)
524 rde->expiration_time = GNUNET_TIME_UNIT_FOREVER_ABS.abs_value_us;
525
526 GNUNET_assert (NULL != rec_name);
527 add_qe = GNUNET_NAMESTORE_records_store (ns,
528 &zone_pkey,
529 rec_name,
530 rd_count + 1,
531 rde,
532 &add_continuation,
533 &add_qe);
534
535 return;
536}
537
538static void
539store_cb (void *cls, const struct GNUNET_IDENTITY_Ego *ego)
540{
541 const struct GNUNET_CONFIGURATION_Handle *cfg = cls;
542
543 el = NULL;
544
545 ns = GNUNET_NAMESTORE_connect (cfg);
546 if (NULL == ns)
547 {
548 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
549 _ ("Failed to connect to namestore\n"));
550 GNUNET_SCHEDULER_shutdown ();
551 return;
552 }
553
554 // Key handling
555 zone_pkey = *GNUNET_IDENTITY_ego_get_private_key (ego);
556
557 if (GNUNET_GNSRECORD_TYPE_DELEGATE == type)
558 {
559 // Parse import
560 struct GNUNET_CREDENTIAL_Delegate *cred;
561 cred = GNUNET_CREDENTIAL_delegate_from_string (import);
562
563 // Get import subject public key string
564 char *subject_pubkey_str =
565 GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->subject_key);
566
567 // Get zone public key string
568 struct GNUNET_CRYPTO_EcdsaPublicKey zone_pubkey;
569 GNUNET_IDENTITY_ego_get_public_key (ego, &zone_pubkey);
570 char *zone_pubkey_str =
571 GNUNET_CRYPTO_ecdsa_public_key_to_string (&zone_pubkey);
572
573 // Check if the subject key in the signed import matches the zone's key it is issued to
574 if (strcmp (zone_pubkey_str, subject_pubkey_str) != 0)
575 {
576 fprintf (stderr,
577 "Import signed delegate does not match this ego's public key.\n");
578 GNUNET_SCHEDULER_shutdown ();
579 return;
580 }
581
582 // Expiration
583 etime = cred->expiration.abs_value_us;
584 etime_is_rel = GNUNET_NO;
585
586 // Prepare the data to be store in the record
587 data_size = GNUNET_CREDENTIAL_delegate_serialize (cred, (char **) &data);
588 GNUNET_free (cred);
589 }
590 else
591 {
592 // For all other types e.g. GNUNET_GNSRECORD_TYPE_ATTRIBUTE
593 if (GNUNET_OK !=
594 GNUNET_GNSRECORD_string_to_value (type, subject, &data, &data_size))
595 {
596 fprintf (stderr,
597 "Value `%s' invalid for record type `%s'\n",
598 subject,
599 typestring);
600 GNUNET_SCHEDULER_shutdown ();
601 return;
602 }
603
604 // Take care of expiration
605 if (NULL == expiration)
606 {
607 fprintf (stderr, "Missing option -e for operation 'create'\n");
608 GNUNET_SCHEDULER_shutdown ();
609 return;
610 }
611 if (GNUNET_OK != parse_expiration (expiration, &etime_is_rel, &etime))
612 {
613 fprintf (stderr, "Invalid time format `%s'\n", expiration);
614 GNUNET_SCHEDULER_shutdown ();
615 return;
616 }
617 }
618
619 // Start lookup
620 add_qe = GNUNET_NAMESTORE_records_lookup (ns,
621 &zone_pkey,
622 record_label,
623 &error_cb,
624 NULL,
625 &get_existing_record,
626 NULL);
627 return;
628}
629
630static void
631sign_cb (void *cls, const struct GNUNET_IDENTITY_Ego *ego)
632{
633 const struct GNUNET_CRYPTO_EcdsaPrivateKey *privkey;
634 struct GNUNET_CREDENTIAL_Delegate *dele;
635 struct GNUNET_TIME_Absolute etime_abs;
636 char *res;
637
638 el = NULL;
639
640 // work on expiration time
641 if (NULL == expiration)
642 {
643 fprintf (stderr, "Please specify a TTL\n");
644 GNUNET_SCHEDULER_shutdown ();
645 return;
646 }
647 else if (GNUNET_OK !=
648 GNUNET_STRINGS_fancy_time_to_absolute (expiration, &etime_abs))
649 {
650 fprintf (stderr,
651 "%s is not a valid ttl! Only absolute times are accepted!\n",
652 expiration);
653 GNUNET_SCHEDULER_shutdown ();
654 return;
655 }
656
657 // If contains a space - split it by the first space only - assume first entry is subject followed by attribute(s)
658 char *subject_pubkey_str;
659 char *subject_attr = NULL;
660 char *token;
661
662 // Subject Public Key
663 token = strtok (subject, " ");
664 if (key_length == strlen (token))
665 {
666 subject_pubkey_str = token;
667 }
668 else
669 {
670 fprintf (stderr, "Key error, wrong length: %ld!\n", strlen (token));
671 GNUNET_SCHEDULER_shutdown ();
672 return;
673 }
674 // Subject Attribute(s)
675 token = strtok (NULL, " ");
676 if (NULL != token)
677 {
678 subject_attr = token;
679 }
680
681 // work on keys
682 privkey = GNUNET_IDENTITY_ego_get_private_key (ego);
683
684 if (GNUNET_OK !=
685 GNUNET_CRYPTO_ecdsa_public_key_from_string (subject_pubkey_str,
686 strlen (subject_pubkey_str),
687 &subject_pkey))
688 {
689 fprintf (stderr,
690 "Subject public key `%s' is not well-formed\n",
691 subject_pubkey_str);
692 GNUNET_SCHEDULER_shutdown ();
693 return;
694 }
695
696 // Sign delegate
697 dele = GNUNET_CREDENTIAL_delegate_issue (privkey,
698 &subject_pkey,
699 issuer_attr,
700 subject_attr,
701 &etime_abs);
702 res = GNUNET_CREDENTIAL_delegate_to_string (dele);
703 GNUNET_free (dele);
704 printf ("%s\n", res);
705
706 GNUNET_free_non_null (ego_name);
707 ego_name = NULL;
708
709 GNUNET_SCHEDULER_shutdown ();
710}
711
712/**
713 * Main function that will be run.
714 *
715 * @param cls closure
716 * @param args remaining command-line arguments
717 * @param cfgfile name of the configuration file used (for saving, can be NULL!)
718 * @param c configuration
719 */
720static void
721run (void *cls,
722 char *const *args,
723 const char *cfgfile,
724 const struct GNUNET_CONFIGURATION_Handle *c)
725{
726 cfg = c;
727
728 tt = GNUNET_SCHEDULER_add_delayed (timeout, &do_timeout, NULL);
729 GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL);
730
731 // Check relevant cmdline parameters
732 if (GNUNET_YES == create_is)
733 {
734 if (NULL == ego_name)
735 {
736 fprintf (stderr, "Missing option '-ego'\n");
737 GNUNET_SCHEDULER_shutdown ();
738 return;
739 }
740 if (NULL == issuer_attr)
741 {
742 fprintf (stderr, "Missing option '-attribute' for issuer attribute\n");
743 GNUNET_SCHEDULER_shutdown ();
744 return;
745 }
746 if (NULL == subject)
747 {
748 fprintf (stderr, "Missing option -subject for operation 'create'.'\n");
749 GNUNET_SCHEDULER_shutdown ();
750 return;
751 }
752
753 // Lookup ego, on success call store_cb and store as ATTRIBUTE type
754 type = GNUNET_GNSRECORD_TYPE_ATTRIBUTE;
755 record_label = issuer_attr;
756 el = GNUNET_IDENTITY_ego_lookup (cfg, ego_name, &store_cb, (void *) cfg);
757 return;
758 }
759
760 if (GNUNET_YES == create_ss)
761 {
762
763 // check if signed parameter has been passed in cmd line call
764 if (NULL == import)
765 {
766 fprintf (stderr, "'import' required\n");
767 GNUNET_SCHEDULER_shutdown ();
768 return;
769 }
770
771 type = GNUNET_GNSRECORD_TYPE_DELEGATE;
772 record_label = GNUNET_GNS_EMPTY_LABEL_AT;
773 // Store subject side
774 el = GNUNET_IDENTITY_ego_lookup (cfg, ego_name, &store_cb, (void *) cfg);
775
776 return;
777 }
778
779 if (GNUNET_YES == sign_ss)
780 {
781 if (NULL == ego_name)
782 {
783 fprintf (stderr, "ego required\n");
784 GNUNET_SCHEDULER_shutdown ();
785 return;
786 }
787 if (NULL == subject)
788 {
789 fprintf (stderr, "Subject public key needed\n");
790 GNUNET_SCHEDULER_shutdown ();
791 return;
792 }
793
794 // lookup ego and call function sign_cb on success
795 el = GNUNET_IDENTITY_ego_lookup (cfg, ego_name, &sign_cb, (void *) cfg);
796 return;
797 }
798
799 if (GNUNET_NO == forward && GNUNET_NO == backward)
800 {
801 // set default: bidirectional
802 forward = GNUNET_YES;
803 backward = GNUNET_YES;
804 }
805 if (GNUNET_YES == forward)
806 direction |= GNUNET_CREDENTIAL_FLAG_FORWARD;
807 if (GNUNET_YES == backward)
808 direction |= GNUNET_CREDENTIAL_FLAG_BACKWARD;
809
810 if (GNUNET_YES == collect)
811 {
812 if (NULL == issuer_key)
813 {
814 fprintf (stderr, _ ("Issuer public key not well-formed\n"));
815 GNUNET_SCHEDULER_shutdown ();
816 return;
817 }
818
819 credential = GNUNET_CREDENTIAL_connect (cfg);
820
821 if (NULL == credential)
822 {
823 fprintf (stderr, _ ("Failed to connect to CREDENTIAL\n"));
824 GNUNET_SCHEDULER_shutdown ();
825 return;
826 }
827 if (NULL == issuer_attr)
828 {
829 fprintf (stderr, _ ("You must provide issuer the attribute\n"));
830 GNUNET_SCHEDULER_shutdown ();
831 return;
832 }
833
834 if (NULL == ego_name)
835 {
836 fprintf (stderr, _ ("ego required\n"));
837 GNUNET_SCHEDULER_shutdown ();
838 return;
839 }
840 el = GNUNET_IDENTITY_ego_lookup (cfg, ego_name, &identity_cb, (void *) cfg);
841 return;
842 }
843
844 if (NULL == subject)
845 {
846 fprintf (stderr, _ ("Subject public key needed\n"));
847 GNUNET_SCHEDULER_shutdown ();
848 return;
849 }
850 if (GNUNET_OK != GNUNET_CRYPTO_ecdsa_public_key_from_string (subject,
851 strlen (subject),
852 &subject_pkey))
853 {
854 fprintf (stderr,
855 _ ("Subject public key `%s' is not well-formed\n"),
856 subject);
857 GNUNET_SCHEDULER_shutdown ();
858 return;
859 }
860
861 if (GNUNET_YES == verify)
862 {
863 if (NULL == issuer_key)
864 {
865 fprintf (stderr, _ ("Issuer public key not well-formed\n"));
866 GNUNET_SCHEDULER_shutdown ();
867 return;
868 }
869 if (GNUNET_OK !=
870 GNUNET_CRYPTO_ecdsa_public_key_from_string (issuer_key,
871 strlen (issuer_key),
872 &issuer_pkey))
873 {
874 fprintf (stderr,
875 _ ("Issuer public key `%s' is not well-formed\n"),
876 issuer_key);
877 GNUNET_SCHEDULER_shutdown ();
878 return;
879 }
880 credential = GNUNET_CREDENTIAL_connect (cfg);
881
882 if (NULL == credential)
883 {
884 fprintf (stderr, _ ("Failed to connect to CREDENTIAL\n"));
885 GNUNET_SCHEDULER_shutdown ();
886 return;
887 }
888 if (NULL == issuer_attr || NULL == subject_delegate)
889 {
890 fprintf (stderr, _ ("You must provide issuer and subject attributes\n"));
891 GNUNET_SCHEDULER_shutdown ();
892 return;
893 }
894
895 //Subject credentials are comma separated
896 char *tmp = GNUNET_strdup (subject_delegate);
897 char *tok = strtok (tmp, ",");
898 if (NULL == tok)
899 {
900 fprintf (stderr, "Invalid subject credentials\n");
901 GNUNET_free (tmp);
902 GNUNET_SCHEDULER_shutdown ();
903 return;
904 }
905 int count = 1;
906 int i;
907 while (NULL != (tok = strtok (NULL, ",")))
908 count++;
909 struct GNUNET_CREDENTIAL_Delegate delegates[count];
910 struct GNUNET_CREDENTIAL_Delegate *dele;
911 GNUNET_free (tmp);
912 tmp = GNUNET_strdup (subject_delegate);
913 tok = strtok (tmp, ",");
914 for (i = 0; i < count; i++)
915 {
916 dele = GNUNET_CREDENTIAL_delegate_from_string (tok);
917 GNUNET_memcpy (&delegates[i],
918 dele,
919 sizeof (struct GNUNET_CREDENTIAL_Delegate));
920 delegates[i].issuer_attribute = GNUNET_strdup (dele->issuer_attribute);
921 tok = strtok (NULL, ",");
922 GNUNET_free (dele);
923 }
924
925 verify_request = GNUNET_CREDENTIAL_verify (credential,
926 &issuer_pkey,
927 issuer_attr,
928 &subject_pkey,
929 count,
930 delegates,
931 direction,
932 &handle_verify_result,
933 NULL,
934 &handle_intermediate_result,
935 NULL);
936 for (i = 0; i < count; i++)
937 {
938 GNUNET_free ((char *) delegates[i].issuer_attribute);
939 }
940 GNUNET_free (tmp);
941 }
942 else
943 {
944 fprintf (stderr,
945 _ (
946 "Please specify name to lookup, subject key and issuer key!\n"));
947 GNUNET_SCHEDULER_shutdown ();
948 }
949 return;
950}
951
952
953/**
954 * The main function for gnunet-gns.
955 *
956 * @param argc number of arguments from the command line
957 * @param argv command line arguments
958 * @return 0 ok, 1 on error
959 */
960int
961main (int argc, char *const *argv)
962{
963 struct GNUNET_GETOPT_CommandLineOption options[] =
964 {GNUNET_GETOPT_option_flag ('V',
965 "verify",
966 gettext_noop (
967 "verify credential against attribute"),
968 &verify),
969 GNUNET_GETOPT_option_string (
970 's',
971 "subject",
972 "PKEY",
973 gettext_noop (
974 "The public key of the subject to lookup the"
975 "credential for, or for issuer side storage: subject and its attributes"),
976 &subject),
977 GNUNET_GETOPT_option_string (
978 'd',
979 "delegate",
980 "DELE",
981 gettext_noop ("The private, signed delegate presented by the subject"),
982 &subject_delegate),
983 GNUNET_GETOPT_option_string (
984 'i',
985 "issuer",
986 "PKEY",
987 gettext_noop (
988 "The public key of the authority to verify the credential against"),
989 &issuer_key),
990 GNUNET_GETOPT_option_string ('e',
991 "ego",
992 "EGO",
993 gettext_noop ("The ego/zone name to use"),
994 &ego_name),
995 GNUNET_GETOPT_option_string (
996 'a',
997 "attribute",
998 "ATTR",
999 gettext_noop ("The issuer attribute to verify against or to issue"),
1000 &issuer_attr),
1001 GNUNET_GETOPT_option_string ('T',
1002 "ttl",
1003 "EXP",
1004 gettext_noop (
1005 "The time to live for the credential."
1006 "e.g. 5m, 6h, \"1990-12-30 12:00:00\""),
1007 &expiration),
1008 GNUNET_GETOPT_option_flag ('g',
1009 "collect",
1010 gettext_noop ("collect credentials"),
1011 &collect),
1012 GNUNET_GETOPT_option_flag ('U',
1013 "createIssuerSide",
1014 gettext_noop (
1015 "Create and issue a credential issuer side."),
1016 &create_is),
1017 GNUNET_GETOPT_option_flag ('C',
1018 "createSubjectSide",
1019 gettext_noop (
1020 "Issue a credential subject side."),
1021 &create_ss),
1022 GNUNET_GETOPT_option_flag (
1023 'S',
1024 "signSubjectSide",
1025 gettext_noop ("Create, sign and return a credential subject side."),
1026 &sign_ss),
1027 GNUNET_GETOPT_option_string (
1028 'x',
1029 "import",
1030 "IMP",
1031 gettext_noop (
1032 "Import signed credentials that should be issued to a zone/ego"),
1033 &import),
1034 GNUNET_GETOPT_option_flag ('P',
1035 "private",
1036 gettext_noop ("Create private record entry."),
1037 &is_private),
1038 GNUNET_GETOPT_option_flag (
1039 'F',
1040 "forward",
1041 gettext_noop (
1042 "Indicates that the collect/verify process is done via forward search."),
1043 &forward),
1044 GNUNET_GETOPT_option_flag (
1045 'B',
1046 "backward",
1047 gettext_noop (
1048 "Indicates that the collect/verify process is done via forward search."),
1049 &backward),
1050 GNUNET_GETOPT_OPTION_END};
1051
1052
1053 timeout = GNUNET_TIME_UNIT_FOREVER_REL;
1054 if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
1055 return 2;
1056
1057 GNUNET_log_setup ("gnunet-credential", "WARNING", NULL);
1058 if (GNUNET_OK != GNUNET_PROGRAM_run (argc,
1059 argv,
1060 "gnunet-credential",
1061 _ ("GNUnet credential resolver tool"),
1062 options,
1063 &run,
1064 NULL))
1065 ret = 1;
1066 GNUNET_free ((void *) argv);
1067 return ret;
1068}
1069
1070/* end of gnunet-credential.c */
diff --git a/src/credential/gnunet-service-credential.c b/src/credential/gnunet-service-credential.c
deleted file mode 100644
index 4753e8e3b..000000000
--- a/src/credential/gnunet-service-credential.c
+++ /dev/null
@@ -1,1777 +0,0 @@
1/*
2 This file is part of GNUnet.
3 Copyright (C) 2011-2013 GNUnet e.V.
4
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
14
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18 SPDX-License-Identifier: AGPL3.0-or-later
19*/
20/**
21 * @file credential/gnunet-service-credential.c
22 * @brief GNUnet Credential Service (main service)
23 * @author Martin Schanzenbach
24 */
25#include "platform.h"
26
27#include "gnunet_util_lib.h"
28
29#include "credential.h"
30#include "credential_serialization.h"
31#include "gnunet_credential_service.h"
32#include "gnunet_protocols.h"
33#include "gnunet_signatures.h"
34#include "gnunet_statistics_service.h"
35#include <gnunet_dnsparser_lib.h>
36#include <gnunet_gns_service.h>
37#include <gnunet_gnsrecord_lib.h>
38#include <gnunet_identity_service.h>
39#include <gnunet_namestore_service.h>
40
41
42#define GNUNET_CREDENTIAL_MAX_LENGTH 255
43
44struct VerifyRequestHandle;
45
46struct DelegationSetQueueEntry;
47
48
49struct DelegationChainEntry
50{
51 /**
52 * DLL
53 */
54 struct DelegationChainEntry *next;
55
56 /**
57 * DLL
58 */
59 struct DelegationChainEntry *prev;
60
61 /**
62 * The issuer
63 */
64 struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key;
65
66 /**
67 * The subject
68 */
69 struct GNUNET_CRYPTO_EcdsaPublicKey subject_key;
70
71 /**
72 * The issued attribute
73 */
74 char *issuer_attribute;
75
76 /**
77 * The delegated attribute
78 */
79 char *subject_attribute;
80};
81
82/**
83 * DLL for record
84 */
85struct CredentialRecordEntry
86{
87 /**
88 * DLL
89 */
90 struct CredentialRecordEntry *next;
91
92 /**
93 * DLL
94 */
95 struct CredentialRecordEntry *prev;
96
97 /**
98 * Number of references in delegation chains
99 */
100 uint32_t refcount;
101
102 /**
103 * Payload
104 */
105 struct GNUNET_CREDENTIAL_Credential *credential;
106};
107
108/**
109 * DLL for record
110 */
111struct DelegateRecordEntry
112{
113 /**
114 * DLL
115 */
116 struct DelegateRecordEntry *next;
117
118 /**
119 * DLL
120 */
121 struct DelegateRecordEntry *prev;
122
123 /**
124 * Number of references in delegation chains
125 */
126 uint32_t refcount;
127
128 /**
129 * Payload
130 */
131 struct GNUNET_CREDENTIAL_Delegate *delegate;
132};
133
134/**
135 * DLL used for delegations
136 * Used for OR delegations
137 */
138struct DelegationQueueEntry
139{
140 /**
141 * DLL
142 */
143 struct DelegationQueueEntry *next;
144
145 /**
146 * DLL
147 */
148 struct DelegationQueueEntry *prev;
149
150 /**
151 * Parent set
152 */
153 struct DelegationSetQueueEntry *parent_set;
154
155 /**
156 * Required solutions
157 */
158 uint32_t required_solutions;
159};
160
161/**
162 * DLL for delegation sets
163 * Used for AND delegation set
164 */
165struct DelegationSetQueueEntry
166{
167 /**
168 * DLL
169 */
170 struct DelegationSetQueueEntry *next;
171
172 /**
173 * DLL
174 */
175 struct DelegationSetQueueEntry *prev;
176
177 /**
178 * GNS handle
179 */
180 struct GNUNET_GNS_LookupRequest *lookup_request;
181
182 /**
183 * Verify handle
184 */
185 struct VerifyRequestHandle *handle;
186
187 /**
188 * Parent attribute delegation
189 */
190 struct DelegationQueueEntry *parent;
191
192 /**
193 * Issuer key
194 */
195 struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key;
196
197 /**
198 * Queue entries of this set
199 */
200 struct DelegationQueueEntry *queue_entries_head;
201
202 /**
203 * Queue entries of this set
204 */
205 struct DelegationQueueEntry *queue_entries_tail;
206
207 /**
208 * Parent QueueEntry
209 */
210 struct DelegationQueueEntry *parent_queue_entry;
211
212 /**
213 * Issuer attribute delegated to
214 */
215 char *issuer_attribute;
216
217 /**
218 * The current attribute to look up
219 */
220 char *lookup_attribute;
221
222 /**
223 * Trailing attribute context
224 */
225 char *attr_trailer;
226
227 /**
228 * Still to resolve delegation as string
229 */
230 char *unresolved_attribute_delegation;
231
232 /**
233 * The delegation chain entry
234 */
235 struct DelegationChainEntry *delegation_chain_entry;
236
237 /**
238 * True if added by backward resolution
239 */
240 bool from_bw;
241};
242
243
244/**
245 * Handle to a lookup operation from api
246 */
247struct VerifyRequestHandle
248{
249 /**
250 * True if created by a collect request.
251 */
252 bool is_collect;
253 /**
254 * We keep these in a DLL.
255 */
256 struct VerifyRequestHandle *next;
257
258 /**
259 * We keep these in a DLL.
260 */
261 struct VerifyRequestHandle *prev;
262
263 /**
264 * Handle to the requesting client
265 */
266 struct GNUNET_SERVICE_Client *client;
267
268 /**
269 * Size of delegation tree
270 */
271 uint32_t delegation_chain_size;
272
273 /**
274 * Children of this attribute
275 */
276 struct DelegationChainEntry *delegation_chain_head;
277
278 /**
279 * Children of this attribute
280 */
281 struct DelegationChainEntry *delegation_chain_tail;
282
283 /**
284 * List for bidirectional matching
285 */
286 struct DelegationSetQueueEntry *dsq_head;
287
288 /**
289 * List for bidirectional matching
290 */
291 struct DelegationSetQueueEntry *dsq_tail;
292
293 /**
294 * Issuer public key
295 */
296 struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key;
297
298 /**
299 * Issuer attribute
300 */
301 char *issuer_attribute;
302
303 /**
304 * Subject public key
305 */
306 struct GNUNET_CRYPTO_EcdsaPublicKey subject_key;
307
308 /**
309 * Delegate DLL
310 */
311 struct DelegateRecordEntry *del_chain_head;
312
313 /**
314 * Delegate DLL
315 */
316 struct DelegateRecordEntry *del_chain_tail;
317
318 /**
319 * Delegate DLL size
320 */
321 uint32_t del_chain_size;
322
323 /**
324 * Current Delegation Pointer
325 */
326 struct DelegationQueueEntry *current_delegation;
327
328 /**
329 * request id
330 */
331 uint32_t request_id;
332
333 /**
334 * Pending lookups
335 */
336 uint64_t pending_lookups;
337
338 /**
339 * Direction of the resolution algo
340 */
341 enum GNUNET_CREDENTIAL_AlgoDirectionFlags resolution_algo;
342
343 /**
344 * Delegate iterator for lookup
345 */
346 struct GNUNET_NAMESTORE_QueueEntry *dele_qe;
347};
348
349
350/**
351 * Head of the DLL.
352 */
353static struct VerifyRequestHandle *vrh_head = NULL;
354
355/**
356 * Tail of the DLL.
357 */
358static struct VerifyRequestHandle *vrh_tail = NULL;
359
360/**
361 * Handle to the statistics service
362 */
363static struct GNUNET_STATISTICS_Handle *statistics;
364
365/**
366 * Handle to GNS service.
367 */
368static struct GNUNET_GNS_Handle *gns;
369
370/**
371 * Handle to namestore service
372 */
373static struct GNUNET_NAMESTORE_Handle *namestore;
374
375static void
376print_deleset (struct DelegationSetQueueEntry *dsentry, char *text)
377{
378 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
379 "%s %s.%s <- %s.%s\n",
380 text,
381 GNUNET_CRYPTO_ecdsa_public_key_to_string (
382 &dsentry->delegation_chain_entry->issuer_key),
383 dsentry->delegation_chain_entry->issuer_attribute,
384 GNUNET_CRYPTO_ecdsa_public_key_to_string (
385 &dsentry->delegation_chain_entry->subject_key),
386 dsentry->delegation_chain_entry->subject_attribute);
387}
388
389static void
390cleanup_dsq_entry (struct DelegationSetQueueEntry *ds_entry)
391{
392 GNUNET_free_non_null (ds_entry->issuer_key);
393 GNUNET_free_non_null (ds_entry->issuer_attribute);
394 GNUNET_free_non_null (ds_entry->attr_trailer);
395 // those fields are only set/used in bw search
396 if (ds_entry->from_bw)
397 {
398 GNUNET_free_non_null (ds_entry->lookup_attribute);
399 GNUNET_free_non_null (ds_entry->unresolved_attribute_delegation);
400 }
401 if (NULL != ds_entry->lookup_request)
402 {
403 GNUNET_GNS_lookup_cancel (ds_entry->lookup_request);
404 ds_entry->lookup_request = NULL;
405 }
406 if (NULL != ds_entry->delegation_chain_entry)
407 {
408 GNUNET_free_non_null (
409 ds_entry->delegation_chain_entry->subject_attribute);
410 GNUNET_free_non_null (ds_entry->delegation_chain_entry->issuer_attribute);
411 GNUNET_free (ds_entry->delegation_chain_entry);
412 }
413 // Free DQ entries
414 for(struct DelegationQueueEntry *dq_entry = ds_entry->queue_entries_head;
415 NULL != ds_entry->queue_entries_head;
416 dq_entry = ds_entry->queue_entries_head)
417 {
418 GNUNET_CONTAINER_DLL_remove (ds_entry->queue_entries_head,
419 ds_entry->queue_entries_tail,
420 dq_entry);
421 GNUNET_free (dq_entry);
422 }
423 GNUNET_free (ds_entry);
424}
425
426static void
427cleanup_handle (struct VerifyRequestHandle *vrh)
428{
429 struct DelegateRecordEntry *del_entry;
430 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Cleaning up...\n");
431
432 if (NULL != vrh->dsq_head)
433 {
434 for (struct DelegationSetQueueEntry *ds_entry = vrh->dsq_head; NULL != vrh->dsq_head;
435 ds_entry = vrh->dsq_head)
436 {
437 GNUNET_CONTAINER_DLL_remove (vrh->dsq_head, vrh->dsq_tail, ds_entry);
438 cleanup_dsq_entry(ds_entry);
439 }
440 }
441 if (NULL != vrh->del_chain_head)
442 {
443 for (del_entry = vrh->del_chain_head; NULL != vrh->del_chain_head;
444 del_entry = vrh->del_chain_head)
445 {
446 GNUNET_CONTAINER_DLL_remove (vrh->del_chain_head,
447 vrh->del_chain_tail,
448 del_entry);
449 GNUNET_free_non_null (del_entry->delegate);
450 GNUNET_free (del_entry);
451 }
452 }
453 GNUNET_free_non_null (vrh->issuer_attribute);
454 GNUNET_free (vrh);
455}
456
457static void
458shutdown_task (void *cls)
459{
460 struct VerifyRequestHandle *vrh;
461
462 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Shutting down!\n");
463
464 while (NULL != (vrh = vrh_head))
465 {
466 // CREDENTIAL_resolver_lookup_cancel (clh->lookup);
467 GNUNET_CONTAINER_DLL_remove (vrh_head, vrh_tail, vrh);
468 cleanup_handle (vrh);
469 }
470
471 if (NULL != gns)
472 {
473 GNUNET_GNS_disconnect (gns);
474 gns = NULL;
475 }
476 if (NULL != namestore)
477 {
478 GNUNET_NAMESTORE_disconnect (namestore);
479 namestore = NULL;
480 }
481 if (NULL != statistics)
482 {
483 GNUNET_STATISTICS_destroy (statistics, GNUNET_NO);
484 statistics = NULL;
485 }
486}
487
488static void
489send_intermediate_response(struct VerifyRequestHandle *vrh, struct DelegationChainEntry *ch_entry, bool is_bw){
490 struct DelegationChainIntermediateMessage *rmsg;
491 struct GNUNET_MQ_Envelope *env;
492 struct GNUNET_CREDENTIAL_Delegation *dd;
493 size_t size;
494
495 // Don't report immediate results during collect
496 if(vrh->is_collect)
497 return;
498
499 dd = GNUNET_new (struct GNUNET_CREDENTIAL_Delegation);
500 dd->issuer_key = ch_entry->issuer_key;
501 dd->subject_key = ch_entry->subject_key;
502 dd->issuer_attribute = ch_entry->issuer_attribute;
503 dd->issuer_attribute_len = strlen (ch_entry->issuer_attribute) + 1;
504 dd->subject_attribute_len = 0;
505 dd->subject_attribute = NULL;
506 if (NULL != ch_entry->subject_attribute)
507 {
508 dd->subject_attribute = ch_entry->subject_attribute;
509 dd->subject_attribute_len = strlen (ch_entry->subject_attribute) + 1;
510 }
511
512
513 size = GNUNET_CREDENTIAL_delegation_chain_get_size (1,
514 dd,
515 0,
516 NULL);
517
518 env = GNUNET_MQ_msg_extra (rmsg,
519 size,
520 GNUNET_MESSAGE_TYPE_CREDENTIAL_INTERMEDIATE_RESULT);
521 // Assign id so that client can find associated request
522 rmsg->id = vrh->request_id;
523 rmsg->is_bw = htons(is_bw);
524 rmsg->size = htonl(size);
525
526 GNUNET_assert (
527 -1 != GNUNET_CREDENTIAL_delegation_chain_serialize (1,
528 dd,
529 0,
530 NULL,
531 size,
532 (char *) &rmsg[1]));
533 GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq (vrh->client), env);
534}
535
536static void
537send_lookup_response (struct VerifyRequestHandle *vrh)
538{
539 struct GNUNET_MQ_Envelope *env;
540 struct DelegationChainResultMessage *rmsg;
541 struct DelegationChainEntry *dce;
542 struct GNUNET_CREDENTIAL_Delegation dd[vrh->delegation_chain_size];
543 struct GNUNET_CREDENTIAL_Delegate dele[vrh->del_chain_size];
544 struct DelegateRecordEntry *del;
545 struct DelegateRecordEntry *tmp;
546 size_t size;
547
548 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Sending response\n");
549 dce = vrh->delegation_chain_head;
550 for (uint32_t i = 0; i < vrh->delegation_chain_size; i++)
551 {
552 dd[i].issuer_key = dce->issuer_key;
553 dd[i].subject_key = dce->subject_key;
554 dd[i].issuer_attribute = dce->issuer_attribute;
555 dd[i].issuer_attribute_len = strlen (dce->issuer_attribute) + 1;
556 dd[i].subject_attribute_len = 0;
557 dd[i].subject_attribute = NULL;
558 if (NULL != dce->subject_attribute)
559 {
560 dd[i].subject_attribute = dce->subject_attribute;
561 dd[i].subject_attribute_len = strlen (dce->subject_attribute) + 1;
562 }
563 dce = dce->next;
564 }
565
566 // Remove all not needed credentials
567 for (del = vrh->del_chain_head; NULL != del;)
568 {
569 if (del->refcount > 0)
570 {
571 del = del->next;
572 continue;
573 }
574 tmp = del;
575 del = del->next;
576 GNUNET_CONTAINER_DLL_remove (vrh->del_chain_head, vrh->del_chain_tail, tmp);
577 GNUNET_free (tmp->delegate);
578 GNUNET_free (tmp);
579 vrh->del_chain_size--;
580 }
581
582 // Get serialized record data
583 // Append at the end of rmsg
584 del = vrh->del_chain_head;
585 for (uint32_t i = 0; i < vrh->del_chain_size; i++)
586 {
587 dele[i].issuer_key = del->delegate->issuer_key;
588 dele[i].subject_key = del->delegate->subject_key;
589 dele[i].issuer_attribute_len = strlen (del->delegate->issuer_attribute) + 1;
590 dele[i].issuer_attribute = del->delegate->issuer_attribute;
591 dele[i].subject_attribute_len = del->delegate->subject_attribute_len;
592 dele[i].subject_attribute = del->delegate->subject_attribute;
593 dele[i].expiration = del->delegate->expiration;
594 dele[i].signature = del->delegate->signature;
595 del = del->next;
596 }
597 size =
598 GNUNET_CREDENTIAL_delegation_chain_get_size (vrh->delegation_chain_size,
599 dd,
600 vrh->del_chain_size,
601 dele);
602 env = GNUNET_MQ_msg_extra (rmsg,
603 size,
604 GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT);
605 // Assign id so that client can find associated request
606 rmsg->id = vrh->request_id;
607 rmsg->d_count = htonl (vrh->delegation_chain_size);
608 rmsg->c_count = htonl (vrh->del_chain_size);
609
610 if (0 < vrh->del_chain_size)
611 rmsg->del_found = htonl (GNUNET_YES);
612 else
613 rmsg->del_found = htonl (GNUNET_NO);
614
615 GNUNET_assert (
616 -1 !=
617 GNUNET_CREDENTIAL_delegation_chain_serialize (vrh->delegation_chain_size,
618 dd,
619 vrh->del_chain_size,
620 dele,
621 size,
622 (char *) &rmsg[1]));
623
624 GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq (vrh->client), env);
625 GNUNET_CONTAINER_DLL_remove (vrh_head, vrh_tail, vrh);
626 cleanup_handle (vrh);
627 GNUNET_STATISTICS_update (statistics,
628 "Completed verifications",
629 1,
630 GNUNET_NO);
631}
632
633static char *
634partial_match (char *tmp_trail,
635 char *tmp_subattr,
636 char *parent_trail,
637 char *issuer_attribute)
638{
639 char *saveptr1, *saveptr2;
640 char *trail_token;
641 char *sub_token;
642 char *attr_trailer;
643
644 // tok both, parent->attr_trailer and del->sub_attr to see how far they match,
645 // take rest of parent trailer (only when del->sub_attr token is null), and
646 // create new/actual trailer with del->iss_attr
647 trail_token = strtok_r (tmp_trail, ".", &saveptr1);
648 sub_token = strtok_r (tmp_subattr, ".", &saveptr2);
649 while (NULL != trail_token && NULL != sub_token)
650 {
651 if (0 == strcmp (trail_token, sub_token))
652 {
653 // good, matches, remove
654 }
655 else
656 {
657 // not relevant for solving the chain, end for iteration here
658 return NULL;
659 }
660
661 trail_token = strtok_r (NULL, ".", &saveptr1);
662 sub_token = strtok_r (NULL, ".", &saveptr2);
663 }
664 // skip this entry and go to next for if:
665 // 1. at some point the attr of the trailer and the subject dont match
666 // 2. the trailer is NULL, but the subject has more attributes
667 // Reason: This will lead to "startzone.attribute" but we're looking for a solution
668 // for "<- startzone"
669 if (NULL == trail_token)
670 {
671 return NULL;
672 }
673
674 // do not have to check sub_token == NULL, if both would be NULL
675 // at the same time, the complete match part above should have triggered already
676
677 // otherwise, above while only ends when sub_token == NULL
678 GNUNET_asprintf (&attr_trailer, "%s", trail_token);
679 trail_token = strtok_r (NULL, ".", &saveptr1);
680 while (NULL != trail_token)
681 {
682 GNUNET_asprintf (&attr_trailer, "%s.%s", parent_trail, trail_token);
683 trail_token = strtok_r (NULL, ".", &saveptr1);
684 }
685 GNUNET_asprintf (&attr_trailer, "%s.%s", issuer_attribute, attr_trailer);
686 return attr_trailer;
687}
688
689static int
690handle_bidirectional_match (struct DelegationSetQueueEntry *actual_entry,
691 struct DelegationSetQueueEntry *match_entry,
692 struct VerifyRequestHandle *vrh)
693{
694 struct DelegationSetQueueEntry *old_fw_parent;
695 struct DelegationSetQueueEntry *fw_entry = actual_entry;
696 struct DelegationSetQueueEntry *last_entry = match_entry;
697 // parent fixing, combine backward and forward chain parts
698 while (NULL != fw_entry->parent_queue_entry)
699 {
700 old_fw_parent = fw_entry->parent_queue_entry->parent_set;
701 // set parent
702 fw_entry->parent_queue_entry->parent_set = last_entry;
703
704 last_entry = fw_entry;
705 fw_entry = old_fw_parent;
706 }
707 // set last entry of chain as actual_entry
708 //actual_entry = last_entry;
709 // set refcount, loop all delegations
710 for (struct DelegateRecordEntry *del_entry = vrh->del_chain_head;
711 del_entry != NULL;
712 del_entry = del_entry->next)
713 {
714 if (0 != memcmp (&last_entry->delegation_chain_entry->subject_key,
715 &del_entry->delegate->issuer_key,
716 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
717 continue;
718 if (0 != strcmp (last_entry->delegation_chain_entry->subject_attribute,
719 del_entry->delegate->issuer_attribute))
720 continue;
721
722 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Found delegate.\n");
723 // increase refcount of the start delegation
724 del_entry->refcount++;
725 }
726 // backtrack
727 for (struct DelegationSetQueueEntry *tmp_set = last_entry;
728 NULL != tmp_set->parent_queue_entry;
729 tmp_set = tmp_set->parent_queue_entry->parent_set)
730 {
731 tmp_set->parent_queue_entry->required_solutions--;
732
733 // add new found entry to vrh
734 vrh->delegation_chain_size++;
735 GNUNET_CONTAINER_DLL_insert (vrh->delegation_chain_head,
736 vrh->delegation_chain_tail,
737 tmp_set->delegation_chain_entry);
738
739 // if one node on the path still needs solutions, this current
740 // patch cannot fullfil the conditions and therefore stops here
741 // however, it is in the vrh and can be used by the other paths
742 // related to this path/collection/verification
743 if (0 < tmp_set->parent_queue_entry->required_solutions)
744 {
745 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
746 "Chain requires more solutions, waiting...\n");
747 return GNUNET_NO;
748 }
749 }
750 return GNUNET_YES;
751}
752
753static void
754forward_resolution (void *cls,
755 uint32_t rd_count,
756 const struct GNUNET_GNSRECORD_Data *rd)
757{
758 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Received %d entries.\n", rd_count);
759
760 struct VerifyRequestHandle *vrh;
761 struct DelegationSetQueueEntry *current_set;
762 struct DelegationSetQueueEntry *ds_entry;
763 struct DelegationQueueEntry *dq_entry;
764
765 current_set = cls;
766 // set handle to NULL (as el = NULL)
767 current_set->lookup_request = NULL;
768 vrh = current_set->handle;
769 vrh->pending_lookups--;
770
771 // Loop record entries
772 for (uint32_t i = 0; i < rd_count; i++)
773 {
774 if (GNUNET_GNSRECORD_TYPE_DELEGATE != rd[i].record_type)
775 continue;
776
777 // Start deserialize into Delegate
778 struct GNUNET_CREDENTIAL_Delegate *del;
779 del = GNUNET_CREDENTIAL_delegate_deserialize (rd[i].data, rd[i].data_size);
780
781 // Start: Create DQ Entry
782 dq_entry = GNUNET_new (struct DelegationQueueEntry);
783 // AND delegations are not possible, only 1 solution
784 dq_entry->required_solutions = 1;
785 dq_entry->parent_set = current_set;
786
787 // Insert it into the current set
788 GNUNET_CONTAINER_DLL_insert (current_set->queue_entries_head,
789 current_set->queue_entries_tail,
790 dq_entry);
791
792 // Start: Create DS Entry
793 ds_entry = GNUNET_new (struct DelegationSetQueueEntry);
794 GNUNET_CONTAINER_DLL_insert (vrh->dsq_head, vrh->dsq_tail, ds_entry);
795 ds_entry->from_bw = false;
796
797 // (1) A.a <- A.b.c
798 // (2) A.b <- D.d
799 // (3) D.d <- E
800 // (4) E.c <- F.c
801 // (5) F.c <- G
802 // Possibilities:
803 // 1. complete match: trailer = 0, validate
804 // 2. partial match: replace
805 // 3. new solution: replace, add trailer
806
807 // At resolution chain start trailer of parent is NULL
808 if (NULL == current_set->attr_trailer)
809 {
810 // for (5) F.c <- G, remember .c when going upwards
811 ds_entry->attr_trailer = GNUNET_strdup (del->issuer_attribute);
812 }
813 else
814 {
815 if (0 == del->subject_attribute_len)
816 {
817 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Found: New solution\n");
818 // new solution
819 // create new trailer del->issuer_attribute, ds_entry->attr_trailer
820 GNUNET_asprintf (&ds_entry->attr_trailer,
821 "%s.%s",
822 del->issuer_attribute,
823 current_set->attr_trailer);
824 }
825 else if (0 == strcmp (del->subject_attribute, current_set->attr_trailer))
826 {
827 // complete match
828 // new trailer == issuer attribute (e.g. (5) to (4))
829 ds_entry->attr_trailer = GNUNET_strdup (del->issuer_attribute);
830 }
831 else
832 {
833 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Found: Partial match\n");
834 // partial match
835
836 char *trail = partial_match (GNUNET_strdup (current_set->attr_trailer),
837 GNUNET_strdup (del->subject_attribute),
838 current_set->attr_trailer,
839 GNUNET_strdup (del->issuer_attribute));
840
841 // if null: skip this record entry (reasons: mismatch or overmatch, both not relevant)
842 if (NULL == trail)
843 {
844 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
845 "Entry not relevant, discarding: %s.%s <- %s.%s\n",
846 GNUNET_CRYPTO_ecdsa_public_key_to_string (
847 &del->issuer_key),
848 del->issuer_attribute,
849 GNUNET_CRYPTO_ecdsa_public_key_to_string (
850 &del->subject_key),
851 del->subject_attribute);
852 continue;
853 }
854 else
855 ds_entry->attr_trailer = trail;
856 }
857 }
858
859
860 // Start: Credential Chain Entry
861 // issuer key is subject key, who needs to be contacted to resolve this (forward, therefore subject)
862 ds_entry->issuer_key = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPublicKey);
863 GNUNET_memcpy (ds_entry->issuer_key,
864 &del->subject_key,
865 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
866
867 ds_entry->delegation_chain_entry = GNUNET_new (struct DelegationChainEntry);
868 ds_entry->delegation_chain_entry->subject_key = del->subject_key;
869 if (0 < del->subject_attribute_len)
870 ds_entry->delegation_chain_entry->subject_attribute =
871 GNUNET_strdup (del->subject_attribute);
872 ds_entry->delegation_chain_entry->issuer_key = del->issuer_key;
873 ds_entry->delegation_chain_entry->issuer_attribute =
874 GNUNET_strdup (del->issuer_attribute);
875
876 // Found new entry, repoting intermediate result
877 send_intermediate_response(vrh, ds_entry->delegation_chain_entry, false);
878
879 // current delegation as parent
880 ds_entry->parent_queue_entry = dq_entry;
881
882 // Check for solution
883 // if: issuer key we looking for
884 if (0 == memcmp (&del->issuer_key,
885 &vrh->issuer_key,
886 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
887 {
888 // if: issuer attr we looking for
889 if (0 == strcmp (del->issuer_attribute, vrh->issuer_attribute))
890 {
891 // if: complete match, meaning new trailer == issuer attr
892 if (0 == strcmp (vrh->issuer_attribute, ds_entry->attr_trailer))
893 {
894 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Found: Solution\n");
895
896 // Add found solution into delegation_chain
897 struct DelegationSetQueueEntry *tmp_set;
898 for (tmp_set = ds_entry; NULL != tmp_set->parent_queue_entry;
899 tmp_set = tmp_set->parent_queue_entry->parent_set)
900 {
901 if (NULL != tmp_set->delegation_chain_entry)
902 {
903 vrh->delegation_chain_size++;
904 GNUNET_CONTAINER_DLL_insert (vrh->delegation_chain_head,
905 vrh->delegation_chain_tail,
906 tmp_set->delegation_chain_entry);
907 }
908 }
909
910 // Increase refcount for this delegate
911 for (struct DelegateRecordEntry *del_entry = vrh->del_chain_head;
912 del_entry != NULL;
913 del_entry = del_entry->next)
914 {
915 if (0 == memcmp (&del_entry->delegate->issuer_key,
916 &vrh->delegation_chain_head->subject_key,
917 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
918 {
919 if (0 == strcmp (del_entry->delegate->issuer_attribute,
920 vrh->delegation_chain_head->subject_attribute))
921 {
922 del_entry->refcount++;
923 }
924 }
925 }
926
927 send_lookup_response (vrh);
928 return;
929 }
930 }
931 }
932
933 // Check for bidirectional crossmatch
934 for (struct DelegationSetQueueEntry *del_entry = vrh->dsq_head;
935 del_entry != NULL;
936 del_entry = del_entry->next)
937 {
938 // only check entries not by backward algorithm
939 if (del_entry->from_bw)
940 {
941 // key of list entry matches actual key
942 if (0 == memcmp (&del_entry->delegation_chain_entry->subject_key,
943 &ds_entry->delegation_chain_entry->issuer_key,
944 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
945 {
946 // compare entry subject attributes to this trailer (iss attr + old trailer)
947 if (0 == strcmp (del_entry->unresolved_attribute_delegation,
948 ds_entry->attr_trailer))
949 {
950 print_deleset (del_entry, "Forward:");
951 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
952 "Forward: Found match with above!\n");
953
954 // one node on the path still needs solutions: return
955 if (GNUNET_NO ==
956 handle_bidirectional_match (ds_entry, del_entry, vrh))
957 return;
958
959 send_lookup_response (vrh);
960 return;
961 }
962 }
963 }
964 }
965
966 // Starting a new GNS lookup
967 vrh->pending_lookups++;
968 ds_entry->handle = vrh;
969
970 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
971 "Starting to look up trailer %s in zone %s\n",
972 ds_entry->attr_trailer,
973 GNUNET_CRYPTO_ecdsa_public_key_to_string (&del->issuer_key));
974
975 ds_entry->lookup_request =
976 GNUNET_GNS_lookup (gns,
977 GNUNET_GNS_EMPTY_LABEL_AT,
978 &del->issuer_key,
979 GNUNET_GNSRECORD_TYPE_DELEGATE,
980 GNUNET_GNS_LO_DEFAULT,
981 &forward_resolution,
982 ds_entry);
983 }
984
985 if (0 == vrh->pending_lookups)
986 {
987 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "We are all out of attributes...\n");
988 send_lookup_response (vrh);
989 return;
990 }
991}
992
993static void
994backward_resolution (void *cls,
995 uint32_t rd_count,
996 const struct GNUNET_GNSRECORD_Data *rd)
997{
998 struct VerifyRequestHandle *vrh;
999 const struct GNUNET_CREDENTIAL_DelegationRecord *sets;
1000 struct DelegateRecordEntry *del_pointer;
1001 struct DelegationSetQueueEntry *current_set;
1002 struct DelegationSetQueueEntry *ds_entry;
1003 struct DelegationSetQueueEntry *tmp_set;
1004 struct DelegationQueueEntry *dq_entry;
1005 char *expanded_attr;
1006 char *lookup_attribute;
1007
1008 current_set = cls;
1009 current_set->lookup_request = NULL;
1010 vrh = current_set->handle;
1011 vrh->pending_lookups--;
1012
1013 // Each OR
1014 for (uint32_t i = 0; i < rd_count; i++)
1015 {
1016 if (GNUNET_GNSRECORD_TYPE_ATTRIBUTE != rd[i].record_type)
1017 continue;
1018
1019 sets = rd[i].data;
1020 struct GNUNET_CREDENTIAL_DelegationSet set[ntohl (sets->set_count)];
1021 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1022 "Found new attribute delegation with %d sets. Creating new Job...\n",
1023 ntohl (sets->set_count));
1024
1025 if (GNUNET_OK !=
1026 GNUNET_CREDENTIAL_delegation_set_deserialize (GNUNET_ntohll (
1027 sets->data_size),
1028 (const char *) &sets[1],
1029 ntohl (sets->set_count),
1030 set))
1031 {
1032 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to deserialize!\n");
1033 continue;
1034 }
1035 dq_entry = GNUNET_new (struct DelegationQueueEntry);
1036 dq_entry->required_solutions = ntohl (sets->set_count);
1037 dq_entry->parent_set = current_set;
1038
1039 GNUNET_CONTAINER_DLL_insert (current_set->queue_entries_head,
1040 current_set->queue_entries_tail,
1041 dq_entry);
1042 // Each AND
1043 for (uint32_t j = 0; j < ntohl (sets->set_count); j++)
1044 {
1045 ds_entry = GNUNET_new (struct DelegationSetQueueEntry);
1046 GNUNET_CONTAINER_DLL_insert (vrh->dsq_head, vrh->dsq_tail, ds_entry);
1047 ds_entry->from_bw = true;
1048
1049 if (NULL != current_set->attr_trailer)
1050 {
1051 if (0 == set[j].subject_attribute_len)
1052 {
1053 GNUNET_asprintf (&expanded_attr, "%s", current_set->attr_trailer);
1054 }
1055 else
1056 {
1057 GNUNET_asprintf (&expanded_attr,
1058 "%s.%s",
1059 set[j].subject_attribute,
1060 current_set->attr_trailer);
1061 }
1062 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Expanded to %s\n", expanded_attr);
1063 ds_entry->unresolved_attribute_delegation = expanded_attr;
1064 }
1065 else
1066 {
1067 if (0 != set[j].subject_attribute_len)
1068 {
1069 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1070 "Not Expanding %s\n",
1071 set[j].subject_attribute);
1072 ds_entry->unresolved_attribute_delegation =
1073 GNUNET_strdup (set[j].subject_attribute);
1074 }
1075 }
1076
1077 // Add a credential chain entry
1078 ds_entry->delegation_chain_entry =
1079 GNUNET_new (struct DelegationChainEntry);
1080 ds_entry->delegation_chain_entry->subject_key = set[j].subject_key;
1081 ds_entry->issuer_key = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPublicKey);
1082 GNUNET_memcpy (ds_entry->issuer_key,
1083 &set[j].subject_key,
1084 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
1085 if (0 < set[j].subject_attribute_len)
1086 ds_entry->delegation_chain_entry->subject_attribute =
1087 GNUNET_strdup (set[j].subject_attribute);
1088 ds_entry->delegation_chain_entry->issuer_key = *current_set->issuer_key;
1089 ds_entry->delegation_chain_entry->issuer_attribute =
1090 GNUNET_strdup (current_set->lookup_attribute);
1091
1092 // Found new entry, repoting intermediate result
1093 send_intermediate_response(vrh, ds_entry->delegation_chain_entry, true);
1094
1095 ds_entry->parent_queue_entry = dq_entry; // current_delegation;
1096
1097 /**
1098 * Check if this delegation already matches one of our credentials
1099 */
1100 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Checking for cred match\n");
1101
1102 for (del_pointer = vrh->del_chain_head; del_pointer != NULL;
1103 del_pointer = del_pointer->next)
1104 {
1105 // If key and attribute match credential: continue and backtrack
1106 if (0 != memcmp (&set[j].subject_key,
1107 &del_pointer->delegate->issuer_key,
1108 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
1109 continue;
1110 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1111 "Checking if %s matches %s\n",
1112 ds_entry->unresolved_attribute_delegation,
1113 del_pointer->delegate->issuer_attribute);
1114
1115 if (0 != strcmp (ds_entry->unresolved_attribute_delegation,
1116 del_pointer->delegate->issuer_attribute))
1117 continue;
1118
1119 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Found issuer\n");
1120 // increase refcount of the start delegation
1121 del_pointer->refcount++;
1122
1123 // Backtrack
1124 for (tmp_set = ds_entry; NULL != tmp_set->parent_queue_entry;
1125 tmp_set = tmp_set->parent_queue_entry->parent_set)
1126 {
1127 tmp_set->parent_queue_entry->required_solutions--;
1128 if (NULL != tmp_set->delegation_chain_entry)
1129 {
1130 vrh->delegation_chain_size++;
1131 GNUNET_CONTAINER_DLL_insert (vrh->delegation_chain_head,
1132 vrh->delegation_chain_tail,
1133 tmp_set->delegation_chain_entry);
1134 }
1135 if (0 < tmp_set->parent_queue_entry->required_solutions)
1136 break;
1137 }
1138
1139 // if the break above is not called the condition of the for is met
1140 if (NULL == tmp_set->parent_queue_entry)
1141 {
1142 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "All solutions found\n");
1143 // Found match
1144 send_lookup_response (vrh);
1145 return;
1146 }
1147 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Not all solutions found yet.\n");
1148 continue;
1149 }
1150
1151 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1152 "Building new lookup request from %s\n",
1153 ds_entry->unresolved_attribute_delegation);
1154 // Continue with next/new backward resolution
1155 char issuer_attribute_name[strlen (
1156 ds_entry->unresolved_attribute_delegation) +
1157 1];
1158 strcpy (issuer_attribute_name, ds_entry->unresolved_attribute_delegation);
1159 char *next_attr = strtok (issuer_attribute_name, ".");
1160 if (NULL == next_attr)
1161 {
1162 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1163 "Failed to parse next attribute\n");
1164 continue;
1165 }
1166 GNUNET_asprintf (&lookup_attribute, "%s", next_attr);
1167 GNUNET_asprintf (&ds_entry->lookup_attribute, "%s", next_attr);
1168 if (strlen (next_attr) ==
1169 strlen (ds_entry->unresolved_attribute_delegation))
1170 {
1171 ds_entry->attr_trailer = NULL;
1172 }
1173 else
1174 {
1175 next_attr += strlen (next_attr) + 1;
1176 ds_entry->attr_trailer = GNUNET_strdup (next_attr);
1177 }
1178
1179 // Check for bidirectional crossmatch
1180 for (struct DelegationSetQueueEntry *del_entry = vrh->dsq_head;
1181 del_entry != NULL;
1182 del_entry = del_entry->next)
1183 {
1184 // only check entries added by forward algorithm
1185 if (!del_entry->from_bw)
1186 {
1187 // key of list entry matches actual key
1188 if (0 == memcmp (&del_entry->delegation_chain_entry->issuer_key,
1189 &ds_entry->delegation_chain_entry->subject_key,
1190 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
1191 {
1192 // compare entry subject attributes to this trailer (iss attr + old trailer)
1193 if (0 == strcmp (del_entry->attr_trailer,
1194 ds_entry->unresolved_attribute_delegation))
1195 {
1196 print_deleset (del_entry, "Backward:");
1197 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1198 "Backward: Found match with above!\n");
1199
1200 // if one node on the path still needs solutions: return
1201 if (GNUNET_NO ==
1202 handle_bidirectional_match (del_entry, ds_entry, vrh))
1203 break;
1204
1205 // Send lookup response
1206 send_lookup_response (vrh);
1207 return;
1208 }
1209 }
1210 }
1211 }
1212
1213 // Starting a new GNS lookup
1214 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1215 "Looking up %s\n",
1216 ds_entry->lookup_attribute);
1217 if (NULL != ds_entry->attr_trailer)
1218 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1219 "%s still to go...\n",
1220 ds_entry->attr_trailer);
1221
1222 vrh->pending_lookups++;
1223 ds_entry->handle = vrh;
1224 ds_entry->lookup_request =
1225 GNUNET_GNS_lookup (gns,
1226 lookup_attribute,
1227 ds_entry->issuer_key, // issuer_key,
1228 GNUNET_GNSRECORD_TYPE_ATTRIBUTE,
1229 GNUNET_GNS_LO_DEFAULT,
1230 &backward_resolution,
1231 ds_entry);
1232
1233 GNUNET_free (lookup_attribute);
1234 }
1235 }
1236
1237 if (0 == vrh->pending_lookups)
1238 {
1239 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "We are all out of attributes...\n");
1240 send_lookup_response (vrh);
1241 return;
1242 }
1243}
1244
1245
1246/**
1247 * Result from GNS lookup.
1248 *
1249 * @param cls the closure (our client lookup handle)
1250 */
1251static int
1252delegation_chain_bw_resolution_start (void *cls)
1253{
1254 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Start Backward Resolution...\n");
1255
1256 struct VerifyRequestHandle *vrh = cls;
1257 struct DelegationSetQueueEntry *ds_entry;
1258 struct DelegateRecordEntry *del_entry;
1259
1260 if (0 == vrh->del_chain_size)
1261 {
1262 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No delegates found\n");
1263 send_lookup_response (vrh);
1264 return 1;
1265 }
1266
1267 // Pre-check with vrh->dele_chain_.. if match issuer_key
1268 // Backward: check every cred entry if match issuer key
1269 // otherwise: start at issuer and go down till match
1270 // A.a <- ...
1271 // X.x <- C
1272 // Y.y <- C
1273 // if not X.x or Y.y == A.a start at A
1274 for (del_entry = vrh->del_chain_head; del_entry != NULL;
1275 del_entry = del_entry->next)
1276 {
1277 if (0 != memcmp (&del_entry->delegate->issuer_key,
1278 &vrh->issuer_key,
1279 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
1280 continue;
1281 if (0 !=
1282 strcmp (del_entry->delegate->issuer_attribute, vrh->issuer_attribute))
1283 continue;
1284 del_entry->refcount++;
1285 // Found match prematurely
1286 send_lookup_response (vrh);
1287 return 1;
1288 }
1289
1290
1291 //Check for attributes from the issuer and follow the chain
1292 //till you get the required subject's attributes
1293 char issuer_attribute_name[strlen (vrh->issuer_attribute) + 1];
1294 strcpy (issuer_attribute_name, vrh->issuer_attribute);
1295 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1296 "Looking up %s\n",
1297 issuer_attribute_name);
1298 ds_entry = GNUNET_new (struct DelegationSetQueueEntry);
1299 GNUNET_CONTAINER_DLL_insert (vrh->dsq_head, vrh->dsq_tail, ds_entry);
1300 ds_entry->from_bw = true;
1301 ds_entry->issuer_key = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPublicKey);
1302 GNUNET_memcpy (ds_entry->issuer_key,
1303 &vrh->issuer_key,
1304 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
1305 ds_entry->issuer_attribute = GNUNET_strdup (vrh->issuer_attribute);
1306
1307 ds_entry->delegation_chain_entry = GNUNET_new (struct DelegationChainEntry);
1308 ds_entry->delegation_chain_entry->issuer_key = vrh->issuer_key;
1309 ds_entry->delegation_chain_entry->issuer_attribute =
1310 GNUNET_strdup (vrh->issuer_attribute);
1311
1312 ds_entry->handle = vrh;
1313 ds_entry->lookup_attribute = GNUNET_strdup (vrh->issuer_attribute);
1314 ds_entry->unresolved_attribute_delegation = NULL;
1315 vrh->pending_lookups = 1;
1316
1317 // Start with backward resolution
1318 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Start Backward Resolution\n");
1319
1320 ds_entry->lookup_request = GNUNET_GNS_lookup (gns,
1321 issuer_attribute_name,
1322 &vrh->issuer_key, // issuer_key,
1323 GNUNET_GNSRECORD_TYPE_ATTRIBUTE,
1324 GNUNET_GNS_LO_DEFAULT,
1325 &backward_resolution,
1326 ds_entry);
1327 return 0;
1328}
1329
1330static int
1331delegation_chain_fw_resolution_start (void *cls)
1332{
1333 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Start Forward Resolution...\n");
1334
1335 struct VerifyRequestHandle *vrh = cls;
1336 struct DelegationSetQueueEntry *ds_entry;
1337 struct DelegateRecordEntry *del_entry;
1338
1339 // set to 0 and increase on each lookup: for fw multiple lookups (may be) started
1340 vrh->pending_lookups = 0;
1341
1342 if (0 == vrh->del_chain_size)
1343 {
1344 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No delegations found\n");
1345 send_lookup_response (vrh);
1346 return 1;
1347 }
1348
1349 // Pre-check with vrh->dele_chain_.. if match issuer_key
1350 // otherwise FW: start mutliple lookups for each vrh->dele_chain
1351 // A.a <- ...
1352 // X.x <- C
1353 // Y.y <- C
1354 // if not X.x or Y.y == A.a start at X and at Y
1355 for (del_entry = vrh->del_chain_head; del_entry != NULL;
1356 del_entry = del_entry->next)
1357 {
1358 if (0 != memcmp (&del_entry->delegate->issuer_key,
1359 &vrh->issuer_key,
1360 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
1361 continue;
1362 if (0 !=
1363 strcmp (del_entry->delegate->issuer_attribute, vrh->issuer_attribute))
1364 continue;
1365 del_entry->refcount++;
1366 // Found match prematurely
1367 send_lookup_response (vrh);
1368 return 1;
1369 }
1370
1371 // None match, therefore start for every delegation found a lookup chain
1372 // Return and end collect process on first chain iss <-> sub found
1373
1374 // ds_entry created belongs to the first lookup, vrh still has the
1375 // issuer+attr we look for
1376 for (del_entry = vrh->del_chain_head; del_entry != NULL;
1377 del_entry = del_entry->next)
1378 {
1379
1380 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1381 "Looking for %s.%s\n",
1382 GNUNET_CRYPTO_ecdsa_public_key_to_string (
1383 &del_entry->delegate->issuer_key),
1384 del_entry->delegate->issuer_attribute);
1385
1386 ds_entry = GNUNET_new (struct DelegationSetQueueEntry);
1387 GNUNET_CONTAINER_DLL_insert (vrh->dsq_head, vrh->dsq_tail, ds_entry);
1388 ds_entry->from_bw = false;
1389 ds_entry->issuer_key = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPublicKey);
1390 GNUNET_memcpy (ds_entry->issuer_key,
1391 &del_entry->delegate->subject_key,
1392 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
1393
1394 ds_entry->delegation_chain_entry = GNUNET_new (struct DelegationChainEntry);
1395 ds_entry->delegation_chain_entry->subject_key = del_entry->delegate->subject_key;
1396 ds_entry->delegation_chain_entry->subject_attribute = NULL;
1397 ds_entry->delegation_chain_entry->issuer_key = del_entry->delegate->issuer_key;
1398 ds_entry->delegation_chain_entry->issuer_attribute =
1399 GNUNET_strdup (del_entry->delegate->issuer_attribute);
1400
1401 ds_entry->attr_trailer =
1402 GNUNET_strdup (del_entry->delegate->issuer_attribute);
1403 ds_entry->handle = vrh;
1404
1405 vrh->pending_lookups++;
1406 // Start with forward resolution
1407 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Start Forward Resolution\n");
1408
1409 ds_entry->lookup_request =
1410 GNUNET_GNS_lookup (gns,
1411 GNUNET_GNS_EMPTY_LABEL_AT,
1412 &del_entry->delegate->issuer_key, // issuer_key,
1413 GNUNET_GNSRECORD_TYPE_DELEGATE,
1414 GNUNET_GNS_LO_DEFAULT,
1415 &forward_resolution,
1416 ds_entry);
1417 }
1418 return 0;
1419}
1420
1421static int
1422check_verify (void *cls, const struct VerifyMessage *v_msg)
1423{
1424 size_t msg_size;
1425 const char *attr;
1426
1427 msg_size = ntohs (v_msg->header.size);
1428 if (msg_size < sizeof (struct VerifyMessage))
1429 {
1430 GNUNET_break (0);
1431 return GNUNET_SYSERR;
1432 }
1433 if (ntohs (v_msg->issuer_attribute_len) > GNUNET_CREDENTIAL_MAX_LENGTH)
1434 {
1435 GNUNET_break (0);
1436 return GNUNET_SYSERR;
1437 }
1438 attr = (const char *) &v_msg[1];
1439
1440 if (strlen (attr) > GNUNET_CREDENTIAL_MAX_LENGTH)
1441 {
1442 GNUNET_break (0);
1443 return GNUNET_SYSERR;
1444 }
1445 return GNUNET_OK;
1446}
1447
1448static void
1449handle_verify (void *cls, const struct VerifyMessage *v_msg)
1450{
1451 struct VerifyRequestHandle *vrh;
1452 struct GNUNET_SERVICE_Client *client = cls;
1453 struct DelegateRecordEntry *del_entry;
1454 uint32_t delegate_count;
1455 uint32_t delegate_data_size;
1456 char attr[GNUNET_CREDENTIAL_MAX_LENGTH + 1];
1457 char issuer_attribute[GNUNET_CREDENTIAL_MAX_LENGTH + 1];
1458 char *attrptr = attr;
1459 char *delegate_data;
1460 const char *utf_in;
1461
1462 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Received VERIFY message\n");
1463 utf_in = (const char *) &v_msg[1];
1464 GNUNET_STRINGS_utf8_tolower (utf_in, attrptr);
1465 GNUNET_memcpy (issuer_attribute, attr, ntohs (v_msg->issuer_attribute_len));
1466 issuer_attribute[ntohs (v_msg->issuer_attribute_len)] = '\0';
1467 vrh = GNUNET_new (struct VerifyRequestHandle);
1468 vrh->is_collect = false;
1469 GNUNET_CONTAINER_DLL_insert (vrh_head, vrh_tail, vrh);
1470 vrh->client = client;
1471 vrh->request_id = v_msg->id;
1472 vrh->issuer_key = v_msg->issuer_key;
1473 vrh->subject_key = v_msg->subject_key;
1474 vrh->issuer_attribute = GNUNET_strdup (issuer_attribute);
1475 vrh->resolution_algo = ntohs (v_msg->resolution_algo);
1476
1477 vrh->del_chain_head = NULL;
1478 vrh->del_chain_tail = NULL;
1479 vrh->dsq_head = NULL;
1480 vrh->dsq_tail = NULL;
1481 vrh->del_chain_head = NULL;
1482 vrh->del_chain_tail = NULL;
1483
1484 GNUNET_SERVICE_client_continue (vrh->client);
1485 if (0 == strlen (issuer_attribute))
1486 {
1487 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No issuer attribute provided!\n");
1488 send_lookup_response (vrh);
1489 return;
1490 }
1491
1492 // Parse delegates from verifaction message
1493 delegate_count = ntohl (v_msg->d_count);
1494 delegate_data_size = ntohs (v_msg->header.size) -
1495 sizeof (struct VerifyMessage) -
1496 ntohs (v_msg->issuer_attribute_len) - 1;
1497 struct GNUNET_CREDENTIAL_Delegate delegates[delegate_count];
1498 memset (delegates,
1499 0,
1500 sizeof (struct GNUNET_CREDENTIAL_Delegate) * delegate_count);
1501 delegate_data = (char *) &v_msg[1] + ntohs (v_msg->issuer_attribute_len) + 1;
1502 if (GNUNET_OK != GNUNET_CREDENTIAL_delegates_deserialize (delegate_data_size,
1503 delegate_data,
1504 delegate_count,
1505 delegates))
1506 {
1507 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Cannot deserialize delegates!\n");
1508 send_lookup_response (vrh);
1509 return;
1510 }
1511
1512 // Prepare vrh delegation chain for later validation
1513 for (uint32_t i = 0; i < delegate_count; i++)
1514 {
1515 del_entry = GNUNET_new (struct DelegateRecordEntry);
1516 del_entry->delegate =
1517 GNUNET_malloc (sizeof (struct GNUNET_CREDENTIAL_Delegate) +
1518 delegates[i].issuer_attribute_len + 1);
1519 GNUNET_memcpy (del_entry->delegate,
1520 &delegates[i],
1521 sizeof (struct GNUNET_CREDENTIAL_Delegate));
1522 GNUNET_memcpy (&del_entry->delegate[1],
1523 delegates[i].issuer_attribute,
1524 delegates[i].issuer_attribute_len);
1525 del_entry->delegate->issuer_attribute_len =
1526 delegates[i].issuer_attribute_len;
1527 del_entry->delegate->issuer_attribute = (char *) &del_entry->delegate[1];
1528 GNUNET_CONTAINER_DLL_insert_tail (vrh->del_chain_head,
1529 vrh->del_chain_tail,
1530 del_entry);
1531 vrh->del_chain_size++;
1532 }
1533
1534 // Switch resolution algo
1535 if (GNUNET_CREDENTIAL_FLAG_BACKWARD & vrh->resolution_algo &&
1536 GNUNET_CREDENTIAL_FLAG_FORWARD & vrh->resolution_algo)
1537 {
1538 if(1 == delegation_chain_fw_resolution_start (vrh))
1539 return;
1540 delegation_chain_bw_resolution_start (vrh);
1541 }
1542 else if (GNUNET_CREDENTIAL_FLAG_BACKWARD & vrh->resolution_algo)
1543 {
1544 delegation_chain_bw_resolution_start (vrh);
1545 }
1546 else if (GNUNET_CREDENTIAL_FLAG_FORWARD & vrh->resolution_algo)
1547 {
1548 delegation_chain_fw_resolution_start (vrh);
1549 }
1550}
1551
1552static void
1553handle_delegate_collection_error_cb (void *cls)
1554{
1555 struct VerifyRequestHandle *vrh = cls;
1556 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1557 "Got disconnected from namestore database.\n");
1558 vrh->dele_qe = NULL;
1559 send_lookup_response (vrh);
1560}
1561
1562static void
1563delegate_collection_finished (void *cls)
1564{
1565 struct VerifyRequestHandle *vrh = cls;
1566 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Done collecting delegates.\n");
1567
1568 // if both are set: bidirectional search, meaning start both chain resolutions
1569 if (GNUNET_CREDENTIAL_FLAG_BACKWARD & vrh->resolution_algo &&
1570 GNUNET_CREDENTIAL_FLAG_FORWARD & vrh->resolution_algo)
1571 {
1572 // if premature match found don't start bw resultion
1573 if(1 == delegation_chain_fw_resolution_start (vrh))
1574 return;
1575 delegation_chain_bw_resolution_start (vrh);
1576 }
1577 else if (GNUNET_CREDENTIAL_FLAG_BACKWARD & vrh->resolution_algo)
1578 {
1579 delegation_chain_bw_resolution_start (vrh);
1580 }
1581 else if (GNUNET_CREDENTIAL_FLAG_FORWARD & vrh->resolution_algo)
1582 {
1583 delegation_chain_fw_resolution_start (vrh);
1584 }
1585}
1586
1587static void
1588handle_delegate_collection_cb (void *cls,
1589 const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
1590 const char *label,
1591 unsigned int rd_count,
1592 const struct GNUNET_GNSRECORD_Data *rd)
1593{
1594 struct VerifyRequestHandle *vrh = cls;
1595 struct GNUNET_CREDENTIAL_Delegate *del;
1596 struct DelegateRecordEntry *del_entry;
1597 int cred_record_count;
1598 cred_record_count = 0;
1599 vrh->dele_qe = NULL;
1600
1601 for (uint32_t i = 0; i < rd_count; i++)
1602 {
1603 if (GNUNET_GNSRECORD_TYPE_DELEGATE != rd[i].record_type)
1604 continue;
1605 cred_record_count++;
1606 del = GNUNET_CREDENTIAL_delegate_deserialize (rd[i].data, rd[i].data_size);
1607 if (NULL == del)
1608 {
1609 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "Invalid delegate found\n");
1610 continue;
1611 }
1612 // only add the entries that are explicity marked as private
1613 // and therefor symbolize the end of a chain
1614 if (rd[i].flags & GNUNET_GNSRECORD_RF_PRIVATE)
1615 {
1616 del_entry = GNUNET_new (struct DelegateRecordEntry);
1617 del_entry->delegate = del;
1618 GNUNET_CONTAINER_DLL_insert_tail (vrh->del_chain_head,
1619 vrh->del_chain_tail,
1620 del_entry);
1621 vrh->del_chain_size++;
1622 }
1623 }
1624
1625 delegate_collection_finished (vrh);
1626}
1627
1628static void
1629handle_collect (void *cls, const struct CollectMessage *c_msg)
1630{
1631 char attr[GNUNET_CREDENTIAL_MAX_LENGTH + 1];
1632 char issuer_attribute[GNUNET_CREDENTIAL_MAX_LENGTH + 1];
1633 struct VerifyRequestHandle *vrh;
1634 struct GNUNET_SERVICE_Client *client = cls;
1635 char *attrptr = attr;
1636 const char *utf_in;
1637
1638 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Received COLLECT message\n");
1639
1640 utf_in = (const char *) &c_msg[1];
1641 GNUNET_STRINGS_utf8_tolower (utf_in, attrptr);
1642
1643 GNUNET_memcpy (issuer_attribute, attr, ntohs (c_msg->issuer_attribute_len));
1644 issuer_attribute[ntohs (c_msg->issuer_attribute_len)] = '\0';
1645 vrh = GNUNET_new (struct VerifyRequestHandle);
1646 vrh->is_collect = true;
1647 GNUNET_CONTAINER_DLL_insert (vrh_head, vrh_tail, vrh);
1648 vrh->client = client;
1649 vrh->request_id = c_msg->id;
1650 vrh->issuer_key = c_msg->issuer_key;
1651 GNUNET_CRYPTO_ecdsa_key_get_public (&c_msg->subject_key, &vrh->subject_key);
1652 vrh->issuer_attribute = GNUNET_strdup (issuer_attribute);
1653 vrh->resolution_algo = ntohs (c_msg->resolution_algo);
1654
1655 vrh->del_chain_head = NULL;
1656 vrh->del_chain_tail = NULL;
1657 vrh->dsq_head = NULL;
1658 vrh->dsq_tail = NULL;
1659 vrh->del_chain_head = NULL;
1660 vrh->del_chain_tail = NULL;
1661
1662 if (0 == strlen (issuer_attribute))
1663 {
1664 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No issuer attribute provided!\n");
1665 send_lookup_response (vrh);
1666 return;
1667 }
1668 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Getting delegates for subject\n");
1669
1670 // Get all delegates from subject
1671 vrh->dele_qe =
1672 GNUNET_NAMESTORE_records_lookup (namestore,
1673 &c_msg->subject_key,
1674 GNUNET_GNS_EMPTY_LABEL_AT,
1675 &handle_delegate_collection_error_cb,
1676 vrh,
1677 &handle_delegate_collection_cb,
1678 vrh);
1679 GNUNET_SERVICE_client_continue (vrh->client);
1680}
1681
1682
1683static int
1684check_collect (void *cls, const struct CollectMessage *c_msg)
1685{
1686 size_t msg_size;
1687 const char *attr;
1688
1689 msg_size = ntohs (c_msg->header.size);
1690 if (msg_size < sizeof (struct CollectMessage))
1691 {
1692 GNUNET_break (0);
1693 return GNUNET_SYSERR;
1694 }
1695 if (ntohs (c_msg->issuer_attribute_len) > GNUNET_CREDENTIAL_MAX_LENGTH)
1696 {
1697 GNUNET_break (0);
1698 return GNUNET_SYSERR;
1699 }
1700 attr = (const char *) &c_msg[1];
1701
1702 if (('\0' != attr[msg_size - sizeof (struct CollectMessage) - 1]) ||
1703 (strlen (attr) > GNUNET_CREDENTIAL_MAX_LENGTH))
1704 {
1705 GNUNET_break (0);
1706 return GNUNET_SYSERR;
1707 }
1708 return GNUNET_OK;
1709}
1710
1711static void
1712client_disconnect_cb (void *cls,
1713 struct GNUNET_SERVICE_Client *client,
1714 void *app_ctx)
1715{
1716 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Client %p disconnected\n", client);
1717}
1718
1719static void *
1720client_connect_cb (void *cls,
1721 struct GNUNET_SERVICE_Client *client,
1722 struct GNUNET_MQ_Handle *mq)
1723{
1724 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Client %p connected\n", client);
1725 return client;
1726}
1727
1728/**
1729 * Process Credential requests.
1730 *
1731 * @param cls closure
1732 * @param c configuration to use
1733 * @param handle service handle
1734 */
1735static void
1736run (void *cls,
1737 const struct GNUNET_CONFIGURATION_Handle *c,
1738 struct GNUNET_SERVICE_Handle *handle)
1739{
1740
1741 gns = GNUNET_GNS_connect (c);
1742 if (NULL == gns)
1743 {
1744 fprintf (stderr, _ ("Failed to connect to GNS\n"));
1745 }
1746 namestore = GNUNET_NAMESTORE_connect (c);
1747 if (NULL == namestore)
1748 {
1749 fprintf (stderr, _ ("Failed to connect to namestore\n"));
1750 }
1751
1752 statistics = GNUNET_STATISTICS_create ("credential", c);
1753 GNUNET_SCHEDULER_add_shutdown (&shutdown_task, NULL);
1754}
1755
1756
1757/**
1758 * Define "main" method using service macro
1759 */
1760GNUNET_SERVICE_MAIN (
1761 "credential",
1762 GNUNET_SERVICE_OPTION_NONE,
1763 &run,
1764 &client_connect_cb,
1765 &client_disconnect_cb,
1766 NULL,
1767 GNUNET_MQ_hd_var_size (verify,
1768 GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY,
1769 struct VerifyMessage,
1770 NULL),
1771 GNUNET_MQ_hd_var_size (collect,
1772 GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT,
1773 struct CollectMessage,
1774 NULL),
1775 GNUNET_MQ_handler_end ());
1776
1777/* end of gnunet-service-credential.c */
diff --git a/src/credential/plugin_gnsrecord_credential.c b/src/credential/plugin_gnsrecord_credential.c
deleted file mode 100644
index 088c4dd0e..000000000
--- a/src/credential/plugin_gnsrecord_credential.c
+++ /dev/null
@@ -1,350 +0,0 @@
1/*
2 This file is part of GNUnet
3 Copyright (C) 2013 GNUnet e.V.
4
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
14
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18 SPDX-License-Identifier: AGPL3.0-or-later
19*/
20
21/**
22 * @file credential/plugin_gnsrecord_credential.c
23 * @brief gnsrecord plugin to provide the API for CREDENTIAL records
24 * @author Martin Schanzenbach
25 */
26#include "platform.h"
27
28#include "gnunet_util_lib.h"
29
30#include "delegate_misc.h"
31#include "credential_serialization.h"
32#include "gnunet_credential_service.h"
33#include "gnunet_gnsrecord_lib.h"
34#include "gnunet_gnsrecord_plugin.h"
35#include "gnunet_signatures.h"
36/**
37 * Convert the 'value' of a record to a string.
38 *
39 * @param cls closure, unused
40 * @param type type of the record
41 * @param data value in binary encoding
42 * @param data_size number of bytes in @a data
43 * @return NULL on error, otherwise human-readable representation of the value
44 */
45static char *
46credential_value_to_string (void *cls,
47 uint32_t type,
48 const void *data,
49 size_t data_size)
50{
51 const char *cdata;
52
53 switch (type)
54 {
55 case GNUNET_GNSRECORD_TYPE_ATTRIBUTE:
56 {
57 struct GNUNET_CREDENTIAL_DelegationRecord sets;
58 char *attr_str;
59 char *subject_pkey;
60 char *tmp_str;
61 int i;
62 if (data_size < sizeof (struct GNUNET_CREDENTIAL_DelegationRecord))
63 return NULL; /* malformed */
64
65 GNUNET_memcpy (&sets, data, sizeof (sets));
66 cdata = data;
67
68 struct GNUNET_CREDENTIAL_DelegationSet set[ntohl (sets.set_count)];
69 if (GNUNET_OK !=
70 GNUNET_CREDENTIAL_delegation_set_deserialize (GNUNET_ntohll (
71 sets.data_size),
72 &cdata[sizeof (sets)],
73 ntohl (sets.set_count),
74 set))
75 return NULL;
76
77 for (i = 0; i < ntohl (sets.set_count); i++)
78 {
79 subject_pkey =
80 GNUNET_CRYPTO_ecdsa_public_key_to_string (&set[i].subject_key);
81
82 if (0 == set[i].subject_attribute_len)
83 {
84 if (0 == i)
85 {
86 GNUNET_asprintf (&attr_str, "%s", subject_pkey);
87 }
88 else
89 {
90 GNUNET_asprintf (&tmp_str, "%s,%s", attr_str, subject_pkey);
91 GNUNET_free (attr_str);
92 attr_str = tmp_str;
93 }
94 }
95 else
96 {
97 if (0 == i)
98 {
99 GNUNET_asprintf (&attr_str,
100 "%s %s",
101 subject_pkey,
102 set[i].subject_attribute);
103 }
104 else
105 {
106 GNUNET_asprintf (&tmp_str,
107 "%s,%s %s",
108 attr_str,
109 subject_pkey,
110 set[i].subject_attribute);
111 GNUNET_free (attr_str);
112 attr_str = tmp_str;
113 }
114 }
115 GNUNET_free (subject_pkey);
116 }
117 return attr_str;
118 }
119 case GNUNET_GNSRECORD_TYPE_DELEGATE:
120 {
121 struct GNUNET_CREDENTIAL_Delegate *cred;
122 char *cred_str;
123
124 cred = GNUNET_CREDENTIAL_delegate_deserialize (data, data_size);
125 cred_str = GNUNET_CREDENTIAL_delegate_to_string (cred);
126 GNUNET_free (cred);
127 return cred_str;
128 }
129 default:
130 return NULL;
131 }
132}
133
134
135/**
136 * Convert human-readable version of a 'value' of a record to the binary
137 * representation.
138 *
139 * @param cls closure, unused
140 * @param type type of the record
141 * @param s human-readable string
142 * @param data set to value in binary encoding (will be allocated)
143 * @param data_size set to number of bytes in @a data
144 * @return #GNUNET_OK on success
145 */
146static int
147credential_string_to_value (void *cls,
148 uint32_t type,
149 const char *s,
150 void **data,
151 size_t *data_size)
152{
153 if (NULL == s)
154 return GNUNET_SYSERR;
155 switch (type)
156 {
157 case GNUNET_GNSRECORD_TYPE_ATTRIBUTE:
158 {
159 struct GNUNET_CREDENTIAL_DelegationRecord *sets;
160 char attr_str[253 + 1];
161 char subject_pkey[52 + 1];
162 char *token;
163 char *tmp_str;
164 int matches = 0;
165 int entries;
166 size_t tmp_data_size;
167 int i;
168
169 tmp_str = GNUNET_strdup (s);
170 token = strtok (tmp_str, ",");
171 entries = 0;
172 tmp_data_size = 0;
173 *data_size = sizeof (struct GNUNET_CREDENTIAL_DelegationRecord);
174 while (NULL != token)
175 {
176 // also fills the variables subject_pley and attr_str if "regex"-like match
177 matches = SSCANF (token, "%s %s", subject_pkey, attr_str);
178
179 if (0 == matches)
180 {
181 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
182 _ ("Unable to parse ATTR record string `%s'\n"),
183 s);
184 GNUNET_free (tmp_str);
185 return GNUNET_SYSERR;
186 }
187
188 entries++;
189 token = strtok (NULL, ",");
190 }
191 GNUNET_free (tmp_str);
192
193 tmp_str = GNUNET_strdup (s);
194 token = strtok (tmp_str, ",");
195 if (NULL == token)
196 {
197 GNUNET_free (tmp_str);
198 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Malformed string %s\n", s);
199 return GNUNET_SYSERR;
200 }
201
202 struct GNUNET_CREDENTIAL_DelegationSet set[entries];
203 // sets memory to be 0, starting at *set for the size of struct * entries
204 memset (set, 0, sizeof (struct GNUNET_CREDENTIAL_DelegationSet) * entries);
205 for (i = 0; i < entries; i++)
206 {
207 matches = SSCANF (token, "%s %s", subject_pkey, attr_str);
208
209 // sets the public key for the set entry
210 GNUNET_CRYPTO_ecdsa_public_key_from_string (subject_pkey,
211 strlen (subject_pkey),
212 &set[i].subject_key);
213
214 // If not just key, also set subject attribute (Not A.a <- B but A.a <- B.b)
215 if (2 == matches)
216 {
217 set[i].subject_attribute_len = strlen (attr_str) + 1;
218 set[i].subject_attribute = GNUNET_strdup (attr_str);
219 }
220 // If more entries, then token string can take the next entry (separated by ',') by calling strtok again
221 token = strtok (NULL, ",");
222 }
223 tmp_data_size = GNUNET_CREDENTIAL_delegation_set_get_size (entries, set);
224
225 if (-1 == tmp_data_size)
226 {
227 GNUNET_free (tmp_str);
228 return GNUNET_SYSERR;
229 }
230 *data_size += tmp_data_size;
231 *data = sets = GNUNET_malloc (*data_size);
232 GNUNET_CREDENTIAL_delegation_set_serialize (entries,
233 set,
234 tmp_data_size,
235 (char *) &sets[1]);
236 for (i = 0; i < entries; i++)
237 {
238 if (0 != set[i].subject_attribute_len)
239 GNUNET_free ((char *) set[i].subject_attribute);
240 }
241 sets->set_count = htonl (entries);
242 sets->data_size = GNUNET_htonll (tmp_data_size);
243
244 GNUNET_free (tmp_str);
245 return GNUNET_OK;
246 }
247 case GNUNET_GNSRECORD_TYPE_DELEGATE:
248 {
249 struct GNUNET_CREDENTIAL_Delegate *cred;
250 cred = GNUNET_CREDENTIAL_delegate_from_string (s);
251
252 *data_size = GNUNET_CREDENTIAL_delegate_serialize (cred, (char **) data);
253
254 return GNUNET_OK;
255 }
256 default:
257 return GNUNET_SYSERR;
258 }
259}
260
261
262/**
263 * Mapping of record type numbers to human-readable
264 * record type names.
265 */
266static struct
267{
268 const char *name;
269 uint32_t number;
270} name_map[] = {{"CRED", GNUNET_GNSRECORD_TYPE_CREDENTIAL},
271 {"ATTR", GNUNET_GNSRECORD_TYPE_ATTRIBUTE},
272 {"DEL", GNUNET_GNSRECORD_TYPE_DELEGATE},
273 {NULL, UINT32_MAX}};
274
275
276/**
277 * Convert a type name (i.e. "AAAA") to the corresponding number.
278 *
279 * @param cls closure, unused
280 * @param gns_typename name to convert
281 * @return corresponding number, UINT32_MAX on error
282 */
283static uint32_t
284credential_typename_to_number (void *cls, const char *gns_typename)
285{
286 unsigned int i;
287
288 i = 0;
289 while ((name_map[i].name != NULL) &&
290 (0 != strcasecmp (gns_typename, name_map[i].name)))
291 i++;
292 return name_map[i].number;
293}
294
295
296/**
297 * Convert a type number (i.e. 1) to the corresponding type string (i.e. "A")
298 *
299 * @param cls closure, unused
300 * @param type number of a type to convert
301 * @return corresponding typestring, NULL on error
302 */
303static const char *
304credential_number_to_typename (void *cls, uint32_t type)
305{
306 unsigned int i;
307
308 i = 0;
309 while ((name_map[i].name != NULL) && (type != name_map[i].number))
310 i++;
311 return name_map[i].name;
312}
313
314
315/**
316 * Entry point for the plugin.
317 *
318 * @param cls NULL
319 * @return the exported block API
320 */
321void *
322libgnunet_plugin_gnsrecord_credential_init (void *cls)
323{
324 struct GNUNET_GNSRECORD_PluginFunctions *api;
325
326 api = GNUNET_new (struct GNUNET_GNSRECORD_PluginFunctions);
327 api->value_to_string = &credential_value_to_string;
328 api->string_to_value = &credential_string_to_value;
329 api->typename_to_number = &credential_typename_to_number;
330 api->number_to_typename = &credential_number_to_typename;
331 return api;
332}
333
334
335/**
336 * Exit point from the plugin.
337 *
338 * @param cls the return value from #libgnunet_plugin_block_test_init
339 * @return NULL
340 */
341void *
342libgnunet_plugin_gnsrecord_credential_done (void *cls)
343{
344 struct GNUNET_GNSRECORD_PluginFunctions *api = cls;
345
346 GNUNET_free (api);
347 return NULL;
348}
349
350/* end of plugin_gnsrecord_credential.c */
diff --git a/src/credential/plugin_rest_credential.c b/src/credential/plugin_rest_credential.c
deleted file mode 100644
index 513ddfff9..000000000
--- a/src/credential/plugin_rest_credential.c
+++ /dev/null
@@ -1,1174 +0,0 @@
1/*
2 This file is part of GNUnet.
3 Copyright (C) 2012-2016 GNUnet e.V.
4
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
14
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18 SPDX-License-Identifier: AGPL3.0-or-later
19 */
20/**
21 * @author Martin Schanzenbach
22 * @file credential/plugin_rest_credential.c
23 * @brief GNUnet CREDENTIAL REST plugin
24 *
25 */
26
27#include "platform.h"
28#include "gnunet_rest_plugin.h"
29#include <gnunet_identity_service.h>
30#include <gnunet_gnsrecord_lib.h>
31#include <gnunet_namestore_service.h>
32#include <gnunet_credential_service.h>
33#include <gnunet_rest_lib.h>
34#include <gnunet_jsonapi_lib.h>
35#include <gnunet_jsonapi_util.h>
36#include <jansson.h>
37
38#define GNUNET_REST_API_NS_CREDENTIAL "/credential"
39
40#define GNUNET_REST_API_NS_CREDENTIAL_ISSUE "/credential/issue"
41
42#define GNUNET_REST_API_NS_CREDENTIAL_VERIFY "/credential/verify"
43
44#define GNUNET_REST_API_NS_CREDENTIAL_COLLECT "/credential/collect"
45
46#define GNUNET_REST_JSONAPI_CREDENTIAL_EXPIRATION "expiration"
47
48#define GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_KEY "subject_key"
49
50#define GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_EGO "subject"
51
52#define GNUNET_REST_JSONAPI_CREDENTIAL "credential"
53
54#define GNUNET_REST_JSONAPI_CREDENTIAL_TYPEINFO "credential"
55
56#define GNUNET_REST_JSONAPI_DELEGATIONS "delegations"
57
58#define GNUNET_REST_JSONAPI_CREDENTIAL_ISSUER_ATTR "attribute"
59
60#define GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_ATTR "credential"
61
62/**
63 * @brief struct returned by the initialization function of the plugin
64 */
65struct Plugin
66{
67 const struct GNUNET_CONFIGURATION_Handle *cfg;
68};
69
70const struct GNUNET_CONFIGURATION_Handle *cfg;
71
72struct RequestHandle
73{
74 /**
75 * Handle to Credential service.
76 */
77 struct GNUNET_CREDENTIAL_Handle *credential;
78
79 /**
80 * Handle to lookup request
81 */
82 struct GNUNET_CREDENTIAL_Request *verify_request;
83
84 /**
85 * Handle to issue request
86 */
87 struct GNUNET_CREDENTIAL_Request *issue_request;
88
89 /**
90 * Handle to identity
91 */
92 struct GNUNET_IDENTITY_Handle *identity;
93
94 /**
95 * Handle to identity operation
96 */
97 struct GNUNET_IDENTITY_Operation *id_op;
98
99 /**
100 * Handle to ego lookup
101 */
102 struct GNUNET_IDENTITY_EgoLookup *ego_lookup;
103
104 /**
105 * Handle to rest request
106 */
107 struct GNUNET_REST_RequestHandle *rest_handle;
108
109 /**
110 * ID of a task associated with the resolution process.
111 */
112 struct GNUNET_SCHEDULER_Task *timeout_task;
113
114 /**
115 * The root of the received JSON or NULL
116 */
117 json_t *json_root;
118
119 /**
120 * The plugin result processor
121 */
122 GNUNET_REST_ResultProcessor proc;
123
124 /**
125 * The closure of the result processor
126 */
127 void *proc_cls;
128
129 /**
130 * The issuer attribute to verify
131 */
132 char *issuer_attr;
133
134 /**
135 * The subject attribute
136 */
137 char *subject_attr;
138
139 /**
140 * The public key of the issuer
141 */
142 struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key;
143
144 /**
145 * The public key of the subject
146 */
147 struct GNUNET_CRYPTO_EcdsaPublicKey subject_key;
148
149 /**
150 * HTTP response code
151 */
152 int response_code;
153
154 /**
155 * Timeout
156 */
157 struct GNUNET_TIME_Relative timeout;
158};
159
160
161/**
162 * Cleanup lookup handle.
163 *
164 * @param handle Handle to clean up
165 */
166static void
167cleanup_handle (struct RequestHandle *handle)
168{
169 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
170 "Cleaning up\n");
171 if (NULL != handle->json_root)
172 json_decref (handle->json_root);
173
174 if (NULL != handle->issuer_attr)
175 GNUNET_free (handle->issuer_attr);
176 if (NULL != handle->subject_attr)
177 GNUNET_free (handle->subject_attr);
178 if (NULL != handle->verify_request)
179 GNUNET_CREDENTIAL_request_cancel (handle->verify_request);
180 if (NULL != handle->credential)
181 GNUNET_CREDENTIAL_disconnect (handle->credential);
182 if (NULL != handle->id_op)
183 GNUNET_IDENTITY_cancel (handle->id_op);
184 if (NULL != handle->ego_lookup)
185 GNUNET_IDENTITY_ego_lookup_cancel (handle->ego_lookup);
186 if (NULL != handle->identity)
187 GNUNET_IDENTITY_disconnect (handle->identity);
188 if (NULL != handle->timeout_task)
189 {
190 GNUNET_SCHEDULER_cancel (handle->timeout_task);
191 }
192 GNUNET_free (handle);
193}
194
195
196static void
197do_error (void *cls)
198{
199 struct RequestHandle *handle = cls;
200 struct MHD_Response *resp;
201
202 resp = GNUNET_REST_create_response (NULL);
203 handle->proc (handle->proc_cls, resp, handle->response_code);
204 cleanup_handle (handle);
205}
206
207/**
208 * Attribute delegation to JSON
209 *
210 * @param delegation_chain_entry the DSE
211 * @return JSON, NULL if failed
212 */
213static json_t*
214attribute_delegation_to_json (struct
215 GNUNET_CREDENTIAL_Delegation *
216 delegation_chain_entry)
217{
218 char *subject;
219 char *issuer;
220 json_t *attr_obj;
221
222 issuer = GNUNET_CRYPTO_ecdsa_public_key_to_string (
223 &delegation_chain_entry->issuer_key);
224 if (NULL == issuer)
225 {
226 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
227 "Issuer in delegation malformed\n");
228 return NULL;
229 }
230 subject = GNUNET_CRYPTO_ecdsa_public_key_to_string (
231 &delegation_chain_entry->subject_key);
232 if (NULL == subject)
233 {
234 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
235 "Subject in credential malformed\n");
236 GNUNET_free (issuer);
237 return NULL;
238 }
239 attr_obj = json_object ();
240
241 json_object_set_new (attr_obj, "issuer", json_string (issuer));
242 json_object_set_new (attr_obj, "issuer_attribute",
243 json_string (delegation_chain_entry->issuer_attribute));
244
245 json_object_set_new (attr_obj, "subject", json_string (subject));
246 if (0 < delegation_chain_entry->subject_attribute_len)
247 {
248 json_object_set_new (attr_obj, "subject_attribute",
249 json_string (
250 delegation_chain_entry->subject_attribute));
251 }
252 GNUNET_free (issuer);
253 GNUNET_free (subject);
254 return attr_obj;
255}
256
257/**
258 * JSONAPI resource to Credential
259 *
260 * @param res the JSONAPI resource
261 * @return the resulting credential, NULL if failed
262 */
263static struct GNUNET_CREDENTIAL_Credential*
264json_to_credential (json_t *res)
265{
266 struct GNUNET_CREDENTIAL_Credential *cred;
267 json_t *tmp;
268 const char *attribute;
269 const char *signature;
270 char *sig;
271
272 tmp = json_object_get (res, "attribute");
273 if (0 == json_is_string (tmp))
274 {
275 return NULL;
276 }
277 attribute = json_string_value (tmp);
278 cred = GNUNET_malloc (sizeof(struct GNUNET_CREDENTIAL_Credential)
279 + strlen (attribute));
280 cred->issuer_attribute = attribute;
281 cred->issuer_attribute_len = strlen (attribute);
282 tmp = json_object_get (res, "issuer");
283 if (0 == json_is_string (tmp))
284 {
285 GNUNET_free (cred);
286 return NULL;
287 }
288
289 GNUNET_CRYPTO_ecdsa_public_key_from_string (json_string_value (tmp),
290 strlen (json_string_value (tmp)),
291 &cred->issuer_key);
292 tmp = json_object_get (res, "subject");
293 if (0 == json_is_string (tmp))
294 {
295 GNUNET_free (cred);
296 return NULL;
297 }
298 GNUNET_CRYPTO_ecdsa_public_key_from_string (json_string_value (tmp),
299 strlen (json_string_value (tmp)),
300 &cred->subject_key);
301
302 tmp = json_object_get (res, "signature");
303 if (0 == json_is_string (tmp))
304 {
305 GNUNET_free (cred);
306 return NULL;
307 }
308 signature = json_string_value (tmp);
309 GNUNET_STRINGS_base64_decode (signature,
310 strlen (signature),
311 (char**) &sig);
312 GNUNET_memcpy (&cred->signature,
313 sig,
314 sizeof(struct GNUNET_CRYPTO_EcdsaSignature));
315 GNUNET_free (sig);
316
317 tmp = json_object_get (res, "expiration");
318 if (0 == json_is_integer (tmp))
319 {
320 GNUNET_free (cred);
321 return NULL;
322 }
323 cred->expiration.abs_value_us = json_integer_value (tmp);
324 return cred;
325}
326
327
328/**
329 * Credential to JSON
330 *
331 * @param cred the credential
332 * @return the resulting json, NULL if failed
333 */
334static json_t*
335credential_to_json (struct GNUNET_CREDENTIAL_Credential *cred)
336{
337 char *issuer;
338 char *subject;
339 char *signature;
340 char attribute[cred->issuer_attribute_len + 1];
341 json_t *cred_obj;
342
343 issuer = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->issuer_key);
344 if (NULL == issuer)
345 {
346 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
347 "Issuer in credential malformed\n");
348 return NULL;
349 }
350 subject = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->subject_key);
351 if (NULL == subject)
352 {
353 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
354 "Subject in credential malformed\n");
355 GNUNET_free (issuer);
356 return NULL;
357 }
358 GNUNET_STRINGS_base64_encode ((char*) &cred->signature,
359 sizeof(struct GNUNET_CRYPTO_EcdsaSignature),
360 &signature);
361 GNUNET_memcpy (attribute,
362 cred->issuer_attribute,
363 cred->issuer_attribute_len);
364 attribute[cred->issuer_attribute_len] = '\0';
365 cred_obj = json_object ();
366 json_object_set_new (cred_obj, "issuer", json_string (issuer));
367 json_object_set_new (cred_obj, "subject", json_string (subject));
368 json_object_set_new (cred_obj, "attribute", json_string (attribute));
369 json_object_set_new (cred_obj, "signature", json_string (signature));
370 json_object_set_new (cred_obj, "expiration", json_integer (
371 cred->expiration.abs_value_us));
372 GNUNET_free (issuer);
373 GNUNET_free (subject);
374 GNUNET_free (signature);
375 return cred_obj;
376}
377
378static void
379handle_collect_response (void *cls,
380 unsigned int d_count,
381 struct GNUNET_CREDENTIAL_Delegation *delegation_chain,
382 unsigned int c_count,
383 struct GNUNET_CREDENTIAL_Credential *cred)
384{
385 struct RequestHandle *handle = cls;
386 struct MHD_Response *resp;
387 struct GNUNET_JSONAPI_Document *json_document;
388 struct GNUNET_JSONAPI_Resource *json_resource;
389 json_t *cred_obj;
390 json_t *cred_array;
391 char *result;
392 char *issuer;
393 char *id;
394 uint32_t i;
395
396 handle->verify_request = NULL;
397 if (NULL == cred)
398 {
399 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
400 "Verify failed.\n");
401 handle->response_code = MHD_HTTP_NOT_FOUND;
402 GNUNET_SCHEDULER_add_now (&do_error, handle);
403 return;
404 }
405 issuer = GNUNET_CRYPTO_ecdsa_public_key_to_string (&handle->issuer_key);
406 if (NULL == issuer)
407 {
408 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
409 "Issuer in delegation malformed\n");
410 return;
411 }
412 GNUNET_asprintf (&id,
413 "%s.%s",
414 issuer,
415 handle->issuer_attr);
416 GNUNET_free (issuer);
417 json_document = GNUNET_JSONAPI_document_new ();
418 json_resource = GNUNET_JSONAPI_resource_new (
419 GNUNET_REST_JSONAPI_CREDENTIAL_TYPEINFO,
420 id);
421 GNUNET_free (id);
422 cred_array = json_array ();
423 for (i = 0; i < c_count; i++)
424 {
425 cred_obj = credential_to_json (&cred[i]);
426 json_array_append_new (cred_array, cred_obj);
427 }
428 GNUNET_JSONAPI_resource_add_attr (json_resource,
429 GNUNET_REST_JSONAPI_CREDENTIAL,
430 cred_array);
431 GNUNET_JSONAPI_document_resource_add (json_document, json_resource);
432 GNUNET_JSONAPI_document_serialize (json_document, &result);
433 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
434 "Result %s\n",
435 result);
436 json_decref (cred_array);
437 GNUNET_JSONAPI_document_delete (json_document);
438 resp = GNUNET_REST_create_response (result);
439 GNUNET_free (result);
440 handle->proc (handle->proc_cls, resp, MHD_HTTP_OK);
441 cleanup_handle (handle);
442}
443
444static void
445subject_ego_lookup (void *cls,
446 const struct GNUNET_IDENTITY_Ego *ego)
447{
448 struct RequestHandle *handle = cls;
449 const struct GNUNET_CRYPTO_EcdsaPrivateKey *sub_key;
450
451 handle->ego_lookup = NULL;
452
453 if (NULL == ego)
454 {
455 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
456 "Subject not found\n");
457 GNUNET_SCHEDULER_add_now (&do_error, handle);
458 return;
459 }
460 sub_key = GNUNET_IDENTITY_ego_get_private_key (ego);
461 handle->verify_request = GNUNET_CREDENTIAL_collect (handle->credential,
462 &handle->issuer_key,
463 handle->issuer_attr,
464 sub_key,
465 &handle_collect_response,
466 handle);
467}
468
469
470
471static void
472handle_verify_response (void *cls,
473 unsigned int d_count,
474 struct GNUNET_CREDENTIAL_Delegation *delegation_chain,
475 unsigned int c_count,
476 struct GNUNET_CREDENTIAL_Credential *cred)
477{
478 struct RequestHandle *handle = cls;
479 struct MHD_Response *resp;
480 struct GNUNET_JSONAPI_Document *json_document;
481 struct GNUNET_JSONAPI_Resource *json_resource;
482 json_t *cred_obj;
483 json_t *attr_obj;
484 json_t *cred_array;
485 json_t *attr_array;
486 char *result;
487 char *issuer;
488 char *id;
489 uint32_t i;
490
491 handle->verify_request = NULL;
492 if (NULL == cred)
493 {
494 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
495 "Verify failed.\n");
496 handle->response_code = MHD_HTTP_NOT_FOUND;
497 GNUNET_SCHEDULER_add_now (&do_error, handle);
498 return;
499 }
500 issuer = GNUNET_CRYPTO_ecdsa_public_key_to_string (&handle->issuer_key);
501 if (NULL == issuer)
502 {
503 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
504 "Issuer in delegation malformed\n");
505 return;
506 }
507 GNUNET_asprintf (&id,
508 "%s.%s",
509 issuer,
510 handle->issuer_attr);
511 GNUNET_free (issuer);
512 json_document = GNUNET_JSONAPI_document_new ();
513 json_resource = GNUNET_JSONAPI_resource_new (
514 GNUNET_REST_JSONAPI_CREDENTIAL_TYPEINFO,
515 id);
516 GNUNET_free (id);
517 attr_array = json_array ();
518 for (i = 0; i < d_count; i++)
519 {
520 attr_obj = attribute_delegation_to_json (&delegation_chain[i]);
521 json_array_append_new (attr_array, attr_obj);
522 }
523 cred_array = json_array ();
524 for (i = 0; i < c_count; i++)
525 {
526 cred_obj = credential_to_json (&cred[i]);
527 json_array_append_new (cred_array, cred_obj);
528 }
529 GNUNET_JSONAPI_resource_add_attr (json_resource,
530 GNUNET_REST_JSONAPI_CREDENTIAL,
531 cred_array);
532 GNUNET_JSONAPI_resource_add_attr (json_resource,
533 GNUNET_REST_JSONAPI_DELEGATIONS,
534 attr_array);
535 GNUNET_JSONAPI_document_resource_add (json_document, json_resource);
536 GNUNET_JSONAPI_document_serialize (json_document, &result);
537 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
538 "Result %s\n",
539 result);
540 json_decref (attr_array);
541 json_decref (cred_array);
542 GNUNET_JSONAPI_document_delete (json_document);
543 resp = GNUNET_REST_create_response (result);
544 handle->proc (handle->proc_cls, resp, MHD_HTTP_OK);
545 GNUNET_free (result);
546 cleanup_handle (handle);
547}
548
549static void
550collect_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
551 const char*url,
552 void *cls)
553{
554 struct RequestHandle *handle = cls;
555 struct GNUNET_HashCode key;
556 char *tmp;
557 char *entity_attr;
558
559 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
560 "Connecting...\n");
561 handle->credential = GNUNET_CREDENTIAL_connect (cfg);
562 handle->timeout_task = GNUNET_SCHEDULER_add_delayed (handle->timeout,
563 &do_error, handle);
564 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
565 "Connected\n");
566 if (NULL == handle->credential)
567 {
568 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
569 "Connecting to CREDENTIAL failed\n");
570 GNUNET_SCHEDULER_add_now (&do_error, handle);
571 return;
572 }
573 GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_CREDENTIAL_ISSUER_ATTR,
574 strlen (GNUNET_REST_JSONAPI_CREDENTIAL_ISSUER_ATTR),
575 &key);
576 if (GNUNET_NO ==
577 GNUNET_CONTAINER_multihashmap_contains (conndata_handle->url_param_map,
578 &key))
579 {
580 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
581 "Missing issuer attribute\n");
582 GNUNET_SCHEDULER_add_now (&do_error, handle);
583 return;
584 }
585 tmp = GNUNET_CONTAINER_multihashmap_get (conndata_handle->url_param_map,
586 &key);
587 entity_attr = GNUNET_strdup (tmp);
588 tmp = strtok (entity_attr, ".");
589 if (NULL == tmp)
590 {
591 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
592 "Malformed issuer or attribute\n");
593 GNUNET_free (entity_attr);
594 GNUNET_SCHEDULER_add_now (&do_error, handle);
595 return;
596 }
597 if (GNUNET_OK !=
598 GNUNET_CRYPTO_ecdsa_public_key_from_string (tmp,
599 strlen (tmp),
600 &handle->issuer_key))
601 {
602 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
603 "Malformed issuer key\n");
604 GNUNET_free (entity_attr);
605 GNUNET_SCHEDULER_add_now (&do_error, handle);
606 return;
607 }
608 tmp = strtok (NULL, "."); // Issuer attribute
609 if (NULL == tmp)
610 {
611 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
612 "Malformed attribute\n");
613 GNUNET_free (entity_attr);
614 GNUNET_SCHEDULER_add_now (&do_error, handle);
615 return;
616 }
617 handle->issuer_attr = GNUNET_strdup (tmp);
618 GNUNET_free (entity_attr);
619
620 GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_EGO,
621 strlen (GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_EGO),
622 &key);
623 if (GNUNET_NO ==
624 GNUNET_CONTAINER_multihashmap_contains (conndata_handle->url_param_map,
625 &key))
626 {
627 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
628 "Missing subject\n");
629 GNUNET_SCHEDULER_add_now (&do_error, handle);
630 return;
631 }
632 tmp = GNUNET_CONTAINER_multihashmap_get (conndata_handle->url_param_map,
633 &key);
634 if (NULL == tmp)
635 {
636 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
637 "Malformed subject\n");
638 GNUNET_SCHEDULER_add_now (&do_error, handle);
639 return;
640 }
641 handle->ego_lookup = GNUNET_IDENTITY_ego_lookup (cfg,
642 tmp,
643 &subject_ego_lookup,
644 handle);
645}
646
647
648
649static void
650verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
651 const char*url,
652 void *cls)
653{
654 struct RequestHandle *handle = cls;
655 struct GNUNET_HashCode key;
656 struct GNUNET_JSONAPI_Document *json_obj;
657 struct GNUNET_JSONAPI_Resource *res;
658 struct GNUNET_CREDENTIAL_Credential *cred;
659 char *tmp;
660 char *entity_attr;
661 int i;
662 uint32_t credential_count;
663 uint32_t resource_count;
664 json_t *cred_json;
665 json_t *data_js;
666 json_error_t err;
667
668 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
669 "Connecting...\n");
670 handle->credential = GNUNET_CREDENTIAL_connect (cfg);
671 handle->timeout_task = GNUNET_SCHEDULER_add_delayed (handle->timeout,
672 &do_error, handle);
673 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
674 "Connected\n");
675 if (NULL == handle->credential)
676 {
677 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
678 "Connecting to CREDENTIAL failed\n");
679 GNUNET_SCHEDULER_add_now (&do_error, handle);
680 return;
681 }
682 GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_CREDENTIAL_ISSUER_ATTR,
683 strlen (GNUNET_REST_JSONAPI_CREDENTIAL_ISSUER_ATTR),
684 &key);
685 if (GNUNET_NO ==
686 GNUNET_CONTAINER_multihashmap_contains (conndata_handle->url_param_map,
687 &key))
688 {
689 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
690 "Missing issuer attribute\n");
691 GNUNET_SCHEDULER_add_now (&do_error, handle);
692 return;
693 }
694 tmp = GNUNET_CONTAINER_multihashmap_get (conndata_handle->url_param_map,
695 &key);
696 entity_attr = GNUNET_strdup (tmp);
697 tmp = strtok (entity_attr, ".");
698 if (NULL == tmp)
699 {
700 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
701 "Malformed issuer or attribute\n");
702 GNUNET_free (entity_attr);
703 GNUNET_SCHEDULER_add_now (&do_error, handle);
704 return;
705 }
706 if (GNUNET_OK !=
707 GNUNET_CRYPTO_ecdsa_public_key_from_string (tmp,
708 strlen (tmp),
709 &handle->issuer_key))
710 {
711 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
712 "Malformed issuer key\n");
713 GNUNET_free (entity_attr);
714 GNUNET_SCHEDULER_add_now (&do_error, handle);
715 return;
716 }
717 tmp = strtok (NULL, "."); // Issuer attribute
718 if (NULL == tmp)
719 {
720 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
721 "Malformed attribute\n");
722 GNUNET_free (entity_attr);
723 GNUNET_SCHEDULER_add_now (&do_error, handle);
724 return;
725 }
726 handle->issuer_attr = GNUNET_strdup (tmp);
727 GNUNET_free (entity_attr);
728
729 GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_KEY,
730 strlen (GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_KEY),
731 &key);
732 if (GNUNET_NO ==
733 GNUNET_CONTAINER_multihashmap_contains (conndata_handle->url_param_map,
734 &key))
735 {
736 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
737 "Missing subject key\n");
738 GNUNET_SCHEDULER_add_now (&do_error, handle);
739 return;
740 }
741 tmp = GNUNET_CONTAINER_multihashmap_get (conndata_handle->url_param_map,
742 &key);
743 if (NULL == tmp)
744 {
745 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
746 "Malformed subject\n");
747 GNUNET_SCHEDULER_add_now (&do_error, handle);
748 return;
749 }
750 if (GNUNET_OK !=
751 GNUNET_CRYPTO_ecdsa_public_key_from_string (tmp,
752 strlen (tmp),
753 &handle->subject_key))
754 {
755 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
756 "Malformed subject key\n");
757 GNUNET_SCHEDULER_add_now (&do_error, handle);
758 return;
759 }
760
761 if (0 >= handle->rest_handle->data_size)
762 {
763 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
764 "Missing credentials\n");
765 GNUNET_SCHEDULER_add_now (&do_error, handle);
766 return;
767 }
768
769 struct GNUNET_JSON_Specification docspec[] = {
770 GNUNET_JSON_spec_jsonapi_document (&json_obj),
771 GNUNET_JSON_spec_end ()
772 };
773 char term_data[handle->rest_handle->data_size + 1];
774 term_data[handle->rest_handle->data_size] = '\0';
775 credential_count = 0;
776 GNUNET_memcpy (term_data,
777 handle->rest_handle->data,
778 handle->rest_handle->data_size);
779 data_js = json_loads (term_data,
780 JSON_DECODE_ANY,
781 &err);
782 GNUNET_assert (GNUNET_OK == GNUNET_JSON_parse (data_js, docspec,
783 NULL, NULL));
784 json_decref (data_js);
785 if (NULL == json_obj)
786 {
787 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
788 "Unable to parse JSONAPI Object from %s\n",
789 term_data);
790 GNUNET_SCHEDULER_add_now (&do_error, handle);
791 return;
792 }
793
794 resource_count = GNUNET_JSONAPI_document_resource_count (json_obj);
795 GNUNET_assert (1 == resource_count);
796 res = (GNUNET_JSONAPI_document_get_resource (json_obj, 0));
797 if (GNUNET_NO == GNUNET_JSONAPI_resource_check_type (res,
798 GNUNET_REST_JSONAPI_CREDENTIAL_TYPEINFO))
799 {
800 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
801 "Resource not a credential!\n");
802 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
803 "Unable to parse JSONAPI Object from %s\n",
804 term_data);
805 GNUNET_JSONAPI_document_delete (json_obj);
806 GNUNET_SCHEDULER_add_now (&do_error, handle);
807 return;
808 }
809 cred_json = GNUNET_JSONAPI_resource_read_attr (res,
810 GNUNET_REST_JSONAPI_CREDENTIAL);
811
812 GNUNET_assert (json_is_array (cred_json));
813
814 credential_count = json_array_size (cred_json);
815
816 struct GNUNET_CREDENTIAL_Credential credentials[credential_count];
817 for (i = 0; i < credential_count; i++)
818 {
819 cred = json_to_credential (json_array_get (cred_json, i));
820 if (NULL == cred)
821 {
822 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
823 "Unable to parse credential!\n");
824 continue;
825 }
826 GNUNET_memcpy (&credentials[i],
827 cred,
828 sizeof(struct GNUNET_CREDENTIAL_Credential));
829 credentials[i].issuer_attribute = GNUNET_strdup (cred->issuer_attribute);
830 GNUNET_free (cred);
831 }
832 GNUNET_JSONAPI_document_delete (json_obj);
833 handle->verify_request = GNUNET_CREDENTIAL_verify (handle->credential,
834 &handle->issuer_key,
835 handle->issuer_attr,
836 &handle->subject_key,
837 credential_count,
838 credentials,
839 &handle_verify_response,
840 handle);
841 for (i = 0; i < credential_count; i++)
842 GNUNET_free ((char*) credentials[i].issuer_attribute);
843}
844
845void
846send_cred_response (struct RequestHandle *handle,
847 struct GNUNET_CREDENTIAL_Credential *cred)
848{
849 struct MHD_Response *resp;
850 struct GNUNET_JSONAPI_Document *json_document;
851 struct GNUNET_JSONAPI_Resource *json_resource;
852 json_t *cred_obj;
853 char *result;
854 char *issuer;
855 char *subject;
856 char *signature;
857 char *id;
858
859 GNUNET_assert (NULL != cred);
860 issuer = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->issuer_key);
861 if (NULL == issuer)
862 {
863 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
864 "Subject malformed\n");
865 GNUNET_free (issuer);
866 return;
867 }
868 GNUNET_asprintf (&id,
869 "%s.%s",
870 issuer,
871 (char*) &cred[1]);
872 subject = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->subject_key);
873 if (NULL == subject)
874 {
875 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
876 "Subject malformed\n");
877 GNUNET_free (id);
878 GNUNET_free (issuer);
879 return;
880 }
881 GNUNET_STRINGS_base64_encode ((char*) &cred->signature,
882 sizeof(struct GNUNET_CRYPTO_EcdsaSignature),
883 &signature);
884 json_document = GNUNET_JSONAPI_document_new ();
885 json_resource = GNUNET_JSONAPI_resource_new (
886 GNUNET_REST_JSONAPI_CREDENTIAL_TYPEINFO,
887 id);
888 GNUNET_free (id);
889 cred_obj = json_object ();
890 json_object_set_new (cred_obj, "issuer", json_string (issuer));
891 json_object_set_new (cred_obj, "subject", json_string (subject));
892 json_object_set_new (cred_obj, "expiration", json_integer (
893 cred->expiration.abs_value_us));
894 json_object_set_new (cred_obj, "signature", json_string (signature));
895 GNUNET_JSONAPI_resource_add_attr (json_resource,
896 GNUNET_REST_JSONAPI_CREDENTIAL,
897 cred_obj);
898 GNUNET_JSONAPI_document_resource_add (json_document, json_resource);
899 GNUNET_JSONAPI_document_serialize (json_document, &result);
900 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
901 "Result %s\n",
902 result);
903 json_decref (cred_obj);
904 GNUNET_JSONAPI_document_delete (json_document);
905 resp = GNUNET_REST_create_response (result);
906 handle->proc (handle->proc_cls, resp, MHD_HTTP_OK);
907 GNUNET_free (result);
908 GNUNET_free (signature);
909 GNUNET_free (issuer);
910 GNUNET_free (subject);
911 cleanup_handle (handle);
912}
913
914void
915get_cred_issuer_cb (void *cls,
916 struct GNUNET_IDENTITY_Ego *ego,
917 void **ctx,
918 const char *name)
919{
920 struct RequestHandle *handle = cls;
921 struct GNUNET_TIME_Absolute etime_abs;
922 struct GNUNET_TIME_Relative etime_rel;
923 const struct GNUNET_CRYPTO_EcdsaPrivateKey *issuer_key;
924 struct GNUNET_HashCode key;
925 struct GNUNET_CREDENTIAL_Credential *cred;
926 char*expiration_str;
927 char*tmp;
928
929 handle->id_op = NULL;
930
931 if (NULL == name)
932 {
933 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
934 "Issuer not configured!\n");
935 GNUNET_SCHEDULER_add_now (&do_error, handle);
936 return;
937 }
938
939 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
940 "Connecting to credential service...\n");
941 handle->credential = GNUNET_CREDENTIAL_connect (cfg);
942 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
943 "Connected\n");
944 if (NULL == handle->credential)
945 {
946 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
947 "Connecting to CREDENTIAL failed\n");
948 GNUNET_SCHEDULER_add_now (&do_error, handle);
949 return;
950 }
951 GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_CREDENTIAL_EXPIRATION,
952 strlen (GNUNET_REST_JSONAPI_CREDENTIAL_EXPIRATION),
953 &key);
954 if (GNUNET_NO ==
955 GNUNET_CONTAINER_multihashmap_contains (
956 handle->rest_handle->url_param_map,
957 &key))
958 {
959 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
960 "Missing expiration\n");
961 GNUNET_SCHEDULER_add_now (&do_error, handle);
962 return;
963 }
964 expiration_str = GNUNET_CONTAINER_multihashmap_get (
965 handle->rest_handle->url_param_map,
966 &key);
967 if (NULL == expiration_str)
968 {
969 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
970 "Expiration malformed\n");
971 GNUNET_SCHEDULER_add_now (&do_error, handle);
972 return;
973 }
974
975 if (GNUNET_OK == GNUNET_STRINGS_fancy_time_to_relative (expiration_str,
976 &etime_rel))
977 {
978 etime_abs = GNUNET_TIME_relative_to_absolute (etime_rel);
979 }
980 else if (GNUNET_OK != GNUNET_STRINGS_fancy_time_to_absolute (expiration_str,
981 &etime_abs))
982 {
983 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
984 "Malformed expiration: %s\n", expiration_str);
985 GNUNET_SCHEDULER_add_now (&do_error, handle);
986 return;
987 }
988 GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_CREDENTIAL_ISSUER_ATTR,
989 strlen (GNUNET_REST_JSONAPI_CREDENTIAL_ISSUER_ATTR),
990 &key);
991 if (GNUNET_NO ==
992 GNUNET_CONTAINER_multihashmap_contains (
993 handle->rest_handle->url_param_map,
994 &key))
995 {
996 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
997 "Missing issuer attribute\n");
998 GNUNET_SCHEDULER_add_now (&do_error, handle);
999 return;
1000 }
1001 handle->issuer_attr = GNUNET_strdup (GNUNET_CONTAINER_multihashmap_get
1002 (handle->rest_handle->url_param_map,
1003 &key));
1004 GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_KEY,
1005 strlen (GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_KEY),
1006 &key);
1007 if (GNUNET_NO ==
1008 GNUNET_CONTAINER_multihashmap_contains (
1009 handle->rest_handle->url_param_map,
1010 &key))
1011 {
1012 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1013 "Missing subject\n");
1014 GNUNET_SCHEDULER_add_now (&do_error, handle);
1015 return;
1016 }
1017 tmp = GNUNET_CONTAINER_multihashmap_get (handle->rest_handle->url_param_map,
1018 &key);
1019 if (NULL == tmp)
1020 {
1021 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1022 "Malformed subject\n");
1023 GNUNET_SCHEDULER_add_now (&do_error, handle);
1024 return;
1025 }
1026 if (GNUNET_OK !=
1027 GNUNET_CRYPTO_ecdsa_public_key_from_string (tmp,
1028 strlen (tmp),
1029 &handle->subject_key))
1030 {
1031 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1032 "Malformed subject key\n");
1033 GNUNET_SCHEDULER_add_now (&do_error, handle);
1034 return;
1035 }
1036 issuer_key = GNUNET_IDENTITY_ego_get_private_key (ego);
1037 cred = GNUNET_CREDENTIAL_credential_issue (issuer_key,
1038 &handle->subject_key,
1039 handle->issuer_attr,
1040 &etime_abs);
1041 if (NULL == cred)
1042 {
1043 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1044 "Failed to create credential\n");
1045 GNUNET_SCHEDULER_add_now (&do_error, handle);
1046 return;
1047 }
1048 send_cred_response (handle, cred);
1049}
1050
1051
1052static void
1053issue_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
1054 const char*url,
1055 void *cls)
1056{
1057 struct RequestHandle *handle = cls;
1058
1059 handle->identity = GNUNET_IDENTITY_connect (cfg,
1060 NULL,
1061 NULL);
1062 handle->id_op = GNUNET_IDENTITY_get (handle->identity,
1063 "credential-issuer",
1064 &get_cred_issuer_cb,
1065 handle);
1066 handle->timeout_task = GNUNET_SCHEDULER_add_delayed (handle->timeout,
1067 &do_error,
1068 handle);
1069}
1070
1071static void
1072options_cont (struct GNUNET_REST_RequestHandle *con_handle,
1073 const char*url,
1074 void *cls)
1075{
1076 struct MHD_Response *resp;
1077 struct RequestHandle *handle = cls;
1078
1079 // For GNS, independent of path return all options
1080 resp = GNUNET_REST_create_response (NULL);
1081 MHD_add_response_header (resp,
1082 "Access-Control-Allow-Methods",
1083 MHD_HTTP_METHOD_GET);
1084 handle->proc (handle->proc_cls,
1085 resp,
1086 MHD_HTTP_OK);
1087 cleanup_handle (handle);
1088}
1089
1090
1091static void
1092rest_credential_process_request (struct
1093 GNUNET_REST_RequestHandle *conndata_handle,
1094 GNUNET_REST_ResultProcessor proc,
1095 void *proc_cls)
1096{
1097 struct RequestHandle *handle = GNUNET_new (struct RequestHandle);
1098 struct GNUNET_REST_RequestHandlerError err;
1099
1100 handle->timeout = GNUNET_TIME_UNIT_FOREVER_REL;
1101 handle->proc_cls = proc_cls;
1102 handle->proc = proc;
1103 handle->rest_handle = conndata_handle;
1104
1105 static const struct GNUNET_REST_RequestHandler handlers[] = {
1106 { MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_CREDENTIAL_VERIFY,
1107 &verify_cred_cont },
1108 { MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_CREDENTIAL_COLLECT,
1109 &collect_cred_cont },
1110 { MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_CREDENTIAL_ISSUE,
1111 &issue_cred_cont },
1112 { MHD_HTTP_METHOD_OPTIONS, GNUNET_REST_API_NS_CREDENTIAL, &options_cont },
1113 GNUNET_REST_HANDLER_END
1114 };
1115
1116 if (GNUNET_NO == GNUNET_JSONAPI_handle_request (conndata_handle,
1117 handlers,
1118 &err,
1119 handle))
1120 {
1121 handle->response_code = err.error_code;
1122 GNUNET_SCHEDULER_add_now (&do_error, handle);
1123 }
1124}
1125
1126
1127/**
1128 * Entry point for the plugin.
1129 *
1130 * @param cls the "struct GNUNET_NAMESTORE_PluginEnvironment*"
1131 * @return NULL on error, otherwise the plugin context
1132 */
1133void *
1134libgnunet_plugin_rest_credential_init (void *cls)
1135{
1136 static struct Plugin plugin;
1137
1138 cfg = cls;
1139 struct GNUNET_REST_Plugin *api;
1140
1141 if (NULL != plugin.cfg)
1142 return NULL; /* can only initialize once! */
1143 memset (&plugin, 0, sizeof(struct Plugin));
1144 plugin.cfg = cfg;
1145 api = GNUNET_new (struct GNUNET_REST_Plugin);
1146 api->cls = &plugin;
1147 api->name = GNUNET_REST_API_NS_CREDENTIAL;
1148 api->process_request = &rest_credential_process_request;
1149 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
1150 _ ("GNS REST API initialized\n"));
1151 return api;
1152}
1153
1154
1155/**
1156 * Exit point from the plugin.
1157 *
1158 * @param cls the plugin context (as returned by "init")
1159 * @return always NULL
1160 */
1161void *
1162libgnunet_plugin_rest_credential_done (void *cls)
1163{
1164 struct GNUNET_REST_Plugin *api = cls;
1165 struct Plugin *plugin = api->cls;
1166
1167 plugin->cfg = NULL;
1168 GNUNET_free (api);
1169 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1170 "GNS REST plugin is finished\n");
1171 return NULL;
1172}
1173
1174/* end of plugin_rest_gns.c */
diff --git a/src/credential/test_credential_bi_and.sh b/src/credential/test_credential_bi_and.sh
deleted file mode 100755
index d52fb5dbe..000000000
--- a/src/credential/test_credential_bi_and.sh
+++ /dev/null
@@ -1,98 +0,0 @@
1#!/usr/bin/env bash
2trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
3
4LOCATION=$(which gnunet-config)
5if [ -z $LOCATION ]
6then
7 LOCATION="gnunet-config"
8fi
9$LOCATION --version 1> /dev/null
10if test $? != 0
11then
12 echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
13 exit 77
14fi
15
16rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
17
18
19
20
21which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 10"
22gnunet-arm -s -c test_credential_lookup.conf
23
24gnunet-identity -C a -c test_credential_lookup.conf
25gnunet-identity -C b -c test_credential_lookup.conf
26gnunet-identity -C c -c test_credential_lookup.conf
27gnunet-identity -C d -c test_credential_lookup.conf
28gnunet-identity -C e -c test_credential_lookup.conf
29gnunet-identity -C f -c test_credential_lookup.conf
30gnunet-identity -C g -c test_credential_lookup.conf
31gnunet-identity -C h -c test_credential_lookup.conf
32AKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep a | awk '{print $3}')
33BKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep b | awk '{print $3}')
34CKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep c | awk '{print $3}')
35DKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep d | awk '{print $3}')
36EKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep e | awk '{print $3}')
37FKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep f | awk '{print $3}')
38GKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep g | awk '{print $3}')
39HKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep h | awk '{print $3}')
40gnunet-identity -d
41
42# (1) (A.a) <- B.b
43# (2) (B.b) <- C.c AND G.g
44# (3) C.c <- (D.D)
45# (4) D.d <- (E.e)
46# (5) E.e <- (F) priv
47# (6) (G.g) <- H.h
48# (7) H.h <- (F) priv
49
50# BIDIRECTIONAL
51gnunet-credential --createIssuerSide --ego=a --attribute="a" --subject="$BKEY b" --ttl=5m -c test_credential_lookup.conf
52gnunet-namestore -D -z a
53gnunet-credential --createIssuerSide --ego=b --attribute="b" --subject="$CKEY c, $GKEY g" --ttl=5m -c test_credential_lookup.conf
54gnunet-namestore -D -z b
55gnunet-credential --createIssuerSide --ego=g --attribute="g" --subject="$HKEY h" --ttl=5m -c test_credential_lookup.conf
56gnunet-namestore -D -z b
57
58SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=c --attribute="c" --subject="$DKEY d" --ttl="2019-12-12 10:00:00"`
59gnunet-credential --createSubjectSide --ego=d --import="$SIGNED"
60gnunet-namestore -D -z d
61SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=d --attribute="d" --subject="$EKEY e" --ttl="2019-12-12 10:00:00"`
62gnunet-credential --createSubjectSide --ego=e --import="$SIGNED"
63gnunet-namestore -D -z e
64SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=e --attribute="e" --subject="$FKEY" --ttl="2019-12-12 10:00:00"`
65gnunet-credential --createSubjectSide --ego=f --import="$SIGNED" --private
66gnunet-namestore -D -z f
67SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=h --attribute="h" --subject="$FKEY" --ttl="2019-12-12 10:00:00"`
68gnunet-credential --createSubjectSide --ego=f --import="$SIGNED" --private
69gnunet-namestore -D -z h
70
71# Starting to resolve
72echo "+++ Starting to Resolve +++"
73
74DELS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$AKEY --attribute="a" --ego=f --forward --backward -c test_credential_lookup.conf | paste -d, -s - -`
75echo $DELS
76echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate=\'$DELS\' --forward --backward -c test_credential_lookup.conf
77gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate="$DELS" --forward --backward -c test_credential_lookup.conf
78
79RES=$?
80
81# Cleanup properly
82gnunet-namestore -z a -d -n "a" -t ATTR -c test_credential_lookup.conf
83gnunet-namestore -z b -d -n "b" -t ATTR -c test_credential_lookup.conf
84gnunet-namestore -z g -d -n "g" -t ATTR -c test_credential_lookup.conf
85gnunet-namestore -z d -d -n "@" -t DEL -c test_credential_lookup.conf
86gnunet-namestore -z e -d -n "@" -t DEL -c test_credential_lookup.conf
87gnunet-namestore -z f -d -n "@" -t DEL -c test_credential_lookup.conf
88
89gnunet-arm -e -c test_credential_lookup.conf
90
91if [ "$RES" == 0 ]
92then
93 exit 0
94else
95 echo "FAIL: Failed to verify credential."
96 exit 1
97fi
98
diff --git a/src/credential/test_credential_bi_and2.sh b/src/credential/test_credential_bi_and2.sh
deleted file mode 100755
index f076c1c5c..000000000
--- a/src/credential/test_credential_bi_and2.sh
+++ /dev/null
@@ -1,94 +0,0 @@
1#!/usr/bin/env bash
2trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
3
4LOCATION=$(which gnunet-config)
5if [ -z $LOCATION ]
6then
7 LOCATION="gnunet-config"
8fi
9$LOCATION --version 1> /dev/null
10if test $? != 0
11then
12 echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
13 exit 77
14fi
15
16rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
17
18
19
20
21which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 10"
22gnunet-arm -s -c test_credential_lookup.conf
23
24gnunet-identity -C a -c test_credential_lookup.conf
25gnunet-identity -C b -c test_credential_lookup.conf
26gnunet-identity -C c -c test_credential_lookup.conf
27gnunet-identity -C d -c test_credential_lookup.conf
28gnunet-identity -C e -c test_credential_lookup.conf
29gnunet-identity -C f -c test_credential_lookup.conf
30gnunet-identity -C g -c test_credential_lookup.conf
31gnunet-identity -C h -c test_credential_lookup.conf
32AKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep a | awk '{print $3}')
33BKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep b | awk '{print $3}')
34CKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep c | awk '{print $3}')
35DKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep d | awk '{print $3}')
36EKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep e | awk '{print $3}')
37FKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep f | awk '{print $3}')
38GKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep g | awk '{print $3}')
39HKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep h | awk '{print $3}')
40gnunet-identity -d
41
42# (1) (A.a) <- B.b
43# (2) (B.b) <- C.c AND G.g
44# (3) C.c <- (D.D)
45# (4) D.d <- (E.e)
46# (5) E.e <- (F) priv
47# (6) G.g <- (F) priv
48
49# BIDIRECTIONAL
50gnunet-credential --createIssuerSide --ego=a --attribute="a" --subject="$BKEY b" --ttl=5m -c test_credential_lookup.conf
51gnunet-namestore -D -z a
52gnunet-credential --createIssuerSide --ego=b --attribute="b" --subject="$CKEY c, $GKEY g" --ttl=5m -c test_credential_lookup.conf
53gnunet-namestore -D -z b
54
55SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=c --attribute="c" --subject="$DKEY d" --ttl="2019-12-12 10:00:00"`
56gnunet-credential --createSubjectSide --ego=d --import="$SIGNED"
57gnunet-namestore -D -z d
58SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=d --attribute="d" --subject="$EKEY e" --ttl="2019-12-12 10:00:00"`
59gnunet-credential --createSubjectSide --ego=e --import="$SIGNED"
60gnunet-namestore -D -z e
61SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=e --attribute="e" --subject="$FKEY" --ttl="2019-12-12 10:00:00"`
62gnunet-credential --createSubjectSide --ego=f --import="$SIGNED" --private
63gnunet-namestore -D -z f
64SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=g --attribute="g" --subject="$FKEY" --ttl="2019-12-12 10:00:00"`
65gnunet-credential --createSubjectSide --ego=f --import="$SIGNED" --private
66gnunet-namestore -D -z h
67
68# Starting to resolve
69echo "+++ Starting to Resolve +++"
70
71DELS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$AKEY --attribute="a" --ego=f -c test_credential_lookup.conf | paste -d, -s - -`
72echo $DELS
73echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate=\'$DELS\' -c test_credential_lookup.conf
74gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate="$DELS" -c test_credential_lookup.conf
75
76RES=$?
77
78# Cleanup properly
79gnunet-namestore -z a -d -n "a" -t ATTR -c test_credential_lookup.conf
80gnunet-namestore -z b -d -n "b" -t ATTR -c test_credential_lookup.conf
81gnunet-namestore -z d -d -n "@" -t DEL -c test_credential_lookup.conf
82gnunet-namestore -z e -d -n "@" -t DEL -c test_credential_lookup.conf
83gnunet-namestore -z f -d -n "@" -t DEL -c test_credential_lookup.conf
84
85gnunet-arm -e -c test_credential_lookup.conf
86
87if [ "$RES" == 0 ]
88then
89 exit 0
90else
91 echo "FAIL: Failed to verify credential."
92 exit 1
93fi
94
diff --git a/src/credential/test_credential_bi_and3.sh b/src/credential/test_credential_bi_and3.sh
deleted file mode 100755
index 80dddcc14..000000000
--- a/src/credential/test_credential_bi_and3.sh
+++ /dev/null
@@ -1,96 +0,0 @@
1#!/usr/bin/env bash
2trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
3
4LOCATION=$(which gnunet-config)
5if [ -z $LOCATION ]
6then
7 LOCATION="gnunet-config"
8fi
9$LOCATION --version 1> /dev/null
10if test $? != 0
11then
12 echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
13 exit 77
14fi
15
16rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
17
18
19
20which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 10"
21gnunet-arm -s -c test_credential_lookup.conf
22
23gnunet-identity -C a -c test_credential_lookup.conf
24gnunet-identity -C b -c test_credential_lookup.conf
25gnunet-identity -C c -c test_credential_lookup.conf
26gnunet-identity -C d -c test_credential_lookup.conf
27gnunet-identity -C e -c test_credential_lookup.conf
28gnunet-identity -C f -c test_credential_lookup.conf
29gnunet-identity -C g -c test_credential_lookup.conf
30gnunet-identity -C h -c test_credential_lookup.conf
31AKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep a | awk '{print $3}')
32BKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep b | awk '{print $3}')
33CKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep c | awk '{print $3}')
34DKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep d | awk '{print $3}')
35EKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep e | awk '{print $3}')
36FKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep f | awk '{print $3}')
37GKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep g | awk '{print $3}')
38HKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep h | awk '{print $3}')
39gnunet-identity -d
40
41# (1) (A.a) <- B.b
42# (2) (B.b) <- C.c AND G.g
43# (3) C.c <- (D.d)
44# (4) D.d <- (E.e)
45# (5) E.e <- (F) priv
46# (6) G.g <- (H.h)
47# (7) H.h <- (F) priv
48
49# BIDIRECTIONAL
50gnunet-credential --createIssuerSide --ego=a --attribute="a" --subject="$BKEY b" --ttl=5m -c test_credential_lookup.conf
51gnunet-namestore -D -z a
52gnunet-credential --createIssuerSide --ego=b --attribute="b" --subject="$CKEY c, $GKEY g" --ttl=5m -c test_credential_lookup.conf
53gnunet-namestore -D -z b
54
55SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=c --attribute="c" --subject="$DKEY d" --ttl="2019-12-12 10:00:00"`
56gnunet-credential --createSubjectSide --ego=d --import="$SIGNED"
57gnunet-namestore -D -z d
58SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=d --attribute="d" --subject="$EKEY e" --ttl="2019-12-12 10:00:00"`
59gnunet-credential --createSubjectSide --ego=e --import="$SIGNED"
60gnunet-namestore -D -z e
61SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=g --attribute="g" --subject="$HKEY h" --ttl="2019-12-12 10:00:00"`
62gnunet-credential --createSubjectSide --ego=h --import="$SIGNED"
63gnunet-namestore -D -z h
64SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=e --attribute="e" --subject="$FKEY" --ttl="2019-12-12 10:00:00"`
65gnunet-credential --createSubjectSide --ego=f --import="$SIGNED" --private
66SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=h --attribute="h" --subject="$FKEY" --ttl="2019-12-12 10:00:00"`
67gnunet-credential --createSubjectSide --ego=f --import="$SIGNED" --private
68gnunet-namestore -D -z f
69
70# Starting to resolve
71echo "+++ Starting to Resolve +++"
72
73DELS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$AKEY --attribute="a" --ego=f -c test_credential_lookup.conf | paste -d, -s - -`
74echo $DELS
75echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate=\'$DELS\' -c test_credential_lookup.conf
76gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate="$DELS" -c test_credential_lookup.conf
77
78RES=$?
79
80# Cleanup properly
81gnunet-namestore -z a -d -n "a" -t ATTR -c test_credential_lookup.conf
82gnunet-namestore -z b -d -n "b" -t ATTR -c test_credential_lookup.conf
83gnunet-namestore -z d -d -n "@" -t DEL -c test_credential_lookup.conf
84gnunet-namestore -z e -d -n "@" -t DEL -c test_credential_lookup.conf
85gnunet-namestore -z f -d -n "@" -t DEL -c test_credential_lookup.conf
86gnunet-namestore -z h -d -n "@" -t DEL -c test_credential_lookup.conf
87
88gnunet-arm -e -c test_credential_lookup.conf
89
90if [ "$RES" == 0 ]
91then
92 exit 0
93else
94 echo "FAIL: Failed to verify credential."
95 exit 1
96fi
diff --git a/src/credential/test_credential_bi_and4.sh b/src/credential/test_credential_bi_and4.sh
deleted file mode 100755
index 18731d5d1..000000000
--- a/src/credential/test_credential_bi_and4.sh
+++ /dev/null
@@ -1,83 +0,0 @@
1#!/usr/bin/env bash
2trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
3
4LOCATION=$(which gnunet-config)
5if [ -z $LOCATION ]
6then
7 LOCATION="gnunet-config"
8fi
9$LOCATION --version 1> /dev/null
10if test $? != 0
11then
12 echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
13 exit 77
14fi
15
16rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
17
18
19
20
21which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 10"
22gnunet-arm -s -c test_credential_lookup.conf
23
24gnunet-identity -C a -c test_credential_lookup.conf
25gnunet-identity -C b -c test_credential_lookup.conf
26gnunet-identity -C c -c test_credential_lookup.conf
27gnunet-identity -C d -c test_credential_lookup.conf
28gnunet-identity -C e -c test_credential_lookup.conf
29gnunet-identity -C f -c test_credential_lookup.conf
30gnunet-identity -C g -c test_credential_lookup.conf
31gnunet-identity -C h -c test_credential_lookup.conf
32AKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep a | awk '{print $3}')
33BKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep b | awk '{print $3}')
34CKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep c | awk '{print $3}')
35DKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep d | awk '{print $3}')
36EKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep e | awk '{print $3}')
37FKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep f | awk '{print $3}')
38GKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep g | awk '{print $3}')
39HKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep h | awk '{print $3}')
40gnunet-identity -d
41
42# (1) (A.a) <- B.b
43# (2) (B.b) <- C.c AND G.g
44# (3) C.c <- (F) priv
45# (4) G.g <- (F) priv
46
47# BIDIRECTIONAL
48gnunet-credential --createIssuerSide --ego=a --attribute="a" --subject="$BKEY b" --ttl=5m -c test_credential_lookup.conf
49gnunet-namestore -D -z a
50gnunet-credential --createIssuerSide --ego=b --attribute="b" --subject="$CKEY c, $GKEY g" --ttl=5m -c test_credential_lookup.conf
51gnunet-namestore -D -z b
52
53SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=g --attribute="g" --subject="$FKEY" --ttl="2019-12-12 10:00:00"`
54gnunet-credential --createSubjectSide --ego=f --import="$SIGNED" --private
55SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=c --attribute="c" --subject="$FKEY" --ttl="2019-12-12 10:00:00"`
56gnunet-credential --createSubjectSide --ego=f --import="$SIGNED" --private
57gnunet-namestore -D -z f
58
59# Starting to resolve
60echo "+++ Starting to Resolve +++"
61
62DELS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$AKEY --attribute="a" --ego=f --backward -c test_credential_lookup.conf | paste -d, -s - -`
63echo $DELS
64echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate=\'$DELS\' --backward -c test_credential_lookup.conf
65gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate="$DELS" --backward -c test_credential_lookup.conf
66
67RES=$?
68
69# Cleanup properly
70gnunet-namestore -z a -d -n "a" -t ATTR -c test_credential_lookup.conf
71gnunet-namestore -z b -d -n "b" -t ATTR -c test_credential_lookup.conf
72gnunet-namestore -z f -d -n "@" -t DEL -c test_credential_lookup.conf
73
74gnunet-arm -e -c test_credential_lookup.conf
75
76if [ "$RES" == 0 ]
77then
78 exit 0
79else
80 echo "FAIL: Failed to verify credential."
81 exit 1
82fi
83
diff --git a/src/credential/test_credential_bi_bw.sh b/src/credential/test_credential_bi_bw.sh
deleted file mode 100755
index 618fae95f..000000000
--- a/src/credential/test_credential_bi_bw.sh
+++ /dev/null
@@ -1,87 +0,0 @@
1#!/usr/bin/env bash
2trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
3
4LOCATION=$(which gnunet-config)
5if [ -z $LOCATION ]
6then
7 LOCATION="gnunet-config"
8fi
9$LOCATION --version 1> /dev/null
10if test $? != 0
11then
12 echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
13 exit 77
14fi
15
16rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
17
18
19
20
21which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 10"
22gnunet-arm -s -c test_credential_lookup.conf
23
24gnunet-identity -C a -c test_credential_lookup.conf
25gnunet-identity -C b -c test_credential_lookup.conf
26gnunet-identity -C c -c test_credential_lookup.conf
27gnunet-identity -C d -c test_credential_lookup.conf
28gnunet-identity -C e -c test_credential_lookup.conf
29gnunet-identity -C f -c test_credential_lookup.conf
30gnunet-identity -C g -c test_credential_lookup.conf
31AKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep a | awk '{print $3}')
32BKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep b | awk '{print $3}')
33CKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep c | awk '{print $3}')
34DKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep d | awk '{print $3}')
35EKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep e | awk '{print $3}')
36FKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep f | awk '{print $3}')
37GKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep g | awk '{print $3}')
38gnunet-identity -d
39
40# (1) (A.a) <- B.b
41# (2) (B.b) <- C.c
42# (3) C.c <- (D.D)
43# (4) D.d <- (E.e)
44# (5) E.e <- (F)
45
46# BIDIRECTIONAL
47gnunet-credential --createIssuerSide --ego=a --attribute="a" --subject="$BKEY b" --ttl=5m -c test_credential_lookup.conf
48gnunet-namestore -D -z a
49gnunet-credential --createIssuerSide --ego=b --attribute="b" --subject="$CKEY c" --ttl=5m -c test_credential_lookup.conf
50gnunet-namestore -D -z b
51
52SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=c --attribute="c" --subject="$DKEY d" --ttl="2019-12-12 10:00:00"`
53gnunet-credential --createSubjectSide --ego=d --import="$SIGNED"
54gnunet-namestore -D -z d
55SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=d --attribute="d" --subject="$EKEY e" --ttl="2019-12-12 10:00:00"`
56gnunet-credential --createSubjectSide --ego=e --import="$SIGNED"
57gnunet-namestore -D -z e
58SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=e --attribute="e" --subject="$FKEY" --ttl="2019-12-12 10:00:00"`
59gnunet-credential --createSubjectSide --ego=f --import="$SIGNED" --private
60gnunet-namestore -D -z f
61
62# Starting to resolve
63echo "+++ Starting to Resolve +++"
64
65DELS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$AKEY --attribute="a" --ego=f --forward --backward -c test_credential_lookup.conf | paste -d, -s - -`
66echo $DELS
67echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate=\'$DELS\' --forward --backward -c test_credential_lookup.conf
68gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate="$DELS" --forward --backward -c test_credential_lookup.conf
69
70RES=$?
71
72# Cleanup properly
73gnunet-namestore -z a -d -n "a" -t ATTR -c test_credential_lookup.conf
74gnunet-namestore -z b -d -n "b" -t ATTR -c test_credential_lookup.conf
75gnunet-namestore -z d -d -n "@" -t DEL -c test_credential_lookup.conf
76gnunet-namestore -z e -d -n "@" -t DEL -c test_credential_lookup.conf
77gnunet-namestore -z f -d -n "@" -t DEL -c test_credential_lookup.conf
78
79gnunet-arm -e -c test_credential_lookup.conf
80
81if [ "$RES" == 0 ]
82then
83 exit 0
84else
85 echo "FAIL: Failed to verify credential."
86 exit 1
87fi
diff --git a/src/credential/test_credential_bi_bw_link.sh b/src/credential/test_credential_bi_bw_link.sh
deleted file mode 100755
index f002c2141..000000000
--- a/src/credential/test_credential_bi_bw_link.sh
+++ /dev/null
@@ -1,92 +0,0 @@
1#!/usr/bin/env bash
2trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
3
4LOCATION=$(which gnunet-config)
5if [ -z $LOCATION ]
6then
7 LOCATION="gnunet-config"
8fi
9$LOCATION --version 1> /dev/null
10if test $? != 0
11then
12 echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
13 exit 77
14fi
15
16rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
17
18
19
20
21which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 10"
22gnunet-arm -s -c test_credential_lookup.conf
23
24gnunet-identity -C a -c test_credential_lookup.conf
25gnunet-identity -C b -c test_credential_lookup.conf
26gnunet-identity -C c -c test_credential_lookup.conf
27gnunet-identity -C d -c test_credential_lookup.conf
28gnunet-identity -C e -c test_credential_lookup.conf
29gnunet-identity -C f -c test_credential_lookup.conf
30gnunet-identity -C g -c test_credential_lookup.conf
31AKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep a | awk '{print $3}')
32BKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep b | awk '{print $3}')
33CKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep c | awk '{print $3}')
34DKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep d | awk '{print $3}')
35EKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep e | awk '{print $3}')
36FKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep f | awk '{print $3}')
37GKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep g | awk '{print $3}')
38gnunet-identity -d
39
40# (1) (A.a) <- B.b
41# (2) (B.b) <- G.g.c
42# (3) (G.g) <- C
43# (3) C.c <- (D.D)
44# (4) D.d <- (E.e)
45# (5) E.e <- (F)
46
47# BIDIRECTIONAL
48gnunet-credential --createIssuerSide --ego=a --attribute="a" --subject="$BKEY b" --ttl=5m -c test_credential_lookup.conf
49gnunet-namestore -D -z a
50gnunet-credential --createIssuerSide --ego=b --attribute="b" --subject="$GKEY g.c" --ttl=5m -c test_credential_lookup.conf
51gnunet-namestore -D -z b
52gnunet-credential --createIssuerSide --ego=g --attribute="g" --subject="$CKEY" --ttl=5m -c test_credential_lookup.conf
53gnunet-namestore -D -z b
54
55SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=c --attribute="c" --subject="$DKEY d" --ttl="2019-12-12 10:00:00"`
56gnunet-credential --createSubjectSide --ego=d --import="$SIGNED"
57gnunet-namestore -D -z d
58SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=d --attribute="d" --subject="$EKEY e" --ttl="2019-12-12 10:00:00"`
59gnunet-credential --createSubjectSide --ego=e --import="$SIGNED"
60gnunet-namestore -D -z e
61SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=e --attribute="e" --subject="$FKEY" --ttl="2019-12-12 10:00:00"`
62gnunet-credential --createSubjectSide --ego=f --import="$SIGNED" --private
63gnunet-namestore -D -z f
64
65# Starting to resolve
66echo "+++ Starting to Resolve +++"
67
68DELS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$AKEY --attribute="a" --ego=f --forward --backward -c test_credential_lookup.conf | paste -d, -s - -`
69echo $DELS
70echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate=\'$DELS\' --forward --backward -c test_credential_lookup.conf
71gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate="$DELS" --forward --backward -c test_credential_lookup.conf
72
73RES=$?
74
75# Cleanup properly
76gnunet-namestore -z a -d -n "a" -t ATTR -c test_credential_lookup.conf
77gnunet-namestore -z b -d -n "b" -t ATTR -c test_credential_lookup.conf
78gnunet-namestore -z g -d -n "g" -t ATTR -c test_credential_lookup.conf
79gnunet-namestore -z d -d -n "@" -t DEL -c test_credential_lookup.conf
80gnunet-namestore -z e -d -n "@" -t DEL -c test_credential_lookup.conf
81gnunet-namestore -z f -d -n "@" -t DEL -c test_credential_lookup.conf
82
83gnunet-arm -e -c test_credential_lookup.conf
84
85if [ "$RES" == 0 ]
86then
87 exit 0
88else
89 echo "FAIL: Failed to verify credential."
90 exit 1
91fi
92
diff --git a/src/credential/test_credential_bi_bw_link2.sh b/src/credential/test_credential_bi_bw_link2.sh
deleted file mode 100755
index f6055a7bb..000000000
--- a/src/credential/test_credential_bi_bw_link2.sh
+++ /dev/null
@@ -1,93 +0,0 @@
1#!/usr/bin/env bash
2trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
3
4LOCATION=$(which gnunet-config)
5if [ -z $LOCATION ]
6then
7 LOCATION="gnunet-config"
8fi
9$LOCATION --version 1> /dev/null
10if test $? != 0
11then
12 echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
13 exit 77
14fi
15
16rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
17
18
19
20
21which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 10"
22gnunet-arm -s -c test_credential_lookup.conf
23
24gnunet-identity -C a -c test_credential_lookup.conf
25gnunet-identity -C b -c test_credential_lookup.conf
26gnunet-identity -C c -c test_credential_lookup.conf
27gnunet-identity -C d -c test_credential_lookup.conf
28gnunet-identity -C e -c test_credential_lookup.conf
29gnunet-identity -C f -c test_credential_lookup.conf
30gnunet-identity -C g -c test_credential_lookup.conf
31AKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep a | awk '{print $3}')
32BKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep b | awk '{print $3}')
33CKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep c | awk '{print $3}')
34DKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep d | awk '{print $3}')
35EKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep e | awk '{print $3}')
36FKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep f | awk '{print $3}')
37GKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep g | awk '{print $3}')
38gnunet-identity -d
39
40# (1) (A.a) <- B.b
41# (2) (B.b) <- G.g.c
42# (3) G.g <- (C)
43# (3) C.c <- (D.d)
44# (4) D.d <- (E.e)
45# (5) E.e <- (F)
46
47# BIDIRECTIONAL
48gnunet-credential --createIssuerSide --ego=a --attribute="a" --subject="$BKEY b" --ttl=5m -c test_credential_lookup.conf
49gnunet-namestore -D -z a
50gnunet-credential --createIssuerSide --ego=b --attribute="b" --subject="$GKEY g.c" --ttl=5m -c test_credential_lookup.conf
51gnunet-namestore -D -z b
52
53SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=g --attribute="g" --subject="$CKEY" --ttl="2019-12-12 10:00:00"`
54gnunet-credential --createSubjectSide --ego=c --import="$SIGNED"
55gnunet-namestore -D -z c
56SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=c --attribute="c" --subject="$DKEY d" --ttl="2019-12-12 10:00:00"`
57gnunet-credential --createSubjectSide --ego=d --import="$SIGNED"
58gnunet-namestore -D -z d
59SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=d --attribute="d" --subject="$EKEY e" --ttl="2019-12-12 10:00:00"`
60gnunet-credential --createSubjectSide --ego=e --import="$SIGNED"
61gnunet-namestore -D -z e
62SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=e --attribute="e" --subject="$FKEY" --ttl="2019-12-12 10:00:00"`
63gnunet-credential --createSubjectSide --ego=f --import="$SIGNED" --private
64gnunet-namestore -D -z f
65
66# Starting to resolve
67echo "+++ Starting to Resolve +++"
68
69DELS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$AKEY --attribute="a" --ego=f --forward --backward -c test_credential_lookup.conf | paste -d, -s - -`
70echo $DELS
71echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate=\'$DELS\' --forward --backward -c test_credential_lookup.conf
72gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate="$DELS" --forward --backward -c test_credential_lookup.conf
73
74RES=$?
75
76# Cleanup properly
77gnunet-namestore -z a -d -n "a" -t ATTR -c test_credential_lookup.conf
78gnunet-namestore -z b -d -n "b" -t ATTR -c test_credential_lookup.conf
79gnunet-namestore -z c -d -n "@" -t DEL -c test_credential_lookup.conf
80gnunet-namestore -z d -d -n "@" -t DEL -c test_credential_lookup.conf
81gnunet-namestore -z e -d -n "@" -t DEL -c test_credential_lookup.conf
82gnunet-namestore -z f -d -n "@" -t DEL -c test_credential_lookup.conf
83
84gnunet-arm -e -c test_credential_lookup.conf
85
86if [ "$RES" == 0 ]
87then
88 exit 0
89else
90 echo "FAIL: Failed to verify credential."
91 exit 1
92fi
93
diff --git a/src/credential/test_credential_bi_fw.sh b/src/credential/test_credential_bi_fw.sh
deleted file mode 100755
index 7cd5e5c52..000000000
--- a/src/credential/test_credential_bi_fw.sh
+++ /dev/null
@@ -1,92 +0,0 @@
1#!/usr/bin/env bash
2trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
3
4LOCATION=$(which gnunet-config)
5if [ -z $LOCATION ]
6then
7 LOCATION="gnunet-config"
8fi
9$LOCATION --version 1> /dev/null
10if test $? != 0
11then
12 echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
13 exit 77
14fi
15
16rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
17
18
19
20
21which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 10"
22gnunet-arm -s -c test_credential_lookup.conf
23
24gnunet-identity -C a -c test_credential_lookup.conf
25gnunet-identity -C b -c test_credential_lookup.conf
26gnunet-identity -C c -c test_credential_lookup.conf
27gnunet-identity -C d -c test_credential_lookup.conf
28gnunet-identity -C e -c test_credential_lookup.conf
29gnunet-identity -C f -c test_credential_lookup.conf
30gnunet-identity -C g -c test_credential_lookup.conf
31AKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep a | awk '{print $3}')
32BKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep b | awk '{print $3}')
33CKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep c | awk '{print $3}')
34DKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep d | awk '{print $3}')
35EKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep e | awk '{print $3}')
36FKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep f | awk '{print $3}')
37GKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep g | awk '{print $3}')
38gnunet-identity -d
39
40# (1) (A.a) <- B.b
41# (2) (B.b) <- C.c
42# (3) C.c <- (D.D)
43# (4) D.d <- (E.e)
44# (5) E.e <- (F.f)
45# (6) F.f <- (G)
46
47# BIDIRECTIONAL
48gnunet-credential --createIssuerSide --ego=a --attribute="a" --subject="$BKEY b" --ttl=5m -c test_credential_lookup.conf
49gnunet-namestore -D -z a
50gnunet-credential --createIssuerSide --ego=b --attribute="b" --subject="$CKEY c" --ttl=5m -c test_credential_lookup.conf
51gnunet-namestore -D -z b
52
53SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=c --attribute="c" --subject="$DKEY d" --ttl="2019-12-12 10:00:00"`
54gnunet-credential --createSubjectSide --ego=d --import="$SIGNED"
55gnunet-namestore -D -z d
56SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=d --attribute="d" --subject="$EKEY e" --ttl="2019-12-12 10:00:00"`
57gnunet-credential --createSubjectSide --ego=e --import="$SIGNED"
58gnunet-namestore -D -z e
59SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=e --attribute="e" --subject="$FKEY f" --ttl="2019-12-12 10:00:00"`
60gnunet-credential --createSubjectSide --ego=f --import="$SIGNED"
61gnunet-namestore -D -z f
62SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=f --attribute="f" --subject="$GKEY" --ttl="2019-12-12 10:00:00"`
63gnunet-credential --createSubjectSide --ego=g --import="$SIGNED" --private
64gnunet-namestore -D -z g
65
66# Starting to resolve
67echo "+++ Starting to Resolve +++"
68
69DELS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$AKEY --attribute="a" --ego=g --forward --backward -c test_credential_lookup.conf | paste -d, -s - -`
70echo $DELS
71echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$GKEY --delegate=\'$DELS\' --forward --backward -c test_credential_lookup.conf
72gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$GKEY --delegate="$DELS" --forward --backward -c test_credential_lookup.conf
73
74RES=$?
75
76# Cleanup properly
77gnunet-namestore -z a -d -n "a" -t ATTR -c test_credential_lookup.conf
78gnunet-namestore -z b -d -n "b" -t ATTR -c test_credential_lookup.conf
79gnunet-namestore -z d -d -n "@" -t DEL -c test_credential_lookup.conf
80gnunet-namestore -z e -d -n "@" -t DEL -c test_credential_lookup.conf
81gnunet-namestore -z f -d -n "@" -t DEL -c test_credential_lookup.conf
82gnunet-namestore -z g -d -n "@" -t DEL -c test_credential_lookup.conf
83
84gnunet-arm -e -c test_credential_lookup.conf
85
86if [ "$RES" == 0 ]
87then
88 exit 0
89else
90 echo "FAIL: Failed to verify credential."
91 exit 1
92fi
diff --git a/src/credential/test_credential_collect.sh b/src/credential/test_credential_collect.sh
deleted file mode 100755
index 0ae063eda..000000000
--- a/src/credential/test_credential_collect.sh
+++ /dev/null
@@ -1,47 +0,0 @@
1#!/bin/sh
2trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
3
4LOCATION=$(which gnunet-config)
5if [ -z $LOCATION ]
6then
7 LOCATION="gnunet-config"
8fi
9$LOCATION --version 1> /dev/null
10if test $? != 0
11then
12 echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
13 exit 77
14fi
15
16rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
17
18# (1) PKEY1.user -> PKEY2.resu.user
19# (2) PKEY2.resu -> PKEY3
20# (3) PKEY3.user -> PKEY4
21
22
23which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 30"
24
25TEST_ATTR="test"
26TEST_ATTR2="test2"
27gnunet-arm -s -c test_credential_lookup.conf
28gnunet-identity -C testissuer -c test_credential_lookup.conf
29gnunet-identity -C testsubject -c test_credential_lookup.conf
30SUBJECT_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep testsubject | awk '{print $3}')
31ISSUER_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep testissuer | awk '{print $3}')
32#TODO1 Get credential and store it with subject (3)
33CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=testissuer --subject=$SUBJECT_KEY --attribute=$TEST_ATTR --ttl=5m -c test_credential_lookup.conf`
34$DO_TIMEOUT gnunet-namestore -a -z testsubject -n c1 -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf
35CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=testissuer --subject=$SUBJECT_KEY --attribute=$TEST_ATTR2 --ttl=5m -c test_credential_lookup.conf`
36$DO_TIMEOUT gnunet-namestore -a -z testsubject -n c2 -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf
37CREDS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$ISSUER_KEY --attribute=$TEST_ATTR --ego=testsubject -c test_credential_lookup.conf | paste -d, -s`
38echo $CREDS
39RES=$?
40gnunet-arm -e -c test_credential_lookup.conf
41
42if test $? != 0
43then
44 echo "Error collecting..."
45 exit 1
46fi
47
diff --git a/src/credential/test_credential_collect_rest.sh b/src/credential/test_credential_collect_rest.sh
deleted file mode 100755
index fe59d9399..000000000
--- a/src/credential/test_credential_collect_rest.sh
+++ /dev/null
@@ -1,91 +0,0 @@
1#!/bin/sh
2trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
3
4LOCATION=$(which gnunet-config)
5if [ -z $LOCATION ]
6then
7 LOCATION="gnunet-config"
8fi
9$LOCATION --version 1> /dev/null
10if test $? != 0
11then
12 echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
13 exit 77
14fi
15
16rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
17
18# (1) Service.user -> GNU.project.member
19# (2) GNU.project -> GNUnet
20# (3) GNUnet.member -> GNUnet.developer
21# (4) GNUnet.member -> GNUnet.user
22# (5) GNUnet.developer -> Alice
23
24
25which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 30"
26gnunet-arm -s -c test_credential_lookup.conf
27gnunet-identity -C service -c test_credential_lookup.conf
28gnunet-identity -C alice -c test_credential_lookup.conf
29gnunet-identity -C gnu -c test_credential_lookup.conf
30gnunet-identity -C gnunet -c test_credential_lookup.conf
31
32GNU_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep gnu | grep -v gnunet | awk '{print $3}')
33ALICE_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep alice | awk '{print $3}')
34GNUNET_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep gnunet | awk '{print $3}')
35SERVICE_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep service | awk '{print $3}')
36
37USER_ATTR="user"
38GNU_PROJECT_ATTR="project"
39MEMBER_ATTR="member"
40DEVELOPER_ATTR="developer"
41DEV_ATTR="developer"
42TEST_CREDENTIAL="mygnunetcreds"
43
44# (1) A service assigns the attribute "user" to all entities that have been assigned "member" by entities that werde assigned "project" from GNU
45gnunet-namestore -p -z service -a -n $USER_ATTR -t ATTR -V "$GNU_KEY $GNU_PROJECT_ATTR.$MEMBER_ATTR" -e 5m -c test_credential_lookup.conf
46
47# (2) GNU recognized GNUnet as a GNU project and delegates the "project" attribute
48gnunet-namestore -p -z gnu -a -n $GNU_PROJECT_ATTR -t ATTR -V "$GNUNET_KEY" -e 5m -c test_credential_lookup.conf
49
50# (3+4) GNUnet assigns the attribute "member" to all entities gnunet has also assigned "developer" or "user"
51gnunet-namestore -p -z gnunet -a -n $MEMBER_ATTR -t ATTR -V "$GNUNET_KEY $DEVELOPER_ATTR" -e 5m -c test_credential_lookup.conf
52gnunet-namestore -p -z gnunet -a -n $MEMBER_ATTR -t ATTR -V "$GNUNET_KEY $USER_ATTR" -e 5m -c test_credential_lookup.conf
53
54# (5) GNUnet issues Alice the credential "developer"
55CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=gnunet --subject=$ALICE_KEY --attribute=$DEV_ATTR --ttl=5m -c test_credential_lookup.conf`
56
57# Alice stores the credential under "mygnunetcreds"
58gnunet-namestore -p -z alice -a -n $TEST_CREDENTIAL -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf
59
60# (5) GNUnet issues Alice the credential "developer"
61CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=gnunet --subject=$ALICE_KEY --attribute=$USER_ATTR --ttl=5m -c test_credential_lookup.conf`
62
63# Alice stores the credential under "mygnunetcreds"
64gnunet-namestore -p -z alice -a -n $TEST_CREDENTIAL -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf
65
66#TODO2 Add -z swich like in gnunet-gns
67#RES_CRED=`gnunet-credential --collect --issuer=$SERVICE_KEY --attribute=$USER_ATTR --subject=$ALICE_KEY -c test_credential_lookup.conf`
68
69gnunet-arm -i rest -c test_credential_lookup.conf
70
71sleep 5
72
73curl -v "localhost:7776/credential/collect?attribute=$SERVICE_KEY.$USER_ATTR&subject=alice"
74
75#TODO cleanup properly
76gnunet-namestore -z alice -d -n $TEST_CREDENTIAL -t CRED -e never -c test_credential_lookup.conf
77gnunet-namestore -z gnu -d -n $GNU_PROJECT_ATTR -t ATTR -c test_credential_lookup.conf
78gnunet-namestore -z gnunet -d -n $MEMBER_ATTR -t ATTR -c test_credential_lookup.conf
79gnunet-namestore -z service -d -n $USER_ATTR -t ATTR -c test_credential_lookup.conf
80echo "Stopping arm..."
81gnunet-arm -e -c test_credential_lookup.conf
82echo "Done"
83if [ "$RES_CRED" != "Failed." ]
84then
85 # TODO: replace echo -e bashism.
86 echo -e "${RES_CRED}"
87 exit 0
88else
89 echo "FAIL: Failed to verify credential $RES_CRED."
90 exit 1
91fi
diff --git a/src/credential/test_credential_defaults.conf b/src/credential/test_credential_defaults.conf
deleted file mode 100644
index 39f82ad16..000000000
--- a/src/credential/test_credential_defaults.conf
+++ /dev/null
@@ -1,24 +0,0 @@
1@INLINE@ ../../contrib/conf/gnunet/no_forcestart.conf
2
3[PATHS]
4GNUNET_TEST_HOME = $GNUNET_TMP/test-gnunet-credential-testing/
5
6[namestore-sqlite]
7FILENAME = $GNUNET_TEST_HOME/namestore/sqlite_test.db
8
9[namecache-sqlite]
10FILENAME=$GNUNET_TEST_HOME/namecache/namecache.db
11
12[identity]
13# Directory where we store information about our egos
14EGODIR = $GNUNET_TEST_HOME/identity/egos/
15
16[dhtcache]
17DATABASE = heap
18
19[transport]
20PLUGINS = tcp
21
22[transport-tcp]
23BINDTO = 127.0.0.1
24
diff --git a/src/credential/test_credential_issue.sh b/src/credential/test_credential_issue.sh
deleted file mode 100755
index 3d4b82cf6..000000000
--- a/src/credential/test_credential_issue.sh
+++ /dev/null
@@ -1,46 +0,0 @@
1#!/usr/bin/env bash
2trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
3
4LOCATION=$(which gnunet-config)
5if [ -z $LOCATION ]
6then
7 LOCATION="gnunet-config"
8fi
9$LOCATION --version 1> /dev/null
10if test $? != 0
11then
12 echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
13 exit 77
14fi
15
16rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
17
18# (1) PKEY1.user -> PKEY2.resu.user
19# (2) PKEY2.resu -> PKEY3
20# (3) PKEY3.user -> PKEY4
21
22
23which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 30"
24
25TEST_ATTR="test"
26gnunet-arm -s -c test_credential_lookup.conf
27gnunet-identity -C testissuer -c test_credential_lookup.conf
28gnunet-identity -C testsubject -c test_credential_lookup.conf
29SUBJECT_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep testsubject | awk '{print $3}')
30ISSUER_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep testissuer | awk '{print $3}')
31
32# Get credential and store it with subject (3)
33SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=testissuer --attribute=$TEST_ATTR --subject=$SUBJECT_KEY --ttl="2019-12-12 10:00:00" -c test_credential_lookup.conf`
34
35STATUS=$?
36
37if test $? != 0
38then
39 echo "Error issuing..."
40 exit 1
41fi
42#Try import
43$DO_TIMEOUT gnunet-credential --createSubjectSide --ego=testsubject --import="$SIGNED" --private -c test_credential_lookup.conf
44RES=$?
45gnunet-arm -e -c test_credential_lookup.conf
46exit $RES
diff --git a/src/credential/test_credential_issue_rest.sh b/src/credential/test_credential_issue_rest.sh
deleted file mode 100755
index c518c08ec..000000000
--- a/src/credential/test_credential_issue_rest.sh
+++ /dev/null
@@ -1,53 +0,0 @@
1#!/bin/sh
2trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
3
4LOCATION=$(which gnunet-config)
5if [ -z $LOCATION ]
6then
7 LOCATION="gnunet-config"
8fi
9$LOCATION --version 1> /dev/null
10if test $? != 0
11then
12 echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
13 exit 77
14fi
15
16rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
17
18# (1) PKEY1.user -> PKEY2.resu.user
19# (2) PKEY2.resu -> PKEY3
20# (3) PKEY3.user -> PKEY4
21
22
23which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 30"
24
25TEST_ATTR="test"
26gnunet-arm -s -c test_credential_lookup.conf
27gnunet-arm -i gns
28gnunet-arm -i credential
29gnunet-arm -i identity
30gnunet-arm -i rest -c test_credential_lookup.conf
31
32gnunet-arm -I -c test_credential_lookup.conf
33gnunet-identity -C testissuer -c test_credential_lookup.conf
34gnunet-identity -C testsubject -c test_credential_lookup.conf
35gnunet-identity -s credential-issuer -e testissuer
36SUBJECT_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep testsubject | awk '{print $3}')
37ISSUER_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep testissuer | awk '{print $3}')
38#TODO1 Get credential and store it with subject (3)
39sleep 5
40curl "localhost:7776/credential/issue?subject_key=$SUBJECT_KEY&attribute=$TEST_ATTR&expiration=1d"
41#CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=testissuer --subject=$SUBJECT_KEY --attribute=$TEST_ATTR --ttl=5m -c test_credential_lookup.conf`
42STATUS=$?
43
44if test $? != 0
45then
46 echo "Error issuing..."
47 exit 1
48fi
49#Try import
50#$DO_TIMEOUT gnunet-namestore -a -z testsubject -n c1 -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf
51RES=$?
52gnunet-arm -e -c test_credential_lookup.conf
53exit $RES
diff --git a/src/credential/test_credential_lookup.conf b/src/credential/test_credential_lookup.conf
deleted file mode 100644
index 9cd16605d..000000000
--- a/src/credential/test_credential_lookup.conf
+++ /dev/null
@@ -1,28 +0,0 @@
1@INLINE@ test_credential_defaults.conf
2
3[PATHS]
4GNUNET_TEST_HOME = $GNUNET_TMP/test-gnunet-credential-peer-1/
5
6[dht]
7START_ON_DEMAND = YES
8
9[transport]
10PLUGINS =
11
12[credential]
13START_ON_DEMAND = YES
14#PREFIX = valgrind --leak-check=full --track-origins=yes --log-file=/tmp/credlog
15
16[rest]
17PREFIX = valgrind --leak-check=full --track-origins=yes --log-file=$GNUNET_TMP/restlog
18
19[gns]
20#PREFIX = valgrind --leak-check=full --track-origins=yes
21START_ON_DEMAND = YES
22AUTO_IMPORT_PKEY = YES
23MAX_PARALLEL_BACKGROUND_QUERIES = 10
24DEFAULT_LOOKUP_TIMEOUT = 15 s
25RECORD_PUT_INTERVAL = 1 h
26ZONE_PUBLISH_TIME_WINDOW = 1 h
27DNS_ROOT=PD67SGHF3E0447TU9HADIVU9OM7V4QHTOG0EBU69TFRI2LG63DR0
28
diff --git a/src/credential/test_credential_own.sh b/src/credential/test_credential_own.sh
deleted file mode 100755
index 8a94f90e7..000000000
--- a/src/credential/test_credential_own.sh
+++ /dev/null
@@ -1,140 +0,0 @@
1#!/usr/bin/env bash
2trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
3
4LOCATION=$(which gnunet-config)
5if [ -z $LOCATION ]
6then
7 LOCATION="gnunet-config"
8fi
9$LOCATION --version 1> /dev/null
10if test $? != 0
11then
12 echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
13 exit 77
14fi
15
16rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
17
18
19
20which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 10"
21gnunet-arm -s -c test_credential_lookup.conf
22
23gnunet-identity -C a -c test_credential_lookup.conf
24gnunet-identity -C d -c test_credential_lookup.conf
25gnunet-identity -C e -c test_credential_lookup.conf
26gnunet-identity -C f -c test_credential_lookup.conf
27gnunet-identity -C g -c test_credential_lookup.conf
28AKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep a | awk '{print $3}')
29DKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep d | awk '{print $3}')
30EKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep e | awk '{print $3}')
31FKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep f | awk '{print $3}')
32GKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep g | awk '{print $3}')
33
34############################################################################################
35# (1) EPub.discount <- EOrg.preferred
36# (2) EOrg.preferred <- StateU.student
37# (3) StateU.student <- RegistrarB.student
38# (4) RegistrarB.student <- Alice
39
40gnunet-identity -C epub -c test_credential_lookup.conf
41gnunet-identity -C eorg -c test_credential_lookup.conf
42gnunet-identity -C stateu -c test_credential_lookup.conf
43gnunet-identity -C registrarb -c test_credential_lookup.conf
44gnunet-identity -C alice -c test_credential_lookup.conf
45
46EPUB_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep epub | awk '{print $3}')
47EORG_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep eorg | awk '{print $3}')
48STATEU_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep stateu | awk '{print $3}')
49REGISTRARB_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep registrarb | awk '{print $3}')
50ALICE_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep alice | awk '{print $3}')
51
52
53DISC_ATTR="discount"
54PREF_ATTR="preferred"
55STATE_STUD_ATTR="student"
56REG_STUD_ATTR="student"
57END_ATTR="end"
58
59gnunet-identity -d
60
61# FORWARD, subject side stored (different constallations)
62SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=a --attribute="a" --subject="$AKEY b.c" --ttl="2019-12-12 10:00:00"`
63gnunet-credential --createSubjectSide --ego=a --import="$SIGNED"
64gnunet-namestore -D -z a
65
66SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=a --attribute="b" --subject="$DKEY d" --ttl="2019-12-12 10:00:00"`
67gnunet-credential --createSubjectSide --ego=d --import="$SIGNED"
68gnunet-namestore -D -z d
69
70SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=d --attribute="d" --subject="$EKEY" --ttl="2019-12-12 10:00:00"`
71gnunet-credential --createSubjectSide --ego=e --import="$SIGNED"
72gnunet-namestore -D -z e
73
74SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=e --attribute="c" --subject="$FKEY c" --ttl="2019-12-12 10:00:00"`
75gnunet-credential --createSubjectSide --ego=f --import="$SIGNED"
76SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=e --attribute="k" --subject="$FKEY c.k" --ttl="2019-12-12 10:00:00"`
77gnunet-credential --createSubjectSide --ego=f --import="$SIGNED"
78gnunet-namestore -D -z f
79
80SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=f --attribute="c" --subject="$GKEY" --ttl="2019-12-12 10:00:00"`
81gnunet-credential --createSubjectSide --ego=g --import="$SIGNED" --private
82SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=a --attribute="c" --subject="$GKEY" --ttl="2019-12-12 10:00:00"`
83gnunet-credential --createSubjectSide --ego=g --import="$SIGNED" --private
84SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=d --attribute="h.o" --subject="$GKEY" --ttl="2019-12-12 10:00:00"`
85gnunet-credential --createSubjectSide --ego=g --import="$SIGNED"
86gnunet-namestore -D -z g
87
88
89# BACKWARD, issuer side stored
90# (1) EPub assigns the attribute "discount" to all entities that have been assigned "preferred" by EOrg
91gnunet-credential --createIssuerSide --ego=epub --attribute=$DISC_ATTR --subject="$EORG_KEY $PREF_ATTR" --ttl=5m -c test_credential_lookup.conf
92
93# (2) EOrg assigns the attribute "preferred" to all entities that have been assigned "student" by StateU
94gnunet-credential --createIssuerSide --ego=eorg --attribute=$PREF_ATTR --subject="$STATEU_KEY $STATE_STUD_ATTR" --ttl=5m -c test_credential_lookup.conf
95
96# (3) StateU assigns the attribute "student" to all entities that have been asssigned "student" by RegistrarB
97gnunet-credential --createIssuerSide --ego=stateu --attribute=$STATE_STUD_ATTR --subject="$REGISTRARB_KEY $REG_STUD_ATTR" --ttl=5m -c test_credential_lookup.conf
98
99# (4) RegistrarB issues Alice the credential "student"
100SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=registrarb --attribute="$REG_STUD_ATTR" --subject="$ALICE_KEY" --ttl="2019-12-12 10:00:00"`
101gnunet-credential --createSubjectSide --ego=alice --import="$SIGNED" --private
102
103# Starting to resolve
104echo "+++ Starting to Resolve +++"
105
106# FORWARD
107#DELS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$AKEY --attribute="a" --ego=g --forward -c test_credential_lookup.conf | paste -d, -s - -`
108#echo $DELS
109#echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$GKEY --delegate=\'$DELS\' --forward -c test_credential_lookup.conf
110#RES_DELS=`gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$GKEY --delegate="$DELS" --forward -c test_credential_lookup.conf`
111
112# BACKWARD
113DELS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$EPUB_KEY --attribute=$DISC_ATTR --ego=alice --backward -c test_credential_lookup.conf | paste -d, -s - -`
114echo $DELS
115echo gnunet-credential --verify --issuer=$EPUB_KEY --attribute=$DISC_ATTR --subject=$ALICE_KEY --delegate=\'$DELS\' --backward -c test_credential_lookup.conf
116gnunet-credential --verify --issuer=$EPUB_KEY --attribute=$DISC_ATTR --subject=$ALICE_KEY --delegate="$DELS" --backward -c test_credential_lookup.conf
117
118RES=$?
119
120# Cleanup properly
121gnunet-namestore -z epub -d -n $DISC_ATTR -t ATTR -c test_credential_lookup.conf
122gnunet-namestore -z eorg -d -n $PREF_ATTR -t ATTR -c test_credential_lookup.conf
123gnunet-namestore -z stateu -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
124#gnunet-namestore -z a -d -n "@" -t DEL -c test_credential_lookup.conf
125#gnunet-namestore -z d -d -n "@" -t DEL -c test_credential_lookup.conf
126#gnunet-namestore -z e -d -n "@" -t DEL -c test_credential_lookup.conf
127#gnunet-namestore -z f -d -n "@" -t DEL -c test_credential_lookup.conf
128#gnunet-namestore -z g -d -n "@" -t DEL -c test_credential_lookup.conf
129
130
131gnunet-arm -e -c test_credential_lookup.conf
132
133if [ "$RES" == 0 ]
134then
135 exit 0
136else
137 echo "FAIL: Failed to verify credential."
138 exit 1
139fi
140
diff --git a/src/credential/test_credential_verify.sh b/src/credential/test_credential_verify.sh
deleted file mode 100755
index 38492de8e..000000000
--- a/src/credential/test_credential_verify.sh
+++ /dev/null
@@ -1,87 +0,0 @@
1#!/usr/bin/env bash
2trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
3
4LOCATION=$(which gnunet-config)
5if [ -z $LOCATION ]
6then
7 LOCATION="gnunet-config"
8fi
9$LOCATION --version 1> /dev/null
10if test $? != 0
11then
12 echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
13 exit 77
14fi
15
16rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
17
18# (1) Service.user -> GNU.project.member
19# (2) GNU.project -> GNUnet
20# (3) GNUnet.member -> GNUnet.developer
21# (4) GNUnet.member -> GNUnet.user
22# (5) GNUnet.developer -> Alice
23
24
25which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 30"
26gnunet-arm -s -c test_credential_lookup.conf
27gnunet-identity -C service -c test_credential_lookup.conf
28gnunet-identity -C alice -c test_credential_lookup.conf
29gnunet-identity -C gnu -c test_credential_lookup.conf
30gnunet-identity -C gnunet -c test_credential_lookup.conf
31
32GNU_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep gnu | grep -v gnunet | awk '{print $3}')
33ALICE_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep alice | awk '{print $3}')
34GNUNET_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep gnunet | awk '{print $3}')
35SERVICE_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep service | awk '{print $3}')
36
37USER_ATTR="user"
38GNU_PROJECT_ATTR="project"
39MEMBER_ATTR="member"
40DEVELOPER_ATTR="developer"
41DEV_ATTR="developer"
42TEST_CREDENTIAL="mygnunetcreds"
43
44gnunet-identity -d
45
46# (1) A service assigns the attribute "user" to all entities that have been assigned "member" by entities that werde assigned "project" from GNU
47gnunet-credential --createIssuerSide --ego=service --attribute="$USER_ATTR" --subject="$GNU_KEY $GNU_PROJECT_ATTR.$MEMBER_ATTR" --ttl="2019-12-12 10:00:00" -c test_credential_lookup.conf
48gnunet-namestore -D -z service
49
50# (2) GNU recognized GNUnet as a GNU project and delegates the "project" attribute
51gnunet-credential --createIssuerSide --ego=gnu --attribute="$GNU_PROJECT_ATTR" --subject="$GNUNET_KEY" --ttl="2019-12-12 10:00:00" -c test_credential_lookup.conf
52gnunet-namestore -D -z gnu
53
54# (3+4) GNUnet assigns the attribute "member" to all entities gnunet has also assigned "developer" or "user"
55gnunet-credential --createIssuerSide --ego=gnunet --attribute="$MEMBER_ATTR" --subject="$GNUNET_KEY $DEVELOPER_ATTR" --ttl="2019-12-12 10:00:00" -c test_credential_lookup.conf
56gnunet-credential --createIssuerSide --ego=gnunet --attribute="$MEMBER_ATTR" --subject="$GNUNET_KEY $USER_ATTR" --ttl="2019-12-12 10:00:00" -c test_credential_lookup.conf
57gnunet-namestore -D -z gnunet
58
59# (5) GNUnet signes the delegate and Alice stores it
60SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=gnunet --attribute=$DEV_ATTR --subject=$ALICE_KEY --ttl="2019-12-12 10:00:00"`
61gnunet-credential --createSubjectSide --ego=alice --import="$SIGNED" --private
62gnunet-namestore -D -z alice
63
64# Starting to resolve
65echo "+++ Starting to Resolve +++"
66
67DELS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$SERVICE_KEY --attribute=$USER_ATTR --ego=alice --backward -c test_credential_lookup.conf | paste -d, -s - -`
68echo $DELS
69echo gnunet-credential --verify --issuer=$SERVICE_KEY --attribute=$USER_ATTR --subject=$ALICE_KEY --delegate=\'$DELS\' --backward -c test_credential_lookup.conf
70gnunet-credential --verify --issuer=$SERVICE_KEY --attribute=$USER_ATTR --subject=$ALICE_KEY --delegate="$DELS" --backward -c test_credential_lookup.conf
71
72RES=$?
73
74# Cleanup properly
75gnunet-namestore -z alice -d -n "@" -t DEL -c test_credential_lookup.conf
76gnunet-namestore -z gnu -d -n $GNU_PROJECT_ATTR -t ATTR -c test_credential_lookup.conf
77gnunet-namestore -z gnunet -d -n $MEMBER_ATTR -t ATTR -c test_credential_lookup.conf
78gnunet-namestore -z service -d -n $USER_ATTR -t ATTR -c test_credential_lookup.conf
79gnunet-arm -e -c test_credential_lookup.conf
80
81if [ "$RES" == 0 ]
82then
83 exit 0
84else
85 echo "FAIL: Failed to verify credential."
86 exit 1
87fi
diff --git a/src/credential/test_credential_verify_and.sh b/src/credential/test_credential_verify_and.sh
deleted file mode 100755
index 3a2852dc6..000000000
--- a/src/credential/test_credential_verify_and.sh
+++ /dev/null
@@ -1,87 +0,0 @@
1#!/usr/bin/env bash
2trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
3
4LOCATION=$(which gnunet-config)
5if [ -z $LOCATION ]
6then
7 LOCATION="gnunet-config"
8fi
9$LOCATION --version 1> /dev/null
10if test $? != 0
11then
12 echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
13 exit 77
14fi
15
16rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
17
18# (1) Service.user -> GNU.project.member
19# (2) GNU.project -> GNUnet
20# (3) GNUnet.member -> GNUnet.developer AND GNUnet.user
21# (4) GNUnet.developer -> Alice
22
23
24which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 30"
25gnunet-arm -s -c test_credential_lookup.conf
26gnunet-identity -C service -c test_credential_lookup.conf
27gnunet-identity -C alice -c test_credential_lookup.conf
28gnunet-identity -C gnu -c test_credential_lookup.conf
29gnunet-identity -C gnunet -c test_credential_lookup.conf
30
31GNU_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep gnu | grep -v gnunet | awk '{print $3}')
32ALICE_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep alice | awk '{print $3}')
33GNUNET_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep gnunet | awk '{print $3}')
34SERVICE_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep service | awk '{print $3}')
35
36USER_ATTR="user"
37GNU_PROJECT_ATTR="project"
38MEMBER_ATTR="member"
39DEVELOPER_ATTR="developer"
40DEV_ATTR="developer"
41TEST_CREDENTIAL="mygnunetcreds"
42
43gnunet-identity -d
44
45# (1) A service assigns the attribute "user" to all entities that have been assigned "member" by entities that werde assigned "project" from GNU
46gnunet-credential --createIssuerSide --ego=service --attribute="$USER_ATTR" --subject="$GNU_KEY $GNU_PROJECT_ATTR.$MEMBER_ATTR" --ttl="2019-12-12 10:00:00" -c test_credential_lookup.conf
47gnunet-namestore -D -z service
48
49# (2) GNU recognized GNUnet as a GNU project and delegates the "project" attribute
50gnunet-credential --createIssuerSide --ego=gnu --attribute="$GNU_PROJECT_ATTR" --subject="$GNUNET_KEY" --ttl="2019-12-12 10:00:00" -c test_credential_lookup.conf
51gnunet-namestore -D -z gnu
52
53# (3+4) GNUnet assigns the attribute "member" to all entities gnunet has also assigned "developer" or "user"
54gnunet-credential --createIssuerSide --ego=gnunet --attribute="$MEMBER_ATTR" --subject="$GNUNET_KEY $DEVELOPER_ATTR, $GNUNET_KEY $USER_ATTR" --ttl="2019-12-12 10:00:00" -c test_credential_lookup.conf
55gnunet-namestore -D -z gnunet
56
57# (5) GNUnet signes the delegates and Alice stores it
58SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=gnunet --attribute=$DEV_ATTR --subject=$ALICE_KEY --ttl="2019-12-12 10:00:00"`
59gnunet-credential --createSubjectSide --ego=alice --import="$SIGNED" --private
60SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=gnunet --attribute=$USER_ATTR --subject=$ALICE_KEY --ttl="2019-12-12 10:00:00"`
61gnunet-credential --createSubjectSide --ego=alice --import="$SIGNED" --private
62gnunet-namestore -D -z alice
63
64# Starting to resolve
65echo "+++ Starting to Resolve +++"
66
67DELS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$SERVICE_KEY --attribute=$USER_ATTR --ego=alice --backward -c test_credential_lookup.conf | paste -d, -s - -`
68echo $DELS
69echo gnunet-credential --verify --issuer=$SERVICE_KEY --attribute=$USER_ATTR --subject=$ALICE_KEY --delegate=\'$DELS\' --backward -c test_credential_lookup.conf
70gnunet-credential --verify --issuer=$SERVICE_KEY --attribute=$USER_ATTR --subject=$ALICE_KEY --delegate="$DELS" --backward -c test_credential_lookup.conf
71
72RES=$?
73
74# Cleanup properly
75gnunet-namestore -z alice -d -n "@" -t DEL -c test_credential_lookup.conf
76gnunet-namestore -z gnu -d -n $GNU_PROJECT_ATTR -t ATTR -c test_credential_lookup.conf
77gnunet-namestore -z gnunet -d -n $MEMBER_ATTR -t ATTR -c test_credential_lookup.conf
78gnunet-namestore -z service -d -n $USER_ATTR -t ATTR -c test_credential_lookup.conf
79gnunet-arm -e -c test_credential_lookup.conf
80
81if [ "$RES" == 0 ]
82then
83 exit 0
84else
85 echo "FAIL: Failed to verify credential $RES_CRED."
86 exit 1
87fi
diff --git a/src/credential/test_credential_verify_rest.sh b/src/credential/test_credential_verify_rest.sh
deleted file mode 100755
index 99db5da8a..000000000
--- a/src/credential/test_credential_verify_rest.sh
+++ /dev/null
@@ -1,88 +0,0 @@
1#!/usr/bin/env bash
2trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
3
4LOCATION=$(which gnunet-config)
5if [ -z $LOCATION ]
6then
7 LOCATION="gnunet-config"
8fi
9$LOCATION --version 1> /dev/null
10if test $? != 0
11then
12 echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
13 exit 77
14fi
15
16rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
17
18# (1) Service.user -> GNU.project.member
19# (2) GNU.project -> GNUnet
20# (3) GNUnet.member -> GNUnet.developer
21# (4) GNUnet.member -> GNUnet.user
22# (5) GNUnet.developer -> Alice
23
24
25which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 30"
26gnunet-arm -s -c test_credential_lookup.conf
27gnunet-identity -C service -c test_credential_lookup.conf
28gnunet-identity -C alice -c test_credential_lookup.conf
29gnunet-identity -C gnu -c test_credential_lookup.conf
30gnunet-identity -C gnunet -c test_credential_lookup.conf
31
32GNU_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep gnu | grep -v gnunet | awk '{print $3}')
33ALICE_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep alice | awk '{print $3}')
34GNUNET_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep gnunet | awk '{print $3}')
35SERVICE_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep service | awk '{print $3}')
36
37USER_ATTR="user"
38GNU_PROJECT_ATTR="project"
39MEMBER_ATTR="member"
40DEVELOPER_ATTR="developer"
41DEV_ATTR="developer"
42TEST_CREDENTIAL="mygnunetcreds"
43
44# (1) A service assigns the attribute "user" to all entities that have been assigned "member" by entities that werde assigned "project" from GNU
45gnunet-namestore -p -z service -a -n $USER_ATTR -t ATTR -V "$GNU_KEY $GNU_PROJECT_ATTR.$MEMBER_ATTR" -e 5m -c test_credential_lookup.conf
46
47# (2) GNU recognized GNUnet as a GNU project and delegates the "project" attribute
48gnunet-namestore -p -z gnu -a -n $GNU_PROJECT_ATTR -t ATTR -V "$GNUNET_KEY" -e 5m -c test_credential_lookup.conf
49
50# (3+4) GNUnet assigns the attribute "member" to all entities gnunet has also assigned "developer" or "user"
51gnunet-namestore -p -z gnunet -a -n $MEMBER_ATTR -t ATTR -V "$GNUNET_KEY $DEVELOPER_ATTR" -e 5m -c test_credential_lookup.conf
52gnunet-namestore -p -z gnunet -a -n $MEMBER_ATTR -t ATTR -V "$GNUNET_KEY $USER_ATTR" -e 5m -c test_credential_lookup.conf
53
54# (5) GNUnet issues Alice the credential "developer"
55CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=gnunet --subject=$ALICE_KEY --attribute=$DEV_ATTR --ttl=5m -c test_credential_lookup.conf`
56
57# Alice stores the credential under "mygnunetcreds"
58gnunet-namestore -p -z alice -a -n $TEST_CREDENTIAL -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf
59
60#TODO2 Add -z swich like in gnunet-gns
61#RES_CRED=`gnunet-credential --verify --issuer=$SERVICE_KEY --attribute=$USER_ATTR --subject=$ALICE_KEY --credential=$TEST_CREDENTIAL -c test_credential_lookup.conf`
62
63gnunet-arm -i rest -c test_credential_lookup.conf
64
65sleep 5
66
67CREDS=`curl "localhost:7776/credential/collect?attribute=$SERVICE_KEY.$USER_ATTR&subject=alice"`
68
69echo $CREDS
70
71curl -v "localhost:7776/credential/verify?attribute=$SERVICE_KEY.$USER_ATTR&subject_key=$ALICE_KEY" --data "$CREDS"
72
73#TODO cleanup properly
74gnunet-namestore -z alice -d -n $TEST_CREDENTIAL -t CRED -e never -c test_credential_lookup.conf
75gnunet-namestore -z gnu -d -n $GNU_PROJECT_ATTR -t ATTR -c test_credential_lookup.conf
76gnunet-namestore -z gnunet -d -n $MEMBER_ATTR -t ATTR -c test_credential_lookup.conf
77gnunet-namestore -z service -d -n $USER_ATTR -t ATTR -c test_credential_lookup.conf
78gnunet-arm -e -c test_credential_lookup.conf
79
80if [ "$RES_CRED" != "Failed." ]
81then
82 # TODO: replace echo -e bashism
83 echo -e "${RES_CRED}"
84 exit 0
85else
86 echo "FAIL: Failed to verify credential $RES_CRED."
87 exit 1
88fi
diff --git a/src/credential/test_credential_verify_simple.sh b/src/credential/test_credential_verify_simple.sh
deleted file mode 100755
index 3a3b0832b..000000000
--- a/src/credential/test_credential_verify_simple.sh
+++ /dev/null
@@ -1,56 +0,0 @@
1#!/usr/bin/env bash
2trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
3
4LOCATION=$(which gnunet-config)
5if [ -z $LOCATION ]
6then
7 LOCATION="gnunet-config"
8fi
9$LOCATION --version 1> /dev/null
10if test $? != 0
11then
12 echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
13 exit 77
14fi
15
16rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
17
18# (1) Issuer.user -> Subject
19
20
21which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 30"
22gnunet-arm -s -c test_credential_lookup.conf
23gnunet-identity -C testissuer -c test_credential_lookup.conf
24gnunet-identity -C testsubject -c test_credential_lookup.conf
25
26TEST_ATTR="user"
27SUBJECT_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep testsubject | awk '{print $3}')
28ISSUER_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep testissuer | awk '{print $3}')
29
30gnunet-identity -d
31
32# Create delegate (1)
33SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=testissuer --attribute=$TEST_ATTR --subject=$SUBJECT_KEY --ttl="2019-12-12 10:00:00" -c test_credential_lookup.conf`
34gnunet-credential --createSubjectSide --ego=testsubject --import="$SIGNED" --private
35gnunet-namestore -D -z testsubject
36
37# Starting to resolve
38echo "+++ Starting to Resolve +++"
39
40DELS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$ISSUER_KEY --attribute=$TEST_ATTR --ego=testsubject -c test_credential_lookup.conf | paste -d, -s - -`
41echo $DELS
42gnunet-credential --verify --issuer=$ISSUER_KEY --attribute=$TEST_ATTR --subject=$SUBJECT_KEY --delegate="$DELS" -c test_credential_lookup.conf
43
44RES=$?
45
46# Cleanup properly
47gnunet-namestore -z testsubject -d -n "@" -t DEL -c test_credential_lookup.conf
48gnunet-arm -e -c test_credential_lookup.conf
49
50if [ "$RES" == 0 ]
51then
52 exit 0
53else
54 echo "FAIL: Failed to verify credential."
55 exit 1
56fi \ No newline at end of file
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-16 11:08:36 +0000