aboutsummaryrefslogtreecommitdiff
path: root/src/credential
diff options
context:
space:
mode:
authorSchanzenbach, Martin <mschanzenbach@posteo.de>2016-12-15 13:36:40 +0100
committerSchanzenbach, Martin <mschanzenbach@posteo.de>2016-12-15 13:36:40 +0100
commit7a6a665cea13854c28384fd4e51da0f10b4933cc (patch)
tree8a1d3b41d99edcdf50c643e088b5bfa7cabf3424 /src/credential
parentfb662a6b560d84903e5b9601a1df1778dd12ae44 (diff)
downloadgnunet-7a6a665cea13854c28384fd4e51da0f10b4933cc.tar.gz
gnunet-7a6a665cea13854c28384fd4e51da0f10b4933cc.zip
-fix rest; prelim test;
Diffstat (limited to 'src/credential')
-rw-r--r--src/credential/credential_api.c1
-rw-r--r--src/credential/plugin_rest_credential.c31
-rw-r--r--src/credential/test_credential_lookup.conf3
-rwxr-xr-xsrc/credential/test_credential_verify_rest.sh84
4 files changed, 111 insertions, 8 deletions
diff --git a/src/credential/credential_api.c b/src/credential/credential_api.c
index 860504e61..d9e01c1d3 100644
--- a/src/credential/credential_api.c
+++ b/src/credential/credential_api.c
@@ -234,6 +234,7 @@ handle_result (void *cls,
234 GNUNET_CONTAINER_DLL_remove (handle->verify_head, 234 GNUNET_CONTAINER_DLL_remove (handle->verify_head,
235 handle->verify_tail, 235 handle->verify_tail,
236 vr); 236 vr);
237 GNUNET_MQ_discard (vr->env);
237 GNUNET_free (vr); 238 GNUNET_free (vr);
238 GNUNET_assert (GNUNET_OK == 239 GNUNET_assert (GNUNET_OK ==
239 GNUNET_CREDENTIAL_delegation_chain_deserialize (mlen, 240 GNUNET_CREDENTIAL_delegation_chain_deserialize (mlen,
diff --git a/src/credential/plugin_rest_credential.c b/src/credential/plugin_rest_credential.c
index f6e4fc5a8..11e6fb276 100644
--- a/src/credential/plugin_rest_credential.c
+++ b/src/credential/plugin_rest_credential.c
@@ -193,12 +193,14 @@ attribute_delegation_to_json (struct GNUNET_CREDENTIAL_Delegation *delegation_ch
193 json_t *attr_obj; 193 json_t *attr_obj;
194 194
195 issuer = GNUNET_CRYPTO_ecdsa_public_key_to_string (&delegation_chain_entry->issuer_key); 195 issuer = GNUNET_CRYPTO_ecdsa_public_key_to_string (&delegation_chain_entry->issuer_key);
196 if (NULL == issuer)
196 { 197 {
197 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 198 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
198 "Issuer in delegation malformed\n"); 199 "Issuer in delegation malformed\n");
199 return NULL; 200 return NULL;
200 } 201 }
201 subject = GNUNET_CRYPTO_ecdsa_public_key_to_string (&delegation_chain_entry->subject_key); 202 subject = GNUNET_CRYPTO_ecdsa_public_key_to_string (&delegation_chain_entry->subject_key);
203 if (NULL == subject)
202 { 204 {
203 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 205 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
204 "Subject in credential malformed\n"); 206 "Subject in credential malformed\n");
@@ -207,16 +209,17 @@ attribute_delegation_to_json (struct GNUNET_CREDENTIAL_Delegation *delegation_ch
207 } 209 }
208 attr_obj = json_object (); 210 attr_obj = json_object ();
209 211
210 json_object_set_new (attr_obj, "subject", json_string (subject)); 212 json_object_set_new (attr_obj, "issuer", json_string (issuer));
211 json_object_set_new (attr_obj, "issuer", json_string (issuer));
212 json_object_set_new (attr_obj, "issuer_attribute", 213 json_object_set_new (attr_obj, "issuer_attribute",
213 json_string (delegation_chain_entry->issuer_attribute)); 214 json_string (delegation_chain_entry->issuer_attribute));
214 215
216 json_object_set_new (attr_obj, "subject", json_string (subject));
215 if (0 < delegation_chain_entry->subject_attribute_len) 217 if (0 < delegation_chain_entry->subject_attribute_len)
216 { 218 {
217 json_object_set_new (attr_obj, "subject_attribute", 219 json_object_set_new (attr_obj, "subject_attribute",
218 json_string (delegation_chain_entry->subject_attribute)); 220 json_string (delegation_chain_entry->subject_attribute));
219 } 221 }
222 GNUNET_free (issuer);
220 GNUNET_free (subject); 223 GNUNET_free (subject);
221 return attr_obj; 224 return attr_obj;
222} 225}
@@ -286,6 +289,8 @@ handle_verify_response (void *cls,
286 json_t *cred_array; 289 json_t *cred_array;
287 json_t *attr_array; 290 json_t *attr_array;
288 char *result; 291 char *result;
292 char *issuer;
293 char *id;
289 uint32_t i; 294 uint32_t i;
290 295
291 handle->verify_request = NULL; 296 handle->verify_request = NULL;
@@ -296,23 +301,33 @@ handle_verify_response (void *cls,
296 GNUNET_SCHEDULER_add_now (&do_error, handle); 301 GNUNET_SCHEDULER_add_now (&do_error, handle);
297 return; 302 return;
298 } 303 }
304 issuer = GNUNET_CRYPTO_ecdsa_public_key_to_string (&handle->issuer_key);
305 if (NULL == issuer)
306 {
307 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
308 "Issuer in delegation malformed\n");
309 return;
310 }
311 GNUNET_asprintf (&id,
312 "%s.%s",
313 issuer,
314 handle->issuer_attr);
315 GNUNET_free (issuer);
299 json_document = GNUNET_JSONAPI_document_new (); 316 json_document = GNUNET_JSONAPI_document_new ();
300 json_resource = GNUNET_JSONAPI_resource_new (GNUNET_REST_JSONAPI_CREDENTIAL_TYPEINFO, 317 json_resource = GNUNET_JSONAPI_resource_new (GNUNET_REST_JSONAPI_CREDENTIAL_TYPEINFO,
301 handle->issuer_attr); 318 id);
302 cred_obj = credential_to_json (cred); 319 GNUNET_free (id);
303 attr_array = json_array (); 320 attr_array = json_array ();
304 for (i = 0; i < d_count; i++) 321 for (i = 0; i < d_count; i++)
305 { 322 {
306 attr_obj = attribute_delegation_to_json (&delegation_chain[i]); 323 attr_obj = attribute_delegation_to_json (&delegation_chain[i]);
307 json_array_append (attr_array, attr_obj); 324 json_array_append_new (attr_array, attr_obj);
308 json_decref (attr_obj);
309 } 325 }
310 cred_array = json_array (); 326 cred_array = json_array ();
311 for (i=0;i<c_count;i++) 327 for (i=0;i<c_count;i++)
312 { 328 {
313 cred_obj = credential_to_json (&cred[i]); 329 cred_obj = credential_to_json (&cred[i]);
314 json_array_append (cred_array, cred_obj); 330 json_array_append_new (cred_array, cred_obj);
315 json_decref (cred_obj);
316 } 331 }
317 GNUNET_JSONAPI_resource_add_attr (json_resource, 332 GNUNET_JSONAPI_resource_add_attr (json_resource,
318 GNUNET_REST_JSONAPI_CREDENTIAL, 333 GNUNET_REST_JSONAPI_CREDENTIAL,
diff --git a/src/credential/test_credential_lookup.conf b/src/credential/test_credential_lookup.conf
index 57c62fab3..f4bf36c52 100644
--- a/src/credential/test_credential_lookup.conf
+++ b/src/credential/test_credential_lookup.conf
@@ -13,6 +13,9 @@ PLUGINS =
13AUTOSTART = YES 13AUTOSTART = YES
14#PREFIX = valgrind --leak-check=full --track-origins=yes --log-file=/tmp/credlog 14#PREFIX = valgrind --leak-check=full --track-origins=yes --log-file=/tmp/credlog
15 15
16[rest]
17PREFIX = valgrind --leak-check=full --track-origins=yes --log-file=/tmp/restlog
18
16[gns] 19[gns]
17#PREFIX = valgrind --leak-check=full --track-origins=yes 20#PREFIX = valgrind --leak-check=full --track-origins=yes
18AUTOSTART = YES 21AUTOSTART = YES
diff --git a/src/credential/test_credential_verify_rest.sh b/src/credential/test_credential_verify_rest.sh
new file mode 100755
index 000000000..092737df7
--- /dev/null
+++ b/src/credential/test_credential_verify_rest.sh
@@ -0,0 +1,84 @@
1#!/bin/bash
2trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
3
4LOCATION=$(which gnunet-config)
5if [ -z $LOCATION ]
6then
7 LOCATION="gnunet-config"
8fi
9$LOCATION --version 1> /dev/null
10if test $? != 0
11then
12 echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
13 exit 77
14fi
15
16rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
17
18# (1) Service.user -> GNU.project.member
19# (2) GNU.project -> GNUnet
20# (3) GNUnet.member -> GNUnet.developer
21# (4) GNUnet.member -> GNUnet.user
22# (5) GNUnet.developer -> Alice
23
24
25which timeout &> /dev/null && DO_TIMEOUT="timeout 30"
26gnunet-arm -s -c test_credential_lookup.conf
27gnunet-identity -C service -c test_credential_lookup.conf
28gnunet-identity -C alice -c test_credential_lookup.conf
29gnunet-identity -C gnu -c test_credential_lookup.conf
30gnunet-identity -C gnunet -c test_credential_lookup.conf
31
32GNU_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep gnu | grep -v gnunet | awk '{print $3}')
33ALICE_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep alice | awk '{print $3}')
34GNUNET_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep gnunet | awk '{print $3}')
35SERVICE_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep service | awk '{print $3}')
36
37USER_ATTR="user"
38GNU_PROJECT_ATTR="project"
39MEMBER_ATTR="member"
40DEVELOPER_ATTR="developer"
41DEV_ATTR="developer"
42TEST_CREDENTIAL="mygnunetcreds"
43
44# (1) A service assigns the attribute "user" to all entities that have been assigned "member" by entities that werde assigned "project" from GNU
45gnunet-namestore -p -z service -a -n $USER_ATTR -t ATTR -V "$GNU_KEY $GNU_PROJECT_ATTR.$MEMBER_ATTR" -e 5m -c test_credential_lookup.conf
46
47# (2) GNU recognized GNUnet as a GNU project and delegates the "project" attribute
48gnunet-namestore -p -z gnu -a -n $GNU_PROJECT_ATTR -t ATTR -V "$GNUNET_KEY" -e 5m -c test_credential_lookup.conf
49
50# (3+4) GNUnet assigns the attribute "member" to all entities gnunet has also assigned "developer" or "user"
51gnunet-namestore -p -z gnunet -a -n $MEMBER_ATTR -t ATTR -V "$GNUNET_KEY $DEVELOPER_ATTR" -e 5m -c test_credential_lookup.conf
52gnunet-namestore -p -z gnunet -a -n $MEMBER_ATTR -t ATTR -V "$GNUNET_KEY $USER_ATTR" -e 5m -c test_credential_lookup.conf
53
54# (5) GNUnet issues Alice the credential "developer"
55CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=gnunet --subject=$ALICE_KEY --attribute=$DEV_ATTR --ttl=5m -c test_credential_lookup.conf`
56
57# Alice stores the credential under "mygnunetcreds"
58gnunet-namestore -p -z alice -a -n $TEST_CREDENTIAL -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf
59
60#TODO2 Add -z swich like in gnunet-gns
61RES_CRED=`gnunet-credential --verify --issuer=$SERVICE_KEY --attribute=$USER_ATTR --subject=$ALICE_KEY --credential=$TEST_CREDENTIAL -c test_credential_lookup.conf`
62
63gnunet-arm -i rest -c test_credential_lookup.conf
64
65sleep 5
66
67echo "localhost:7776/credential?attribute=$SERVICE_KEY.$USER_ATTR&credential=$ALICE_KEY.$TEST_CREDENTIAL"
68curl -v "localhost:7776/credential?attribute=$SERVICE_KEY.$USER_ATTR&credential=$ALICE_KEY.$TEST_CREDENTIAL"
69
70#TODO cleanup properly
71gnunet-namestore -z alice -d -n $TEST_CREDENTIAL -t CRED -e never -c test_credential_lookup.conf
72gnunet-namestore -z gnu -d -n $GNU_PROJECT_ATTR -t ATTR -c test_credential_lookup.conf
73gnunet-namestore -z gnunet -d -n $MEMBER_ATTR -t ATTR -c test_credential_lookup.conf
74gnunet-namestore -z service -d -n $USER_ATTR -t ATTR -c test_credential_lookup.conf
75gnunet-arm -e -c test_credential_lookup.conf
76
77if [ "$RES_CRED" != "Failed." ]
78then
79 echo -e "${RES_CRED}"
80 exit 0
81else
82 echo "FAIL: Failed to verify credential $RES_CRED."
83 exit 1
84fi