summaryrefslogtreecommitdiff
path: root/src/credential
diff options
context:
space:
mode:
authorSchanzenbach, Martin <mschanzenbach@posteo.de>2016-12-14 07:52:23 +0100
committerSchanzenbach, Martin <mschanzenbach@posteo.de>2016-12-14 07:52:23 +0100
commit80bdda1c79efb648cb56bdfb63da0c2c0db3ff45 (patch)
tree6b6b99779062dbe1325974acb5c4ea19b78e63e8 /src/credential
parent12a3d957faa3932db31ffea0497dd083fd381b86 (diff)
-add serializer
Diffstat (limited to 'src/credential')
-rw-r--r--src/credential/Makefile.am6
-rw-r--r--src/credential/credential.h2
-rw-r--r--src/credential/credential_api.c24
-rw-r--r--src/credential/credential_serialization.c215
-rw-r--r--src/credential/credential_serialization.h81
-rw-r--r--src/credential/gnunet-credential.c38
-rw-r--r--src/credential/gnunet-service-credential.c114
-rw-r--r--src/credential/plugin_rest_credential.c63
-rwxr-xr-xsrc/credential/test_credential_verify.sh5
9 files changed, 464 insertions, 84 deletions
diff --git a/src/credential/Makefile.am b/src/credential/Makefile.am
index 13da9dc0f..51dbb34d7 100644
--- a/src/credential/Makefile.am
+++ b/src/credential/Makefile.am
@@ -63,8 +63,9 @@ libgnunet_plugin_gnsrecord_credential_la_LDFLAGS = \
gnunet_service_credential_SOURCES = \
- gnunet-service-credential.c
+ gnunet-service-credential.c
gnunet_service_credential_LDADD = \
+ libgnunetcredential.la \
$(top_builddir)/src/util/libgnunetutil.la \
$(top_builddir)/src/gns/libgnunetgns.la \
$(top_builddir)/src/statistics/libgnunetstatistics.la \
@@ -72,7 +73,8 @@ gnunet_service_credential_LDADD = \
libgnunetcredential_la_SOURCES = \
- credential_api.c credential.h
+ credential_api.c credential.h \
+ credential_serialization.c
libgnunetcredential_la_LIBADD = \
$(top_builddir)/src/util/libgnunetutil.la $(XLIB)
libgnunetcredential_la_LDFLAGS = \
diff --git a/src/credential/credential.h b/src/credential/credential.h
index d52776cfa..209fcdcaa 100644
--- a/src/credential/credential.h
+++ b/src/credential/credential.h
@@ -92,7 +92,7 @@ struct VerifyResultMessage
/**
* The number of credentials in the response
*/
- uint32_t cd_count GNUNET_PACKED;
+ uint32_t d_count GNUNET_PACKED;
/* followed by ad_count GNUNET_CREDENTIAL_RecordData structs*/
diff --git a/src/credential/credential_api.c b/src/credential/credential_api.c
index 54a02484d..cae670206 100644
--- a/src/credential/credential_api.c
+++ b/src/credential/credential_api.c
@@ -30,6 +30,7 @@
#include "gnunet_protocols.h"
#include "gnunet_signatures.h"
#include "credential.h"
+#include "credential_serialization.h"
#include "gnunet_credential_service.h"
#include "gnunet_identity_service.h"
@@ -213,6 +214,10 @@ handle_result (void *cls,
struct GNUNET_CREDENTIAL_Handle *handle = cls;
uint32_t r_id = ntohl (vr_msg->id);
struct GNUNET_CREDENTIAL_Request *vr;
+ size_t mlen = ntohs (vr_msg->header.size) - sizeof (*vr_msg);
+ uint32_t d_count = ntohl (vr_msg->d_count);
+ struct GNUNET_CREDENTIAL_Delegation d_chain[d_count];
+ struct GNUNET_CREDENTIAL_Credential cred;
GNUNET_CREDENTIAL_VerifyResultProcessor proc;
void *proc_cls;
@@ -229,24 +234,23 @@ handle_result (void *cls,
handle->verify_tail,
vr);
GNUNET_free (vr);
- /**
GNUNET_assert (GNUNET_OK ==
- GNUNET_CREDENTIAL_records_deserialize (mlen,
- (const char*) &lookup_msg[1],
- rd_count,
- rd));
- */
+ GNUNET_CREDENTIAL_delegation_chain_deserialize (mlen,
+ (const char*) &vr_msg[1],
+ d_count,
+ d_chain,
+ &cred));
if (GNUNET_NO == ntohl (vr_msg->cred_found))
{
proc (proc_cls,
- NULL,
0,
+ NULL,
NULL); // TODO
} else {
proc (proc_cls,
- (struct GNUNET_CREDENTIAL_CredentialRecordData*) &vr_msg[1],
- 0,
- NULL);
+ d_count,
+ d_chain,
+ &cred);
}
}
diff --git a/src/credential/credential_serialization.c b/src/credential/credential_serialization.c
new file mode 100644
index 000000000..2fbcebd9f
--- /dev/null
+++ b/src/credential/credential_serialization.c
@@ -0,0 +1,215 @@
+/*
+ This file is part of GNUnet.
+ Copyright (C) 2009-2013, 2016 GNUnet e.V.
+
+ GNUnet is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published
+ by the Free Software Foundation; either version 3, or (at your
+ option) any later version.
+
+ GNUnet is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with GNUnet; see the file COPYING. If not, write to the
+ Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ Boston, MA 02110-1301, USA.
+*/
+
+
+/**
+ * @file credential/credential_serialization.c
+ * @brief API to serialize and deserialize delegation chains
+ * and credentials
+ * @author Martin Schanzenbach
+ */
+#include "platform.h"
+#include "gnunet_util_lib.h"
+#include "gnunet_constants.h"
+#include "gnunet_credential_service.h"
+
+GNUNET_NETWORK_STRUCT_BEGIN
+
+struct NetworkRecord
+{
+ /**
+ * Issuer key
+ */
+ struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key;
+
+ /**
+ * Subject key
+ */
+ struct GNUNET_CRYPTO_EcdsaPublicKey subject_key;
+
+ /**
+ * Issuer attributes
+ */
+ uint32_t issuer_attribute_len GNUNET_PACKED;
+
+ /**
+ * Subject attributes
+ */
+ uint32_t subject_attribute_len GNUNET_PACKED;
+};
+
+GNUNET_NETWORK_STRUCT_END
+
+/**
+ * Calculate how many bytes we will need to serialize
+ * the given delegation chain and credential
+ *
+ * @param d_count number of delegation chain entries
+ * @param dd array of #GNUNET_CREDENTIAL_Delegation
+ * @param cd a #GNUNET_CREDENTIAL_Credential
+ * @return the required size to serialize
+ */
+size_t
+GNUNET_CREDENTIAL_delegation_chain_get_size (unsigned int d_count,
+ const struct GNUNET_CREDENTIAL_Delegation *dd,
+ const struct GNUNET_CREDENTIAL_Credential *cd)
+{
+ unsigned int i;
+ size_t ret;
+
+ ret = sizeof (struct NetworkRecord) * (d_count + 1);
+
+ for (i=0; i<d_count;i++)
+ {
+ GNUNET_assert ((ret +
+ dd[i].issuer_attribute_len +
+ dd[i].subject_attribute_len) >= ret);
+ ret += dd[i].issuer_attribute_len + dd[i].subject_attribute_len;
+ }
+ GNUNET_assert ((ret + cd->issuer_attribute_len) >= ret);
+ ret += cd->issuer_attribute_len;
+ return ret;
+}
+
+/**
+ * Serizalize the given delegation chain entries and credential
+ *
+ * @param d_count number of delegation chain entries
+ * @param dd array of #GNUNET_CREDENTIAL_Delegation
+ * @param cd a #GNUNET_CREDENTIAL_Credential
+ * @param dest_size size of the destination
+ * @param dest where to store the result
+ * @return the size of the data, -1 on failure
+ */
+ssize_t
+GNUNET_CREDENTIAL_delegation_chain_serialize (unsigned int d_count,
+ const struct GNUNET_CREDENTIAL_Delegation *dd,
+ const struct GNUNET_CREDENTIAL_Credential *cd,
+ size_t dest_size,
+ char *dest)
+{
+ struct NetworkRecord rec;
+ unsigned int i;
+ size_t off;
+
+ off = 0;
+ for (i=0;i<d_count;i++)
+ {
+ rec.issuer_attribute_len = htonl ((uint32_t) dd[i].issuer_attribute_len);
+ rec.subject_attribute_len = htonl ((uint32_t) dd[i].subject_attribute_len);
+ rec.issuer_key = dd[i].issuer_key;
+ rec.subject_key = dd[i].subject_key;
+ if (off + sizeof (rec) > dest_size)
+ return -1;
+ GNUNET_memcpy (&dest[off],
+ &rec,
+ sizeof (rec));
+ off += sizeof (rec);
+ if (off + dd[i].issuer_attribute_len > dest_size)
+ return -1;
+ GNUNET_memcpy (&dest[off],
+ dd[i].issuer_attribute,
+ dd[i].issuer_attribute_len);
+ off += dd[i].issuer_attribute_len;
+ if (0 == dd[i].subject_attribute_len)
+ continue;
+ if (off + dd[i].subject_attribute_len > dest_size)
+ return -1;
+ GNUNET_memcpy (&dest[off],
+ dd[i].subject_attribute,
+ dd[i].subject_attribute_len);
+ off += dd[i].subject_attribute_len;
+ }
+ rec.issuer_attribute_len = htonl ((uint32_t) cd->issuer_attribute_len);
+ rec.subject_attribute_len = htonl (0);
+ rec.issuer_key = cd->issuer_key;
+ if (off + sizeof (rec) > dest_size)
+ return -1;
+ GNUNET_memcpy (&dest[off],
+ &rec,
+ sizeof (rec));
+ off += sizeof (rec);
+ if (off + cd->issuer_attribute_len > dest_size)
+ return -1;
+ GNUNET_memcpy (&dest[off],
+ cd->issuer_attribute,
+ cd->issuer_attribute_len);
+ off += cd->issuer_attribute_len;
+
+ return off;
+}
+
+
+/**
+ * Deserialize the given destination
+ *
+ * @param len size of the serialized delegation chain and cred
+ * @param src the serialized data
+ * @param d_count the number of delegation chain entries
+ * @param dd where to put the delegation chain entries
+ * @param cd where to put the credential data
+ * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
+ */
+int
+GNUNET_CREDENTIAL_delegation_chain_deserialize (size_t len,
+ const char *src,
+ unsigned int d_count,
+ struct GNUNET_CREDENTIAL_Delegation *dd,
+ struct GNUNET_CREDENTIAL_Credential *cd)
+{
+ struct NetworkRecord rec;
+ unsigned int i;
+ size_t off;
+
+ off = 0;
+ for (i=0;i<d_count;i++)
+ {
+ if (off + sizeof (rec) > len)
+ return GNUNET_SYSERR;
+ GNUNET_memcpy (&rec, &src[off], sizeof (rec));
+ dd[i].issuer_attribute_len = ntohl ((uint32_t) rec.issuer_attribute_len);
+ dd[i].issuer_key = rec.issuer_key;
+ dd[i].subject_key = rec.subject_key;
+ off += sizeof (rec);
+ if (off + dd[i].issuer_attribute_len > len)
+ return GNUNET_SYSERR;
+ dd[i].issuer_attribute = &src[off];
+ off += dd[i].issuer_attribute_len;
+ dd[i].subject_attribute_len = ntohl ((uint32_t) rec.subject_attribute_len);
+ if (off + dd[i].subject_attribute_len > len)
+ return GNUNET_SYSERR;
+ dd[i].subject_attribute = &src[off];
+ off += dd[i].subject_attribute_len;
+ }
+ if (off + sizeof (rec) > len)
+ return GNUNET_SYSERR;
+ GNUNET_memcpy (&rec, &src[off], sizeof (rec));
+ cd->issuer_attribute_len = ntohl ((uint32_t) rec.issuer_attribute_len);
+ cd->issuer_key = rec.issuer_key;
+ cd->subject_key = rec.subject_key;
+ off += sizeof (rec);
+ if (off + cd->issuer_attribute_len > len)
+ return GNUNET_SYSERR;
+ cd->issuer_attribute = &src[off];
+ off += cd->issuer_attribute_len;
+ return GNUNET_OK;
+}
+
+/* end of credential_serialization.c */
diff --git a/src/credential/credential_serialization.h b/src/credential/credential_serialization.h
new file mode 100644
index 000000000..7e984ce0a
--- /dev/null
+++ b/src/credential/credential_serialization.h
@@ -0,0 +1,81 @@
+/*
+ This file is part of GNUnet.
+ Copyright (C) 2009-2013, 2016 GNUnet e.V.
+
+ GNUnet is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published
+ by the Free Software Foundation; either version 3, or (at your
+ option) any later version.
+
+ GNUnet is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with GNUnet; see the file COPYING. If not, write to the
+ Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ Boston, MA 02110-1301, USA.
+*/
+
+
+/**
+ * @file credential/credential_serialization.h
+ * @brief API to serialize and deserialize delegation chains
+ * and credentials
+ * @author Martin Schanzenbach
+ */
+#include "platform.h"
+#include "gnunet_util_lib.h"
+#include "gnunet_constants.h"
+#include "gnunet_credential_service.h"
+
+/**
+ * Calculate how many bytes we will need to serialize
+ * the given delegation chain and credential
+ *
+ * @param d_count number of delegation chain entries
+ * @param dd array of #GNUNET_CREDENTIAL_Delegation
+ * @param cd a #GNUNET_CREDENTIAL_Credential
+ * @return the required size to serialize
+ */
+size_t
+GNUNET_CREDENTIAL_delegation_chain_get_size (unsigned int d_count,
+ const struct GNUNET_CREDENTIAL_Delegation *dd,
+ const struct GNUNET_CREDENTIAL_Credential *cd);
+
+/**
+ * Serizalize the given delegation chain entries and credential
+ *
+ * @param d_count number of delegation chain entries
+ * @param dd array of #GNUNET_CREDENTIAL_Delegation
+ * @param cd a #GNUNET_CREDENTIAL_Credential
+ * @param dest_size size of the destination
+ * @param dest where to store the result
+ * @return the size of the data, -1 on failure
+ */
+ssize_t
+GNUNET_CREDENTIAL_delegation_chain_serialize (unsigned int d_count,
+ const struct GNUNET_CREDENTIAL_Delegation *dd,
+ const struct GNUNET_CREDENTIAL_Credential *cd,
+ size_t dest_size,
+ char *dest);
+
+
+/**
+ * Deserialize the given destination
+ *
+ * @param len size of the serialized delegation chain and cred
+ * @param src the serialized data
+ * @param d_count the number of delegation chain entries
+ * @param dd where to put the delegation chain entries
+ * @param cd where to put the credential data
+ * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
+ */
+int
+GNUNET_CREDENTIAL_delegation_chain_deserialize (size_t len,
+ const char *src,
+ unsigned int d_count,
+ struct GNUNET_CREDENTIAL_Delegation *dd,
+ struct GNUNET_CREDENTIAL_Credential *cd);
+/* end of credential_serialization.h */
diff --git a/src/credential/gnunet-credential.c b/src/credential/gnunet-credential.c
index d728f533d..82f0e349c 100644
--- a/src/credential/gnunet-credential.c
+++ b/src/credential/gnunet-credential.c
@@ -157,17 +157,43 @@ do_timeout (void *cls)
*/
static void
handle_verify_result (void *cls,
- struct GNUNET_CREDENTIAL_CredentialRecordData *cred,
- uint32_t delegation_count,
- struct GNUNET_CREDENTIAL_AttributeRecordData *deleg)
+ unsigned int d_count,
+ struct GNUNET_CREDENTIAL_Delegation *dc,
+ struct GNUNET_CREDENTIAL_Credential *cred)
{
-
+ int i;
verify_request = NULL;
if (NULL == cred)
- printf ("Verify failed.\n");
+ printf ("Failed.\n");
else
+ {
+ for (i=0;i<d_count;i++)
+ {
+ char iss_attr[dc[i].issuer_attribute_len];
+ char* iss_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dc[i].issuer_key);
+ char* sub_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dc[i].subject_key);
+
+ char sub_attr[dc[i].subject_attribute_len];
+ memcpy (iss_attr,
+ dc[i].issuer_attribute,
+ dc[i].issuer_attribute_len);
+ iss_attr[dc[i].issuer_attribute_len] = '\0';
+ printf ("%s.%s <- ",iss_key, iss_attr);
+ printf ("%s",sub_key);
+ if (0 != dc[i].subject_attribute_len)
+ {
+ memcpy (sub_attr,
+ dc[i].subject_attribute,
+ dc[i].subject_attribute_len);
+ sub_attr[dc[i].subject_attribute_len] = '\0';
+
+ printf (".%s",sub_attr);
+ }
+ printf ("\n");
+ }
printf ("Successful.\n");
+ }
GNUNET_SCHEDULER_shutdown ();
@@ -209,7 +235,7 @@ identity_cb (void *cls,
GNUNET_SCHEDULER_shutdown ();
return;
} else if (GNUNET_OK == GNUNET_STRINGS_fancy_time_to_relative (expiration,
- &etime_rel))
+ &etime_rel))
{
etime_abs = GNUNET_TIME_relative_to_absolute (etime_rel);
} else if (GNUNET_OK != GNUNET_STRINGS_fancy_time_to_absolute (expiration,
diff --git a/src/credential/gnunet-service-credential.c b/src/credential/gnunet-service-credential.c
index 38d74e2ab..74e1e1cd2 100644
--- a/src/credential/gnunet-service-credential.c
+++ b/src/credential/gnunet-service-credential.c
@@ -27,6 +27,7 @@
#include "gnunet_credential_service.h"
#include "gnunet_statistics_service.h"
#include "credential.h"
+#include "credential_serialization.h"
#include "gnunet_protocols.h"
#include "gnunet_signatures.h"
@@ -165,6 +166,11 @@ struct DelegationQueueEntry
* The delegation chain entry
*/
struct GNUNET_CREDENTIAL_DelegationChainEntry *delegation_chain_entry;
+
+ /**
+ * Delegation chain length until now
+ */
+ uint32_t d_count;
};
@@ -221,11 +227,6 @@ struct VerifyRequestHandle
struct CredentialRecordEntry *cred_chain_tail;
/**
- * Number of chain entries
- */
- uint32_t cred_chain_entries;
-
- /**
* Delegation Queue
*/
struct DelegationQueueEntry *chain_start;
@@ -251,6 +252,11 @@ struct VerifyRequestHandle
uint32_t credential_size;
/**
+ * Length of found delegation chain
+ */
+ uint32_t d_count;
+
+ /**
* request id
*/
uint32_t request_id;
@@ -439,65 +445,92 @@ send_lookup_response (struct VerifyRequestHandle *vrh)
struct GNUNET_MQ_Envelope *env;
struct VerifyResultMessage *rmsg;
struct DelegationQueueEntry *dq_entry;
- char *write_ptr;
size_t size = vrh->credential_size;
+ struct GNUNET_CREDENTIAL_Delegation dd[vrh->d_count];
+ struct GNUNET_CREDENTIAL_Credential cred;
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Sending response\n");
-
- for (dq_entry = vrh->chain_end; NULL != dq_entry; dq_entry = dq_entry->parent)
+ dq_entry = vrh->chain_end;
+ for (int i=0; i<vrh->d_count; i++)
{
- if (NULL == dq_entry->delegation_chain_entry)
- break;
- size += sizeof (struct GNUNET_CREDENTIAL_DelegationChainEntry);
+ dd[i].issuer_key = dq_entry->delegation_chain_entry->issuer_key;
+ dd[i].subject_key = dq_entry->delegation_chain_entry->subject_key;
+ dd[i].issuer_attribute = dq_entry->delegation_chain_entry->issuer_attribute;
+ dd[i].issuer_attribute_len = strlen (dq_entry->delegation_chain_entry->issuer_attribute);
+ dd[i].subject_attribute_len = 0;
if (NULL != dq_entry->delegation_chain_entry->subject_attribute)
- size += strlen (dq_entry->delegation_chain_entry->subject_attribute) + 1;
- size += strlen(dq_entry->delegation_chain_entry->issuer_attribute) + 1;
+ {
+ dd[i].subject_attribute = dq_entry->delegation_chain_entry->subject_attribute;
+ dd[i].subject_attribute_len = strlen(dq_entry->delegation_chain_entry->subject_attribute);
+ }
+ dq_entry = dq_entry->parent;
}
+ /**
+ * Get serialized record data
+ * Append at the end of rmsg
+ */
+ cred.issuer_key = vrh->credential->issuer_key;
+ cred.subject_key = vrh->credential->issuer_key;
+ cred.issuer_attribute_len = strlen((char*)&vrh->credential[1]);
+ cred.issuer_attribute = (char*)&vrh->credential[1];
+ size = GNUNET_CREDENTIAL_delegation_chain_get_size (vrh->d_count,
+ dd,
+ &cred);
env = GNUNET_MQ_msg_extra (rmsg,
size,
GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT);
//Assign id so that client can find associated request
rmsg->id = vrh->request_id;
- rmsg->cd_count = htonl (vrh->cred_chain_entries);
-
- /**
- * Get serialized record data
- * Append at the end of rmsg
- */
- rmsg->cred_found = htonl (GNUNET_NO);
+ rmsg->d_count = htonl (vrh->d_count);
if (NULL != vrh->credential)
- {
- memcpy (&rmsg[1],
- vrh->credential,
- vrh->credential_size);
rmsg->cred_found = htonl (GNUNET_YES);
- }
+ else
+ rmsg->cred_found = htonl (GNUNET_NO);
+
+ GNUNET_assert (-1 != GNUNET_CREDENTIAL_delegation_chain_serialize (vrh->d_count,
+ dd,
+ &cred,
+ size,
+ (char*)&rmsg[1]));
+
+
+ /*for (dq_entry = vrh->chain_end; NULL != dq_entry; dq_entry = dq_entry->parent)
+ {
+ if (NULL == dq_entry->delegation_chain_entry)
+ break;
+ size += sizeof (struct GNUNET_CREDENTIAL_DelegationChainEntry);
+ if (NULL != dq_entry->delegation_chain_entry->subject_attribute)
+ size += strlen (dq_entry->delegation_chain_entry->subject_attribute) + 1;
+ size += strlen(dq_entry->delegation_chain_entry->issuer_attribute) + 1;
+ d_count++;
+ }*/
+
//TODO refactor into serializer module
- write_ptr = (char*)&rmsg[1] + vrh->credential_size;
- for (dq_entry = vrh->chain_end; NULL != dq_entry; dq_entry = dq_entry->parent)
- {
+ /*write_ptr = (char*)&rmsg[1] + vrh->credential_size;
+ for (dq_entry = vrh->chain_end; NULL != dq_entry; dq_entry = dq_entry->parent)
+ {
if (NULL == dq_entry->delegation_chain_entry)
- break;
+ break;
memcpy (write_ptr,
- dq_entry->delegation_chain_entry,
- sizeof (struct GNUNET_CREDENTIAL_DelegationChainEntry));
+ dq_entry->delegation_chain_entry,
+ sizeof (struct GNUNET_CREDENTIAL_DelegationChainEntry));
write_ptr += sizeof (struct GNUNET_CREDENTIAL_DelegationChainEntry);
if (NULL != dq_entry->delegation_chain_entry->subject_attribute)
{
- GNUNET_snprintf (write_ptr,
- strlen (dq_entry->delegation_chain_entry->subject_attribute) + 2,
- "%s;",
- dq_entry->delegation_chain_entry->subject_attribute);
- write_ptr += strlen (dq_entry->delegation_chain_entry->subject_attribute) + 1;
+ GNUNET_snprintf (write_ptr,
+ strlen (dq_entry->delegation_chain_entry->subject_attribute) + 2,
+ "%s;",
+ dq_entry->delegation_chain_entry->subject_attribute);
+ write_ptr += strlen (dq_entry->delegation_chain_entry->subject_attribute) + 1;
}
memcpy (write_ptr,
- dq_entry->delegation_chain_entry->issuer_attribute,
- strlen(dq_entry->delegation_chain_entry->issuer_attribute));
+ dq_entry->delegation_chain_entry->issuer_attribute,
+ strlen(dq_entry->delegation_chain_entry->issuer_attribute));
write_ptr += strlen(dq_entry->delegation_chain_entry->issuer_attribute) + 1;
- }
+ }*/
GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq(vrh->client),
env);
GNUNET_CONTAINER_DLL_remove (vrh_head, vrh_tail, vrh);
@@ -580,6 +613,7 @@ backward_resolution (void* cls,
dq_entry->delegation_chain_entry->issuer_attribute = GNUNET_strdup (current_delegation->lookup_attribute);
dq_entry->parent = current_delegation;
+ dq_entry->d_count = current_delegation->d_count + 1;
GNUNET_CONTAINER_DLL_insert (current_delegation->children_head,
current_delegation->children_tail,
dq_entry);
@@ -608,6 +642,7 @@ backward_resolution (void* cls,
vrh->credential = GNUNET_malloc (cred_pointer->data_size);
vrh->credential_size = cred_pointer->data_size;
vrh->chain_end = dq_entry;
+ vrh->d_count = dq_entry->d_count;
//Found match
send_lookup_response (vrh);
return;
@@ -743,6 +778,7 @@ handle_credential_query (void* cls,
dq_entry->issuer_attribute = GNUNET_strdup (vrh->issuer_attribute);
dq_entry->handle = vrh;
dq_entry->lookup_attribute = GNUNET_strdup (vrh->issuer_attribute);
+ dq_entry->d_count = 0;
vrh->chain_start = dq_entry;
vrh->pending_lookups = 1;
//Start with backward resolution
diff --git a/src/credential/plugin_rest_credential.c b/src/credential/plugin_rest_credential.c
index 137f55c47..798f76049 100644
--- a/src/credential/plugin_rest_credential.c
+++ b/src/credential/plugin_rest_credential.c
@@ -186,22 +186,45 @@ do_error (void *cls)
* @return JSON, NULL if failed
*/
static json_t*
-attribute_delegation_to_json (struct GNUNET_CREDENTIAL_AttributeRecordData *attr)
+attribute_delegation_to_json (struct GNUNET_CREDENTIAL_Delegation *delegation_chain_entry)
{
char *subject;
- char *attribute;
+ char *issuer;
+ char iss_attribute[delegation_chain_entry->issuer_attribute_len];
+ char sub_attribute[delegation_chain_entry->subject_attribute_len];
json_t *attr_obj;
- subject = GNUNET_CRYPTO_ecdsa_public_key_to_string (&attr->subject_key);
+ issuer = GNUNET_CRYPTO_ecdsa_public_key_to_string (&delegation_chain_entry->issuer_key);
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Issuer in delegation malformed\n");
+ return NULL;
+ }
+ subject = GNUNET_CRYPTO_ecdsa_public_key_to_string (&delegation_chain_entry->subject_key);
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Subject in credential malformed\n");
+ GNUNET_free (issuer);
return NULL;
}
- attribute = (char*)&attr[1];
attr_obj = json_object ();
+ memcpy (iss_attribute,
+ delegation_chain_entry->issuer_attribute,
+ delegation_chain_entry->issuer_attribute_len);
+ iss_attribute[delegation_chain_entry->issuer_attribute_len] = '\0';
+
json_object_set_new (attr_obj, "subject", json_string (subject));
- json_object_set_new (attr_obj, "attribute", json_string (attribute));
+ json_object_set_new (attr_obj, "issuer", json_string (issuer));
+ json_object_set_new (attr_obj, "issuer_attribute", json_string (iss_attribute));
+
+ if (0 < delegation_chain_entry->subject_attribute_len)
+ {
+ memcpy (sub_attribute,
+ delegation_chain_entry->subject_attribute,
+ delegation_chain_entry->subject_attribute_len);
+ sub_attribute[delegation_chain_entry->subject_attribute_len] = '\0';
+ json_object_set_new (attr_obj, "subject_attribute", json_string (sub_attribute));
+ }
GNUNET_free (subject);
return attr_obj;
}
@@ -212,14 +235,11 @@ attribute_delegation_to_json (struct GNUNET_CREDENTIAL_AttributeRecordData *attr
* @return the resulting json, NULL if failed
*/
static json_t*
-credential_to_json (struct GNUNET_CREDENTIAL_CredentialRecordData *cred)
+credential_to_json (struct GNUNET_CREDENTIAL_Credential *cred)
{
- struct GNUNET_TIME_Absolute exp;
- const char* exp_str;
char *issuer;
char *subject;
- char *attribute;
- char *signature;
+ char attribute[cred->issuer_attribute_len + 1];
json_t *cred_obj;
issuer = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->issuer_key);
@@ -237,21 +257,16 @@ credential_to_json (struct GNUNET_CREDENTIAL_CredentialRecordData *cred)
GNUNET_free (issuer);
return NULL;
}
- GNUNET_STRINGS_base64_encode ((char*)&cred->signature,
- sizeof (struct GNUNET_CRYPTO_EcdsaSignature),
- &signature);
- attribute = (char*)&cred[1];
- exp.abs_value_us = ntohs (cred->expiration);
- exp_str = GNUNET_STRINGS_absolute_time_to_string (exp);
+ memcpy (attribute,
+ cred->issuer_attribute,
+ cred->issuer_attribute_len);
+ attribute[cred->issuer_attribute_len] = '\0';
cred_obj = json_object ();
json_object_set_new (cred_obj, "issuer", json_string (issuer));
json_object_set_new (cred_obj, "subject", json_string (subject));
json_object_set_new (cred_obj, "attribute", json_string (attribute));
- json_object_set_new (cred_obj, "signature", json_string (signature));
- json_object_set_new (cred_obj, "expiration", json_string (exp_str));
GNUNET_free (issuer);
GNUNET_free (subject);
- GNUNET_free (signature);
return cred_obj;
}
@@ -264,9 +279,9 @@ credential_to_json (struct GNUNET_CREDENTIAL_CredentialRecordData *cred)
*/
static void
handle_verify_response (void *cls,
- struct GNUNET_CREDENTIAL_CredentialRecordData *cred,
- uint32_t delegation_count,
- struct GNUNET_CREDENTIAL_AttributeRecordData *deleg)
+ unsigned int d_count,
+ struct GNUNET_CREDENTIAL_Delegation *delegation_chain,
+ struct GNUNET_CREDENTIAL_Credential *cred)
{
struct VerifyHandle *handle = cls;
@@ -292,9 +307,9 @@ handle_verify_response (void *cls,
handle->issuer_attr);
cred_obj = credential_to_json (cred);
result_array = json_array ();
- for (i = 0; i < delegation_count; i++)
+ for (i = 0; i < d_count; i++)
{
- attr_obj = attribute_delegation_to_json (&(deleg[i]));
+ attr_obj = attribute_delegation_to_json (&delegation_chain[i]);
json_array_append (result_array, attr_obj);
json_decref (attr_obj);
}
diff --git a/src/credential/test_credential_verify.sh b/src/credential/test_credential_verify.sh
index 3b76d20e5..012341f5f 100755
--- a/src/credential/test_credential_verify.sh
+++ b/src/credential/test_credential_verify.sh
@@ -67,10 +67,11 @@ gnunet-namestore -z gnunet -d -n $MEMBER_ATTR -t ATTR -c test_credential_lookup.
gnunet-namestore -z service -d -n $USER_ATTR -t ATTR -c test_credential_lookup.conf
gnunet-arm -e -c test_credential_lookup.conf
-if [ "$RES_CRED" == "Successful." ]
+if [ "$RES_CRED" != "Failed." ]
then
+ echo $RES_CRED
exit 0
else
- echo "FAIL: Failed to verify credential $RES_IP."
+ echo "FAIL: Failed to verify credential $RES_CRED."
exit 1
fi