aboutsummaryrefslogtreecommitdiff
path: root/src/credential
diff options
context:
space:
mode:
authorSchanzenbach, Martin <mschanzenbach@posteo.de>2016-12-29 11:28:10 +0100
committerSchanzenbach, Martin <mschanzenbach@posteo.de>2016-12-29 11:28:10 +0100
commit897dd85d9feb5cd962db3bf2156a2a2b4d2841d4 (patch)
tree39a6fb6c66c0e3e16584b40b879069a1a6b9694b /src/credential
parentd833a55288cc8e5dc8a028b85f1ec4d4803f1e6b (diff)
downloadgnunet-897dd85d9feb5cd962db3bf2156a2a2b4d2841d4.tar.gz
gnunet-897dd85d9feb5cd962db3bf2156a2a2b4d2841d4.zip
-add collect rest; fixes
Diffstat (limited to 'src/credential')
-rw-r--r--src/credential/plugin_rest_credential.c255
-rwxr-xr-xsrc/credential/test_credential_collect_rest.sh90
-rwxr-xr-xsrc/credential/test_credential_issue_rest.sh53
-rw-r--r--src/credential/test_credential_lookup.conf2
-rwxr-xr-xsrc/credential/test_credential_verify_rest.sh9
5 files changed, 390 insertions, 19 deletions
diff --git a/src/credential/plugin_rest_credential.c b/src/credential/plugin_rest_credential.c
index 0d469f5de..59022e794 100644
--- a/src/credential/plugin_rest_credential.c
+++ b/src/credential/plugin_rest_credential.c
@@ -41,10 +41,14 @@
41 41
42#define GNUNET_REST_API_NS_CREDENTIAL_VERIFY "/credential/verify" 42#define GNUNET_REST_API_NS_CREDENTIAL_VERIFY "/credential/verify"
43 43
44#define GNUNET_REST_API_NS_CREDENTIAL_COLLECT "/credential/collect"
45
44#define GNUNET_REST_JSONAPI_CREDENTIAL_EXPIRATION "expiration" 46#define GNUNET_REST_JSONAPI_CREDENTIAL_EXPIRATION "expiration"
45 47
46#define GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_KEY "subject_key" 48#define GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_KEY "subject_key"
47 49
50#define GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_EGO "subject"
51
48#define GNUNET_REST_JSONAPI_CREDENTIAL "credential" 52#define GNUNET_REST_JSONAPI_CREDENTIAL "credential"
49 53
50#define GNUNET_REST_JSONAPI_CREDENTIAL_TYPEINFO "credential" 54#define GNUNET_REST_JSONAPI_CREDENTIAL_TYPEINFO "credential"
@@ -93,6 +97,11 @@ struct RequestHandle
93 struct GNUNET_IDENTITY_Operation *id_op; 97 struct GNUNET_IDENTITY_Operation *id_op;
94 98
95 /** 99 /**
100 * Handle to ego lookup
101 */
102 struct GNUNET_IDENTITY_EgoLookup *ego_lookup;
103
104 /**
96 * Handle to rest request 105 * Handle to rest request
97 */ 106 */
98 struct GNUNET_REST_RequestHandle *rest_handle; 107 struct GNUNET_REST_RequestHandle *rest_handle;
@@ -173,6 +182,8 @@ cleanup_handle (struct RequestHandle *handle)
173 GNUNET_CREDENTIAL_disconnect (handle->credential); 182 GNUNET_CREDENTIAL_disconnect (handle->credential);
174 if (NULL != handle->id_op) 183 if (NULL != handle->id_op)
175 GNUNET_IDENTITY_cancel (handle->id_op); 184 GNUNET_IDENTITY_cancel (handle->id_op);
185 if (NULL != handle->ego_lookup)
186 GNUNET_IDENTITY_ego_lookup_cancel (handle->ego_lookup);
176 if (NULL != handle->identity) 187 if (NULL != handle->identity)
177 GNUNET_IDENTITY_disconnect (handle->identity); 188 GNUNET_IDENTITY_disconnect (handle->identity);
178 if (NULL != handle->timeout_task) 189 if (NULL != handle->timeout_task)
@@ -370,6 +381,103 @@ credential_to_json (struct GNUNET_CREDENTIAL_Credential *cred)
370 * @param cd array of @a cd_count records with the results 381 * @param cd array of @a cd_count records with the results
371 */ 382 */
372static void 383static void
384handle_collect_response (void *cls,
385 unsigned int d_count,
386 struct GNUNET_CREDENTIAL_Delegation *delegation_chain,
387 unsigned int c_count,
388 struct GNUNET_CREDENTIAL_Credential *cred)
389{
390 struct RequestHandle *handle = cls;
391 struct MHD_Response *resp;
392 struct GNUNET_JSONAPI_Document *json_document;
393 struct GNUNET_JSONAPI_Resource *json_resource;
394 json_t *cred_obj;
395 json_t *cred_array;
396 char *result;
397 char *issuer;
398 char *id;
399 uint32_t i;
400
401 handle->verify_request = NULL;
402 if (NULL == cred) {
403 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
404 "Verify failed.\n");
405 handle->response_code = MHD_HTTP_NOT_FOUND;
406 GNUNET_SCHEDULER_add_now (&do_error, handle);
407 return;
408 }
409 issuer = GNUNET_CRYPTO_ecdsa_public_key_to_string (&handle->issuer_key);
410 if (NULL == issuer)
411 {
412 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
413 "Issuer in delegation malformed\n");
414 return;
415 }
416 GNUNET_asprintf (&id,
417 "%s.%s",
418 issuer,
419 handle->issuer_attr);
420 GNUNET_free (issuer);
421 json_document = GNUNET_JSONAPI_document_new ();
422 json_resource = GNUNET_JSONAPI_resource_new (GNUNET_REST_JSONAPI_CREDENTIAL_TYPEINFO,
423 id);
424 GNUNET_free (id);
425 cred_array = json_array ();
426 for (i=0;i<c_count;i++)
427 {
428 cred_obj = credential_to_json (&cred[i]);
429 json_array_append_new (cred_array, cred_obj);
430 }
431 GNUNET_JSONAPI_resource_add_attr (json_resource,
432 GNUNET_REST_JSONAPI_CREDENTIAL,
433 cred_array);
434 GNUNET_JSONAPI_document_resource_add (json_document, json_resource);
435 GNUNET_JSONAPI_document_serialize (json_document, &result);
436 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
437 "Result %s\n",
438 result);
439 json_decref (cred_array);
440 GNUNET_JSONAPI_document_delete (json_document);
441 resp = GNUNET_REST_create_response (result);
442 GNUNET_free(result);
443 handle->proc (handle->proc_cls, resp, MHD_HTTP_OK);
444 cleanup_handle (handle);
445}
446
447static void
448subject_ego_lookup (void *cls,
449 const struct GNUNET_IDENTITY_Ego *ego)
450{
451 struct RequestHandle *handle = cls;
452 const struct GNUNET_CRYPTO_EcdsaPrivateKey *sub_key;
453 handle->ego_lookup = NULL;
454
455 if (NULL == ego)
456 {
457 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
458 "Subject not found\n");
459 GNUNET_SCHEDULER_add_now (&do_error, handle);
460 return;
461 }
462 sub_key = GNUNET_IDENTITY_ego_get_private_key (ego);
463 handle->verify_request = GNUNET_CREDENTIAL_collect (handle->credential,
464 &handle->issuer_key,
465 handle->issuer_attr,
466 sub_key,
467 &handle_collect_response,
468 handle);
469}
470
471
472
473/**
474 * Function called with the result of a Credential lookup.
475 *
476 * @param cls the 'const char *' name that was resolved
477 * @param cd_count number of records returned
478 * @param cd array of @a cd_count records with the results
479 */
480static void
373handle_verify_response (void *cls, 481handle_verify_response (void *cls,
374 unsigned int d_count, 482 unsigned int d_count,
375 struct GNUNET_CREDENTIAL_Delegation *delegation_chain, 483 struct GNUNET_CREDENTIAL_Delegation *delegation_chain,
@@ -446,6 +554,107 @@ handle_verify_response (void *cls,
446 cleanup_handle (handle); 554 cleanup_handle (handle);
447} 555}
448 556
557static void
558collect_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
559 const char* url,
560 void *cls)
561{
562 struct RequestHandle *handle = cls;
563 struct GNUNET_HashCode key;
564 char *tmp;
565 char *entity_attr;
566
567 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
568 "Connecting...\n");
569 handle->credential = GNUNET_CREDENTIAL_connect (cfg);
570 handle->timeout_task = GNUNET_SCHEDULER_add_delayed (handle->timeout,
571 &do_error, handle);
572 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
573 "Connected\n");
574 if (NULL == handle->credential)
575 {
576 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
577 "Connecting to CREDENTIAL failed\n");
578 GNUNET_SCHEDULER_add_now (&do_error, handle);
579 return;
580 }
581 GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_CREDENTIAL_ISSUER_ATTR,
582 strlen (GNUNET_REST_JSONAPI_CREDENTIAL_ISSUER_ATTR),
583 &key);
584 if ( GNUNET_NO ==
585 GNUNET_CONTAINER_multihashmap_contains (conndata_handle->url_param_map,
586 &key) )
587 {
588 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
589 "Missing issuer attribute\n");
590 GNUNET_SCHEDULER_add_now (&do_error, handle);
591 return;
592 }
593 tmp = GNUNET_CONTAINER_multihashmap_get (conndata_handle->url_param_map,
594 &key);
595 entity_attr = GNUNET_strdup (tmp);
596 tmp = strtok(entity_attr, ".");
597 if (NULL == tmp)
598 {
599 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
600 "Malformed issuer or attribute\n");
601 GNUNET_free (entity_attr);
602 GNUNET_SCHEDULER_add_now (&do_error, handle);
603 return;
604 }
605 if (GNUNET_OK !=
606 GNUNET_CRYPTO_ecdsa_public_key_from_string (tmp,
607 strlen (tmp),
608 &handle->issuer_key))
609 {
610 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
611 "Malformed issuer key\n");
612 GNUNET_free (entity_attr);
613 GNUNET_SCHEDULER_add_now (&do_error, handle);
614 return;
615 }
616 tmp = strtok (NULL, "."); //Issuer attribute
617 if (NULL == tmp)
618 {
619 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
620 "Malformed attribute\n");
621 GNUNET_free (entity_attr);
622 GNUNET_SCHEDULER_add_now (&do_error, handle);
623 return;
624 }
625 handle->issuer_attr = GNUNET_strdup (tmp);
626 GNUNET_free (entity_attr);
627
628 GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_EGO,
629 strlen (GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_EGO),
630 &key);
631 if ( GNUNET_NO ==
632 GNUNET_CONTAINER_multihashmap_contains (conndata_handle->url_param_map,
633 &key) )
634 {
635 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
636 "Missing subject\n");
637 GNUNET_free (entity_attr);
638 GNUNET_SCHEDULER_add_now (&do_error, handle);
639 return;
640 }
641 tmp = GNUNET_CONTAINER_multihashmap_get (conndata_handle->url_param_map,
642 &key);
643 if (NULL == tmp)
644 {
645 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
646 "Malformed subject\n");
647 GNUNET_free (entity_attr);
648 GNUNET_SCHEDULER_add_now (&do_error, handle);
649 return;
650 }
651 handle->ego_lookup = GNUNET_IDENTITY_ego_lookup (cfg,
652 tmp,
653 &subject_ego_lookup,
654 handle);
655}
656
657
449 658
450static void 659static void
451verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle, 660verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
@@ -527,15 +736,15 @@ verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
527 handle->issuer_attr = GNUNET_strdup (tmp); 736 handle->issuer_attr = GNUNET_strdup (tmp);
528 GNUNET_free (entity_attr); 737 GNUNET_free (entity_attr);
529 738
530 GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_ATTR, 739 GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_KEY,
531 strlen (GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_ATTR), 740 strlen (GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_KEY),
532 &key); 741 &key);
533 if ( GNUNET_NO == 742 if ( GNUNET_NO ==
534 GNUNET_CONTAINER_multihashmap_contains (conndata_handle->url_param_map, 743 GNUNET_CONTAINER_multihashmap_contains (conndata_handle->url_param_map,
535 &key) ) 744 &key) )
536 { 745 {
537 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 746 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
538 "Missing subject or attribute\n"); 747 "Missing subject key\n");
539 GNUNET_free (entity_attr); 748 GNUNET_free (entity_attr);
540 GNUNET_SCHEDULER_add_now (&do_error, handle); 749 GNUNET_SCHEDULER_add_now (&do_error, handle);
541 return; 750 return;
@@ -560,7 +769,6 @@ verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
560 GNUNET_SCHEDULER_add_now (&do_error, handle); 769 GNUNET_SCHEDULER_add_now (&do_error, handle);
561 return; 770 return;
562 } 771 }
563 GNUNET_free (entity_attr);
564 772
565 if (0 >= handle->rest_handle->data_size) 773 if (0 >= handle->rest_handle->data_size)
566 { 774 {
@@ -596,28 +804,44 @@ verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
596 } 804 }
597 805
598 resource_count = GNUNET_JSONAPI_document_resource_count(json_obj); 806 resource_count = GNUNET_JSONAPI_document_resource_count(json_obj);
807 GNUNET_assert (1 == resource_count);
808 res = (GNUNET_JSONAPI_document_get_resource(json_obj, 0));
809 if (GNUNET_NO == GNUNET_JSONAPI_resource_check_type(res,
810 GNUNET_REST_JSONAPI_CREDENTIAL_TYPEINFO))
811 {
812 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
813 "Resource not a credential!\n");
814 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
815 "Unable to parse JSONAPI Object from %s\n",
816 term_data);
817 GNUNET_JSONAPI_document_delete (json_obj);
818 GNUNET_SCHEDULER_add_now (&do_error, handle);
819 return;
820 }
821 cred_json = GNUNET_JSONAPI_resource_read_attr (res,
822 GNUNET_REST_JSONAPI_CREDENTIAL);
823
824 GNUNET_assert (json_is_array (cred_json));
825
826 credential_count = json_array_size(cred_json);
827
599 struct GNUNET_CREDENTIAL_Credential credentials[credential_count]; 828 struct GNUNET_CREDENTIAL_Credential credentials[credential_count];
600 for (i=0;i<resource_count;i++) 829 for (i=0;i<credential_count;i++)
601 { 830 {
602 res = (GNUNET_JSONAPI_document_get_resource(json_obj, i)); 831 cred = json_to_credential (json_array_get (cred_json, i));
603 if (GNUNET_NO == GNUNET_JSONAPI_resource_check_type(res, 832 if (NULL == cred)
604 GNUNET_REST_JSONAPI_CREDENTIAL_TYPEINFO))
605 { 833 {
606 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 834 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
607 "Resource not a credential!\n"); 835 "Unable to parse credential!\n");
608 continue; 836 continue;
609 } 837 }
610 credential_count++;
611 cred_json = GNUNET_JSONAPI_resource_read_attr (res,
612 GNUNET_REST_JSONAPI_CREDENTIAL);
613 cred = json_to_credential (cred_json);
614 GNUNET_memcpy (&credentials[i], 838 GNUNET_memcpy (&credentials[i],
615 cred, 839 cred,
616 sizeof (struct GNUNET_CREDENTIAL_Credential)); 840 sizeof (struct GNUNET_CREDENTIAL_Credential));
617 credentials[i].issuer_attribute = GNUNET_strdup (cred->issuer_attribute); 841 credentials[i].issuer_attribute = GNUNET_strdup (cred->issuer_attribute);
618 GNUNET_free (cred); 842 GNUNET_free (cred);
619 } 843 }
620 844 GNUNET_JSONAPI_document_delete(json_obj);
621 handle->verify_request = GNUNET_CREDENTIAL_verify (handle->credential, 845 handle->verify_request = GNUNET_CREDENTIAL_verify (handle->credential,
622 &handle->issuer_key, 846 &handle->issuer_key,
623 handle->issuer_attr, 847 handle->issuer_attr,
@@ -888,7 +1112,8 @@ rest_credential_process_request(struct GNUNET_REST_RequestHandle *conndata_handl
888 handle->rest_handle = conndata_handle; 1112 handle->rest_handle = conndata_handle;
889 1113
890 static const struct GNUNET_REST_RequestHandler handlers[] = { 1114 static const struct GNUNET_REST_RequestHandler handlers[] = {
891 {MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_CREDENTIAL_VERIFY, &verify_cred_cont}, 1115 {MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_CREDENTIAL_VERIFY, &verify_cred_cont},
1116 {MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_CREDENTIAL_COLLECT, &collect_cred_cont},
892 {MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_CREDENTIAL_ISSUE, &issue_cred_cont}, 1117 {MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_CREDENTIAL_ISSUE, &issue_cred_cont},
893 {MHD_HTTP_METHOD_OPTIONS, GNUNET_REST_API_NS_CREDENTIAL, &options_cont}, 1118 {MHD_HTTP_METHOD_OPTIONS, GNUNET_REST_API_NS_CREDENTIAL, &options_cont},
894 GNUNET_REST_HANDLER_END 1119 GNUNET_REST_HANDLER_END
diff --git a/src/credential/test_credential_collect_rest.sh b/src/credential/test_credential_collect_rest.sh
new file mode 100755
index 000000000..0b31f85bc
--- /dev/null
+++ b/src/credential/test_credential_collect_rest.sh
@@ -0,0 +1,90 @@
1#!/bin/bash
2trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
3
4LOCATION=$(which gnunet-config)
5if [ -z $LOCATION ]
6then
7 LOCATION="gnunet-config"
8fi
9$LOCATION --version 1> /dev/null
10if test $? != 0
11then
12 echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
13 exit 77
14fi
15
16rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
17
18# (1) Service.user -> GNU.project.member
19# (2) GNU.project -> GNUnet
20# (3) GNUnet.member -> GNUnet.developer
21# (4) GNUnet.member -> GNUnet.user
22# (5) GNUnet.developer -> Alice
23
24
25which timeout &> /dev/null && DO_TIMEOUT="timeout 30"
26gnunet-arm -s -c test_credential_lookup.conf
27gnunet-identity -C service -c test_credential_lookup.conf
28gnunet-identity -C alice -c test_credential_lookup.conf
29gnunet-identity -C gnu -c test_credential_lookup.conf
30gnunet-identity -C gnunet -c test_credential_lookup.conf
31
32GNU_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep gnu | grep -v gnunet | awk '{print $3}')
33ALICE_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep alice | awk '{print $3}')
34GNUNET_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep gnunet | awk '{print $3}')
35SERVICE_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep service | awk '{print $3}')
36
37USER_ATTR="user"
38GNU_PROJECT_ATTR="project"
39MEMBER_ATTR="member"
40DEVELOPER_ATTR="developer"
41DEV_ATTR="developer"
42TEST_CREDENTIAL="mygnunetcreds"
43
44# (1) A service assigns the attribute "user" to all entities that have been assigned "member" by entities that werde assigned "project" from GNU
45gnunet-namestore -p -z service -a -n $USER_ATTR -t ATTR -V "$GNU_KEY $GNU_PROJECT_ATTR.$MEMBER_ATTR" -e 5m -c test_credential_lookup.conf
46
47# (2) GNU recognized GNUnet as a GNU project and delegates the "project" attribute
48gnunet-namestore -p -z gnu -a -n $GNU_PROJECT_ATTR -t ATTR -V "$GNUNET_KEY" -e 5m -c test_credential_lookup.conf
49
50# (3+4) GNUnet assigns the attribute "member" to all entities gnunet has also assigned "developer" or "user"
51gnunet-namestore -p -z gnunet -a -n $MEMBER_ATTR -t ATTR -V "$GNUNET_KEY $DEVELOPER_ATTR" -e 5m -c test_credential_lookup.conf
52gnunet-namestore -p -z gnunet -a -n $MEMBER_ATTR -t ATTR -V "$GNUNET_KEY $USER_ATTR" -e 5m -c test_credential_lookup.conf
53
54# (5) GNUnet issues Alice the credential "developer"
55CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=gnunet --subject=$ALICE_KEY --attribute=$DEV_ATTR --ttl=5m -c test_credential_lookup.conf`
56
57# Alice stores the credential under "mygnunetcreds"
58gnunet-namestore -p -z alice -a -n $TEST_CREDENTIAL -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf
59
60# (5) GNUnet issues Alice the credential "developer"
61CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=gnunet --subject=$ALICE_KEY --attribute=$USER_ATTR --ttl=5m -c test_credential_lookup.conf`
62
63# Alice stores the credential under "mygnunetcreds"
64gnunet-namestore -p -z alice -a -n $TEST_CREDENTIAL -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf
65
66#TODO2 Add -z swich like in gnunet-gns
67#RES_CRED=`gnunet-credential --collect --issuer=$SERVICE_KEY --attribute=$USER_ATTR --subject=$ALICE_KEY -c test_credential_lookup.conf`
68
69gnunet-arm -i rest -c test_credential_lookup.conf
70
71sleep 5
72
73curl -v "localhost:7776/credential/collect?attribute=$SERVICE_KEY.$USER_ATTR&subject=alice"
74
75#TODO cleanup properly
76gnunet-namestore -z alice -d -n $TEST_CREDENTIAL -t CRED -e never -c test_credential_lookup.conf
77gnunet-namestore -z gnu -d -n $GNU_PROJECT_ATTR -t ATTR -c test_credential_lookup.conf
78gnunet-namestore -z gnunet -d -n $MEMBER_ATTR -t ATTR -c test_credential_lookup.conf
79gnunet-namestore -z service -d -n $USER_ATTR -t ATTR -c test_credential_lookup.conf
80echo "Stopping arm..."
81gnunet-arm -e -c test_credential_lookup.conf
82echo "Done"
83if [ "$RES_CRED" != "Failed." ]
84then
85 echo -e "${RES_CRED}"
86 exit 0
87else
88 echo "FAIL: Failed to verify credential $RES_CRED."
89 exit 1
90fi
diff --git a/src/credential/test_credential_issue_rest.sh b/src/credential/test_credential_issue_rest.sh
new file mode 100755
index 000000000..15cd55083
--- /dev/null
+++ b/src/credential/test_credential_issue_rest.sh
@@ -0,0 +1,53 @@
1#!/bin/bash
2trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
3
4LOCATION=$(which gnunet-config)
5if [ -z $LOCATION ]
6then
7 LOCATION="gnunet-config"
8fi
9$LOCATION --version 1> /dev/null
10if test $? != 0
11then
12 echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
13 exit 77
14fi
15
16rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
17
18# (1) PKEY1.user -> PKEY2.resu.user
19# (2) PKEY2.resu -> PKEY3
20# (3) PKEY3.user -> PKEY4
21
22
23which timeout &> /dev/null && DO_TIMEOUT="timeout 30"
24
25TEST_ATTR="test"
26gnunet-arm -s -c test_credential_lookup.conf
27gnunet-arm -i gns
28gnunet-arm -i credential
29gnunet-arm -i identity
30gnunet-arm -i rest -c test_credential_lookup.conf
31
32gnunet-arm -I -c test_credential_lookup.conf
33gnunet-identity -C testissuer -c test_credential_lookup.conf
34gnunet-identity -C testsubject -c test_credential_lookup.conf
35gnunet-identity -s credential-issuer -e testissuer
36SUBJECT_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep testsubject | awk '{print $3}')
37ISSUER_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep testissuer | awk '{print $3}')
38#TODO1 Get credential and store it with subject (3)
39sleep 5
40curl "localhost:7776/credential/issue?subject_key=$SUBJECT_KEY&attribute=$TEST_ATTR&expiration=1d"
41#CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=testissuer --subject=$SUBJECT_KEY --attribute=$TEST_ATTR --ttl=5m -c test_credential_lookup.conf`
42STATUS=$?
43
44if test $? != 0
45then
46 echo "Error issuing..."
47 exit 1
48fi
49#Try import
50#$DO_TIMEOUT gnunet-namestore -a -z testsubject -n c1 -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf
51RES=$?
52gnunet-arm -e -c test_credential_lookup.conf
53exit $RES
diff --git a/src/credential/test_credential_lookup.conf b/src/credential/test_credential_lookup.conf
index 93b4864d9..3684063b1 100644
--- a/src/credential/test_credential_lookup.conf
+++ b/src/credential/test_credential_lookup.conf
@@ -14,7 +14,7 @@ AUTOSTART = YES
14PREFIX = valgrind --leak-check=full --track-origins=yes --log-file=/tmp/credlog 14PREFIX = valgrind --leak-check=full --track-origins=yes --log-file=/tmp/credlog
15 15
16[rest] 16[rest]
17#PREFIX = valgrind --leak-check=full --track-origins=yes --log-file=/tmp/restlog 17PREFIX = valgrind --leak-check=full --track-origins=yes --log-file=/tmp/restlog
18 18
19[gns] 19[gns]
20#PREFIX = valgrind --leak-check=full --track-origins=yes 20#PREFIX = valgrind --leak-check=full --track-origins=yes
diff --git a/src/credential/test_credential_verify_rest.sh b/src/credential/test_credential_verify_rest.sh
index 092737df7..6133ea25e 100755
--- a/src/credential/test_credential_verify_rest.sh
+++ b/src/credential/test_credential_verify_rest.sh
@@ -58,14 +58,17 @@ CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=gnunet --subject=$ALICE_KEY --
58gnunet-namestore -p -z alice -a -n $TEST_CREDENTIAL -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf 58gnunet-namestore -p -z alice -a -n $TEST_CREDENTIAL -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf
59 59
60#TODO2 Add -z swich like in gnunet-gns 60#TODO2 Add -z swich like in gnunet-gns
61RES_CRED=`gnunet-credential --verify --issuer=$SERVICE_KEY --attribute=$USER_ATTR --subject=$ALICE_KEY --credential=$TEST_CREDENTIAL -c test_credential_lookup.conf` 61#RES_CRED=`gnunet-credential --verify --issuer=$SERVICE_KEY --attribute=$USER_ATTR --subject=$ALICE_KEY --credential=$TEST_CREDENTIAL -c test_credential_lookup.conf`
62 62
63gnunet-arm -i rest -c test_credential_lookup.conf 63gnunet-arm -i rest -c test_credential_lookup.conf
64 64
65sleep 5 65sleep 5
66 66
67echo "localhost:7776/credential?attribute=$SERVICE_KEY.$USER_ATTR&credential=$ALICE_KEY.$TEST_CREDENTIAL" 67CREDS=`curl "localhost:7776/credential/collect?attribute=$SERVICE_KEY.$USER_ATTR&subject=alice"`
68curl -v "localhost:7776/credential?attribute=$SERVICE_KEY.$USER_ATTR&credential=$ALICE_KEY.$TEST_CREDENTIAL" 68
69echo $CREDS
70
71curl -v "localhost:7776/credential/verify?attribute=$SERVICE_KEY.$USER_ATTR&subject_key=$ALICE_KEY" --data "$CREDS"
69 72
70#TODO cleanup properly 73#TODO cleanup properly
71gnunet-namestore -z alice -d -n $TEST_CREDENTIAL -t CRED -e never -c test_credential_lookup.conf 74gnunet-namestore -z alice -d -n $TEST_CREDENTIAL -t CRED -e never -c test_credential_lookup.conf