summaryrefslogtreecommitdiff
path: root/src/credential
diff options
context:
space:
mode:
authorSchanzenbach, Martin <mschanzenbach@posteo.de>2016-12-13 10:18:40 +0100
committerSchanzenbach, Martin <mschanzenbach@posteo.de>2016-12-13 10:18:40 +0100
commitd03ce063cf660a1f9f37b917eab3747a40937d68 (patch)
tree33248b5727f36bcb2b0f9141e6a4b31d380ea9f5 /src/credential
parent78b7c56bd1502ec87054521970a8e5b9cf225b66 (diff)
-more rest
Diffstat (limited to 'src/credential')
-rw-r--r--src/credential/credential_api.c2
-rw-r--r--src/credential/gnunet-service-credential.c2
-rw-r--r--src/credential/plugin_gnsrecord_credential.c4
-rw-r--r--src/credential/plugin_rest_credential.c153
4 files changed, 152 insertions, 9 deletions
diff --git a/src/credential/credential_api.c b/src/credential/credential_api.c
index 5bc1e52f1..54a02484d 100644
--- a/src/credential/credential_api.c
+++ b/src/credential/credential_api.c
@@ -457,7 +457,7 @@ GNUNET_CREDENTIAL_issue (struct GNUNET_CREDENTIAL_Handle *handle,
if (GNUNET_OK !=
GNUNET_CRYPTO_ecdsa_sign (issuer,
&crd->purpose,
- &crd->sig))
+ &crd->signature))
{
GNUNET_break (0);
GNUNET_free (crd);
diff --git a/src/credential/gnunet-service-credential.c b/src/credential/gnunet-service-credential.c
index f07c777d6..e0e845468 100644
--- a/src/credential/gnunet-service-credential.c
+++ b/src/credential/gnunet-service-credential.c
@@ -533,7 +533,7 @@ handle_credential_query (void* cls,
crd = rd[i].data;
if(GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify(GNUNET_SIGNATURE_PURPOSE_CREDENTIAL,
&crd->purpose,
- &crd->sig,
+ &crd->signature,
&crd->issuer_key))
{
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
diff --git a/src/credential/plugin_gnsrecord_credential.c b/src/credential/plugin_gnsrecord_credential.c
index ece4be1e3..281113a34 100644
--- a/src/credential/plugin_gnsrecord_credential.c
+++ b/src/credential/plugin_gnsrecord_credential.c
@@ -98,7 +98,7 @@ credential_value_to_string (void *cls,
issuer_pkey = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred.issuer_key);
etime_abs.abs_value_us = GNUNET_ntohll(cred.expiration);
expiration = GNUNET_STRINGS_absolute_time_to_string (etime_abs);
- GNUNET_STRINGS_base64_encode ((char*)&cred.sig,
+ GNUNET_STRINGS_base64_encode ((char*)&cred.signature,
sizeof (struct GNUNET_CRYPTO_EcdsaSignature),
&signature);
GNUNET_asprintf (&cred_str,
@@ -219,7 +219,7 @@ credential_string_to_value (void *cls,
GNUNET_STRINGS_base64_decode (signature,
strlen (signature),
(char**)&sig);
- cred->sig = *sig;
+ cred->signature = *sig;
cred->expiration = GNUNET_htonll (etime_abs.abs_value_us);
cred->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_CREDENTIAL);
cred->purpose.size = htonl (strlen (name) + 1 + sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) +
diff --git a/src/credential/plugin_rest_credential.c b/src/credential/plugin_rest_credential.c
index 51d91079a..137f55c47 100644
--- a/src/credential/plugin_rest_credential.c
+++ b/src/credential/plugin_rest_credential.c
@@ -37,6 +37,12 @@
#define GNUNET_REST_API_NS_CREDENTIAL "/credential"
+#define GNUNET_REST_JSONAPI_CREDENTIAL "credential"
+
+#define GNUNET_REST_JSONAPI_CREDENTIAL_TYPEINFO "credential"
+
+#define GNUNET_REST_JSONAPI_CREDENTIAL_CHAIN "chain"
+
#define GNUNET_REST_JSONAPI_CREDENTIAL_ISSUER_ATTR "attribute"
#define GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_ATTR "credential"
@@ -174,6 +180,143 @@ do_error (void *cls)
cleanup_handle (handle);
}
+/**
+ * Attribute delegation to JSON
+ * @param attr the attribute
+ * @return JSON, NULL if failed
+ */
+static json_t*
+attribute_delegation_to_json (struct GNUNET_CREDENTIAL_AttributeRecordData *attr)
+{
+ char *subject;
+ char *attribute;
+ json_t *attr_obj;
+
+ subject = GNUNET_CRYPTO_ecdsa_public_key_to_string (&attr->subject_key);
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Subject in credential malformed\n");
+ return NULL;
+ }
+ attribute = (char*)&attr[1];
+ attr_obj = json_object ();
+ json_object_set_new (attr_obj, "subject", json_string (subject));
+ json_object_set_new (attr_obj, "attribute", json_string (attribute));
+ GNUNET_free (subject);
+ return attr_obj;
+}
+
+/**
+ * Credential to JSON
+ * @param cred the credential
+ * @return the resulting json, NULL if failed
+ */
+static json_t*
+credential_to_json (struct GNUNET_CREDENTIAL_CredentialRecordData *cred)
+{
+ struct GNUNET_TIME_Absolute exp;
+ const char* exp_str;
+ char *issuer;
+ char *subject;
+ char *attribute;
+ char *signature;
+ json_t *cred_obj;
+
+ issuer = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->issuer_key);
+ if (NULL == issuer)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Issuer in credential malformed\n");
+ return NULL;
+ }
+ subject = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->subject_key);
+ if (NULL == subject)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Subject in credential malformed\n");
+ GNUNET_free (issuer);
+ return NULL;
+ }
+ GNUNET_STRINGS_base64_encode ((char*)&cred->signature,
+ sizeof (struct GNUNET_CRYPTO_EcdsaSignature),
+ &signature);
+ attribute = (char*)&cred[1];
+ exp.abs_value_us = ntohs (cred->expiration);
+ exp_str = GNUNET_STRINGS_absolute_time_to_string (exp);
+ cred_obj = json_object ();
+ json_object_set_new (cred_obj, "issuer", json_string (issuer));
+ json_object_set_new (cred_obj, "subject", json_string (subject));
+ json_object_set_new (cred_obj, "attribute", json_string (attribute));
+ json_object_set_new (cred_obj, "signature", json_string (signature));
+ json_object_set_new (cred_obj, "expiration", json_string (exp_str));
+ GNUNET_free (issuer);
+ GNUNET_free (subject);
+ GNUNET_free (signature);
+ return cred_obj;
+}
+
+/**
+ * Function called with the result of a Credential lookup.
+ *
+ * @param cls the 'const char *' name that was resolved
+ * @param cd_count number of records returned
+ * @param cd array of @a cd_count records with the results
+ */
+static void
+handle_verify_response (void *cls,
+ struct GNUNET_CREDENTIAL_CredentialRecordData *cred,
+ uint32_t delegation_count,
+ struct GNUNET_CREDENTIAL_AttributeRecordData *deleg)
+{
+
+ struct VerifyHandle *handle = cls;
+ struct MHD_Response *resp;
+ struct GNUNET_JSONAPI_Document *json_document;
+ struct GNUNET_JSONAPI_Resource *json_resource;
+ json_t *cred_obj;
+ json_t *attr_obj;
+ json_t *result_array;
+ char *result;
+ uint32_t i;
+
+ handle->verify_request = NULL;
+ if (NULL == cred) {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Verify failed.\n");
+ handle->response_code = MHD_HTTP_NOT_FOUND;
+ GNUNET_SCHEDULER_add_now (&do_error, handle);
+ return;
+ }
+ json_document = GNUNET_JSONAPI_document_new ();
+ json_resource = GNUNET_JSONAPI_resource_new (GNUNET_REST_JSONAPI_CREDENTIAL_TYPEINFO,
+ handle->issuer_attr);
+ cred_obj = credential_to_json (cred);
+ result_array = json_array ();
+ for (i = 0; i < delegation_count; i++)
+ {
+ attr_obj = attribute_delegation_to_json (&(deleg[i]));
+ json_array_append (result_array, attr_obj);
+ json_decref (attr_obj);
+ }
+ GNUNET_JSONAPI_resource_add_attr (json_resource,
+ GNUNET_REST_JSONAPI_CREDENTIAL,
+ cred_obj);
+ GNUNET_JSONAPI_resource_add_attr (json_resource,
+ GNUNET_REST_JSONAPI_CREDENTIAL_CHAIN,
+ result_array);
+ GNUNET_JSONAPI_document_resource_add (json_document, json_resource);
+ GNUNET_JSONAPI_document_serialize (json_document, &result);
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Result %s\n",
+ result);
+ json_decref (result_array);
+ GNUNET_JSONAPI_document_delete (json_document);
+ resp = GNUNET_REST_create_response (result);
+ handle->proc (handle->proc_cls, resp, MHD_HTTP_OK);
+ GNUNET_free (result);
+ cleanup_handle (handle);
+}
+
static void
verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
@@ -292,14 +435,14 @@ verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
}
handle->subject_attr = GNUNET_strdup (tmp);
GNUNET_free (entity_attr);
-
+
handle->verify_request = GNUNET_CREDENTIAL_verify (handle->credential,
&handle->issuer_key,
handle->issuer_attr,
&handle->subject_key,
handle->subject_attr,
- NULL,
- NULL);
+ &handle_verify_response,
+ handle);
}
@@ -341,8 +484,8 @@ options_cont (struct GNUNET_REST_RequestHandle *con_handle,
*/
static void
rest_credential_process_request(struct GNUNET_REST_RequestHandle *conndata_handle,
- GNUNET_REST_ResultProcessor proc,
- void *proc_cls)
+ GNUNET_REST_ResultProcessor proc,
+ void *proc_cls)
{
struct VerifyHandle *handle = GNUNET_new (struct VerifyHandle);
struct GNUNET_REST_RequestHandlerError err;