diff options
author | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2017-09-15 18:53:10 +0200 |
---|---|---|
committer | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2017-09-15 18:53:10 +0200 |
commit | 9e6994a55e64aaf7b45fdad7277c27bf30e3c0f3 (patch) | |
tree | a214a625a9fcaeacf219f2a0072fe318b5462009 /src/identity-provider/gnunet-service-identity-provider.c | |
parent | 41315cebe1d0a074445f28d915d7d038dea80465 (diff) | |
download | gnunet-9e6994a55e64aaf7b45fdad7277c27bf30e3c0f3.tar.gz gnunet-9e6994a55e64aaf7b45fdad7277c27bf30e3c0f3.zip |
- Add attribute store API to IdP service
Diffstat (limited to 'src/identity-provider/gnunet-service-identity-provider.c')
-rw-r--r-- | src/identity-provider/gnunet-service-identity-provider.c | 325 |
1 files changed, 279 insertions, 46 deletions
diff --git a/src/identity-provider/gnunet-service-identity-provider.c b/src/identity-provider/gnunet-service-identity-provider.c index 8746e39f7..5663a7681 100644 --- a/src/identity-provider/gnunet-service-identity-provider.c +++ b/src/identity-provider/gnunet-service-identity-provider.c | |||
@@ -129,6 +129,57 @@ static struct GNUNET_STATISTICS_Handle *stats; | |||
129 | */ | 129 | */ |
130 | static const struct GNUNET_CONFIGURATION_Handle *cfg; | 130 | static const struct GNUNET_CONFIGURATION_Handle *cfg; |
131 | 131 | ||
132 | struct AttributeStoreHandle | ||
133 | { | ||
134 | |||
135 | /** | ||
136 | * Client connection | ||
137 | */ | ||
138 | struct GNUNET_SERVICE_Client *client; | ||
139 | |||
140 | /** | ||
141 | * Identity | ||
142 | */ | ||
143 | struct GNUNET_CRYPTO_EcdsaPrivateKey identity; | ||
144 | |||
145 | /** | ||
146 | * Identity pubkey | ||
147 | */ | ||
148 | struct GNUNET_CRYPTO_EcdsaPublicKey identity_pkey; | ||
149 | |||
150 | /** | ||
151 | * The issuer egos ABE master key | ||
152 | */ | ||
153 | struct GNUNET_CRYPTO_AbeMasterKey *abe_key; | ||
154 | |||
155 | /** | ||
156 | * QueueEntry | ||
157 | */ | ||
158 | struct GNUNET_NAMESTORE_QueueEntry *ns_qe; | ||
159 | |||
160 | /** | ||
161 | * The attribute name | ||
162 | */ | ||
163 | char *name; | ||
164 | |||
165 | /** | ||
166 | * The attribute value | ||
167 | */ | ||
168 | char *attribute_value; | ||
169 | |||
170 | /** | ||
171 | * Size of the attribute value | ||
172 | */ | ||
173 | size_t attribute_value_len; | ||
174 | |||
175 | /** | ||
176 | * request id | ||
177 | */ | ||
178 | uint32_t r_id; | ||
179 | }; | ||
180 | |||
181 | |||
182 | |||
132 | struct VerifiedAttributeEntry | 183 | struct VerifiedAttributeEntry |
133 | { | 184 | { |
134 | /** | 185 | /** |
@@ -1175,45 +1226,13 @@ attr_collect_task (void *cls) | |||
1175 | issue_handle); | 1226 | issue_handle); |
1176 | } | 1227 | } |
1177 | 1228 | ||
1178 | void | ||
1179 | store_bootstrap_cont (void *cls, | ||
1180 | int32_t success, | ||
1181 | const char *emsg) | ||
1182 | { | ||
1183 | if (GNUNET_SYSERR == success) | ||
1184 | { | ||
1185 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
1186 | "Failed to bootstrap ABE master %s\n", | ||
1187 | emsg); | ||
1188 | GNUNET_SCHEDULER_add_now (&do_shutdown, NULL); | ||
1189 | return; | ||
1190 | } | ||
1191 | GNUNET_SCHEDULER_add_now (&attr_collect_task, cls); | ||
1192 | } | ||
1193 | |||
1194 | void | ||
1195 | store_bootstrap_task (void *cls) | ||
1196 | { | ||
1197 | struct IssueHandle *issue_handle = cls; | ||
1198 | struct GNUNET_GNSRECORD_Data rd[1]; | ||
1199 | 1229 | ||
1200 | rd[0].data_size = GNUNET_CRYPTO_cpabe_serialize_master_key (issue_handle->abe_key, | ||
1201 | (void**)&rd[0].data); | ||
1202 | rd[0].record_type = GNUNET_GNSRECORD_TYPE_ABE_MASTER; | ||
1203 | rd[0].flags = GNUNET_GNSRECORD_RF_NONE | GNUNET_GNSRECORD_RF_PRIVATE; | ||
1204 | rd[0].expiration_time = GNUNET_TIME_UNIT_HOURS.rel_value_us; //TODO sane? | ||
1205 | issue_handle->ns_qe = GNUNET_NAMESTORE_records_store (ns_handle, | ||
1206 | &issue_handle->iss_key, | ||
1207 | "+", | ||
1208 | 1, | ||
1209 | rd, | ||
1210 | &store_bootstrap_cont, | ||
1211 | issue_handle); | ||
1212 | } | ||
1213 | 1230 | ||
1214 | void | 1231 | void |
1215 | abe_key_lookup_error (void *cls) | 1232 | abe_key_lookup_error (void *cls) |
1216 | { | 1233 | { |
1234 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
1235 | "Error looking for ABE master!\n"); | ||
1217 | GNUNET_SCHEDULER_add_now (&do_shutdown, cls); | 1236 | GNUNET_SCHEDULER_add_now (&do_shutdown, cls); |
1218 | } | 1237 | } |
1219 | 1238 | ||
@@ -1235,10 +1254,10 @@ abe_key_lookup_result (void *cls, | |||
1235 | GNUNET_SCHEDULER_add_now (&attr_collect_task, handle); | 1254 | GNUNET_SCHEDULER_add_now (&attr_collect_task, handle); |
1236 | return; | 1255 | return; |
1237 | } | 1256 | } |
1257 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
1258 | "No ABE master found!\n"); | ||
1259 | GNUNET_SCHEDULER_add_now (&do_shutdown, NULL); | ||
1238 | 1260 | ||
1239 | //No ABE master found, bootstrapping... | ||
1240 | handle->abe_key = GNUNET_CRYPTO_cpabe_create_master_key (); | ||
1241 | GNUNET_SCHEDULER_add_now (&store_bootstrap_task, handle); | ||
1242 | } | 1261 | } |
1243 | 1262 | ||
1244 | /** | 1263 | /** |
@@ -1256,15 +1275,13 @@ handle_issue_message (void *cls, | |||
1256 | const char *scopes; | 1275 | const char *scopes; |
1257 | char *scopes_tmp; | 1276 | char *scopes_tmp; |
1258 | char *scope; | 1277 | char *scope; |
1259 | const char *v_attrs; | ||
1260 | uint64_t rnd_key; | 1278 | uint64_t rnd_key; |
1261 | struct GNUNET_HashCode key; | 1279 | struct GNUNET_HashCode key; |
1262 | struct IssueHandle *issue_handle; | 1280 | struct IssueHandle *issue_handle; |
1263 | struct VerifiedAttributeEntry *vattr_entry; | ||
1264 | struct GNUNET_SERVICE_Client *client = cls; | 1281 | struct GNUNET_SERVICE_Client *client = cls; |
1265 | 1282 | ||
1266 | scopes = (const char *) &im[1]; | 1283 | scopes = (const char *) &im[1]; |
1267 | v_attrs = (const char *) &im[1] + ntohl(im->scope_len); | 1284 | //v_attrs = (const char *) &im[1] + ntohl(im->scope_len); |
1268 | issue_handle = GNUNET_malloc (sizeof (struct IssueHandle)); | 1285 | issue_handle = GNUNET_malloc (sizeof (struct IssueHandle)); |
1269 | issue_handle->attr_map = GNUNET_CONTAINER_multihashmap_create (5, | 1286 | issue_handle->attr_map = GNUNET_CONTAINER_multihashmap_create (5, |
1270 | GNUNET_NO); | 1287 | GNUNET_NO); |
@@ -1283,15 +1300,15 @@ handle_issue_message (void *cls, | |||
1283 | GNUNET_free (scopes_tmp); | 1300 | GNUNET_free (scopes_tmp); |
1284 | /*scopes_tmp = GNUNET_strdup (v_attrs); | 1301 | /*scopes_tmp = GNUNET_strdup (v_attrs); |
1285 | 1302 | ||
1286 | for (scope = strtok (scopes_tmp, ","); NULL != scope; scope = strtok (NULL, ",")) | 1303 | for (scope = strtok (scopes_tmp, ","); NULL != scope; scope = strtok (NULL, ",")) |
1287 | { | 1304 | { |
1288 | vattr_entry = GNUNET_new (struct VerifiedAttributeEntry); | 1305 | vattr_entry = GNUNET_new (struct VerifiedAttributeEntry); |
1289 | vattr_entry->name = GNUNET_strdup (scope); | 1306 | vattr_entry->name = GNUNET_strdup (scope); |
1290 | GNUNET_CONTAINER_DLL_insert (issue_handle->v_attr_head, | 1307 | GNUNET_CONTAINER_DLL_insert (issue_handle->v_attr_head, |
1291 | issue_handle->v_attr_tail, | 1308 | issue_handle->v_attr_tail, |
1292 | vattr_entry); | 1309 | vattr_entry); |
1293 | } | 1310 | } |
1294 | GNUNET_free (scopes_tmp);*/ | 1311 | GNUNET_free (scopes_tmp);*/ |
1295 | 1312 | ||
1296 | 1313 | ||
1297 | 1314 | ||
@@ -1322,6 +1339,218 @@ handle_issue_message (void *cls, | |||
1322 | issue_handle); | 1339 | issue_handle); |
1323 | } | 1340 | } |
1324 | 1341 | ||
1342 | static void | ||
1343 | cleanup_as_handle (struct AttributeStoreHandle *handle) | ||
1344 | { | ||
1345 | if (NULL != handle->name) | ||
1346 | GNUNET_free (handle->name); | ||
1347 | if (NULL != handle->attribute_value) | ||
1348 | GNUNET_free (handle->attribute_value); | ||
1349 | GNUNET_free (handle); | ||
1350 | } | ||
1351 | |||
1352 | |||
1353 | |||
1354 | void | ||
1355 | attr_store_cont (void *cls, | ||
1356 | int32_t success, | ||
1357 | const char *emsg) | ||
1358 | { | ||
1359 | struct AttributeStoreHandle *as_handle = cls; | ||
1360 | struct GNUNET_MQ_Envelope *env; | ||
1361 | struct AttributeStoreResponseMessage *acr_msg; | ||
1362 | |||
1363 | if (GNUNET_SYSERR == success) | ||
1364 | { | ||
1365 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
1366 | "Failed to store attribute %s\n", | ||
1367 | emsg); | ||
1368 | GNUNET_SCHEDULER_add_now (&do_shutdown, NULL); | ||
1369 | return; | ||
1370 | } | ||
1371 | |||
1372 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1373 | "Sending ATTRIBUTE_STORE_RESPONSE message\n"); | ||
1374 | env = GNUNET_MQ_msg (acr_msg, | ||
1375 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_STORE_RESPONSE); | ||
1376 | acr_msg->id = htonl (as_handle->r_id); | ||
1377 | acr_msg->op_result = htonl (GNUNET_OK); | ||
1378 | GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq(as_handle->client), | ||
1379 | env); | ||
1380 | cleanup_as_handle (as_handle); | ||
1381 | } | ||
1382 | |||
1383 | void | ||
1384 | attr_store_task (void *cls) | ||
1385 | { | ||
1386 | struct AttributeStoreHandle *as_handle = cls; | ||
1387 | struct GNUNET_GNSRECORD_Data rd[1]; | ||
1388 | |||
1389 | /** | ||
1390 | * Encrypt the attribute value and store in namestore | ||
1391 | */ | ||
1392 | rd[0].data_size = GNUNET_CRYPTO_cpabe_encrypt (as_handle->attribute_value, | ||
1393 | as_handle->attribute_value_len, | ||
1394 | as_handle->name, //Policy | ||
1395 | as_handle->abe_key, | ||
1396 | (void**)&rd[0].data); | ||
1397 | rd[0].record_type = GNUNET_GNSRECORD_TYPE_ID_ATTR; | ||
1398 | rd[0].flags = GNUNET_GNSRECORD_RF_NONE; | ||
1399 | rd[0].expiration_time = GNUNET_TIME_UNIT_HOURS.rel_value_us; //TODO sane? | ||
1400 | as_handle->ns_qe = GNUNET_NAMESTORE_records_store (ns_handle, | ||
1401 | &as_handle->identity, | ||
1402 | as_handle->name, | ||
1403 | 1, | ||
1404 | rd, | ||
1405 | &attr_store_cont, | ||
1406 | as_handle); | ||
1407 | |||
1408 | } | ||
1409 | |||
1410 | void | ||
1411 | store_bootstrap_cont (void *cls, | ||
1412 | int32_t success, | ||
1413 | const char *emsg) | ||
1414 | { | ||
1415 | if (GNUNET_SYSERR == success) | ||
1416 | { | ||
1417 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
1418 | "Failed to bootstrap ABE master %s\n", | ||
1419 | emsg); | ||
1420 | GNUNET_SCHEDULER_add_now (&do_shutdown, NULL); | ||
1421 | return; | ||
1422 | } | ||
1423 | GNUNET_SCHEDULER_add_now (&attr_store_task, cls); | ||
1424 | } | ||
1425 | |||
1426 | void | ||
1427 | store_bootstrap_task (void *cls) | ||
1428 | { | ||
1429 | struct AttributeStoreHandle *as_handle = cls; | ||
1430 | struct GNUNET_GNSRECORD_Data rd[1]; | ||
1431 | |||
1432 | rd[0].data_size = GNUNET_CRYPTO_cpabe_serialize_master_key (as_handle->abe_key, | ||
1433 | (void**)&rd[0].data); | ||
1434 | rd[0].record_type = GNUNET_GNSRECORD_TYPE_ABE_MASTER; | ||
1435 | rd[0].flags = GNUNET_GNSRECORD_RF_NONE | GNUNET_GNSRECORD_RF_PRIVATE; | ||
1436 | rd[0].expiration_time = GNUNET_TIME_UNIT_HOURS.rel_value_us; //TODO sane? | ||
1437 | as_handle->ns_qe = GNUNET_NAMESTORE_records_store (ns_handle, | ||
1438 | &as_handle->identity, | ||
1439 | "+", | ||
1440 | 1, | ||
1441 | rd, | ||
1442 | &store_bootstrap_cont, | ||
1443 | as_handle); | ||
1444 | } | ||
1445 | |||
1446 | void | ||
1447 | store_cont_abe_error (void *cls) | ||
1448 | { | ||
1449 | GNUNET_SCHEDULER_add_now (&do_shutdown, cls); | ||
1450 | } | ||
1451 | |||
1452 | void | ||
1453 | store_cont_abe_result (void *cls, | ||
1454 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone, | ||
1455 | const char *label, | ||
1456 | unsigned int rd_count, | ||
1457 | const struct GNUNET_GNSRECORD_Data *rd) | ||
1458 | { | ||
1459 | struct AttributeStoreHandle *handle = cls; | ||
1460 | int i; | ||
1461 | |||
1462 | for (i=0;i<rd_count;i++) { | ||
1463 | if (GNUNET_GNSRECORD_TYPE_ABE_MASTER != rd[i].record_type) | ||
1464 | continue; | ||
1465 | handle->abe_key = GNUNET_CRYPTO_cpabe_deserialize_master_key ((void**)rd[i].data, | ||
1466 | rd[i].data_size); | ||
1467 | GNUNET_SCHEDULER_add_now (&attr_collect_task, handle); | ||
1468 | return; | ||
1469 | } | ||
1470 | |||
1471 | //No ABE master found, bootstrapping... | ||
1472 | handle->abe_key = GNUNET_CRYPTO_cpabe_create_master_key (); | ||
1473 | GNUNET_SCHEDULER_add_now (&store_bootstrap_task, handle); | ||
1474 | } | ||
1475 | |||
1476 | |||
1477 | /** | ||
1478 | * Checks a store message | ||
1479 | * | ||
1480 | * @param cls client sending the message | ||
1481 | * @param sam message of type `struct AttributeStoreMessage` | ||
1482 | * @return #GNUNET_OK if @a im is well-formed | ||
1483 | */ | ||
1484 | static int | ||
1485 | check_attribute_store_message(void *cls, | ||
1486 | const struct AttributeStoreMessage *sam) | ||
1487 | { | ||
1488 | uint16_t size; | ||
1489 | uint32_t name_len; | ||
1490 | |||
1491 | size = ntohs (sam->header.size); | ||
1492 | if (size <= sizeof (struct AttributeStoreMessage)) | ||
1493 | { | ||
1494 | GNUNET_break (0); | ||
1495 | return GNUNET_SYSERR; | ||
1496 | } | ||
1497 | name_len = ntohs (sam->name_len); | ||
1498 | if (0 <= name_len) | ||
1499 | { | ||
1500 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
1501 | "Malformed store message received!\n"); | ||
1502 | GNUNET_break (0); | ||
1503 | return GNUNET_SYSERR; | ||
1504 | } | ||
1505 | return GNUNET_OK; | ||
1506 | } | ||
1507 | |||
1508 | /** | ||
1509 | * | ||
1510 | * Handler for store message | ||
1511 | * | ||
1512 | * @param cls unused | ||
1513 | * @param client who sent the message | ||
1514 | * @param message the message | ||
1515 | */ | ||
1516 | static void | ||
1517 | handle_attribute_store_message (void *cls, | ||
1518 | const struct AttributeStoreMessage *sam) | ||
1519 | { | ||
1520 | struct AttributeStoreHandle *as_handle; | ||
1521 | struct GNUNET_SERVICE_Client *client = cls; | ||
1522 | size_t name_len; | ||
1523 | size_t data_len; | ||
1524 | char *attribute_value; | ||
1525 | |||
1526 | name_len = ntohs (sam->name_len); | ||
1527 | data_len = ntohs (sam->attr_value_len); | ||
1528 | |||
1529 | as_handle = GNUNET_new (struct AttributeStoreHandle); | ||
1530 | as_handle->name = GNUNET_strndup ((char*)&sam[1], name_len); | ||
1531 | attribute_value = (char*)&sam[1] + name_len; | ||
1532 | |||
1533 | as_handle->r_id = sam->id; | ||
1534 | as_handle->identity = sam->identity; | ||
1535 | GNUNET_CRYPTO_ecdsa_key_get_public (&sam->identity, | ||
1536 | &as_handle->identity_pkey); | ||
1537 | as_handle->attribute_value = GNUNET_malloc (data_len); | ||
1538 | GNUNET_memcpy (as_handle->attribute_value, | ||
1539 | attribute_value, | ||
1540 | data_len); | ||
1541 | as_handle->attribute_value_len = data_len; | ||
1542 | |||
1543 | GNUNET_SERVICE_client_continue (client); | ||
1544 | as_handle->client = client; | ||
1545 | as_handle->ns_qe = GNUNET_NAMESTORE_records_lookup (ns_handle, | ||
1546 | &as_handle->identity, | ||
1547 | "+", | ||
1548 | &store_cont_abe_error, | ||
1549 | as_handle, | ||
1550 | &store_cont_abe_result, | ||
1551 | as_handle); | ||
1552 | } | ||
1553 | |||
1325 | 1554 | ||
1326 | /** | 1555 | /** |
1327 | * Main function that will be run | 1556 | * Main function that will be run |
@@ -1435,5 +1664,9 @@ GNUNET_SERVICE_MAIN | |||
1435 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_EXCHANGE, | 1664 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_EXCHANGE, |
1436 | struct ExchangeMessage, | 1665 | struct ExchangeMessage, |
1437 | NULL), | 1666 | NULL), |
1667 | GNUNET_MQ_hd_var_size (attribute_store_message, | ||
1668 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_STORE, | ||
1669 | struct AttributeStoreMessage, | ||
1670 | NULL), | ||
1438 | GNUNET_MQ_handler_end()); | 1671 | GNUNET_MQ_handler_end()); |
1439 | /* end of gnunet-service-identity-provider.c */ | 1672 | /* end of gnunet-service-identity-provider.c */ |