diff options
author | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2017-10-06 21:35:55 +0200 |
---|---|---|
committer | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2017-10-06 21:35:55 +0200 |
commit | 46b73f8d138ade01499165f62edb683c87c777c4 (patch) | |
tree | c6a278ac46aa2d9c4170a6ef6d33afce9bee95d7 /src/identity-provider | |
parent | 8147dd7190f0b2b6261e58aec768e43d0a7afc22 (diff) | |
download | gnunet-46b73f8d138ade01499165f62edb683c87c777c4.tar.gz gnunet-46b73f8d138ade01499165f62edb683c87c777c4.zip |
-towards ticket revocation
Diffstat (limited to 'src/identity-provider')
-rw-r--r-- | src/identity-provider/gnunet-service-identity-provider.c | 357 | ||||
-rw-r--r-- | src/identity-provider/identity_provider.h | 31 | ||||
-rw-r--r-- | src/identity-provider/identity_provider_api.c | 4 |
3 files changed, 365 insertions, 27 deletions
diff --git a/src/identity-provider/gnunet-service-identity-provider.c b/src/identity-provider/gnunet-service-identity-provider.c index 863423cac..95d8b93b2 100644 --- a/src/identity-provider/gnunet-service-identity-provider.c +++ b/src/identity-provider/gnunet-service-identity-provider.c | |||
@@ -442,6 +442,56 @@ struct ParallelLookup | |||
442 | }; | 442 | }; |
443 | 443 | ||
444 | /** | 444 | /** |
445 | * Ticket revocation request handle | ||
446 | */ | ||
447 | struct TicketRevocationHandle | ||
448 | { | ||
449 | |||
450 | /** | ||
451 | * Client connection | ||
452 | */ | ||
453 | struct IdpClient *client; | ||
454 | |||
455 | /** | ||
456 | * Attributes to issue | ||
457 | */ | ||
458 | struct GNUNET_IDENTITY_PROVIDER_AttributeList *attrs; | ||
459 | |||
460 | /** | ||
461 | * Issuer Key | ||
462 | */ | ||
463 | struct GNUNET_CRYPTO_EcdsaPrivateKey identity; | ||
464 | |||
465 | /** | ||
466 | * Ticket to issue | ||
467 | */ | ||
468 | struct GNUNET_IDENTITY_PROVIDER_Ticket ticket; | ||
469 | |||
470 | /** | ||
471 | * QueueEntry | ||
472 | */ | ||
473 | struct GNUNET_NAMESTORE_QueueEntry *ns_qe; | ||
474 | |||
475 | /** | ||
476 | * Namestore iterator | ||
477 | */ | ||
478 | struct GNUNET_NAMESTORE_ZoneIterator *ns_it; | ||
479 | |||
480 | /** | ||
481 | * The ABE master key | ||
482 | */ | ||
483 | struct GNUNET_CRYPTO_AbeMasterKey *abe_key; | ||
484 | |||
485 | |||
486 | /** | ||
487 | * request id | ||
488 | */ | ||
489 | uint32_t r_id; | ||
490 | }; | ||
491 | |||
492 | |||
493 | |||
494 | /** | ||
445 | * Ticket issue request handle | 495 | * Ticket issue request handle |
446 | */ | 496 | */ |
447 | struct TicketIssueHandle | 497 | struct TicketIssueHandle |
@@ -652,11 +702,13 @@ bootstrap_abe_result (void *cls, | |||
652 | /** | 702 | /** |
653 | * Bootstrap ABE master if it does not yet exists. | 703 | * Bootstrap ABE master if it does not yet exists. |
654 | * Will call the AbeBootstrapResult processor when done. | 704 | * Will call the AbeBootstrapResult processor when done. |
705 | * will always recreate the ABE key of GNUNET_YES == recreate | ||
655 | */ | 706 | */ |
656 | static void | 707 | static void |
657 | bootstrap_abe (const struct GNUNET_CRYPTO_EcdsaPrivateKey *identity, | 708 | bootstrap_abe (const struct GNUNET_CRYPTO_EcdsaPrivateKey *identity, |
658 | AbeBootstrapResult proc, | 709 | AbeBootstrapResult proc, |
659 | void* cls) | 710 | void* cls, |
711 | int recreate) | ||
660 | { | 712 | { |
661 | struct AbeBootstrapHandle *abh; | 713 | struct AbeBootstrapHandle *abh; |
662 | 714 | ||
@@ -664,14 +716,19 @@ bootstrap_abe (const struct GNUNET_CRYPTO_EcdsaPrivateKey *identity, | |||
664 | abh->proc = proc; | 716 | abh->proc = proc; |
665 | abh->proc_cls = cls; | 717 | abh->proc_cls = cls; |
666 | abh->identity = *identity; | 718 | abh->identity = *identity; |
667 | abh->ns_qe = GNUNET_NAMESTORE_records_lookup (ns_handle, | 719 | if (GNUNET_YES == recreate) |
668 | identity, | 720 | { |
669 | "+", | 721 | abh->abe_key = GNUNET_CRYPTO_cpabe_create_master_key (); |
670 | &bootstrap_abe_error, | 722 | GNUNET_SCHEDULER_add_now (&bootstrap_store_task, abh); |
671 | abh, | 723 | } else { |
672 | &bootstrap_abe_result, | 724 | abh->ns_qe = GNUNET_NAMESTORE_records_lookup (ns_handle, |
673 | abh); | 725 | identity, |
674 | 726 | "+", | |
727 | &bootstrap_abe_error, | ||
728 | abh, | ||
729 | &bootstrap_abe_result, | ||
730 | abh); | ||
731 | } | ||
675 | } | 732 | } |
676 | 733 | ||
677 | 734 | ||
@@ -903,13 +960,13 @@ issue_ticket_after_abe_bootstrap (void *cls, | |||
903 | * @return #GNUNET_OK if @a im is well-formed | 960 | * @return #GNUNET_OK if @a im is well-formed |
904 | */ | 961 | */ |
905 | static int | 962 | static int |
906 | check_ticket_issue_message(void *cls, | 963 | check_issue_ticket_message(void *cls, |
907 | const struct TicketIssueMessage *im) | 964 | const struct IssueTicketMessage *im) |
908 | { | 965 | { |
909 | uint16_t size; | 966 | uint16_t size; |
910 | 967 | ||
911 | size = ntohs (im->header.size); | 968 | size = ntohs (im->header.size); |
912 | if (size <= sizeof (struct TicketIssueMessage)) | 969 | if (size <= sizeof (struct IssueTicketMessage)) |
913 | { | 970 | { |
914 | GNUNET_break (0); | 971 | GNUNET_break (0); |
915 | return GNUNET_SYSERR; | 972 | return GNUNET_SYSERR; |
@@ -927,8 +984,8 @@ check_ticket_issue_message(void *cls, | |||
927 | * @param message the message | 984 | * @param message the message |
928 | */ | 985 | */ |
929 | static void | 986 | static void |
930 | handle_ticket_issue_message (void *cls, | 987 | handle_issue_ticket_message (void *cls, |
931 | const struct TicketIssueMessage *im) | 988 | const struct IssueTicketMessage *im) |
932 | { | 989 | { |
933 | struct TicketIssueHandle *ih; | 990 | struct TicketIssueHandle *ih; |
934 | struct IdpClient *idp = cls; | 991 | struct IdpClient *idp = cls; |
@@ -946,11 +1003,260 @@ handle_ticket_issue_message (void *cls, | |||
946 | ih->ticket.rnd = | 1003 | ih->ticket.rnd = |
947 | GNUNET_CRYPTO_random_u64 (GNUNET_CRYPTO_QUALITY_STRONG, | 1004 | GNUNET_CRYPTO_random_u64 (GNUNET_CRYPTO_QUALITY_STRONG, |
948 | UINT64_MAX); | 1005 | UINT64_MAX); |
949 | bootstrap_abe (&ih->identity, &issue_ticket_after_abe_bootstrap, ih); | 1006 | bootstrap_abe (&ih->identity, &issue_ticket_after_abe_bootstrap, ih, GNUNET_NO); |
950 | GNUNET_SERVICE_client_continue (idp->client); | 1007 | GNUNET_SERVICE_client_continue (idp->client); |
951 | 1008 | ||
952 | } | 1009 | } |
953 | 1010 | ||
1011 | static void | ||
1012 | attr_reenc_cont (void *cls, | ||
1013 | int32_t success, | ||
1014 | const char *emsg) | ||
1015 | { | ||
1016 | struct TicketRevocationHandle *rh = cls; | ||
1017 | struct GNUNET_GNSRECORD_Data rd[1]; | ||
1018 | size_t buf_size; | ||
1019 | char *buf; | ||
1020 | |||
1021 | if (GNUNET_SYSERR == success) | ||
1022 | { | ||
1023 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
1024 | "Failed to reencrypt attribute %s\n", | ||
1025 | emsg); | ||
1026 | GNUNET_SCHEDULER_add_now (&do_shutdown, NULL); | ||
1027 | return; | ||
1028 | } | ||
1029 | GNUNET_CONTAINER_DLL_remove (rh->attrs->list_head, | ||
1030 | rh->attrs->list_tail, | ||
1031 | rh->attrs->list_head); | ||
1032 | if (NULL == rh->attrs->list_head) | ||
1033 | { | ||
1034 | /* Done, issue new keys */ | ||
1035 | GNUNET_break (0); //TODO | ||
1036 | return; | ||
1037 | } | ||
1038 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1039 | "Re-encrypting attribute\n"); | ||
1040 | buf_size = attribute_serialize_get_size (rh->attrs->list_head->attribute); | ||
1041 | buf = GNUNET_malloc (buf_size); | ||
1042 | |||
1043 | attribute_serialize (rh->attrs->list_head->attribute, | ||
1044 | buf); | ||
1045 | |||
1046 | /** | ||
1047 | * Encrypt the attribute value and store in namestore | ||
1048 | */ | ||
1049 | rd[0].data_size = GNUNET_CRYPTO_cpabe_encrypt (buf, | ||
1050 | buf_size, | ||
1051 | rh->attrs->list_head->attribute->name, //Policy | ||
1052 | rh->abe_key, | ||
1053 | (void**)&rd[0].data); | ||
1054 | GNUNET_free (buf); | ||
1055 | rd[0].record_type = GNUNET_GNSRECORD_TYPE_ID_ATTR; | ||
1056 | rd[0].flags = GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION; | ||
1057 | rd[0].expiration_time = GNUNET_TIME_UNIT_HOURS.rel_value_us; //TODO sane? | ||
1058 | rh->ns_qe = GNUNET_NAMESTORE_records_store (ns_handle, | ||
1059 | &rh->identity, | ||
1060 | rh->attrs->list_head->attribute->name, | ||
1061 | 1, | ||
1062 | rd, | ||
1063 | &attr_reenc_cont, | ||
1064 | rh); | ||
1065 | GNUNET_free ((void*)rd[0].data); | ||
1066 | |||
1067 | } | ||
1068 | |||
1069 | |||
1070 | static void | ||
1071 | reenc_after_abe_bootstrap (void *cls, | ||
1072 | struct GNUNET_CRYPTO_AbeMasterKey *abe_key) | ||
1073 | { | ||
1074 | struct TicketRevocationHandle *rh = cls; | ||
1075 | struct GNUNET_GNSRECORD_Data rd[1]; | ||
1076 | char* buf; | ||
1077 | size_t buf_size; | ||
1078 | |||
1079 | |||
1080 | rh->abe_key = abe_key; | ||
1081 | GNUNET_assert (NULL != abe_key); | ||
1082 | |||
1083 | if (NULL == rh->attrs->list_head) | ||
1084 | { | ||
1085 | /* No attributes to reencrypt, this is odd... */ | ||
1086 | } else { | ||
1087 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1088 | "Re-encrypting attribute\n"); | ||
1089 | buf_size = attribute_serialize_get_size (rh->attrs->list_head->attribute); | ||
1090 | buf = GNUNET_malloc (buf_size); | ||
1091 | |||
1092 | attribute_serialize (rh->attrs->list_head->attribute, | ||
1093 | buf); | ||
1094 | |||
1095 | /** | ||
1096 | * Encrypt the attribute value and store in namestore | ||
1097 | */ | ||
1098 | rd[0].data_size = GNUNET_CRYPTO_cpabe_encrypt (buf, | ||
1099 | buf_size, | ||
1100 | rh->attrs->list_head->attribute->name, //Policy | ||
1101 | rh->abe_key, | ||
1102 | (void**)&rd[0].data); | ||
1103 | GNUNET_free (buf); | ||
1104 | rd[0].record_type = GNUNET_GNSRECORD_TYPE_ID_ATTR; | ||
1105 | rd[0].flags = GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION; | ||
1106 | rd[0].expiration_time = GNUNET_TIME_UNIT_HOURS.rel_value_us; //TODO sane? | ||
1107 | rh->ns_qe = GNUNET_NAMESTORE_records_store (ns_handle, | ||
1108 | &rh->identity, | ||
1109 | rh->attrs->list_head->attribute->name, | ||
1110 | 1, | ||
1111 | rd, | ||
1112 | &attr_reenc_cont, | ||
1113 | rh); | ||
1114 | GNUNET_free ((void*)rd[0].data); | ||
1115 | |||
1116 | } | ||
1117 | } | ||
1118 | |||
1119 | |||
1120 | static void | ||
1121 | revoke_collect_iter_error (void *cls) | ||
1122 | { | ||
1123 | //struct AttributeIterator *ai = cls; | ||
1124 | //TODO | ||
1125 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
1126 | "Failed to iterate over attributes\n"); | ||
1127 | GNUNET_SCHEDULER_add_now (&do_shutdown, NULL); | ||
1128 | } | ||
1129 | |||
1130 | static void | ||
1131 | revoke_collect_iter_finished (void *cls) | ||
1132 | { | ||
1133 | struct TicketRevocationHandle *rh = cls; | ||
1134 | |||
1135 | /* Bootstrap new abe key */ | ||
1136 | bootstrap_abe (&rh->identity, &reenc_after_abe_bootstrap, rh, GNUNET_YES); | ||
1137 | } | ||
1138 | |||
1139 | static void | ||
1140 | revoke_collect_iter_cb (void *cls, | ||
1141 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone, | ||
1142 | const char *label, | ||
1143 | unsigned int rd_count, | ||
1144 | const struct GNUNET_GNSRECORD_Data *rd) | ||
1145 | { | ||
1146 | struct TicketRevocationHandle *rh = cls; | ||
1147 | struct GNUNET_CRYPTO_AbeKey *key; | ||
1148 | struct GNUNET_IDENTITY_PROVIDER_AttributeListEntry *le; | ||
1149 | ssize_t attr_len; | ||
1150 | char* attr_ser; | ||
1151 | char* attrs[2]; | ||
1152 | |||
1153 | if (rd_count != 1) | ||
1154 | { | ||
1155 | GNUNET_NAMESTORE_zone_iterator_next (rh->ns_it); | ||
1156 | return; | ||
1157 | } | ||
1158 | |||
1159 | if (GNUNET_GNSRECORD_TYPE_ID_ATTR != rd->record_type) { | ||
1160 | GNUNET_NAMESTORE_zone_iterator_next (rh->ns_it); | ||
1161 | return; | ||
1162 | } | ||
1163 | attrs[0] = (char*)label; | ||
1164 | attrs[1] = 0; | ||
1165 | key = GNUNET_CRYPTO_cpabe_create_key (rh->abe_key, | ||
1166 | attrs); | ||
1167 | attr_len = GNUNET_CRYPTO_cpabe_decrypt (rd->data, | ||
1168 | rd->data_size, | ||
1169 | key, | ||
1170 | (void**)&attr_ser); | ||
1171 | GNUNET_CRYPTO_cpabe_delete_key (key); | ||
1172 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1173 | "Attribute to reencrypt: %s\n", label); | ||
1174 | le = GNUNET_new (struct GNUNET_IDENTITY_PROVIDER_AttributeListEntry); | ||
1175 | le->attribute = attribute_deserialize (attr_ser, attr_len); | ||
1176 | GNUNET_CONTAINER_DLL_insert_tail (rh->attrs->list_head, | ||
1177 | rh->attrs->list_tail, | ||
1178 | le); | ||
1179 | GNUNET_NAMESTORE_zone_iterator_next (rh->ns_it); | ||
1180 | } | ||
1181 | |||
1182 | |||
1183 | static void | ||
1184 | collect_after_abe_bootstrap (void *cls, | ||
1185 | struct GNUNET_CRYPTO_AbeMasterKey *abe_key) | ||
1186 | { | ||
1187 | struct TicketRevocationHandle *rh = cls; | ||
1188 | |||
1189 | rh->abe_key = cls; | ||
1190 | GNUNET_assert (NULL != abe_key); | ||
1191 | |||
1192 | /* Reencrypt all attributes with new key */ | ||
1193 | rh->ns_it = GNUNET_NAMESTORE_zone_iteration_start (ns_handle, | ||
1194 | &rh->identity, | ||
1195 | &revoke_collect_iter_error, | ||
1196 | rh, | ||
1197 | &revoke_collect_iter_cb, | ||
1198 | rh, | ||
1199 | &revoke_collect_iter_finished, | ||
1200 | rh); | ||
1201 | |||
1202 | } | ||
1203 | |||
1204 | |||
1205 | /** | ||
1206 | * Checks a ticket revocation message | ||
1207 | * | ||
1208 | * @param cls client sending the message | ||
1209 | * @param im message of type `struct RevokeTicketMessage` | ||
1210 | * @return #GNUNET_OK if @a im is well-formed | ||
1211 | */ | ||
1212 | static int | ||
1213 | check_revoke_ticket_message(void *cls, | ||
1214 | const struct RevokeTicketMessage *im) | ||
1215 | { | ||
1216 | uint16_t size; | ||
1217 | |||
1218 | size = ntohs (im->header.size); | ||
1219 | if (size <= sizeof (struct RevokeTicketMessage)) | ||
1220 | { | ||
1221 | GNUNET_break (0); | ||
1222 | return GNUNET_SYSERR; | ||
1223 | } | ||
1224 | return GNUNET_OK; | ||
1225 | } | ||
1226 | |||
1227 | |||
1228 | /** | ||
1229 | * | ||
1230 | * Handler for ticket revocation message | ||
1231 | * | ||
1232 | * @param cls unused | ||
1233 | * @param client who sent the message | ||
1234 | * @param message the message | ||
1235 | */ | ||
1236 | static void | ||
1237 | handle_revoke_ticket_message (void *cls, | ||
1238 | const struct RevokeTicketMessage *rm) | ||
1239 | { | ||
1240 | struct TicketRevocationHandle *rh; | ||
1241 | struct IdpClient *idp = cls; | ||
1242 | struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket; | ||
1243 | size_t attrs_len; | ||
1244 | |||
1245 | rh = GNUNET_new (struct TicketRevocationHandle); | ||
1246 | attrs_len = ntohs (rm->attrs_len); | ||
1247 | ticket = (struct GNUNET_IDENTITY_PROVIDER_Ticket*)&rm[1]; | ||
1248 | if (0 < attrs_len) | ||
1249 | rh->attrs = attribute_list_deserialize ((char*)&ticket[1], attrs_len); | ||
1250 | rh->ticket = *ticket; | ||
1251 | rh->r_id = ntohl (rm->id); | ||
1252 | rh->client = idp; | ||
1253 | rh->identity = rm->identity; | ||
1254 | GNUNET_CRYPTO_ecdsa_key_get_public (&rh->identity, | ||
1255 | &rh->ticket.identity); | ||
1256 | bootstrap_abe (&rh->identity, &collect_after_abe_bootstrap, rh, GNUNET_NO); | ||
1257 | GNUNET_SERVICE_client_continue (idp->client); | ||
1258 | |||
1259 | } | ||
954 | 1260 | ||
955 | 1261 | ||
956 | static void | 1262 | static void |
@@ -1034,7 +1340,7 @@ process_parallel_lookup2 (void *cls, uint32_t rd_count, | |||
1034 | "Unable to store ticket after consume\n"); | 1340 | "Unable to store ticket after consume\n"); |
1035 | GNUNET_break (0); | 1341 | GNUNET_break (0); |
1036 | } | 1342 | } |
1037 | 1343 | ||
1038 | GNUNET_SCHEDULER_cancel (handle->kill_task); | 1344 | GNUNET_SCHEDULER_cancel (handle->kill_task); |
1039 | attrs_len = attribute_list_serialize_get_size (handle->attrs); | 1345 | attrs_len = attribute_list_serialize_get_size (handle->attrs); |
1040 | env = GNUNET_MQ_msg_extra (crm, | 1346 | env = GNUNET_MQ_msg_extra (crm, |
@@ -1217,7 +1523,7 @@ handle_consume_ticket_message (void *cls, | |||
1217 | GNUNET_SERVICE_client_continue (idp->client); | 1523 | GNUNET_SERVICE_client_continue (idp->client); |
1218 | } | 1524 | } |
1219 | 1525 | ||
1220 | void | 1526 | static void |
1221 | attr_store_cont (void *cls, | 1527 | attr_store_cont (void *cls, |
1222 | int32_t success, | 1528 | int32_t success, |
1223 | const char *emsg) | 1529 | const char *emsg) |
@@ -1351,7 +1657,7 @@ handle_attribute_store_message (void *cls, | |||
1351 | 1657 | ||
1352 | GNUNET_SERVICE_client_continue (idp->client); | 1658 | GNUNET_SERVICE_client_continue (idp->client); |
1353 | as_handle->client = idp; | 1659 | as_handle->client = idp; |
1354 | bootstrap_abe (&as_handle->identity, &store_after_abe_bootstrap, as_handle); | 1660 | bootstrap_abe (&as_handle->identity, &store_after_abe_bootstrap, as_handle, GNUNET_NO); |
1355 | } | 1661 | } |
1356 | 1662 | ||
1357 | static void | 1663 | static void |
@@ -1483,7 +1789,7 @@ handle_iteration_start (void *cls, | |||
1483 | GNUNET_CONTAINER_DLL_insert (idp->op_head, | 1789 | GNUNET_CONTAINER_DLL_insert (idp->op_head, |
1484 | idp->op_tail, | 1790 | idp->op_tail, |
1485 | ai); | 1791 | ai); |
1486 | bootstrap_abe (&ai->identity, &iterate_after_abe_bootstrap, ai); | 1792 | bootstrap_abe (&ai->identity, &iterate_after_abe_bootstrap, ai, GNUNET_NO); |
1487 | GNUNET_SERVICE_client_continue (idp->client); | 1793 | GNUNET_SERVICE_client_continue (idp->client); |
1488 | } | 1794 | } |
1489 | 1795 | ||
@@ -1937,9 +2243,9 @@ GNUNET_SERVICE_MAIN | |||
1937 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_ITERATION_STOP, | 2243 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_ITERATION_STOP, |
1938 | struct AttributeIterationStopMessage, | 2244 | struct AttributeIterationStopMessage, |
1939 | NULL), | 2245 | NULL), |
1940 | GNUNET_MQ_hd_var_size (ticket_issue_message, | 2246 | GNUNET_MQ_hd_var_size (issue_ticket_message, |
1941 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ISSUE, | 2247 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ISSUE_TICKET, |
1942 | struct TicketIssueMessage, | 2248 | struct IssueTicketMessage, |
1943 | NULL), | 2249 | NULL), |
1944 | GNUNET_MQ_hd_var_size (consume_ticket_message, | 2250 | GNUNET_MQ_hd_var_size (consume_ticket_message, |
1945 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_CONSUME_TICKET, | 2251 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_CONSUME_TICKET, |
@@ -1957,6 +2263,9 @@ GNUNET_SERVICE_MAIN | |||
1957 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ITERATION_STOP, | 2263 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ITERATION_STOP, |
1958 | struct TicketIterationStopMessage, | 2264 | struct TicketIterationStopMessage, |
1959 | NULL), | 2265 | NULL), |
1960 | 2266 | GNUNET_MQ_hd_var_size (revoke_ticket_message, | |
2267 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_REVOKE_TICKET, | ||
2268 | struct RevokeTicketMessage, | ||
2269 | NULL), | ||
1961 | GNUNET_MQ_handler_end()); | 2270 | GNUNET_MQ_handler_end()); |
1962 | /* end of gnunet-service-identity-provider.c */ | 2271 | /* end of gnunet-service-identity-provider.c */ |
diff --git a/src/identity-provider/identity_provider.h b/src/identity-provider/identity_provider.h index 9361854ad..a4cdd694e 100644 --- a/src/identity-provider/identity_provider.h +++ b/src/identity-provider/identity_provider.h | |||
@@ -245,7 +245,7 @@ struct TicketIterationStopMessage | |||
245 | /** | 245 | /** |
246 | * Ticket issue message | 246 | * Ticket issue message |
247 | */ | 247 | */ |
248 | struct TicketIssueMessage | 248 | struct IssueTicketMessage |
249 | { | 249 | { |
250 | /** | 250 | /** |
251 | * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ISSUE | 251 | * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ISSUE |
@@ -276,6 +276,35 @@ struct TicketIssueMessage | |||
276 | }; | 276 | }; |
277 | 277 | ||
278 | /** | 278 | /** |
279 | * Ticket revoke message | ||
280 | */ | ||
281 | struct RevokeTicketMessage | ||
282 | { | ||
283 | /** | ||
284 | * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ISSUE | ||
285 | */ | ||
286 | struct GNUNET_MessageHeader header; | ||
287 | |||
288 | /** | ||
289 | * Unique identifier for this request (for key collisions). | ||
290 | */ | ||
291 | uint32_t id GNUNET_PACKED; | ||
292 | |||
293 | /** | ||
294 | * Identity. | ||
295 | */ | ||
296 | struct GNUNET_CRYPTO_EcdsaPrivateKey identity; | ||
297 | |||
298 | /** | ||
299 | * length of serialized attribute list | ||
300 | */ | ||
301 | uint32_t attrs_len GNUNET_PACKED; | ||
302 | |||
303 | //Followed by a ticket and serialized attribute list | ||
304 | }; | ||
305 | |||
306 | |||
307 | /** | ||
279 | * Ticket result message | 308 | * Ticket result message |
280 | */ | 309 | */ |
281 | struct TicketResultMessage | 310 | struct TicketResultMessage |
diff --git a/src/identity-provider/identity_provider_api.c b/src/identity-provider/identity_provider_api.c index 33468cc13..97ecc691c 100644 --- a/src/identity-provider/identity_provider_api.c +++ b/src/identity-provider/identity_provider_api.c | |||
@@ -1035,7 +1035,7 @@ GNUNET_IDENTITY_PROVIDER_ticket_issue (struct GNUNET_IDENTITY_PROVIDER_Handle *h | |||
1035 | void *cb_cls) | 1035 | void *cb_cls) |
1036 | { | 1036 | { |
1037 | struct GNUNET_IDENTITY_PROVIDER_Operation *op; | 1037 | struct GNUNET_IDENTITY_PROVIDER_Operation *op; |
1038 | struct TicketIssueMessage *tim; | 1038 | struct IssueTicketMessage *tim; |
1039 | size_t attr_len; | 1039 | size_t attr_len; |
1040 | 1040 | ||
1041 | op = GNUNET_new (struct GNUNET_IDENTITY_PROVIDER_Operation); | 1041 | op = GNUNET_new (struct GNUNET_IDENTITY_PROVIDER_Operation); |
@@ -1049,7 +1049,7 @@ GNUNET_IDENTITY_PROVIDER_ticket_issue (struct GNUNET_IDENTITY_PROVIDER_Handle *h | |||
1049 | attr_len = attribute_list_serialize_get_size (attrs); | 1049 | attr_len = attribute_list_serialize_get_size (attrs); |
1050 | op->env = GNUNET_MQ_msg_extra (tim, | 1050 | op->env = GNUNET_MQ_msg_extra (tim, |
1051 | attr_len, | 1051 | attr_len, |
1052 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ISSUE); | 1052 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ISSUE_TICKET); |
1053 | tim->identity = *iss; | 1053 | tim->identity = *iss; |
1054 | tim->rp = *rp; | 1054 | tim->rp = *rp; |
1055 | tim->id = htonl (op->r_id); | 1055 | tim->id = htonl (op->r_id); |