diff options
| author | Martin Schanzenbach <mschanzenbach@posteo.de> | 2016-01-09 23:06:05 +0000 |
|---|---|---|
| committer | Martin Schanzenbach <mschanzenbach@posteo.de> | 2016-01-09 23:06:05 +0000 |
| commit | 3014465481e5c883ba1ab41cd4ff70a428e27b24 (patch) | |
| tree | e39a7cd79c4482ba14df122b7a96791fd3872dd2 /src/identity-provider | |
| parent | 5d5cd3d00b2f75d7b6e630f9ea9bd354af9a0d5f (diff) | |
| download | gnunet-3014465481e5c883ba1ab41cd4ff70a428e27b24.tar.gz gnunet-3014465481e5c883ba1ab41cd4ff70a428e27b24.zip | |
- refactor
Diffstat (limited to 'src/identity-provider')
| -rw-r--r-- | src/identity-provider/gnunet-service-identity-provider.c | 174 | ||||
| -rw-r--r-- | src/identity-provider/identity_token.c | 238 | ||||
| -rw-r--r-- | src/identity-provider/identity_token.h | 115 |
3 files changed, 342 insertions, 185 deletions
diff --git a/src/identity-provider/gnunet-service-identity-provider.c b/src/identity-provider/gnunet-service-identity-provider.c index ac4fd0961..10ecf9538 100644 --- a/src/identity-provider/gnunet-service-identity-provider.c +++ b/src/identity-provider/gnunet-service-identity-provider.c | |||
| @@ -32,7 +32,6 @@ | |||
| 32 | #include "gnunet_namestore_service.h" | 32 | #include "gnunet_namestore_service.h" |
| 33 | #include "gnunet_statistics_service.h" | 33 | #include "gnunet_statistics_service.h" |
| 34 | #include "gnunet_gns_service.h" | 34 | #include "gnunet_gns_service.h" |
| 35 | #include <jansson.h> | ||
| 36 | #include "gnunet_signatures.h" | 35 | #include "gnunet_signatures.h" |
| 37 | #include "identity_provider.h" | 36 | #include "identity_provider.h" |
| 38 | #include "identity_token.h" | 37 | #include "identity_token.h" |
| @@ -328,7 +327,7 @@ handle_token_update (void *cls, | |||
| 328 | char *token_metadata; | 327 | char *token_metadata; |
| 329 | char *write_ptr; | 328 | char *write_ptr; |
| 330 | char *enc_token_str; | 329 | char *enc_token_str; |
| 331 | const char *key; | 330 | char *val_str; |
| 332 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key; | 331 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key; |
| 333 | struct GNUNET_CRYPTO_EcdsaPublicKey pub_key; | 332 | struct GNUNET_CRYPTO_EcdsaPublicKey pub_key; |
| 334 | struct GNUNET_CRYPTO_EcdhePrivateKey *new_ecdhe_privkey; | 333 | struct GNUNET_CRYPTO_EcdhePrivateKey *new_ecdhe_privkey; |
| @@ -343,11 +342,8 @@ handle_token_update (void *cls, | |||
| 343 | struct GNUNET_TIME_Absolute new_iat; | 342 | struct GNUNET_TIME_Absolute new_iat; |
| 344 | struct GNUNET_TIME_Absolute new_nbf; | 343 | struct GNUNET_TIME_Absolute new_nbf; |
| 345 | struct IdentityToken *new_token; | 344 | struct IdentityToken *new_token; |
| 346 | json_t *payload_json; | 345 | struct TokenAttr *cur_value; |
| 347 | json_t *value; | 346 | struct TokenAttr *attr; |
| 348 | json_t *cur_value; | ||
| 349 | json_t *token_nbf_json; | ||
| 350 | json_t *token_exp_json; | ||
| 351 | size_t token_metadata_len; | 347 | size_t token_metadata_len; |
| 352 | 348 | ||
| 353 | priv_key = GNUNET_IDENTITY_ego_get_private_key (ego_entry->ego); | 349 | priv_key = GNUNET_IDENTITY_ego_get_private_key (ego_entry->ego); |
| @@ -363,12 +359,19 @@ handle_token_update (void *cls, | |||
| 363 | //but this service will reissue new tokens that can be retrieved from GNS | 359 | //but this service will reissue new tokens that can be retrieved from GNS |
| 364 | //automatically. | 360 | //automatically. |
| 365 | 361 | ||
| 366 | payload_json = token->payload; | 362 | for (attr = token->attr_head; NULL != attr; attr = attr->next) |
| 367 | 363 | { | |
| 368 | token_exp_json = json_object_get (payload_json, "exp"); | 364 | if (0 == strcmp (attr->name, "exp")) |
| 369 | token_nbf_json = json_object_get (payload_json, "nbf"); | 365 | { |
| 370 | token_exp.abs_value_us = json_integer_value(token_exp_json); | 366 | sscanf (attr->val_head->value, |
| 371 | token_nbf.abs_value_us = json_integer_value(token_nbf_json); | 367 | "%lu", |
| 368 | &token_exp.abs_value_us); | ||
| 369 | } else if (0 == strcmp (attr->name, "nbf")) { | ||
| 370 | sscanf (attr->val_head->value, | ||
| 371 | "%lu", | ||
| 372 | &token_nbf.abs_value_us); | ||
| 373 | } | ||
| 374 | } | ||
| 372 | token_rel_exp = GNUNET_TIME_absolute_get_difference (token_nbf, token_exp); | 375 | token_rel_exp = GNUNET_TIME_absolute_get_difference (token_nbf, token_exp); |
| 373 | 376 | ||
| 374 | token_ttl = GNUNET_TIME_absolute_get_remaining (token_exp); | 377 | token_ttl = GNUNET_TIME_absolute_get_remaining (token_exp); |
| @@ -379,7 +382,6 @@ handle_token_update (void *cls, | |||
| 379 | { | 382 | { |
| 380 | min_rel_exp = token_ttl; | 383 | min_rel_exp = token_ttl; |
| 381 | } | 384 | } |
| 382 | json_decref (payload_json); | ||
| 383 | GNUNET_free (token); | 385 | GNUNET_free (token); |
| 384 | token = NULL; | 386 | token = NULL; |
| 385 | GNUNET_free (label); | 387 | GNUNET_free (label); |
| @@ -396,41 +398,52 @@ handle_token_update (void *cls, | |||
| 396 | new_exp = GNUNET_TIME_relative_to_absolute (token_rel_exp); | 398 | new_exp = GNUNET_TIME_relative_to_absolute (token_rel_exp); |
| 397 | new_nbf = GNUNET_TIME_absolute_get (); | 399 | new_nbf = GNUNET_TIME_absolute_get (); |
| 398 | new_iat = new_nbf; | 400 | new_iat = new_nbf; |
| 399 | 401 | for (attr = token->attr_head; NULL != attr; attr = attr->next) | |
| 400 | json_object_foreach(payload_json, key, value) { | 402 | { |
| 401 | if (0 == strcmp (key, "exp")) | 403 | if (0 == strcmp (attr->name, "exp")) |
| 402 | { | 404 | { |
| 403 | token_add_json (new_token, key, json_integer (new_exp.abs_value_us)); | 405 | GNUNET_asprintf (&val_str, "%ul", new_exp.abs_value_us); |
| 406 | token_add_attr (new_token, attr->name, val_str); | ||
| 407 | GNUNET_free (val_str); | ||
| 404 | } | 408 | } |
| 405 | else if (0 == strcmp (key, "nbf")) | 409 | else if (0 == strcmp (attr->name, "nbf")) |
| 406 | { | 410 | { |
| 407 | token_add_json (new_token, key, json_integer (new_nbf.abs_value_us)); | 411 | GNUNET_asprintf (&val_str, "%ul", new_nbf.abs_value_us); |
| 412 | token_add_attr (new_token, attr->name, val_str); | ||
| 413 | GNUNET_free (val_str); | ||
| 408 | } | 414 | } |
| 409 | else if (0 == strcmp (key, "iat")) | 415 | else if (0 == strcmp (attr->name, "iat")) |
| 410 | { | 416 | { |
| 411 | token_add_json (new_token, key, json_integer (new_iat.abs_value_us)); | 417 | GNUNET_asprintf (&val_str, "%ul", new_iat.abs_value_us); |
| 418 | token_add_attr (new_token, attr->name, val_str); | ||
| 419 | GNUNET_free (val_str); | ||
| 412 | } | 420 | } |
| 413 | else if ((0 == strcmp (key, "iss")) | 421 | else if ((0 == strcmp (attr->name, "iss")) |
| 414 | || (0 == strcmp (key, "aud"))) | 422 | || (0 == strcmp (attr->name, "aud"))) |
| 415 | { | 423 | { |
| 416 | //Omit | 424 | //Omit |
| 417 | } | 425 | } |
| 418 | else if ((0 == strcmp (key, "sub")) | 426 | else if (0 == strcmp (attr->name, "sub")) |
| 419 | || (0 == strcmp (key, "rnl"))) | ||
| 420 | { | 427 | { |
| 421 | token_add_json (new_token, key, value); | 428 | token_add_attr (new_token, |
| 429 | attr->name, | ||
| 430 | attr->val_head->value); | ||
| 422 | } | 431 | } |
| 423 | else { | 432 | else |
| 424 | GNUNET_CRYPTO_hash (key, | 433 | { |
| 425 | strlen (key), | 434 | GNUNET_CRYPTO_hash (attr->name, |
| 435 | strlen (attr->name), | ||
| 426 | &key_hash); | 436 | &key_hash); |
| 427 | //Check if attr still exists. omit of not | 437 | //Check if attr still exists. omit of not |
| 428 | if (GNUNET_NO != GNUNET_CONTAINER_multihashmap_contains (ego_entry->attr_map, | 438 | if (GNUNET_NO != |
| 429 | &key_hash)) | 439 | GNUNET_CONTAINER_multihashmap_contains (ego_entry->attr_map, |
| 440 | &key_hash)) | ||
| 430 | { | 441 | { |
| 431 | cur_value = GNUNET_CONTAINER_multihashmap_get (ego_entry->attr_map, | 442 | cur_value = GNUNET_CONTAINER_multihashmap_get (ego_entry->attr_map, |
| 432 | &key_hash); | 443 | &key_hash); |
| 433 | token_add_json (new_token, key, cur_value); | 444 | GNUNET_CONTAINER_DLL_insert (new_token->attr_head, |
| 445 | new_token->attr_tail, | ||
| 446 | cur_value); | ||
| 434 | } | 447 | } |
| 435 | } | 448 | } |
| 436 | } | 449 | } |
| @@ -441,8 +454,6 @@ handle_token_update (void *cls, | |||
| 441 | &new_ecdhe_privkey, | 454 | &new_ecdhe_privkey, |
| 442 | &enc_token_str)); | 455 | &enc_token_str)); |
| 443 | 456 | ||
| 444 | json_decref (payload_json); | ||
| 445 | |||
| 446 | token_record[0].data = enc_token_str; | 457 | token_record[0].data = enc_token_str; |
| 447 | token_record[0].data_size = strlen (enc_token_str) + 1; | 458 | token_record[0].data_size = strlen (enc_token_str) + 1; |
| 448 | token_record[0].expiration_time = rd_exp; //Old expiration time | 459 | token_record[0].expiration_time = rd_exp; //Old expiration time |
| @@ -504,9 +515,21 @@ clear_ego_attrs (void *cls, | |||
| 504 | const struct GNUNET_HashCode *key, | 515 | const struct GNUNET_HashCode *key, |
| 505 | void *value) | 516 | void *value) |
| 506 | { | 517 | { |
| 507 | json_t *attr_value = value; | 518 | struct TokenAttr *attr = value; |
| 508 | 519 | struct TokenAttrValue *val; | |
| 509 | json_decref (attr_value); | 520 | struct TokenAttrValue *tmp_val; |
| 521 | for (val = attr->val_head; NULL != val;) | ||
| 522 | { | ||
| 523 | tmp_val = val->next; | ||
| 524 | GNUNET_CONTAINER_DLL_remove (attr->val_head, | ||
| 525 | attr->val_tail, | ||
| 526 | val); | ||
| 527 | GNUNET_free (val->value); | ||
| 528 | GNUNET_free (val); | ||
| 529 | val = tmp_val; | ||
| 530 | } | ||
| 531 | GNUNET_free (attr->name); | ||
| 532 | GNUNET_free (attr); | ||
| 510 | 533 | ||
| 511 | return GNUNET_YES; | 534 | return GNUNET_YES; |
| 512 | } | 535 | } |
| @@ -612,9 +635,10 @@ attribute_collect (void *cls, | |||
| 612 | const struct GNUNET_GNSRECORD_Data *rd) | 635 | const struct GNUNET_GNSRECORD_Data *rd) |
| 613 | { | 636 | { |
| 614 | struct EgoEntry *ego_entry = cls; | 637 | struct EgoEntry *ego_entry = cls; |
| 615 | json_t *attr_value; | ||
| 616 | struct GNUNET_HashCode key; | 638 | struct GNUNET_HashCode key; |
| 617 | char* attr; | 639 | struct TokenAttr *attr; |
| 640 | struct TokenAttrValue *val; | ||
| 641 | char *val_str; | ||
| 618 | int i; | 642 | int i; |
| 619 | 643 | ||
| 620 | if (NULL == lbl) | 644 | if (NULL == lbl) |
| @@ -639,37 +663,45 @@ attribute_collect (void *cls, | |||
| 639 | { | 663 | { |
| 640 | if (rd->record_type == GNUNET_GNSRECORD_TYPE_ID_ATTR) | 664 | if (rd->record_type == GNUNET_GNSRECORD_TYPE_ID_ATTR) |
| 641 | { | 665 | { |
| 642 | attr = GNUNET_GNSRECORD_value_to_string (rd->record_type, | 666 | val_str = GNUNET_GNSRECORD_value_to_string (rd->record_type, |
| 643 | rd->data, | 667 | rd->data, |
| 644 | rd->data_size); | 668 | rd->data_size); |
| 645 | attr_value = json_string (attr); | 669 | attr = GNUNET_malloc (sizeof (struct TokenAttr)); |
| 670 | attr->name = GNUNET_strdup (lbl); | ||
| 671 | val = GNUNET_malloc (sizeof (struct TokenAttrValue)); | ||
| 672 | val->value = val_str; | ||
| 673 | GNUNET_CONTAINER_DLL_insert (attr->val_head, | ||
| 674 | attr->val_tail, | ||
| 675 | val); | ||
| 646 | GNUNET_CONTAINER_multihashmap_put (ego_entry->attr_map, | 676 | GNUNET_CONTAINER_multihashmap_put (ego_entry->attr_map, |
| 647 | &key, | 677 | &key, |
| 648 | attr_value, | 678 | attr, |
| 649 | GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY); | 679 | GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY); |
| 650 | GNUNET_free (attr); | ||
| 651 | } | 680 | } |
| 652 | 681 | ||
| 653 | GNUNET_NAMESTORE_zone_iterator_next (ns_it); | 682 | GNUNET_NAMESTORE_zone_iterator_next (ns_it); |
| 654 | return; | 683 | return; |
| 655 | } | 684 | } |
| 656 | 685 | ||
| 657 | attr_value = json_array(); | 686 | attr = GNUNET_malloc (sizeof (struct TokenAttr)); |
| 687 | attr->name = GNUNET_strdup (lbl); | ||
| 658 | for (i = 0; i < rd_count; i++) | 688 | for (i = 0; i < rd_count; i++) |
| 659 | { | 689 | { |
| 660 | if (rd[i].record_type == GNUNET_GNSRECORD_TYPE_ID_ATTR) | 690 | if (rd[i].record_type == GNUNET_GNSRECORD_TYPE_ID_ATTR) |
| 661 | { | 691 | { |
| 662 | attr = GNUNET_GNSRECORD_value_to_string (rd[i].record_type, | 692 | val_str = GNUNET_GNSRECORD_value_to_string (rd[i].record_type, |
| 663 | rd[i].data, | 693 | rd[i].data, |
| 664 | rd[i].data_size); | 694 | rd[i].data_size); |
| 665 | json_array_append_new (attr_value, json_string (attr)); | 695 | val = GNUNET_malloc (sizeof (struct TokenAttrValue)); |
| 666 | GNUNET_free (attr); | 696 | val->value = val_str; |
| 697 | GNUNET_CONTAINER_DLL_insert (attr->val_head, | ||
| 698 | attr->val_tail, | ||
| 699 | val); | ||
| 667 | } | 700 | } |
| 668 | |||
| 669 | } | 701 | } |
| 670 | GNUNET_CONTAINER_multihashmap_put (ego_entry->attr_map, | 702 | GNUNET_CONTAINER_multihashmap_put (ego_entry->attr_map, |
| 671 | &key, | 703 | &key, |
| 672 | attr_value, | 704 | attr, |
| 673 | GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY); | 705 | GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY); |
| 674 | GNUNET_NAMESTORE_zone_iterator_next (ns_it); | 706 | GNUNET_NAMESTORE_zone_iterator_next (ns_it); |
| 675 | return; | 707 | return; |
| @@ -947,6 +979,7 @@ sign_and_return_token (void *cls, | |||
| 947 | char *enc_token_str; | 979 | char *enc_token_str; |
| 948 | char *token_metadata; | 980 | char *token_metadata; |
| 949 | char* write_ptr; | 981 | char* write_ptr; |
| 982 | char* attr_val; | ||
| 950 | uint64_t time; | 983 | uint64_t time; |
| 951 | uint64_t exp_time; | 984 | uint64_t exp_time; |
| 952 | uint64_t rnd_key; | 985 | uint64_t rnd_key; |
| @@ -973,9 +1006,13 @@ sign_and_return_token (void *cls, | |||
| 973 | time = GNUNET_TIME_absolute_get().abs_value_us; | 1006 | time = GNUNET_TIME_absolute_get().abs_value_us; |
| 974 | exp_time = time + token_expiration_interval.rel_value_us; | 1007 | exp_time = time + token_expiration_interval.rel_value_us; |
| 975 | 1008 | ||
| 976 | token_add_json (handle->token, "nbf", json_integer (time)); | 1009 | GNUNET_asprintf (&attr_val, "%ul", time); |
| 977 | token_add_json (handle->token, "iat", json_integer (time)); | 1010 | token_add_attr (handle->token, "nbf", attr_val); |
| 978 | token_add_json (handle->token, "exp", json_integer (exp_time)); | 1011 | token_add_attr (handle->token, "iat", attr_val); |
| 1012 | GNUNET_free (attr_val); | ||
| 1013 | GNUNET_asprintf (&attr_val, "%ul", exp_time); | ||
| 1014 | token_add_attr (handle->token, "exp", attr_val); | ||
| 1015 | GNUNET_free (attr_val); | ||
| 979 | token_add_attr (handle->token, "nonce", nonce_str); | 1016 | token_add_attr (handle->token, "nonce", nonce_str); |
| 980 | 1017 | ||
| 981 | //Token in a serialized encrypted format | 1018 | //Token in a serialized encrypted format |
| @@ -1036,7 +1073,6 @@ attr_collect (void *cls, | |||
| 1036 | { | 1073 | { |
| 1037 | int i; | 1074 | int i; |
| 1038 | char* data; | 1075 | char* data; |
| 1039 | json_t *attr_arr; | ||
| 1040 | struct IssueHandle *handle = cls; | 1076 | struct IssueHandle *handle = cls; |
| 1041 | struct GNUNET_HashCode key; | 1077 | struct GNUNET_HashCode key; |
| 1042 | 1078 | ||
| @@ -1073,9 +1109,9 @@ attr_collect (void *cls, | |||
| 1073 | rd->data, | 1109 | rd->data, |
| 1074 | rd->data_size); | 1110 | rd->data_size); |
| 1075 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Adding value: %s\n", data); | 1111 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Adding value: %s\n", data); |
| 1076 | token_add_json (handle->token, | 1112 | token_add_attr (handle->token, |
| 1077 | label, | 1113 | label, |
| 1078 | json_string (data)); | 1114 | data); |
| 1079 | GNUNET_free (data); | 1115 | GNUNET_free (data); |
| 1080 | } | 1116 | } |
| 1081 | GNUNET_NAMESTORE_zone_iterator_next (handle->ns_it); | 1117 | GNUNET_NAMESTORE_zone_iterator_next (handle->ns_it); |
| @@ -1083,7 +1119,6 @@ attr_collect (void *cls, | |||
| 1083 | } | 1119 | } |
| 1084 | 1120 | ||
| 1085 | i = 0; | 1121 | i = 0; |
| 1086 | attr_arr = json_array(); | ||
| 1087 | for (; i < rd_count; i++) | 1122 | for (; i < rd_count; i++) |
| 1088 | { | 1123 | { |
| 1089 | if (rd->record_type == GNUNET_GNSRECORD_TYPE_ID_ATTR) | 1124 | if (rd->record_type == GNUNET_GNSRECORD_TYPE_ID_ATTR) |
| @@ -1092,16 +1127,11 @@ attr_collect (void *cls, | |||
| 1092 | rd[i].data, | 1127 | rd[i].data, |
| 1093 | rd[i].data_size); | 1128 | rd[i].data_size); |
| 1094 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Adding value: %s\n", data); | 1129 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Adding value: %s\n", data); |
| 1095 | json_array_append_new (attr_arr, json_string (data)); | 1130 | token_add_attr (handle->token, label, data); |
| 1096 | GNUNET_free (data); | 1131 | GNUNET_free (data); |
| 1097 | } | 1132 | } |
| 1098 | } | 1133 | } |
| 1099 | 1134 | ||
| 1100 | if (0 < json_array_size (attr_arr)) | ||
| 1101 | { | ||
| 1102 | token_add_json (handle->token, label, attr_arr); | ||
| 1103 | } | ||
| 1104 | json_decref (attr_arr); | ||
| 1105 | GNUNET_NAMESTORE_zone_iterator_next (handle->ns_it); | 1135 | GNUNET_NAMESTORE_zone_iterator_next (handle->ns_it); |
| 1106 | } | 1136 | } |
| 1107 | 1137 | ||
| @@ -1342,17 +1372,17 @@ run (void *cls, | |||
| 1342 | identity_handle = GNUNET_IDENTITY_connect (cfg, | 1372 | identity_handle = GNUNET_IDENTITY_connect (cfg, |
| 1343 | &list_ego, | 1373 | &list_ego, |
| 1344 | NULL); | 1374 | NULL); |
| 1345 | 1375 | ||
| 1346 | if (GNUNET_OK == | 1376 | if (GNUNET_OK == |
| 1347 | GNUNET_CONFIGURATION_get_value_time (cfg, | 1377 | GNUNET_CONFIGURATION_get_value_time (cfg, |
| 1348 | "identity-provider", | 1378 | "identity-provider", |
| 1349 | "TOKEN_EXPIRATION_INTERVAL", | 1379 | "TOKEN_EXPIRATION_INTERVAL", |
| 1350 | &token_expiration_interval)) | 1380 | &token_expiration_interval)) |
| 1351 | { | 1381 | { |
| 1352 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 1382 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
| 1353 | "Time window for zone iteration: %s\n", | 1383 | "Time window for zone iteration: %s\n", |
| 1354 | GNUNET_STRINGS_relative_time_to_string (token_expiration_interval, | 1384 | GNUNET_STRINGS_relative_time_to_string (token_expiration_interval, |
| 1355 | GNUNET_YES)); | 1385 | GNUNET_YES)); |
| 1356 | } else { | 1386 | } else { |
| 1357 | token_expiration_interval = DEFAULT_TOKEN_EXPIRATION_INTERVAL; | 1387 | token_expiration_interval = DEFAULT_TOKEN_EXPIRATION_INTERVAL; |
| 1358 | } | 1388 | } |
diff --git a/src/identity-provider/identity_token.c b/src/identity-provider/identity_token.c index 6cf0d4222..caf1a7848 100644 --- a/src/identity-provider/identity_token.c +++ b/src/identity-provider/identity_token.c | |||
| @@ -29,6 +29,13 @@ | |||
| 29 | #include "identity_token.h" | 29 | #include "identity_token.h" |
| 30 | #include <jansson.h> | 30 | #include <jansson.h> |
| 31 | 31 | ||
| 32 | #define JWT_ALG "alg" | ||
| 33 | |||
| 34 | #define JWT_ALG_VALUE "ED512" | ||
| 35 | |||
| 36 | #define JWT_TYP "typ" | ||
| 37 | |||
| 38 | #define JWT_TYP_VALUE "jwt" | ||
| 32 | 39 | ||
| 33 | /** | 40 | /** |
| 34 | * Crypto helper functions | 41 | * Crypto helper functions |
| @@ -176,8 +183,6 @@ encrypt_str_ecdhe (const char *plaintext, | |||
| 176 | } | 183 | } |
| 177 | 184 | ||
| 178 | 185 | ||
| 179 | |||
| 180 | |||
| 181 | /** | 186 | /** |
| 182 | * Identity Token API | 187 | * Identity Token API |
| 183 | */ | 188 | */ |
| @@ -203,20 +208,10 @@ token_create (const struct GNUNET_CRYPTO_EcdsaPublicKey* iss, | |||
| 203 | audience = GNUNET_STRINGS_data_to_string_alloc (aud, | 208 | audience = GNUNET_STRINGS_data_to_string_alloc (aud, |
| 204 | sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)); | 209 | sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)); |
| 205 | 210 | ||
| 206 | |||
| 207 | |||
| 208 | token = GNUNET_malloc (sizeof (struct IdentityToken)); | 211 | token = GNUNET_malloc (sizeof (struct IdentityToken)); |
| 209 | 212 | token_add_attr (token, "iss", issuer); | |
| 210 | token->header = json_object(); | 213 | token_add_attr (token, "aud", audience); |
| 211 | token->payload = json_object(); | 214 | token_add_attr (token, "sub", issuer); |
| 212 | |||
| 213 | json_object_set_new (token->header, "alg", json_string ("ED512")); | ||
| 214 | json_object_set_new (token->header, "typ", json_string ("JWT")); | ||
| 215 | |||
| 216 | json_object_set_new (token->payload, "iss", json_string (issuer)); | ||
| 217 | json_object_set_new (token->payload, "aud", json_string (audience)); | ||
| 218 | json_object_set_new (token->payload, "sub", json_string (issuer)); | ||
| 219 | |||
| 220 | token->aud_key = *aud; | 215 | token->aud_key = *aud; |
| 221 | GNUNET_free (issuer); | 216 | GNUNET_free (issuer); |
| 222 | GNUNET_free (audience); | 217 | GNUNET_free (audience); |
| @@ -226,50 +221,115 @@ token_create (const struct GNUNET_CRYPTO_EcdsaPublicKey* iss, | |||
| 226 | void | 221 | void |
| 227 | token_destroy (struct IdentityToken *token) | 222 | token_destroy (struct IdentityToken *token) |
| 228 | { | 223 | { |
| 229 | json_decref (token->header); | 224 | struct TokenAttr *attr; |
| 230 | json_decref (token->payload); | 225 | struct TokenAttr *tmp_attr; |
| 226 | struct TokenAttrValue *val; | ||
| 227 | struct TokenAttrValue *tmp_val; | ||
| 228 | |||
| 229 | for (attr = token->attr_head; NULL != attr;) | ||
| 230 | { | ||
| 231 | tmp_attr = attr->next; | ||
| 232 | GNUNET_CONTAINER_DLL_remove (token->attr_head, | ||
| 233 | token->attr_tail, | ||
| 234 | attr); | ||
| 235 | for (val = attr->val_head; NULL != val;) | ||
| 236 | { | ||
| 237 | tmp_val = val->next; | ||
| 238 | GNUNET_CONTAINER_DLL_remove (attr->val_head, | ||
| 239 | attr->val_tail, | ||
| 240 | val); | ||
| 241 | GNUNET_free (val->value); | ||
| 242 | GNUNET_free (val); | ||
| 243 | val = tmp_val; | ||
| 244 | } | ||
| 245 | GNUNET_free (attr->name); | ||
| 246 | GNUNET_free (attr); | ||
| 247 | attr = tmp_attr; | ||
| 248 | } | ||
| 249 | |||
| 250 | |||
| 231 | GNUNET_free (token); | 251 | GNUNET_free (token); |
| 232 | } | 252 | } |
| 233 | 253 | ||
| 234 | void | 254 | void |
| 235 | token_add_attr (const struct IdentityToken *token, | 255 | token_add_attr (struct IdentityToken *token, |
| 236 | const char* key, | 256 | const char* key, |
| 237 | const char* value) | 257 | const char* value) |
| 238 | { | 258 | { |
| 259 | struct TokenAttr *attr; | ||
| 260 | struct TokenAttrValue *new_val; | ||
| 239 | GNUNET_assert (NULL != token); | 261 | GNUNET_assert (NULL != token); |
| 240 | GNUNET_assert (NULL != token->payload); | ||
| 241 | 262 | ||
| 242 | json_object_set_new (token->payload, key, json_string (value)); | 263 | new_val = GNUNET_malloc (sizeof (struct TokenAttrValue)); |
| 264 | new_val->value = GNUNET_strdup (value); | ||
| 265 | for (attr = token->attr_head; NULL != attr; attr = attr->next) | ||
| 266 | { | ||
| 267 | if (0 == strcmp (key, attr->name)) | ||
| 268 | break; | ||
| 269 | } | ||
| 270 | |||
| 271 | if (NULL == attr) | ||
| 272 | { | ||
| 273 | attr = GNUNET_malloc (sizeof (struct TokenAttr)); | ||
| 274 | attr->name = GNUNET_strdup (key); | ||
| 275 | GNUNET_CONTAINER_DLL_insert (token->attr_head, | ||
| 276 | token->attr_tail, | ||
| 277 | attr); | ||
| 278 | } | ||
| 279 | |||
| 280 | GNUNET_CONTAINER_DLL_insert (attr->val_head, | ||
| 281 | attr->val_tail, | ||
| 282 | new_val); | ||
| 243 | } | 283 | } |
| 244 | 284 | ||
| 245 | void | 285 | static void |
| 246 | token_add_json (const struct IdentityToken *token, | 286 | parse_json_payload(const char* payload_base64, |
| 247 | const char* key, | 287 | struct IdentityToken *token) |
| 248 | json_t* value) | ||
| 249 | { | 288 | { |
| 250 | GNUNET_assert (NULL != token); | 289 | const char *key; |
| 251 | GNUNET_assert (NULL != token->payload); | 290 | const json_t *value; |
| 291 | const json_t *arr_value; | ||
| 292 | char *payload; | ||
| 293 | int idx; | ||
| 294 | json_t *payload_json; | ||
| 295 | json_error_t err_json; | ||
| 252 | 296 | ||
| 253 | json_object_set_new (token->payload, key, value); | 297 | GNUNET_STRINGS_base64_decode (payload_base64, |
| 254 | } | 298 | strlen (payload_base64), |
| 299 | &payload); | ||
| 300 | //TODO signature and aud key | ||
| 301 | payload_json = json_loads (payload, JSON_DECODE_ANY, &err_json); | ||
| 255 | 302 | ||
| 303 | json_object_foreach (payload_json, key, value) | ||
| 304 | { | ||
| 305 | if (json_is_array (value)) | ||
| 306 | { | ||
| 307 | json_array_foreach (value, idx, arr_value) | ||
| 308 | { | ||
| 309 | token_add_attr (token, | ||
| 310 | key, | ||
| 311 | json_string_value (arr_value)); | ||
| 312 | } | ||
| 313 | } else { | ||
| 314 | token_add_attr (token, key, json_string_value (value)); | ||
| 315 | } | ||
| 316 | } | ||
| 317 | |||
| 318 | GNUNET_free (payload); | ||
| 319 | } | ||
| 256 | 320 | ||
| 257 | int | 321 | int |
| 258 | token_parse2 (const char* raw_data, | 322 | token_parse2 (const char* raw_data, |
| 259 | const struct GNUNET_CRYPTO_EcdhePrivateKey *priv_key, | 323 | const struct GNUNET_CRYPTO_EcdhePrivateKey *priv_key, |
| 260 | const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key, | 324 | const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key, |
| 261 | struct IdentityToken **result) | 325 | struct IdentityToken **result) |
| 262 | { | 326 | { |
| 263 | char *enc_token_str; | 327 | char *enc_token_str; |
| 264 | char *tmp_buf; | 328 | char *tmp_buf; |
| 265 | char *token_str; | 329 | char *token_str; |
| 266 | char *enc_token; | 330 | char *enc_token; |
| 267 | char *header; | ||
| 268 | char *header_base64; | ||
| 269 | char *payload; | ||
| 270 | char *payload_base64; | 331 | char *payload_base64; |
| 271 | size_t enc_token_len; | 332 | size_t enc_token_len; |
| 272 | json_error_t err_json; | ||
| 273 | 333 | ||
| 274 | GNUNET_asprintf (&tmp_buf, "%s", raw_data); | 334 | GNUNET_asprintf (&tmp_buf, "%s", raw_data); |
| 275 | strtok (tmp_buf, ","); | 335 | strtok (tmp_buf, ","); |
| @@ -289,46 +349,31 @@ token_parse2 (const char* raw_data, | |||
| 289 | return GNUNET_SYSERR; | 349 | return GNUNET_SYSERR; |
| 290 | } | 350 | } |
| 291 | 351 | ||
| 292 | header_base64 = strtok (token_str, "."); | 352 | GNUNET_assert (NULL != strtok (token_str, ".")); |
| 293 | payload_base64 = strtok (NULL, "."); | 353 | payload_base64 = strtok (NULL, "."); |
| 294 | 354 | ||
| 295 | GNUNET_STRINGS_base64_decode (header_base64, | ||
| 296 | strlen (header_base64), | ||
| 297 | &header); | ||
| 298 | GNUNET_STRINGS_base64_decode (payload_base64, | ||
| 299 | strlen (payload_base64), | ||
| 300 | &payload); | ||
| 301 | //TODO signature | ||
| 302 | |||
| 303 | |||
| 304 | *result = GNUNET_malloc (sizeof (struct IdentityToken)); | 355 | *result = GNUNET_malloc (sizeof (struct IdentityToken)); |
| 356 | parse_json_payload (payload_base64, *result); | ||
| 357 | |||
| 305 | (*result)->aud_key = *aud_key; | 358 | (*result)->aud_key = *aud_key; |
| 306 | (*result)->header = json_loads (header, JSON_DECODE_ANY, &err_json); | ||
| 307 | (*result)->payload = json_loads (payload, JSON_DECODE_ANY, &err_json); | ||
| 308 | GNUNET_free (enc_token); | 359 | GNUNET_free (enc_token); |
| 309 | GNUNET_free (token_str); | 360 | GNUNET_free (token_str); |
| 310 | GNUNET_free (tmp_buf); | 361 | GNUNET_free (tmp_buf); |
| 311 | GNUNET_free (payload); | ||
| 312 | GNUNET_free (header); | ||
| 313 | return GNUNET_OK; | 362 | return GNUNET_OK; |
| 314 | } | 363 | } |
| 315 | 364 | ||
| 316 | int | 365 | int |
| 317 | token_parse (const char* raw_data, | 366 | token_parse (const char* raw_data, |
| 318 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, | 367 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, |
| 319 | struct IdentityToken **result) | 368 | struct IdentityToken **result) |
| 320 | { | 369 | { |
| 321 | char *ecdh_pubkey_str; | 370 | char *ecdh_pubkey_str; |
| 322 | char *enc_token_str; | 371 | char *enc_token_str; |
| 323 | char *tmp_buf; | 372 | char *tmp_buf; |
| 324 | char *token_str; | 373 | char *token_str; |
| 325 | char *enc_token; | 374 | char *enc_token; |
| 326 | char *header; | ||
| 327 | char *header_base64; | ||
| 328 | char *payload; | ||
| 329 | char *payload_base64; | 375 | char *payload_base64; |
| 330 | size_t enc_token_len; | 376 | size_t enc_token_len; |
| 331 | json_error_t err_json; | ||
| 332 | struct GNUNET_CRYPTO_EcdhePublicKey ecdh_pubkey; | 377 | struct GNUNET_CRYPTO_EcdhePublicKey ecdh_pubkey; |
| 333 | 378 | ||
| 334 | GNUNET_asprintf (&tmp_buf, "%s", raw_data); | 379 | GNUNET_asprintf (&tmp_buf, "%s", raw_data); |
| @@ -353,33 +398,60 @@ token_parse (const char* raw_data, | |||
| 353 | return GNUNET_SYSERR; | 398 | return GNUNET_SYSERR; |
| 354 | } | 399 | } |
| 355 | 400 | ||
| 356 | header_base64 = strtok (token_str, "."); | 401 | GNUNET_assert (NULL != strtok (token_str, ".")); |
| 357 | payload_base64 = strtok (NULL, "."); | 402 | payload_base64 = strtok (NULL, "."); |
| 358 | 403 | ||
| 359 | GNUNET_STRINGS_base64_decode (header_base64, | ||
| 360 | strlen (header_base64), | ||
| 361 | &header); | ||
| 362 | GNUNET_STRINGS_base64_decode (payload_base64, | ||
| 363 | strlen (payload_base64), | ||
| 364 | &payload); | ||
| 365 | //TODO signature and aud key | ||
| 366 | |||
| 367 | |||
| 368 | *result = GNUNET_malloc (sizeof (struct IdentityToken)); | 404 | *result = GNUNET_malloc (sizeof (struct IdentityToken)); |
| 369 | (*result)->header = json_loads (header, JSON_DECODE_ANY, &err_json); | 405 | parse_json_payload (payload_base64, *result); |
| 370 | (*result)->payload = json_loads (payload, JSON_DECODE_ANY, &err_json); | 406 | |
| 371 | GNUNET_free (enc_token); | 407 | GNUNET_free (enc_token); |
| 372 | GNUNET_free (token_str); | 408 | GNUNET_free (token_str); |
| 373 | GNUNET_free (tmp_buf); | 409 | GNUNET_free (tmp_buf); |
| 374 | GNUNET_free (payload); | ||
| 375 | GNUNET_free (header); | ||
| 376 | return GNUNET_OK; | 410 | return GNUNET_OK; |
| 377 | } | 411 | } |
| 378 | 412 | ||
| 413 | static char* | ||
| 414 | create_json_payload (const struct IdentityToken *token) | ||
| 415 | { | ||
| 416 | struct TokenAttr *attr; | ||
| 417 | struct TokenAttrValue *val; | ||
| 418 | json_t *root; | ||
| 419 | char *json_str; | ||
| 420 | |||
| 421 | root = json_object(); | ||
| 422 | for (attr = token->attr_head; NULL != attr; attr = attr->next) | ||
| 423 | { | ||
| 424 | for (val = attr->val_head; NULL != val; val = val->next) | ||
| 425 | { | ||
| 426 | json_object_set_new (root, | ||
| 427 | attr->name, | ||
| 428 | json_string (val->value)); | ||
| 429 | } | ||
| 430 | } | ||
| 431 | json_str = json_dumps (root, JSON_INDENT(1)); | ||
| 432 | json_decref (root); | ||
| 433 | return json_str; | ||
| 434 | } | ||
| 435 | |||
| 436 | static char* | ||
| 437 | create_json_header(void) | ||
| 438 | { | ||
| 439 | json_t *root; | ||
| 440 | char *json_str; | ||
| 441 | |||
| 442 | root = json_object (); | ||
| 443 | json_object_set_new (root, JWT_ALG, json_string (JWT_ALG_VALUE)); | ||
| 444 | json_object_set_new (root, JWT_TYP, json_string (JWT_TYP_VALUE)); | ||
| 445 | |||
| 446 | json_str = json_dumps (root, JSON_INDENT(1)); | ||
| 447 | json_decref (root); | ||
| 448 | return json_str; | ||
| 449 | } | ||
| 450 | |||
| 379 | int | 451 | int |
| 380 | token_to_string (const struct IdentityToken *token, | 452 | token_to_string (const struct IdentityToken *token, |
| 381 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, | 453 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, |
| 382 | char **result) | 454 | char **result) |
| 383 | { | 455 | { |
| 384 | char *payload_str; | 456 | char *payload_str; |
| 385 | char *header_str; | 457 | char *header_str; |
| @@ -389,7 +461,7 @@ token_to_string (const struct IdentityToken *token, | |||
| 389 | char *signature_target; | 461 | char *signature_target; |
| 390 | char *signature_str; | 462 | char *signature_str; |
| 391 | struct GNUNET_CRYPTO_EccSignaturePurpose *purpose; | 463 | struct GNUNET_CRYPTO_EccSignaturePurpose *purpose; |
| 392 | header_str = json_dumps (token->header, JSON_COMPACT); | 464 | header_str = create_json_header(); |
| 393 | GNUNET_STRINGS_base64_encode (header_str, | 465 | GNUNET_STRINGS_base64_encode (header_str, |
| 394 | strlen (header_str), | 466 | strlen (header_str), |
| 395 | &header_base64); | 467 | &header_base64); |
| @@ -398,7 +470,7 @@ token_to_string (const struct IdentityToken *token, | |||
| 398 | while (NULL != padding) | 470 | while (NULL != padding) |
| 399 | padding = strtok(NULL, "="); | 471 | padding = strtok(NULL, "="); |
| 400 | 472 | ||
| 401 | payload_str = json_dumps (token->payload, JSON_COMPACT); | 473 | payload_str = create_json_payload (token); |
| 402 | GNUNET_STRINGS_base64_encode (payload_str, | 474 | GNUNET_STRINGS_base64_encode (payload_str, |
| 403 | strlen (payload_str), | 475 | strlen (payload_str), |
| 404 | &payload_base64); | 476 | &payload_base64); |
| @@ -422,9 +494,7 @@ token_to_string (const struct IdentityToken *token, | |||
| 422 | { | 494 | { |
| 423 | GNUNET_free (signature_target); | 495 | GNUNET_free (signature_target); |
| 424 | GNUNET_free (payload_str); | 496 | GNUNET_free (payload_str); |
| 425 | GNUNET_free (header_str); | ||
| 426 | GNUNET_free (payload_base64); | 497 | GNUNET_free (payload_base64); |
| 427 | GNUNET_free (header_base64); | ||
| 428 | GNUNET_free (purpose); | 498 | GNUNET_free (purpose); |
| 429 | return GNUNET_SYSERR; | 499 | return GNUNET_SYSERR; |
| 430 | } | 500 | } |
| @@ -446,9 +516,9 @@ token_to_string (const struct IdentityToken *token, | |||
| 446 | 516 | ||
| 447 | int | 517 | int |
| 448 | token_serialize (const struct IdentityToken *token, | 518 | token_serialize (const struct IdentityToken *token, |
| 449 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, | 519 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, |
| 450 | struct GNUNET_CRYPTO_EcdhePrivateKey **ecdh_privkey, | 520 | struct GNUNET_CRYPTO_EcdhePrivateKey **ecdh_privkey, |
| 451 | char **result) | 521 | char **result) |
| 452 | { | 522 | { |
| 453 | char *token_str; | 523 | char *token_str; |
| 454 | char *enc_token; | 524 | char *enc_token; |
| @@ -457,8 +527,8 @@ token_serialize (const struct IdentityToken *token, | |||
| 457 | struct GNUNET_CRYPTO_EcdhePublicKey ecdh_pubkey; | 527 | struct GNUNET_CRYPTO_EcdhePublicKey ecdh_pubkey; |
| 458 | 528 | ||
| 459 | GNUNET_assert (GNUNET_OK == token_to_string (token, | 529 | GNUNET_assert (GNUNET_OK == token_to_string (token, |
| 460 | priv_key, | 530 | priv_key, |
| 461 | &token_str)); | 531 | &token_str)); |
| 462 | 532 | ||
| 463 | GNUNET_assert (GNUNET_OK == encrypt_str_ecdhe (token_str, | 533 | GNUNET_assert (GNUNET_OK == encrypt_str_ecdhe (token_str, |
| 464 | &token->aud_key, | 534 | &token->aud_key, |
| @@ -480,8 +550,8 @@ token_serialize (const struct IdentityToken *token, | |||
| 480 | 550 | ||
| 481 | struct TokenTicketPayload* | 551 | struct TokenTicketPayload* |
| 482 | ticket_payload_create (const char* nonce, | 552 | ticket_payload_create (const char* nonce, |
| 483 | const struct GNUNET_CRYPTO_EcdsaPublicKey* identity_pkey, | 553 | const struct GNUNET_CRYPTO_EcdsaPublicKey* identity_pkey, |
| 484 | const char* lbl_str) | 554 | const char* lbl_str) |
| 485 | { | 555 | { |
| 486 | struct TokenTicketPayload* payload; | 556 | struct TokenTicketPayload* payload; |
| 487 | 557 | ||
diff --git a/src/identity-provider/identity_token.h b/src/identity-provider/identity_token.h index a51f8ca84..3eeaf9ae2 100644 --- a/src/identity-provider/identity_token.h +++ b/src/identity-provider/identity_token.h | |||
| @@ -32,14 +32,14 @@ | |||
| 32 | struct IdentityToken | 32 | struct IdentityToken |
| 33 | { | 33 | { |
| 34 | /** | 34 | /** |
| 35 | * JSON header | 35 | * DLL |
| 36 | */ | 36 | */ |
| 37 | json_t *header; | 37 | struct TokenAttr *attr_head; |
| 38 | 38 | ||
| 39 | /** | 39 | /** |
| 40 | * JSON Payload | 40 | * DLL |
| 41 | */ | 41 | */ |
| 42 | json_t *payload; | 42 | struct TokenAttr *attr_tail; |
| 43 | 43 | ||
| 44 | /** | 44 | /** |
| 45 | * Token Signature | 45 | * Token Signature |
| @@ -52,6 +52,53 @@ struct IdentityToken | |||
| 52 | struct GNUNET_CRYPTO_EcdsaPublicKey aud_key; | 52 | struct GNUNET_CRYPTO_EcdsaPublicKey aud_key; |
| 53 | }; | 53 | }; |
| 54 | 54 | ||
| 55 | struct TokenAttr | ||
| 56 | { | ||
| 57 | /** | ||
| 58 | * DLL | ||
| 59 | */ | ||
| 60 | struct TokenAttr *next; | ||
| 61 | |||
| 62 | /** | ||
| 63 | * DLL | ||
| 64 | */ | ||
| 65 | struct TokenAttr *prev; | ||
| 66 | |||
| 67 | /** | ||
| 68 | * Attribute name | ||
| 69 | */ | ||
| 70 | char *name; | ||
| 71 | |||
| 72 | /** | ||
| 73 | * Attribute value DLL | ||
| 74 | */ | ||
| 75 | struct TokenAttrValue *val_head; | ||
| 76 | |||
| 77 | /** | ||
| 78 | * Attribute value DLL | ||
| 79 | */ | ||
| 80 | struct TokenAttrValue *val_tail; | ||
| 81 | |||
| 82 | }; | ||
| 83 | |||
| 84 | struct TokenAttrValue | ||
| 85 | { | ||
| 86 | /** | ||
| 87 | * DLL | ||
| 88 | */ | ||
| 89 | struct TokenAttrValue *next; | ||
| 90 | |||
| 91 | /** | ||
| 92 | * DLL | ||
| 93 | */ | ||
| 94 | struct TokenAttrValue *prev; | ||
| 95 | |||
| 96 | /** | ||
| 97 | * Attribute value | ||
| 98 | */ | ||
| 99 | char *value; | ||
| 100 | }; | ||
| 101 | |||
| 55 | struct TokenTicketPayload | 102 | struct TokenTicketPayload |
| 56 | { | 103 | { |
| 57 | /** | 104 | /** |
| @@ -124,9 +171,19 @@ token_destroy (struct IdentityToken*token); | |||
| 124 | * @param value the value | 171 | * @param value the value |
| 125 | */ | 172 | */ |
| 126 | void | 173 | void |
| 127 | token_add_attr (const struct IdentityToken *token, | 174 | token_add_attr (struct IdentityToken *token, |
| 128 | const char* key, | 175 | const char* key, |
| 129 | const char* value); | 176 | const char* value); |
| 177 | |||
| 178 | /** | ||
| 179 | * Add a value to a TokenAttribute | ||
| 180 | * | ||
| 181 | * @param attr the token attribute | ||
| 182 | * @param value value to add | ||
| 183 | */ | ||
| 184 | void | ||
| 185 | token_attr_add_value (const struct TokenAttr *attr, | ||
| 186 | const char *value); | ||
| 130 | 187 | ||
| 131 | /** | 188 | /** |
| 132 | * Add a new key value pair to the token with the value as json | 189 | * Add a new key value pair to the token with the value as json |
| @@ -138,8 +195,8 @@ token_add_attr (const struct IdentityToken *token, | |||
| 138 | */ | 195 | */ |
| 139 | void | 196 | void |
| 140 | token_add_json (const struct IdentityToken *token, | 197 | token_add_json (const struct IdentityToken *token, |
| 141 | const char* key, | 198 | const char* key, |
| 142 | json_t* value); | 199 | json_t* value); |
| 143 | 200 | ||
| 144 | /** | 201 | /** |
| 145 | * Serialize a token. The token will be signed and base64 according to the | 202 | * Serialize a token. The token will be signed and base64 according to the |
| @@ -159,9 +216,9 @@ token_add_json (const struct IdentityToken *token, | |||
| 159 | */ | 216 | */ |
| 160 | int | 217 | int |
| 161 | token_serialize (const struct IdentityToken*token, | 218 | token_serialize (const struct IdentityToken*token, |
| 162 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, | 219 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, |
| 163 | struct GNUNET_CRYPTO_EcdhePrivateKey **ecdhe_privkey, | 220 | struct GNUNET_CRYPTO_EcdhePrivateKey **ecdhe_privkey, |
| 164 | char **result); | 221 | char **result); |
| 165 | 222 | ||
| 166 | /** | 223 | /** |
| 167 | * Parses the serialized token and returns a token | 224 | * Parses the serialized token and returns a token |
| @@ -172,10 +229,10 @@ token_serialize (const struct IdentityToken*token, | |||
| 172 | * | 229 | * |
| 173 | * @return GNUNET_OK on success | 230 | * @return GNUNET_OK on success |
| 174 | */ | 231 | */ |
| 175 | int | 232 | int |
| 176 | token_parse (const char* data, | 233 | token_parse (const char* data, |
| 177 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, | 234 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, |
| 178 | struct IdentityToken **result); | 235 | struct IdentityToken **result); |
| 179 | 236 | ||
| 180 | /** | 237 | /** |
| 181 | * Parses the serialized token and returns a token | 238 | * Parses the serialized token and returns a token |
| @@ -189,11 +246,11 @@ token_parse (const char* data, | |||
| 189 | * | 246 | * |
| 190 | * @return GNUNET_OK on success | 247 | * @return GNUNET_OK on success |
| 191 | */ | 248 | */ |
| 192 | int | 249 | int |
| 193 | token_parse2 (const char* data, | 250 | token_parse2 (const char* data, |
| 194 | const struct GNUNET_CRYPTO_EcdhePrivateKey *priv_key, | 251 | const struct GNUNET_CRYPTO_EcdhePrivateKey *priv_key, |
| 195 | const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key, | 252 | const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key, |
| 196 | struct IdentityToken **result); | 253 | struct IdentityToken **result); |
| 197 | 254 | ||
| 198 | 255 | ||
| 199 | /** | 256 | /** |
| @@ -206,10 +263,10 @@ token_parse (const char* data, | |||
| 206 | * | 263 | * |
| 207 | * @return GNUNET_OK on success | 264 | * @return GNUNET_OK on success |
| 208 | */ | 265 | */ |
| 209 | int | 266 | int |
| 210 | token_to_string (const struct IdentityToken *token, | 267 | token_to_string (const struct IdentityToken *token, |
| 211 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, | 268 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, |
| 212 | char **result); | 269 | char **result); |
| 213 | 270 | ||
| 214 | /** | 271 | /** |
| 215 | * | 272 | * |
| @@ -261,9 +318,9 @@ ticket_destroy (struct TokenTicket *ticket); | |||
| 261 | * | 318 | * |
| 262 | * @return GNUNET_OK on success | 319 | * @return GNUNET_OK on success |
| 263 | */ | 320 | */ |
| 264 | int | 321 | int |
| 265 | ticket_parse (const char* raw_data, | 322 | ticket_parse (const char* raw_data, |
| 266 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, | 323 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, |
| 267 | struct TokenTicket **ticket); | 324 | struct TokenTicket **ticket); |
| 268 | 325 | ||
| 269 | #endif | 326 | #endif |