diff options
author | Schanzenbach, Martin <martin.schanzenbach@aisec.fraunhofer.de> | 2018-07-19 23:28:53 +0200 |
---|---|---|
committer | Schanzenbach, Martin <martin.schanzenbach@aisec.fraunhofer.de> | 2018-07-19 23:28:53 +0200 |
commit | 4fd677cec39e5621d16bc2c63926b803b31582e3 (patch) | |
tree | b1ed7c7544c1a8a721308d67c908e0f3cd758486 /src/include/gnunet_reclaim_service.h | |
parent | 0f75e5c54c6e6c9087cf565539266514abd67e98 (diff) | |
download | gnunet-4fd677cec39e5621d16bc2c63926b803b31582e3.tar.gz gnunet-4fd677cec39e5621d16bc2c63926b803b31582e3.zip |
renamed identity-provider subsystem to reclaim
Diffstat (limited to 'src/include/gnunet_reclaim_service.h')
-rw-r--r-- | src/include/gnunet_reclaim_service.h | 378 |
1 files changed, 378 insertions, 0 deletions
diff --git a/src/include/gnunet_reclaim_service.h b/src/include/gnunet_reclaim_service.h new file mode 100644 index 000000000..7e668cd62 --- /dev/null +++ b/src/include/gnunet_reclaim_service.h | |||
@@ -0,0 +1,378 @@ | |||
1 | /* | ||
2 | This file is part of GNUnet. | ||
3 | Copyright (C) 2016 GNUnet e.V. | ||
4 | |||
5 | GNUnet is free software: you can redistribute it and/or modify it | ||
6 | under the terms of the GNU Affero General Public License as published | ||
7 | by the Free Software Foundation, either version 3 of the License, | ||
8 | or (at your option) any later version. | ||
9 | |||
10 | GNUnet is distributed in the hope that it will be useful, but | ||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
13 | Affero General Public License for more details. | ||
14 | |||
15 | You should have received a copy of the GNU Affero General Public License | ||
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | ||
17 | */ | ||
18 | |||
19 | /** | ||
20 | * @author Martin Schanzenbach | ||
21 | * | ||
22 | * @file | ||
23 | * Identity provider service; implements identity provider for GNUnet | ||
24 | * | ||
25 | * @defgroup reclaim Identity Provider service | ||
26 | * @{ | ||
27 | */ | ||
28 | #ifndef GNUNET_RECLAIM_SERVICE_H | ||
29 | #define GNUNET_RECLAIM_SERVICE_H | ||
30 | |||
31 | #ifdef __cplusplus | ||
32 | extern "C" | ||
33 | { | ||
34 | #if 0 /* keep Emacsens' auto-indent happy */ | ||
35 | } | ||
36 | #endif | ||
37 | #endif | ||
38 | |||
39 | #include "gnunet_util_lib.h" | ||
40 | #include "gnunet_reclaim_attribute_lib.h" | ||
41 | |||
42 | /** | ||
43 | * Version number of GNUnet Identity Provider API. | ||
44 | */ | ||
45 | #define GNUNET_RECLAIM_VERSION 0x00000000 | ||
46 | |||
47 | /** | ||
48 | * Handle to access the identity service. | ||
49 | */ | ||
50 | struct GNUNET_RECLAIM_Handle; | ||
51 | |||
52 | /** | ||
53 | * Handle for a token. | ||
54 | */ | ||
55 | struct GNUNET_RECLAIM_Token; | ||
56 | |||
57 | /** | ||
58 | * The ticket | ||
59 | */ | ||
60 | struct GNUNET_RECLAIM_Ticket | ||
61 | { | ||
62 | /** | ||
63 | * The ticket issuer | ||
64 | */ | ||
65 | struct GNUNET_CRYPTO_EcdsaPublicKey identity; | ||
66 | |||
67 | /** | ||
68 | * The ticket audience | ||
69 | */ | ||
70 | struct GNUNET_CRYPTO_EcdsaPublicKey audience; | ||
71 | |||
72 | /** | ||
73 | * The ticket random (NBO) | ||
74 | */ | ||
75 | uint64_t rnd; | ||
76 | }; | ||
77 | |||
78 | /** | ||
79 | * Handle for an operation with the identity provider service. | ||
80 | */ | ||
81 | struct GNUNET_RECLAIM_Operation; | ||
82 | |||
83 | |||
84 | /** | ||
85 | * Connect to the identity provider service. | ||
86 | * | ||
87 | * @param cfg Configuration to contact the identity provider service. | ||
88 | * @return handle to communicate with identity provider service | ||
89 | */ | ||
90 | struct GNUNET_RECLAIM_Handle * | ||
91 | GNUNET_RECLAIM_connect (const struct GNUNET_CONFIGURATION_Handle *cfg); | ||
92 | |||
93 | /** | ||
94 | * Continuation called to notify client about result of the | ||
95 | * operation. | ||
96 | * | ||
97 | * @param cls closure | ||
98 | * @param success #GNUNET_SYSERR on failure (including timeout/queue drop/failure to validate) | ||
99 | * #GNUNET_NO if content was already there or not found | ||
100 | * #GNUNET_YES (or other positive value) on success | ||
101 | * @param emsg NULL on success, otherwise an error message | ||
102 | */ | ||
103 | typedef void | ||
104 | (*GNUNET_RECLAIM_ContinuationWithStatus) (void *cls, | ||
105 | int32_t success, | ||
106 | const char *emsg); | ||
107 | |||
108 | |||
109 | /** | ||
110 | * Store an attribute. If the attribute is already present, | ||
111 | * it is replaced with the new attribute. | ||
112 | * | ||
113 | * @param h handle to the identity provider | ||
114 | * @param pkey private key of the identity | ||
115 | * @param attr the attribute | ||
116 | * @param exp_interval the relative expiration interval for the attribute | ||
117 | * @param cont continuation to call when done | ||
118 | * @param cont_cls closure for @a cont | ||
119 | * @return handle to abort the request | ||
120 | */ | ||
121 | struct GNUNET_RECLAIM_Operation * | ||
122 | GNUNET_RECLAIM_attribute_store (struct GNUNET_RECLAIM_Handle *h, | ||
123 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *pkey, | ||
124 | const struct GNUNET_RECLAIM_ATTRIBUTE_Claim *attr, | ||
125 | const struct GNUNET_TIME_Relative *exp_interval, | ||
126 | GNUNET_RECLAIM_ContinuationWithStatus cont, | ||
127 | void *cont_cls); | ||
128 | |||
129 | |||
130 | /** | ||
131 | * Process an attribute that was stored in the idp. | ||
132 | * | ||
133 | * @param cls closure | ||
134 | * @param identity the identity | ||
135 | * @param attr the attribute | ||
136 | */ | ||
137 | typedef void | ||
138 | (*GNUNET_RECLAIM_AttributeResult) (void *cls, | ||
139 | const struct GNUNET_CRYPTO_EcdsaPublicKey *identity, | ||
140 | const struct GNUNET_RECLAIM_ATTRIBUTE_Claim *attr); | ||
141 | |||
142 | |||
143 | |||
144 | /** | ||
145 | * List all attributes for a local identity. | ||
146 | * This MUST lock the `struct GNUNET_RECLAIM_Handle` | ||
147 | * for any other calls than #GNUNET_RECLAIM_get_attributes_next() and | ||
148 | * #GNUNET_RECLAIM_get_attributes_stop. @a proc will be called once | ||
149 | * immediately, and then again after | ||
150 | * #GNUNET_RECLAIM_get_attributes_next() is invoked. | ||
151 | * | ||
152 | * On error (disconnect), @a error_cb will be invoked. | ||
153 | * On normal completion, @a finish_cb proc will be | ||
154 | * invoked. | ||
155 | * | ||
156 | * @param h handle to the idp | ||
157 | * @param identity identity to access | ||
158 | * @param error_cb function to call on error (i.e. disconnect), | ||
159 | * the handle is afterwards invalid | ||
160 | * @param error_cb_cls closure for @a error_cb | ||
161 | * @param proc function to call on each attribute; it | ||
162 | * will be called repeatedly with a value (if available) | ||
163 | * @param proc_cls closure for @a proc | ||
164 | * @param finish_cb function to call on completion | ||
165 | * the handle is afterwards invalid | ||
166 | * @param finish_cb_cls closure for @a finish_cb | ||
167 | * @return an iterator handle to use for iteration | ||
168 | */ | ||
169 | struct GNUNET_RECLAIM_AttributeIterator * | ||
170 | GNUNET_RECLAIM_get_attributes_start (struct GNUNET_RECLAIM_Handle *h, | ||
171 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *identity, | ||
172 | GNUNET_SCHEDULER_TaskCallback error_cb, | ||
173 | void *error_cb_cls, | ||
174 | GNUNET_RECLAIM_AttributeResult proc, | ||
175 | void *proc_cls, | ||
176 | GNUNET_SCHEDULER_TaskCallback finish_cb, | ||
177 | void *finish_cb_cls); | ||
178 | |||
179 | |||
180 | /** | ||
181 | * Calls the record processor specified in #GNUNET_RECLAIM_get_attributes_start | ||
182 | * for the next record. | ||
183 | * | ||
184 | * @param it the iterator | ||
185 | */ | ||
186 | void | ||
187 | GNUNET_RECLAIM_get_attributes_next (struct GNUNET_RECLAIM_AttributeIterator *it); | ||
188 | |||
189 | |||
190 | /** | ||
191 | * Stops iteration and releases the idp handle for further calls. Must | ||
192 | * be called on any iteration that has not yet completed prior to calling | ||
193 | * #GNUNET_RECLAIM_disconnect. | ||
194 | * | ||
195 | * @param it the iterator | ||
196 | */ | ||
197 | void | ||
198 | GNUNET_RECLAIM_get_attributes_stop (struct GNUNET_RECLAIM_AttributeIterator *it); | ||
199 | |||
200 | |||
201 | /** | ||
202 | * Method called when a token has been issued. | ||
203 | * On success returns a ticket that can be given to the audience to retrive the | ||
204 | * token | ||
205 | * | ||
206 | * @param cls closure | ||
207 | * @param ticket the ticket | ||
208 | */ | ||
209 | typedef void | ||
210 | (*GNUNET_RECLAIM_TicketCallback)(void *cls, | ||
211 | const struct GNUNET_RECLAIM_Ticket *ticket); | ||
212 | |||
213 | /** | ||
214 | * Issues a ticket to another identity. The identity may use | ||
215 | * GNUNET_RECLAIM_ticket_consume to consume the ticket | ||
216 | * and retrieve the attributes specified in the AttributeList. | ||
217 | * | ||
218 | * @param h the identity provider to use | ||
219 | * @param iss the issuing identity | ||
220 | * @param rp the subject of the ticket (the relying party) | ||
221 | * @param attrs the attributes that the relying party is given access to | ||
222 | * @param cb the callback | ||
223 | * @param cb_cls the callback closure | ||
224 | * @return handle to abort the operation | ||
225 | */ | ||
226 | struct GNUNET_RECLAIM_Operation * | ||
227 | GNUNET_RECLAIM_ticket_issue (struct GNUNET_RECLAIM_Handle *h, | ||
228 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *iss, | ||
229 | const struct GNUNET_CRYPTO_EcdsaPublicKey *rp, | ||
230 | const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs, | ||
231 | GNUNET_RECLAIM_TicketCallback cb, | ||
232 | void *cb_cls); | ||
233 | |||
234 | /** | ||
235 | * Revoked an issued ticket. The relying party will be unable to retrieve | ||
236 | * updated attributes. | ||
237 | * | ||
238 | * @param h the identity provider to use | ||
239 | * @param identity the issuing identity | ||
240 | * @param ticket the ticket to revoke | ||
241 | * @param cb the callback | ||
242 | * @param cb_cls the callback closure | ||
243 | * @return handle to abort the operation | ||
244 | */ | ||
245 | struct GNUNET_RECLAIM_Operation * | ||
246 | GNUNET_RECLAIM_ticket_revoke (struct GNUNET_RECLAIM_Handle *h, | ||
247 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *identity, | ||
248 | const struct GNUNET_RECLAIM_Ticket *ticket, | ||
249 | GNUNET_RECLAIM_ContinuationWithStatus cb, | ||
250 | void *cb_cls); | ||
251 | |||
252 | |||
253 | |||
254 | /** | ||
255 | * Consumes an issued ticket. The ticket is persisted | ||
256 | * and used to retrieve identity information from the issuer | ||
257 | * | ||
258 | * @param h the identity provider to use | ||
259 | * @param identity the identity that is the subject of the issued ticket (the audience) | ||
260 | * @param ticket the issued ticket to consume | ||
261 | * @param cb the callback to call | ||
262 | * @param cb_cls the callback closure | ||
263 | * @return handle to abort the operation | ||
264 | */ | ||
265 | struct GNUNET_RECLAIM_Operation * | ||
266 | GNUNET_RECLAIM_ticket_consume (struct GNUNET_RECLAIM_Handle *h, | ||
267 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *identity, | ||
268 | const struct GNUNET_RECLAIM_Ticket *ticket, | ||
269 | GNUNET_RECLAIM_AttributeResult cb, | ||
270 | void *cb_cls); | ||
271 | |||
272 | /** | ||
273 | * Lists all tickets that have been issued to remote | ||
274 | * identites (relying parties) | ||
275 | * | ||
276 | * @param h the identity provider to use | ||
277 | * @param identity the issuing identity | ||
278 | * @param error_cb function to call on error (i.e. disconnect), | ||
279 | * the handle is afterwards invalid | ||
280 | * @param error_cb_cls closure for @a error_cb | ||
281 | * @param proc function to call on each ticket; it | ||
282 | * will be called repeatedly with a value (if available) | ||
283 | * @param proc_cls closure for @a proc | ||
284 | * @param finish_cb function to call on completion | ||
285 | * the handle is afterwards invalid | ||
286 | * @param finish_cb_cls closure for @a finish_cb | ||
287 | * @return an iterator handle to use for iteration | ||
288 | */ | ||
289 | struct GNUNET_RECLAIM_TicketIterator * | ||
290 | GNUNET_RECLAIM_ticket_iteration_start (struct GNUNET_RECLAIM_Handle *h, | ||
291 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *identity, | ||
292 | GNUNET_SCHEDULER_TaskCallback error_cb, | ||
293 | void *error_cb_cls, | ||
294 | GNUNET_RECLAIM_TicketCallback proc, | ||
295 | void *proc_cls, | ||
296 | GNUNET_SCHEDULER_TaskCallback finish_cb, | ||
297 | void *finish_cb_cls); | ||
298 | |||
299 | /** | ||
300 | * Lists all tickets that have been issued to remote | ||
301 | * identites (relying parties) | ||
302 | * | ||
303 | * @param h the identity provider to use | ||
304 | * @param identity the issuing identity | ||
305 | * @param error_cb function to call on error (i.e. disconnect), | ||
306 | * the handle is afterwards invalid | ||
307 | * @param error_cb_cls closure for @a error_cb | ||
308 | * @param proc function to call on each ticket; it | ||
309 | * will be called repeatedly with a value (if available) | ||
310 | * @param proc_cls closure for @a proc | ||
311 | * @param finish_cb function to call on completion | ||
312 | * the handle is afterwards invalid | ||
313 | * @param finish_cb_cls closure for @a finish_cb | ||
314 | * @return an iterator handle to use for iteration | ||
315 | */ | ||
316 | struct GNUNET_RECLAIM_TicketIterator * | ||
317 | GNUNET_RECLAIM_ticket_iteration_start_rp (struct GNUNET_RECLAIM_Handle *h, | ||
318 | const struct GNUNET_CRYPTO_EcdsaPublicKey *identity, | ||
319 | GNUNET_SCHEDULER_TaskCallback error_cb, | ||
320 | void *error_cb_cls, | ||
321 | GNUNET_RECLAIM_TicketCallback proc, | ||
322 | void *proc_cls, | ||
323 | GNUNET_SCHEDULER_TaskCallback finish_cb, | ||
324 | void *finish_cb_cls); | ||
325 | |||
326 | /** | ||
327 | * Calls the record processor specified in #GNUNET_RECLAIM_ticket_iteration_start | ||
328 | * for the next record. | ||
329 | * | ||
330 | * @param it the iterator | ||
331 | */ | ||
332 | void | ||
333 | GNUNET_RECLAIM_ticket_iteration_next (struct GNUNET_RECLAIM_TicketIterator *it); | ||
334 | |||
335 | /** | ||
336 | * Stops iteration and releases the idp handle for further calls. Must | ||
337 | * be called on any iteration that has not yet completed prior to calling | ||
338 | * #GNUNET_RECLAIM_disconnect. | ||
339 | * | ||
340 | * @param it the iterator | ||
341 | */ | ||
342 | void | ||
343 | GNUNET_RECLAIM_ticket_iteration_stop (struct GNUNET_RECLAIM_TicketIterator *it); | ||
344 | |||
345 | /** | ||
346 | * Disconnect from identity provider service. | ||
347 | * | ||
348 | * @param h identity provider service to disconnect | ||
349 | */ | ||
350 | void | ||
351 | GNUNET_RECLAIM_disconnect (struct GNUNET_RECLAIM_Handle *h); | ||
352 | |||
353 | |||
354 | /** | ||
355 | * Cancel an identity provider operation. Note that the operation MAY still | ||
356 | * be executed; this merely cancels the continuation; if the request | ||
357 | * was already transmitted, the service may still choose to complete | ||
358 | * the operation. | ||
359 | * | ||
360 | * @param op operation to cancel | ||
361 | */ | ||
362 | void | ||
363 | GNUNET_RECLAIM_cancel (struct GNUNET_RECLAIM_Operation *op); | ||
364 | |||
365 | #if 0 /* keep Emacsens' auto-indent happy */ | ||
366 | { | ||
367 | #endif | ||
368 | #ifdef __cplusplus | ||
369 | } | ||
370 | #endif | ||
371 | |||
372 | |||
373 | /* ifndef GNUNET_RECLAIM_SERVICE_H */ | ||
374 | #endif | ||
375 | |||
376 | /** @} */ /* end of group identity */ | ||
377 | |||
378 | /* end of gnunet_reclaim_service.h */ | ||