diff options
author | Tristan Schwieren <tristan.schwieren@tum.de> | 2022-04-11 13:29:20 +0200 |
---|---|---|
committer | Martin Schanzenbach <schanzen@gnunet.org> | 2022-06-09 11:43:01 +0200 |
commit | 349b4e37123368e3f03d563770d72bcbfd8109ad (patch) | |
tree | 865732d15ee62fa5c7e5d651445ea276a4d4756d /src/reclaim/oidc_helper.h | |
parent | 79eff4349f89d13a8cc707550f6bb7d5fe8c99c3 (diff) | |
download | gnunet-349b4e37123368e3f03d563770d72bcbfd8109ad.tar.gz gnunet-349b4e37123368e3f03d563770d72bcbfd8109ad.zip |
-init oidc RSA256 feature
Diffstat (limited to 'src/reclaim/oidc_helper.h')
-rw-r--r-- | src/reclaim/oidc_helper.h | 47 |
1 files changed, 33 insertions, 14 deletions
diff --git a/src/reclaim/oidc_helper.h b/src/reclaim/oidc_helper.h index 2a8b7bbae..ea106b4f2 100644 --- a/src/reclaim/oidc_helper.h +++ b/src/reclaim/oidc_helper.h | |||
@@ -28,14 +28,12 @@ | |||
28 | #define JWT_H | 28 | #define JWT_H |
29 | 29 | ||
30 | #define JWT_ALG "alg" | 30 | #define JWT_ALG "alg" |
31 | |||
32 | /* Use 512bit HMAC */ | ||
33 | #define JWT_ALG_VALUE "HS512" | ||
34 | |||
35 | #define JWT_TYP "typ" | 31 | #define JWT_TYP "typ" |
36 | |||
37 | #define JWT_TYP_VALUE "jwt" | 32 | #define JWT_TYP_VALUE "jwt" |
38 | 33 | ||
34 | #define JWT_ALG_VALUE_HMAC "HS512" | ||
35 | #define JWT_ALG_VALUE_RSA "RS256" | ||
36 | |||
39 | #define SERVER_ADDRESS "https://api.reclaim" | 37 | #define SERVER_ADDRESS "https://api.reclaim" |
40 | 38 | ||
41 | enum OIDC_VerificationOptions | 39 | enum OIDC_VerificationOptions |
@@ -52,7 +50,28 @@ enum OIDC_VerificationOptions | |||
52 | }; | 50 | }; |
53 | 51 | ||
54 | /** | 52 | /** |
55 | * Create a JWT from attributes | 53 | * Create a JWT using RSA256 from attributes |
54 | * | ||
55 | * @param aud_key the public of the audience | ||
56 | * @param sub_key the public key of the subject | ||
57 | * @param attrs the attribute list | ||
58 | * @param presentations credential presentation list (may be empty) | ||
59 | * @param expiration_time the validity of the token | ||
60 | * @param secret_key the key used to sign the JWT | ||
61 | * @return a new base64-encoded JWT string. | ||
62 | */ | ||
63 | char * | ||
64 | OIDC_generate_id_token_rsa (const struct GNUNET_IDENTITY_PublicKey *aud_key, | ||
65 | const struct GNUNET_IDENTITY_PublicKey *sub_key, | ||
66 | const struct GNUNET_RECLAIM_AttributeList *attrs, | ||
67 | const struct | ||
68 | GNUNET_RECLAIM_PresentationList *presentations, | ||
69 | const struct GNUNET_TIME_Relative *expiration_time, | ||
70 | const char *nonce, | ||
71 | const json_t *secret_rsa_key); | ||
72 | |||
73 | /** | ||
74 | * Create a JWT using HMAC (HS256) from attributes | ||
56 | * | 75 | * |
57 | * @param aud_key the public of the audience | 76 | * @param aud_key the public of the audience |
58 | * @param sub_key the public key of the subject | 77 | * @param sub_key the public key of the subject |
@@ -63,14 +82,14 @@ enum OIDC_VerificationOptions | |||
63 | * @return a new base64-encoded JWT string. | 82 | * @return a new base64-encoded JWT string. |
64 | */ | 83 | */ |
65 | char* | 84 | char* |
66 | OIDC_generate_id_token (const struct GNUNET_IDENTITY_PublicKey *aud_key, | 85 | OIDC_generate_id_token_hmac (const struct GNUNET_IDENTITY_PublicKey *aud_key, |
67 | const struct GNUNET_IDENTITY_PublicKey *sub_key, | 86 | const struct GNUNET_IDENTITY_PublicKey *sub_key, |
68 | const struct GNUNET_RECLAIM_AttributeList *attrs, | 87 | const struct GNUNET_RECLAIM_AttributeList *attrs, |
69 | const struct | 88 | const struct |
70 | GNUNET_RECLAIM_PresentationList *presentations, | 89 | GNUNET_RECLAIM_PresentationList *presentations, |
71 | const struct GNUNET_TIME_Relative *expiration_time, | 90 | const struct GNUNET_TIME_Relative *expiration_time, |
72 | const char *nonce, | 91 | const char *nonce, |
73 | const char *secret_key); | 92 | const char *secret_key); |
74 | 93 | ||
75 | /** | 94 | /** |
76 | * Builds an OIDC authorization code including | 95 | * Builds an OIDC authorization code including |