consolidate reclaim attribute lib

15 files changed, 1672 insertions, 14 deletions

diff --git a/src/reclaim/Makefile.am b/src/reclaim/Makefile.am
index 51b9b9c5b..9242d6d79 100644
--- a/src/reclaim/Makefile.am
+++ b/src/reclaim/Makefile.am
@@ -34,6 +34,8 @@ lib_LTLIBRARIES = \
   libgnunetreclaim.la
 plugin_LTLIBRARIES = \
   libgnunet_plugin_gnsrecord_reclaim.la \
+  libgnunet_plugin_reclaim_attribute_basic.la \
+  libgnunet_plugin_reclaim_attestation_jwt.la \
   $(REST_PLUGIN)
 
 bin_PROGRAMS = \
@@ -51,7 +53,6 @@ libgnunet_plugin_rest_reclaim_la_LIBADD = \
   libgnunetreclaim.la \
   $(top_builddir)/src/json/libgnunetjson.la \
   $(top_builddir)/src/rest/libgnunetrest.la \
-  $(top_builddir)/src/reclaim-attribute/libgnunetreclaimattribute.la \
   $(top_builddir)/src/namestore/libgnunetnamestore.la \
   $(top_builddir)/src/util/libgnunetutil.la $(XLIBS) \
   $(LTLIBINTL) -ljansson $(MHD_LIBS)
@@ -68,7 +69,6 @@ libgnunet_plugin_rest_openid_connect_la_LIBADD = \
   $(top_builddir)/src/identity/libgnunetidentity.la \
   libgnunetreclaim.la \
   $(top_builddir)/src/rest/libgnunetrest.la \
-  $(top_builddir)/src/reclaim-attribute/libgnunetreclaimattribute.la \
   $(top_builddir)/src/namestore/libgnunetnamestore.la \
   $(top_builddir)/src/gns/libgnunetgns.la \
   $(top_builddir)/src/gnsrecord/libgnunetgnsrecord.la \
@@ -98,22 +98,43 @@ gnunet_service_reclaim_LDADD = \
  $(top_builddir)/src/util/libgnunetutil.la \
  $(top_builddir)/src/namestore/libgnunetnamestore.la \
  $(top_builddir)/src/statistics/libgnunetstatistics.la \
- $(top_builddir)/src/reclaim-attribute/libgnunetreclaimattribute.la \
  libgnunetreclaim.la \
  $(top_builddir)/src/gns/libgnunetgns.la \
  $(GN_LIBINTL)
 
 libgnunetreclaim_la_SOURCES = \
  reclaim_api.c \
- reclaim.h
+ reclaim.h \
+ reclaim_attribute.c \
+ reclaim_attribute.h \
+ reclaim_attestation.c \
+ reclaim_attestation.h
 libgnunetreclaim_la_LIBADD = \
   $(top_builddir)/src/util/libgnunetutil.la \
-  $(top_builddir)/src/reclaim-attribute/libgnunetreclaimattribute.la \
   $(GN_LIBINTL) $(XLIB)
 libgnunetreclaim_la_LDFLAGS = \
   $(GN_LIB_LDFLAGS)   \
   -version-info 0:0:0
 
+
+libgnunet_plugin_reclaim_attribute_basic_la_SOURCES = \
+  plugin_reclaim_attribute_basic.c
+libgnunet_plugin_reclaim_attribute_basic_la_LIBADD = \
+  $(top_builddir)/src/util/libgnunetutil.la \
+  $(LTLIBINTL)
+libgnunet_plugin_reclaim_attribute_basic_la_LDFLAGS = \
+ $(GN_PLUGIN_LDFLAGS)
+
+libgnunet_plugin_reclaim_attestation_jwt_la_SOURCES = \
+  plugin_reclaim_attestation_jwt.c
+libgnunet_plugin_reclaim_attestation_jwt_la_LIBADD = \
+  $(top_builddir)/src/util/libgnunetutil.la \
+  libgnunetreclaim.la \
+  -ljansson\
+  $(LTLIBINTL)
+libgnunet_plugin_reclaim_attestation_jwt_la_LDFLAGS = \
+ $(GN_PLUGIN_LDFLAGS)
+
 gnunet_reclaim_SOURCES = \
  gnunet-reclaim.c
 gnunet_reclaim_LDADD = \
@@ -121,7 +142,6 @@ gnunet_reclaim_LDADD = \
   $(top_builddir)/src/namestore/libgnunetnamestore.la \
   libgnunetreclaim.la \
   $(top_builddir)/src/identity/libgnunetidentity.la \
-  $(top_builddir)/src/reclaim-attribute/libgnunetreclaimattribute.la \
   $(GN_LIBINTL)
 
 check_SCRIPTS = \
diff --git a/src/reclaim/gnunet-service-reclaim.c b/src/reclaim/gnunet-service-reclaim.c
index 4521e5c81..ddfe05556 100644
--- a/src/reclaim/gnunet-service-reclaim.c
+++ b/src/reclaim/gnunet-service-reclaim.c
@@ -29,7 +29,7 @@
 #include "gnunet_constants.h"
 #include "gnunet_gnsrecord_lib.h"
 #include "gnunet_protocols.h"
-#include "gnunet_reclaim_attribute_lib.h"
+#include "gnunet_reclaim_lib.h"
 #include "gnunet_reclaim_service.h"
 #include "gnunet_signatures.h"
 #include "reclaim.h"
diff --git a/src/reclaim/gnunet-service-reclaim_tickets.h b/src/reclaim/gnunet-service-reclaim_tickets.h
index d6bc4a70a..1c7214d42 100644
--- a/src/reclaim/gnunet-service-reclaim_tickets.h
+++ b/src/reclaim/gnunet-service-reclaim_tickets.h
@@ -36,7 +36,7 @@
 #include "gnunet_gns_service.h"
 #include "gnunet_gnsrecord_lib.h"
 #include "gnunet_protocols.h"
-#include "gnunet_reclaim_attribute_lib.h"
+#include "gnunet_reclaim_lib.h"
 #include "gnunet_reclaim_service.h"
 #include "gnunet_signatures.h"
 #include "gnunet_statistics_service.h"
diff --git a/src/reclaim/json_reclaim.c b/src/reclaim/json_reclaim.c
index 4c08430e7..353303187 100644
--- a/src/reclaim/json_reclaim.c
+++ b/src/reclaim/json_reclaim.c
@@ -28,7 +28,7 @@
 #include "gnunet_util_lib.h"
 
 #include "gnunet_json_lib.h"
-#include "gnunet_reclaim_attribute_lib.h"
+#include "gnunet_reclaim_lib.h"
 #include "gnunet_reclaim_service.h"
 
 
diff --git a/src/reclaim/json_reclaim.h b/src/reclaim/json_reclaim.h
index 5aaf81b93..61ddb4378 100644
--- a/src/reclaim/json_reclaim.h
+++ b/src/reclaim/json_reclaim.h
@@ -27,7 +27,7 @@
 #include "gnunet_util_lib.h"
 #include "gnunet_json_lib.h"
 #include "gnunet_reclaim_service.h"
-#include "gnunet_reclaim_attribute_lib.h"
+#include "gnunet_reclaim_lib.h"
 
 /**
  * JSON Specification for Reclaim claims.
diff --git a/src/reclaim/oidc_helper.c b/src/reclaim/oidc_helper.c
index 92b4b69cc..469b8a796 100644
--- a/src/reclaim/oidc_helper.c
+++ b/src/reclaim/oidc_helper.c
@@ -27,7 +27,7 @@
 #include <inttypes.h>
 #include <jansson.h>
 #include "gnunet_util_lib.h"
-#include "gnunet_reclaim_attribute_lib.h"
+#include "gnunet_reclaim_lib.h"
 #include "gnunet_reclaim_service.h"
 #include "gnunet_signatures.h"
 #include "oidc_helper.h"
diff --git a/src/reclaim/plugin_reclaim_attestation_jwt.c b/src/reclaim/plugin_reclaim_attestation_jwt.c
new file mode 100644
index 000000000..8a67b18cd
--- /dev/null
+++ b/src/reclaim/plugin_reclaim_attestation_jwt.c
@@ -0,0 +1,233 @@
+/*
+     This file is part of GNUnet
+     Copyright (C) 2013, 2014, 2016 GNUnet e.V.
+
+     GNUnet is free software: you can redistribute it and/or modify it
+     under the terms of the GNU Affero General Public License as published
+     by the Free Software Foundation, either version 3 of the License,
+     or (at your option) any later version.
+
+     GNUnet is distributed in the hope that it will be useful, but
+     WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+     Affero General Public License for more details.
+
+     You should have received a copy of the GNU Affero General Public License
+     along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+     SPDX-License-Identifier: AGPL3.0-or-later
+ */
+
+/**
+ * @file reclaim-attribute/plugin_reclaim_attestation_gnuid.c
+ * @brief reclaim-attribute-plugin-gnuid attribute plugin to provide the API for
+ *                                       fundamental
+ *                                       attribute types.
+ *
+ * @author Martin Schanzenbach
+ */
+#include "platform.h"
+#include "gnunet_util_lib.h"
+#include "gnunet_reclaim_plugin.h"
+#include <inttypes.h>
+#include <jansson.h>
+
+/**
+   * Convert the 'value' of an attestation to a string.
+   *
+   * @param cls closure, unused
+   * @param type type of the attestation
+   * @param data value in binary encoding
+   * @param data_size number of bytes in @a data
+   * @return NULL on error, otherwise human-readable representation of the value
+   */
+static char *
+jwt_value_to_string (void *cls,
+                     uint32_t type,
+                     const void *data,
+                     size_t data_size)
+{
+  switch (type)
+  {
+  case GNUNET_RECLAIM_ATTESTATION_TYPE_JWT:
+    return GNUNET_strndup (data, data_size);
+
+  default:
+    return NULL;
+  }
+}
+
+
+/**
+ * Convert human-readable version of a 'value' of an attestation to the binary
+ * representation.
+ *
+ * @param cls closure, unused
+ * @param type type of the attestation
+ * @param s human-readable string
+ * @param data set to value in binary encoding (will be allocated)
+ * @param data_size set to number of bytes in @a data
+ * @return #GNUNET_OK on success
+ */
+static int
+jwt_string_to_value (void *cls,
+                     uint32_t type,
+                     const char *s,
+                     void **data,
+                     size_t *data_size)
+{
+  if (NULL == s)
+    return GNUNET_SYSERR;
+  switch (type)
+  {
+  case GNUNET_RECLAIM_ATTESTATION_TYPE_JWT:
+    *data = GNUNET_strdup (s);
+    *data_size = strlen (s);
+    return GNUNET_OK;
+
+  default:
+    return GNUNET_SYSERR;
+  }
+}
+
+
+/**
+ * Mapping of attestation type numbers to human-readable
+ * attestation type names.
+ */
+static struct
+{
+  const char *name;
+  uint32_t number;
+} jwt_attest_name_map[] = { { "JWT", GNUNET_RECLAIM_ATTESTATION_TYPE_JWT },
+                            { NULL, UINT32_MAX } };
+
+/**
+   * Convert a type name to the corresponding number.
+   *
+   * @param cls closure, unused
+   * @param jwt_typename name to convert
+   * @return corresponding number, UINT32_MAX on error
+   */
+static uint32_t
+jwt_typename_to_number (void *cls, const char *jwt_typename)
+{
+  unsigned int i;
+
+  i = 0;
+  while ((NULL != jwt_attest_name_map[i].name) &&
+         (0 != strcasecmp (jwt_typename, jwt_attest_name_map[i].name)))
+    i++;
+  return jwt_attest_name_map[i].number;
+}
+
+
+/**
+ * Convert a type number (i.e. 1) to the corresponding type string
+ *
+ * @param cls closure, unused
+ * @param type number of a type to convert
+ * @return corresponding typestring, NULL on error
+ */
+static const char *
+jwt_number_to_typename (void *cls, uint32_t type)
+{
+  unsigned int i;
+
+  i = 0;
+  while ((NULL != jwt_attest_name_map[i].name) && (type !=
+                                                   jwt_attest_name_map[i].
+                                                   number))
+    i++;
+  return jwt_attest_name_map[i].name;
+}
+
+/**
+ * Parse a JWT and return the respective claim value as Attribute
+ *
+ * @param attest the jwt attestation
+ * @param claim the name of the claim in the JWT
+ *
+ * @return a GNUNET_RECLAIM_Attribute, containing the new value
+ */
+struct GNUNET_RECLAIM_AttributeList *
+jwt_parse_attributes (void *cls,
+                      const struct GNUNET_RECLAIM_Attestation *attest)
+{
+  char *jwt_string;
+  struct GNUNET_RECLAIM_AttributeList *attrs;
+  char delim[] = ".";
+  char *val_str = NULL;
+  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n");
+  char *decoded_jwt;
+  json_t *json_val;
+  json_error_t *json_err = NULL;
+
+  if (GNUNET_RECLAIM_ATTESTATION_TYPE_JWT != attest->type)
+    return NULL;
+  attrs = GNUNET_new (struct GNUNET_RECLAIM_AttributeList);
+
+  jwt_string = GNUNET_strdup (attest->data);
+  const char *jwt_body = strtok (jwt_string, delim);
+  jwt_body = strtok (NULL, delim);
+  GNUNET_STRINGS_base64_decode (jwt_body, strlen (jwt_body),
+                                (void **) &decoded_jwt);
+  json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, json_err);
+  const char *key;
+  json_t *value;
+  json_object_foreach (json_val, key, value) {
+    val_str = json_dumps (value, JSON_ENCODE_ANY);
+    GNUNET_RECLAIM_attribute_list_add (attrs,
+                                       key,
+                                       NULL,
+                                       GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING,//FIXME
+                                       val_str,
+                                       strlen (val_str));
+    GNUNET_free (val_str);
+  }
+  GNUNET_free (jwt_string);
+  //FIXME needed??
+  return attrs;
+}
+
+
+
+
+/**
+ * Entry point for the plugin.
+ *
+ * @param cls NULL
+ * @return the exported block API
+ */
+void *
+libgnunet_plugin_reclaim_attestation_jwt_init (void *cls)
+{
+  struct GNUNET_RECLAIM_AttestationPluginFunctions *api;
+
+  api = GNUNET_new (struct GNUNET_RECLAIM_AttestationPluginFunctions);
+  api->value_to_string = &jwt_value_to_string;
+  api->string_to_value = &jwt_string_to_value;
+  api->typename_to_number = &jwt_typename_to_number;
+  api->number_to_typename = &jwt_number_to_typename;
+  api->get_attributes = &jwt_parse_attributes;
+  return api;
+}
+
+
+/**
+ * Exit point from the plugin.
+ *
+ * @param cls the return value from #libgnunet_plugin_block_test_init()
+ * @return NULL
+ */
+void *
+libgnunet_plugin_reclaim_attestation_jwt_done (void *cls)
+{
+  struct GNUNET_RECLAIM_AttestationPluginFunctions *api = cls;
+
+  GNUNET_free (api);
+  return NULL;
+}
+
+
+/* end of plugin_reclaim_attestation_type_gnuid.c */
diff --git a/src/reclaim/plugin_reclaim_attribute_basic.c b/src/reclaim/plugin_reclaim_attribute_basic.c
new file mode 100644
index 000000000..47fdd5f11
--- /dev/null
+++ b/src/reclaim/plugin_reclaim_attribute_basic.c
@@ -0,0 +1,180 @@
+/*
+     This file is part of GNUnet
+     Copyright (C) 2013, 2014, 2016 GNUnet e.V.
+
+     GNUnet is free software: you can redistribute it and/or modify it
+     under the terms of the GNU Affero General Public License as published
+     by the Free Software Foundation, either version 3 of the License,
+     or (at your option) any later version.
+
+     GNUnet is distributed in the hope that it will be useful, but
+     WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+     Affero General Public License for more details.
+
+     You should have received a copy of the GNU Affero General Public License
+     along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+     SPDX-License-Identifier: AGPL3.0-or-later
+ */
+
+/**
+ * @file reclaim-attribute/plugin_reclaim_attribute_gnuid.c
+ * @brief reclaim-attribute-plugin-gnuid attribute plugin to provide the API for
+ *                                       fundamental
+ *                                       attribute types.
+ *
+ * @author Martin Schanzenbach
+ */
+#include "platform.h"
+#include "gnunet_util_lib.h"
+#include "gnunet_reclaim_plugin.h"
+#include <inttypes.h>
+
+
+/**
+ * Convert the 'value' of an attribute to a string.
+ *
+ * @param cls closure, unused
+ * @param type type of the attribute
+ * @param data value in binary encoding
+ * @param data_size number of bytes in @a data
+ * @return NULL on error, otherwise human-readable representation of the value
+ */
+static char *
+basic_value_to_string (void *cls,
+                       uint32_t type,
+                       const void *data,
+                       size_t data_size)
+{
+  switch (type)
+  {
+  case GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING:
+    return GNUNET_strndup (data, data_size);
+
+  default:
+    return NULL;
+  }
+}
+
+
+/**
+ * Convert human-readable version of a 'value' of an attribute to the binary
+ * representation.
+ *
+ * @param cls closure, unused
+ * @param type type of the attribute
+ * @param s human-readable string
+ * @param data set to value in binary encoding (will be allocated)
+ * @param data_size set to number of bytes in @a data
+ * @return #GNUNET_OK on success
+ */
+static int
+basic_string_to_value (void *cls,
+                       uint32_t type,
+                       const char *s,
+                       void **data,
+                       size_t *data_size)
+{
+  if (NULL == s)
+    return GNUNET_SYSERR;
+  switch (type)
+  {
+  case GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING:
+    *data = GNUNET_strdup (s);
+    *data_size = strlen (s);
+    return GNUNET_OK;
+
+  default:
+    return GNUNET_SYSERR;
+  }
+}
+
+/**
+ * Mapping of attribute type numbers to human-readable
+ * attribute type names.
+ */
+static struct
+{
+  const char *name;
+  uint32_t number;
+} basic_name_map[] = { { "STRING", GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING },
+                       { NULL, UINT32_MAX } };
+
+
+/**
+ * Convert a type name to the corresponding number.
+ *
+ * @param cls closure, unused
+ * @param basic_typename name to convert
+ * @return corresponding number, UINT32_MAX on error
+ */
+static uint32_t
+basic_typename_to_number (void *cls, const char *basic_typename)
+{
+  unsigned int i;
+
+  i = 0;
+  while ((NULL != basic_name_map[i].name) &&
+         (0 != strcasecmp (basic_typename, basic_name_map[i].name)))
+    i++;
+  return basic_name_map[i].number;
+}
+
+
+/**
+ * Convert a type number (i.e. 1) to the corresponding type string
+ *
+ * @param cls closure, unused
+ * @param type number of a type to convert
+ * @return corresponding typestring, NULL on error
+ */
+static const char *
+basic_number_to_typename (void *cls, uint32_t type)
+{
+  unsigned int i;
+
+  i = 0;
+  while ((NULL != basic_name_map[i].name) && (type != basic_name_map[i].number))
+    i++;
+  return basic_name_map[i].name;
+}
+
+
+/**
+ * Entry point for the plugin.
+ *
+ * @param cls NULL
+ * @return the exported block API
+ */
+void *
+libgnunet_plugin_reclaim_attribute_basic_init (void *cls)
+{
+  struct GNUNET_RECLAIM_AttributePluginFunctions *api;
+
+  api = GNUNET_new (struct GNUNET_RECLAIM_AttributePluginFunctions);
+  api->value_to_string = &basic_value_to_string;
+  api->string_to_value = &basic_string_to_value;
+  api->typename_to_number = &basic_typename_to_number;
+  api->number_to_typename = &basic_number_to_typename;
+  return api;
+}
+
+
+/**
+ * Exit point from the plugin.
+ *
+ * @param cls the return value from #libgnunet_plugin_block_test_init()
+ * @return NULL
+ */
+void *
+libgnunet_plugin_reclaim_attribute_basic_done (void *cls)
+{
+  struct GNUNET_RECLAIM_AttributePluginFunctions *api = cls;
+
+  GNUNET_free (api);
+  return NULL;
+}
+
+
+/* end of plugin_reclaim_attribute_type_gnuid.c */
diff --git a/src/reclaim/plugin_rest_openid_connect.c b/src/reclaim/plugin_rest_openid_connect.c
index b296f6d15..3e138f259 100644
--- a/src/reclaim/plugin_rest_openid_connect.c
+++ b/src/reclaim/plugin_rest_openid_connect.c
@@ -32,7 +32,7 @@
 #include "gnunet_gnsrecord_lib.h"
 #include "gnunet_identity_service.h"
 #include "gnunet_namestore_service.h"
-#include "gnunet_reclaim_attribute_lib.h"
+#include "gnunet_reclaim_lib.h"
 #include "gnunet_reclaim_service.h"
 #include "gnunet_rest_lib.h"
 #include "gnunet_rest_plugin.h"
diff --git a/src/reclaim/plugin_rest_reclaim.c b/src/reclaim/plugin_rest_reclaim.c
index 417e594fe..8b3aee8ba 100644
--- a/src/reclaim/plugin_rest_reclaim.c
+++ b/src/reclaim/plugin_rest_reclaim.c
@@ -31,7 +31,7 @@
 #include "gnunet_gns_service.h"
 #include "gnunet_gnsrecord_lib.h"
 #include "gnunet_identity_service.h"
-#include "gnunet_reclaim_attribute_lib.h"
+#include "gnunet_reclaim_lib.h"
 #include "gnunet_reclaim_service.h"
 #include "gnunet_rest_lib.h"
 #include "gnunet_rest_plugin.h"
diff --git a/src/reclaim/reclaim_api.c b/src/reclaim/reclaim_api.c
index 54288866d..8558b19df 100644
--- a/src/reclaim/reclaim_api.c
+++ b/src/reclaim/reclaim_api.c
@@ -28,7 +28,7 @@
 #include "gnunet_constants.h"
 #include "gnunet_mq_lib.h"
 #include "gnunet_protocols.h"
-#include "gnunet_reclaim_attribute_lib.h"
+#include "gnunet_reclaim_lib.h"
 #include "gnunet_reclaim_service.h"
 #include "reclaim.h"
 
diff --git a/src/reclaim/reclaim_attestation.c b/src/reclaim/reclaim_attestation.c
new file mode 100644
index 000000000..961c6ede4
--- /dev/null
+++ b/src/reclaim/reclaim_attestation.c
@@ -0,0 +1,520 @@
+/*
+   This file is part of GNUnet
+   Copyright (C) 2010-2015 GNUnet e.V.
+
+   GNUnet is free software: you can redistribute it and/or modify it
+   under the terms of the GNU Affero General Public License as published
+   by the Free Software Foundation, either version 3 of the License,
+   or (at your option) any later version.
+
+   GNUnet is distributed in the hope that it will be useful, but
+   WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Affero General Public License for more details.
+
+   You should have received a copy of the GNU Affero General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+   SPDX-License-Identifier: AGPL3.0-or-later
+ */
+
+/**
+ * @file reclaim-attribute/reclaim_attestation.c
+ * @brief helper library to manage identity attribute attestations
+ * @author Martin Schanzenbach
+ */
+#include "platform.h"
+#include "gnunet_util_lib.h"
+#include "gnunet_reclaim_plugin.h"
+#include "reclaim_attestation.h"
+
+
+/**
+ * Handle for a plugin
+ */
+struct Plugin
+{
+  /**
+   * Name of the plugin
+   */
+  char *library_name;
+
+  /**
+   * Plugin API
+   */
+  struct GNUNET_RECLAIM_AttestationPluginFunctions *api;
+};
+
+
+/**
+ * Plugins
+ */
+static struct Plugin **attest_plugins;
+
+
+/**
+ * Number of plugins
+ */
+static unsigned int num_plugins;
+
+
+/**
+ * Init canary
+ */
+static int initialized;
+
+
+/**
+ * Add a plugin
+ *
+ * @param cls closure
+ * @param library_name name of the API library
+ * @param lib_ret the plugin API pointer
+ */
+static void
+add_plugin (void *cls, const char *library_name, void *lib_ret)
+{
+  struct GNUNET_RECLAIM_AttestationPluginFunctions *api = lib_ret;
+  struct Plugin *plugin;
+
+  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+              "Loading attestation plugin `%s'\n",
+              library_name);
+  plugin = GNUNET_new (struct Plugin);
+  plugin->api = api;
+  plugin->library_name = GNUNET_strdup (library_name);
+  GNUNET_array_append (attest_plugins, num_plugins, plugin);
+}
+
+
+/**
+ * Load plugins
+ */
+static void
+init ()
+{
+  if (GNUNET_YES == initialized)
+    return;
+  initialized = GNUNET_YES;
+  GNUNET_PLUGIN_load_all ("libgnunet_plugin_reclaim_attestation_",
+                          NULL,
+                          &add_plugin,
+                          NULL);
+}
+
+
+/**
+ * Convert an attestation type name to the corresponding number
+ *
+ * @param typename name to convert
+ * @return corresponding number, UINT32_MAX on error
+ */
+uint32_t
+GNUNET_RECLAIM_attestation_typename_to_number (const char *typename)
+{
+  unsigned int i;
+  struct Plugin *plugin;
+  uint32_t ret;
+  init ();
+  for (i = 0; i < num_plugins; i++)
+  {
+    plugin = attest_plugins[i];
+    if (UINT32_MAX !=
+        (ret = plugin->api->typename_to_number (plugin->api->cls,
+                                                typename)))
+      return ret;
+  }
+  return UINT32_MAX;
+}
+
+
+/**
+ * Convert an attestation type number to the corresponding attestation type string
+ *
+ * @param type number of a type
+ * @return corresponding typestring, NULL on error
+ */
+const char *
+GNUNET_RECLAIM_attestation_number_to_typename (uint32_t type)
+{
+  unsigned int i;
+  struct Plugin *plugin;
+  const char *ret;
+
+  init ();
+  for (i = 0; i < num_plugins; i++)
+  {
+    plugin = attest_plugins[i];
+    if (NULL !=
+        (ret = plugin->api->number_to_typename (plugin->api->cls, type)))
+      return ret;
+  }
+  return NULL;
+}
+
+
+/**
+ * Convert human-readable version of a 'claim' of an attestation to the binary
+ * representation
+ *
+ * @param type type of the claim
+ * @param s human-readable string
+ * @param data set to value in binary encoding (will be allocated)
+ * @param data_size set to number of bytes in @a data
+ * @return #GNUNET_OK on success
+ */
+int
+GNUNET_RECLAIM_attestation_string_to_value (uint32_t type,
+                                            const char *s,
+                                            void **data,
+                                            size_t *data_size)
+{
+  unsigned int i;
+  struct Plugin *plugin;
+
+  init ();
+  for (i = 0; i < num_plugins; i++)
+  {
+    plugin = attest_plugins[i];
+    if (GNUNET_OK == plugin->api->string_to_value (plugin->api->cls,
+                                                   type,
+                                                   s,
+                                                   data,
+                                                   data_size))
+      return GNUNET_OK;
+  }
+  return GNUNET_SYSERR;
+}
+
+
+/**
+ * Convert the 'claim' of an attestation to a string
+ *
+ * @param type the type of attestation
+ * @param data claim in binary encoding
+ * @param data_size number of bytes in @a data
+ * @return NULL on error, otherwise human-readable representation of the claim
+ */
+char *
+GNUNET_RECLAIM_attestation_value_to_string (uint32_t type,
+                                            const void *data,
+                                            size_t data_size)
+{
+  unsigned int i;
+  struct Plugin *plugin;
+  char *ret;
+
+  init ();
+  for (i = 0; i < num_plugins; i++)
+  {
+    plugin = attest_plugins[i];
+    if (NULL != (ret = plugin->api->value_to_string (plugin->api->cls,
+                                                     type,
+                                                     data,
+                                                     data_size)))
+      return ret;
+  }
+  return NULL;
+}
+
+
+/**
+   * Create a new attestation.
+   *
+   * @param attr_name the attestation name
+   * @param type the attestation type
+   * @param data the attestation value
+   * @param data_size the attestation value size
+   * @return the new attestation
+   */
+struct GNUNET_RECLAIM_Attestation *
+GNUNET_RECLAIM_attestation_new (const char *attr_name,
+                                uint32_t type,
+                                const void *data,
+                                size_t data_size)
+{
+  struct GNUNET_RECLAIM_Attestation *attr;
+  char *write_ptr;
+  char *attr_name_tmp = GNUNET_strdup (attr_name);
+
+  GNUNET_STRINGS_utf8_tolower (attr_name, attr_name_tmp);
+
+  attr = GNUNET_malloc (sizeof(struct GNUNET_RECLAIM_Attestation)
+                        + strlen (attr_name_tmp) + 1 + data_size);
+  attr->type = type;
+  attr->data_size = data_size;
+  attr->flag = 0;
+  write_ptr = (char *) &attr[1];
+  GNUNET_memcpy (write_ptr, attr_name_tmp, strlen (attr_name_tmp) + 1);
+  attr->name = write_ptr;
+  write_ptr += strlen (attr->name) + 1;
+  GNUNET_memcpy (write_ptr, data, data_size);
+  attr->data = write_ptr;
+  GNUNET_free (attr_name_tmp);
+  return attr;
+}
+
+
+/**
+ * Get required size for serialization buffer
+ *
+ * @param attrs the attribute list to serialize
+ * @return the required buffer size
+ */
+size_t
+GNUNET_RECLAIM_attestation_list_serialize_get_size (
+  const struct GNUNET_RECLAIM_AttestationList *attestations)
+{
+  struct GNUNET_RECLAIM_AttestationListEntry *le;
+  size_t len = 0;
+
+  for (le = attestations->list_head; NULL != le; le = le->next)
+  {
+    GNUNET_assert (NULL != le->attestation);
+    len += GNUNET_RECLAIM_attestation_serialize_get_size (le->attestation);
+    len += sizeof(struct GNUNET_RECLAIM_AttestationListEntry);
+  }
+  return len;
+}
+
+
+/**
+ * Serialize an attribute list
+ *
+ * @param attrs the attribute list to serialize
+ * @param result the serialized attribute
+ * @return length of serialized data
+ */
+size_t
+GNUNET_RECLAIM_attestation_list_serialize (
+  const struct GNUNET_RECLAIM_AttestationList *attestations,
+  char *result)
+{
+  struct GNUNET_RECLAIM_AttestationListEntry *le;
+  size_t len;
+  size_t total_len;
+  char *write_ptr;
+  write_ptr = result;
+  total_len = 0;
+  for (le = attestations->list_head; NULL != le; le = le->next)
+  {
+    GNUNET_assert (NULL != le->attestation);
+    len = GNUNET_RECLAIM_attestation_serialize (le->attestation, write_ptr);
+    total_len += len;
+    write_ptr += len;
+  }
+  return total_len;
+}
+
+
+/**
+ * Deserialize an attestation list
+ *
+ * @param data the serialized attribute list
+ * @param data_size the length of the serialized data
+ * @return a GNUNET_IDENTITY_PROVIDER_AttributeList, must be free'd by caller
+ */
+struct GNUNET_RECLAIM_AttestationList *
+GNUNET_RECLAIM_attestation_list_deserialize (const char *data, size_t data_size)
+{
+  struct GNUNET_RECLAIM_AttestationList *al;
+  struct GNUNET_RECLAIM_AttestationListEntry *ale;
+  size_t att_len;
+  const char *read_ptr;
+
+  al = GNUNET_new (struct GNUNET_RECLAIM_AttestationList);
+
+  if ((data_size < sizeof(struct
+                          Attestation)
+       + sizeof(struct GNUNET_RECLAIM_AttestationListEntry)))
+    return al;
+
+  read_ptr = data;
+  while (((data + data_size) - read_ptr) >= sizeof(struct Attestation))
+  {
+    ale = GNUNET_new (struct GNUNET_RECLAIM_AttestationListEntry);
+    ale->attestation =
+      GNUNET_RECLAIM_attestation_deserialize (read_ptr,
+                                              data_size - (read_ptr - data));
+    GNUNET_CONTAINER_DLL_insert (al->list_head, al->list_tail, ale);
+    att_len = GNUNET_RECLAIM_attestation_serialize_get_size (ale->attestation);
+    read_ptr += att_len;
+  }
+  return al;
+}
+
+
+/**
+ * Make a (deep) copy of the attestation list
+ * @param attrs claim list to copy
+ * @return copied claim list
+ */
+struct GNUNET_RECLAIM_AttestationList *
+GNUNET_RECLAIM_attestation_list_dup (
+  const struct GNUNET_RECLAIM_AttestationList *al)
+{
+  struct GNUNET_RECLAIM_AttestationListEntry *ale;
+  struct GNUNET_RECLAIM_AttestationListEntry *result_ale;
+  struct GNUNET_RECLAIM_AttestationList *result;
+
+  result = GNUNET_new (struct GNUNET_RECLAIM_AttestationList);
+  for (ale = al->list_head; NULL != ale; ale = ale->next)
+  {
+    result_ale = GNUNET_new (struct GNUNET_RECLAIM_AttestationListEntry);
+    GNUNET_assert (NULL != ale->attestation);
+    result_ale->attestation =
+      GNUNET_RECLAIM_attestation_new (ale->attestation->name,
+                                      ale->attestation->type,
+                                      ale->attestation->data,
+                                      ale->attestation->data_size);
+    result_ale->attestation->id = ale->attestation->id;
+    GNUNET_CONTAINER_DLL_insert (result->list_head,
+                                 result->list_tail,
+                                 result_ale);
+  }
+  return result;
+}
+
+
+/**
+ * Destroy attestation list
+ *
+ * @param attrs list to destroy
+ */
+void
+GNUNET_RECLAIM_attestation_list_destroy (
+  struct GNUNET_RECLAIM_AttestationList *al)
+{
+  struct GNUNET_RECLAIM_AttestationListEntry *ale;
+  struct GNUNET_RECLAIM_AttestationListEntry *tmp_ale;
+
+  for (ale = al->list_head; NULL != ale;)
+  {
+    if (NULL != ale->attestation)
+      GNUNET_free (ale->attestation);
+    tmp_ale = ale;
+    ale = ale->next;
+    GNUNET_free (tmp_ale);
+  }
+  GNUNET_free (al);
+}
+
+
+/**
+ * Get required size for serialization buffer
+ *
+ * @param attr the attestation to serialize
+ * @return the required buffer size
+ */
+size_t
+GNUNET_RECLAIM_attestation_serialize_get_size (
+  const struct GNUNET_RECLAIM_Attestation *attestation)
+{
+  return sizeof(struct Attestation) + strlen (attestation->name)
+         + attestation->data_size;
+}
+
+
+/**
+ * Serialize an attestation
+ *
+ * @param attr the attestation to serialize
+ * @param result the serialized attestation
+ * @return length of serialized data
+ */
+size_t
+GNUNET_RECLAIM_attestation_serialize (
+  const struct GNUNET_RECLAIM_Attestation *attestation,
+  char *result)
+{
+  size_t data_len_ser;
+  size_t name_len;
+  struct Attestation *atts;
+  char *write_ptr;
+
+  atts = (struct Attestation *) result;
+  atts->attestation_type = htons (attestation->type);
+  atts->attestation_flag = htonl (attestation->flag);
+  atts->attestation_id = attestation->id;
+  name_len = strlen (attestation->name);
+  atts->name_len = htons (name_len);
+  write_ptr = (char *) &atts[1];
+  GNUNET_memcpy (write_ptr, attestation->name, name_len);
+  write_ptr += name_len;
+  // TODO plugin-ize
+  // data_len_ser = plugin->serialize_attribute_value (attr,
+  //                                                  &attr_ser[1]);
+  data_len_ser = attestation->data_size;
+  GNUNET_memcpy (write_ptr, attestation->data, attestation->data_size);
+  atts->data_size = htons (data_len_ser);
+
+  return sizeof(struct Attestation) + strlen (attestation->name)
+         + attestation->data_size;
+}
+
+
+/**
+ * Deserialize an attestation
+ *
+ * @param data the serialized attestation
+ * @param data_size the length of the serialized data
+ *
+ * @return a GNUNET_IDENTITY_PROVIDER_Attribute, must be free'd by caller
+ */
+struct GNUNET_RECLAIM_Attestation *
+GNUNET_RECLAIM_attestation_deserialize (const char *data, size_t data_size)
+{
+  struct GNUNET_RECLAIM_Attestation *attestation;
+  struct Attestation *atts;
+  size_t data_len;
+  size_t name_len;
+  char *write_ptr;
+
+  if (data_size < sizeof(struct Attestation))
+    return NULL;
+
+  atts = (struct Attestation *) data;
+  data_len = ntohs (atts->data_size);
+  name_len = ntohs (atts->name_len);
+  if (data_size < sizeof(struct Attestation) + data_len + name_len)
+  {
+    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                "Buffer too small to deserialize\n");
+    return NULL;
+  }
+  attestation = GNUNET_malloc (sizeof(struct GNUNET_RECLAIM_Attestation)
+                               + data_len + name_len + 1);
+  attestation->type = ntohs (atts->attestation_type);
+  attestation->flag = ntohl (atts->attestation_flag);
+  attestation->id = atts->attestation_id;
+  attestation->data_size = data_len;
+
+  write_ptr = (char *) &attestation[1];
+  GNUNET_memcpy (write_ptr, &atts[1], name_len);
+  write_ptr[name_len] = '\0';
+  attestation->name = write_ptr;
+
+  write_ptr += name_len + 1;
+  GNUNET_memcpy (write_ptr, (char *) &atts[1] + name_len,
+                 attestation->data_size);
+  attestation->data = write_ptr;
+  return attestation;
+}
+
+struct GNUNET_RECLAIM_AttributeList*
+GNUNET_RECLAIM_attestation_get_attributes (const struct GNUNET_RECLAIM_Attestation *attest)
+{
+  unsigned int i;
+  struct Plugin *plugin;
+  struct GNUNET_RECLAIM_AttributeList *ret;
+  init ();
+  for (i = 0; i < num_plugins; i++)
+  {
+    plugin = attest_plugins[i];
+    if (NULL !=
+       (ret = plugin->api->get_attributes (plugin->api->cls,
+                                              attest)))
+      return ret;
+  }
+  return NULL;
+}
diff --git a/src/reclaim/reclaim_attestation.h b/src/reclaim/reclaim_attestation.h
new file mode 100644
index 000000000..5747d8896
--- /dev/null
+++ b/src/reclaim/reclaim_attestation.h
@@ -0,0 +1,64 @@
+/*
+   This file is part of GNUnet.
+   Copyright (C) 2012-2015 GNUnet e.V.
+
+   GNUnet is free software: you can redistribute it and/or modify it
+   under the terms of the GNU Affero General Public License as published
+   by the Free Software Foundation, either version 3 of the License,
+   or (at your option) any later version.
+
+   GNUnet is distributed in the hope that it will be useful, but
+   WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Affero General Public License for more details.
+
+   You should have received a copy of the GNU Affero General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+   SPDX-License-Identifier: AGPL3.0-or-later
+ */
+/**
+ * @author Martin Schanzenbach
+ * @file reclaim-attribute/reclaim_attestation.h
+ * @brief GNUnet reclaim identity attribute attestations
+ *
+ */
+#ifndef RECLAIM_ATTESTATION_H
+#define RECLAIM_ATTESTATION_H
+
+#include "gnunet_reclaim_service.h"
+
+/**
+ * Serialized attestation claim
+ */
+struct Attestation
+{
+  /**
+   * Attestation type
+   */
+  uint32_t attestation_type;
+
+  /**
+   * Attestation flag
+   */
+  uint32_t attestation_flag;
+
+  /**
+   * Attestation ID
+   */
+  struct GNUNET_RECLAIM_Identifier attestation_id;
+
+  /**
+   * Name length
+   */
+  uint32_t name_len;
+
+  /**
+   * Data size
+   */
+  uint32_t data_size;
+
+  // followed by data_size Attestation value data
+};
+
+#endif
diff --git a/src/reclaim/reclaim_attribute.c b/src/reclaim/reclaim_attribute.c
new file mode 100644
index 000000000..12f124c15
--- /dev/null
+++ b/src/reclaim/reclaim_attribute.c
@@ -0,0 +1,539 @@
+/*
+   This file is part of GNUnet
+   Copyright (C) 2010-2015 GNUnet e.V.
+
+   GNUnet is free software: you can redistribute it and/or modify it
+   under the terms of the GNU Affero General Public License as published
+   by the Free Software Foundation, either version 3 of the License,
+   or (at your option) any later version.
+
+   GNUnet is distributed in the hope that it will be useful, but
+   WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Affero General Public License for more details.
+
+   You should have received a copy of the GNU Affero General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+   SPDX-License-Identifier: AGPL3.0-or-later
+ */
+
+/**
+ * @file reclaim-attribute/reclaim_attribute.c
+ * @brief helper library to manage identity attributes
+ * @author Martin Schanzenbach
+ */
+#include "platform.h"
+#include "gnunet_util_lib.h"
+#include "gnunet_reclaim_plugin.h"
+#include "reclaim_attribute.h"
+
+
+/**
+ * Handle for a plugin
+ */
+struct Plugin
+{
+  /**
+   * Name of the plugin
+   */
+  char *library_name;
+
+  /**
+   * Plugin API
+   */
+  struct GNUNET_RECLAIM_AttributePluginFunctions *api;
+};
+
+
+/**
+ * Plugins
+ */
+static struct Plugin **attr_plugins;
+
+
+/**
+ * Number of plugins
+ */
+static unsigned int num_plugins;
+
+
+/**
+ * Init canary
+ */
+static int initialized;
+
+
+/**
+ * Add a plugin
+ *
+ * @param cls closure
+ * @param library_name name of the API library
+ * @param lib_ret the plugin API pointer
+ */
+static void
+add_plugin (void *cls, const char *library_name, void *lib_ret)
+{
+  struct GNUNET_RECLAIM_AttributePluginFunctions *api = lib_ret;
+  struct Plugin *plugin;
+
+  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+              "Loading attribute plugin `%s'\n",
+              library_name);
+  plugin = GNUNET_new (struct Plugin);
+  plugin->api = api;
+  plugin->library_name = GNUNET_strdup (library_name);
+  GNUNET_array_append (attr_plugins, num_plugins, plugin);
+}
+
+
+/**
+ * Load plugins
+ */
+static void
+init ()
+{
+  if (GNUNET_YES == initialized)
+    return;
+  initialized = GNUNET_YES;
+  GNUNET_PLUGIN_load_all ("libgnunet_plugin_reclaim_attribute_",
+                          NULL,
+                          &add_plugin,
+                          NULL);
+}
+
+
+/**
+ * Convert a type name to the corresponding number
+ *
+ * @param typename name to convert
+ * @return corresponding number, UINT32_MAX on error
+ */
+uint32_t
+GNUNET_RECLAIM_attribute_typename_to_number (const char *typename)
+{
+  unsigned int i;
+  struct Plugin *plugin;
+  uint32_t ret;
+
+  init ();
+  for (i = 0; i < num_plugins; i++)
+  {
+    plugin = attr_plugins[i];
+    if (UINT32_MAX !=
+        (ret = plugin->api->typename_to_number (plugin->api->cls, typename)))
+      return ret;
+  }
+  return UINT32_MAX;
+}
+
+
+/**
+ * Convert a type number to the corresponding type string
+ *
+ * @param type number of a type
+ * @return corresponding typestring, NULL on error
+ */
+const char *
+GNUNET_RECLAIM_attribute_number_to_typename (uint32_t type)
+{
+  unsigned int i;
+  struct Plugin *plugin;
+  const char *ret;
+
+  init ();
+  for (i = 0; i < num_plugins; i++)
+  {
+    plugin = attr_plugins[i];
+    if (NULL !=
+        (ret = plugin->api->number_to_typename (plugin->api->cls, type)))
+      return ret;
+  }
+  return NULL;
+}
+
+
+/**
+ * Convert human-readable version of a 'claim' of an attribute to the binary
+ * representation
+ *
+ * @param type type of the claim
+ * @param s human-readable string
+ * @param data set to value in binary encoding (will be allocated)
+ * @param data_size set to number of bytes in @a data
+ * @return #GNUNET_OK on success
+ */
+int
+GNUNET_RECLAIM_attribute_string_to_value (uint32_t type,
+                                          const char *s,
+                                          void **data,
+                                          size_t *data_size)
+{
+  unsigned int i;
+  struct Plugin *plugin;
+
+  init ();
+  for (i = 0; i < num_plugins; i++)
+  {
+    plugin = attr_plugins[i];
+    if (GNUNET_OK == plugin->api->string_to_value (plugin->api->cls,
+                                                   type,
+                                                   s,
+                                                   data,
+                                                   data_size))
+      return GNUNET_OK;
+  }
+  return GNUNET_SYSERR;
+}
+
+
+/**
+ * Convert the 'claim' of an attribute to a string
+ *
+ * @param type the type of attribute
+ * @param data claim in binary encoding
+ * @param data_size number of bytes in @a data
+ * @return NULL on error, otherwise human-readable representation of the claim
+ */
+char *
+GNUNET_RECLAIM_attribute_value_to_string (uint32_t type,
+                                          const void *data,
+                                          size_t data_size)
+{
+  unsigned int i;
+  struct Plugin *plugin;
+  char *ret;
+
+  init ();
+  for (i = 0; i < num_plugins; i++)
+  {
+    plugin = attr_plugins[i];
+    if (NULL != (ret = plugin->api->value_to_string (plugin->api->cls,
+                                                     type,
+                                                     data,
+                                                     data_size)))
+      return ret;
+  }
+  return NULL;
+}
+
+
+/**
+ * Create a new attribute.
+ *
+ * @param attr_name the attribute name
+ * @param attestation attestation ID of the attribute (maybe NULL)
+ * @param type the attribute type
+ * @param data the attribute value
+ * @param data_size the attribute value size
+ * @return the new attribute
+ */
+struct GNUNET_RECLAIM_Attribute *
+GNUNET_RECLAIM_attribute_new (const char *attr_name,
+                              const struct GNUNET_RECLAIM_Identifier *attestation,
+                              uint32_t type,
+                              const void *data,
+                              size_t data_size)
+{
+  struct GNUNET_RECLAIM_Attribute *attr;
+  char *write_ptr;
+  char *attr_name_tmp = GNUNET_strdup (attr_name);
+
+  GNUNET_STRINGS_utf8_tolower (attr_name, attr_name_tmp);
+
+  attr = GNUNET_malloc (sizeof(struct GNUNET_RECLAIM_Attribute)
+                        + strlen (attr_name_tmp) + 1 + data_size);
+  if (NULL != attestation)
+    attr->attestation = *attestation;
+  attr->type = type;
+  attr->data_size = data_size;
+  attr->flag = 0;
+  write_ptr = (char *) &attr[1];
+  GNUNET_memcpy (write_ptr, attr_name_tmp, strlen (attr_name_tmp) + 1);
+  attr->name = write_ptr;
+  write_ptr += strlen (attr->name) + 1;
+  GNUNET_memcpy (write_ptr, data, data_size);
+  attr->data = write_ptr;
+  GNUNET_free (attr_name_tmp);
+  return attr;
+}
+
+
+/**
+ * Add a new attribute to a claim list
+ *
+ * @param attr_name the name of the new attribute claim
+ * @param type the type of the claim
+ * @param data claim payload
+ * @param data_size claim payload size
+ */
+void
+GNUNET_RECLAIM_attribute_list_add (
+  struct GNUNET_RECLAIM_AttributeList *al,
+  const char *attr_name,
+  const struct GNUNET_RECLAIM_Identifier *attestation,
+  uint32_t type,
+  const void *data,
+  size_t data_size)
+{
+  struct GNUNET_RECLAIM_AttributeListEntry *ale;
+
+  ale = GNUNET_new (struct GNUNET_RECLAIM_AttributeListEntry);
+  ale->attribute =
+    GNUNET_RECLAIM_attribute_new (attr_name, attestation,
+                                  type, data, data_size);
+  GNUNET_CONTAINER_DLL_insert (al->list_head,
+                               al->list_tail,
+                               ale);
+}
+
+
+/**
+ * Get required size for serialization buffer
+ *
+ * @param attrs the attribute list to serialize
+ * @return the required buffer size
+ */
+size_t
+GNUNET_RECLAIM_attribute_list_serialize_get_size (
+  const struct GNUNET_RECLAIM_AttributeList *al)
+{
+  struct GNUNET_RECLAIM_AttributeListEntry *ale;
+  size_t len = 0;
+
+  for (ale = al->list_head; NULL != ale; ale = ale->next)
+  {
+    GNUNET_assert (NULL != ale->attribute);
+    len += GNUNET_RECLAIM_attribute_serialize_get_size (ale->attribute);
+    len += sizeof(struct GNUNET_RECLAIM_AttributeListEntry);
+  }
+  return len;
+}
+
+
+/**
+ * Serialize an attribute list
+ *
+ * @param attrs the attribute list to serialize
+ * @param result the serialized attribute
+ * @return length of serialized data
+ */
+size_t
+GNUNET_RECLAIM_attribute_list_serialize (
+  const struct GNUNET_RECLAIM_AttributeList *al,
+  char *result)
+{
+  struct GNUNET_RECLAIM_AttributeListEntry *ale;
+  size_t len;
+  size_t total_len;
+  char *write_ptr;
+  write_ptr = result;
+  total_len = 0;
+  for (ale = al->list_head; NULL != ale; ale = ale->next)
+  {
+    GNUNET_assert (NULL != ale->attribute);
+    len = GNUNET_RECLAIM_attribute_serialize (ale->attribute, write_ptr);
+    total_len += len;
+    write_ptr += len;
+  }
+  return total_len;
+}
+
+
+/**
+ * Deserialize an attribute list
+ *
+ * @param data the serialized attribute list
+ * @param data_size the length of the serialized data
+ * @return a GNUNET_IDENTITY_PROVIDER_AttributeList, must be free'd by caller
+ */
+struct GNUNET_RECLAIM_AttributeList *
+GNUNET_RECLAIM_attribute_list_deserialize (const char *data, size_t data_size)
+{
+  struct GNUNET_RECLAIM_AttributeList *al;
+  struct GNUNET_RECLAIM_AttributeListEntry *ale;
+  size_t attr_len;
+  const char *read_ptr;
+
+  al = GNUNET_new (struct GNUNET_RECLAIM_AttributeList);
+  if (data_size < sizeof(struct Attribute) + sizeof(struct
+                                                    GNUNET_RECLAIM_AttributeListEntry))
+    return al;
+  read_ptr = data;
+  while (((data + data_size) - read_ptr) >= sizeof(struct Attribute))
+  {
+    ale = GNUNET_new (struct GNUNET_RECLAIM_AttributeListEntry);
+    ale->attribute =
+      GNUNET_RECLAIM_attribute_deserialize (read_ptr,
+                                            data_size - (read_ptr - data));
+    GNUNET_CONTAINER_DLL_insert (al->list_head, al->list_tail, ale);
+    attr_len = GNUNET_RECLAIM_attribute_serialize_get_size (ale->attribute);
+    read_ptr += attr_len;
+  }
+  return al;
+}
+
+
+/**
+ * Make a (deep) copy of a claim list
+ * @param attrs claim list to copy
+ * @return copied claim list
+ */
+struct GNUNET_RECLAIM_AttributeList *
+GNUNET_RECLAIM_attribute_list_dup (
+  const struct GNUNET_RECLAIM_AttributeList *al)
+{
+  struct GNUNET_RECLAIM_AttributeListEntry *ale;
+  struct GNUNET_RECLAIM_AttributeListEntry *result_ale;
+  struct GNUNET_RECLAIM_AttributeList *result;
+
+  result = GNUNET_new (struct GNUNET_RECLAIM_AttributeList);
+  for (ale = al->list_head; NULL != ale; ale = ale->next)
+  {
+    result_ale = GNUNET_new (struct GNUNET_RECLAIM_AttributeListEntry);
+    GNUNET_assert (NULL != ale->attribute);
+    {
+      result_ale->attribute =
+        GNUNET_RECLAIM_attribute_new (ale->attribute->name,
+                                      &ale->attribute->attestation,
+                                      ale->attribute->type,
+                                      ale->attribute->data,
+                                      ale->attribute->data_size);
+
+      result_ale->attribute->id = ale->attribute->id;
+      result_ale->attribute->flag = ale->attribute->flag;
+    }
+    GNUNET_CONTAINER_DLL_insert (result->list_head,
+                                 result->list_tail,
+                                 result_ale);
+  }
+  return result;
+}
+
+
+/**
+ * Destroy claim list
+ *
+ * @param attrs list to destroy
+ */
+void
+GNUNET_RECLAIM_attribute_list_destroy (
+  struct GNUNET_RECLAIM_AttributeList *al)
+{
+  struct GNUNET_RECLAIM_AttributeListEntry *ale;
+  struct GNUNET_RECLAIM_AttributeListEntry *tmp_ale;
+
+  for (ale = al->list_head; NULL != ale;)
+  {
+    if (NULL != ale->attribute)
+      GNUNET_free (ale->attribute);
+    tmp_ale = ale;
+    ale = ale->next;
+    GNUNET_free (tmp_ale);
+  }
+  GNUNET_free (al);
+}
+
+
+/**
+ * Get required size for serialization buffer
+ *
+ * @param attr the attribute to serialize
+ * @return the required buffer size
+ */
+size_t
+GNUNET_RECLAIM_attribute_serialize_get_size (
+  const struct GNUNET_RECLAIM_Attribute *attr)
+{
+  return sizeof(struct Attribute) + strlen (attr->name) + attr->data_size;
+}
+
+
+/**
+ * Serialize an attribute
+ *
+ * @param attr the attribute to serialize
+ * @param result the serialized attribute
+ * @return length of serialized data
+ */
+size_t
+GNUNET_RECLAIM_attribute_serialize (
+  const struct GNUNET_RECLAIM_Attribute *attr,
+  char *result)
+{
+  size_t data_len_ser;
+  size_t name_len;
+  struct Attribute *attr_ser;
+  char *write_ptr;
+
+  attr_ser = (struct Attribute *) result;
+  attr_ser->attribute_type = htons (attr->type);
+  attr_ser->attribute_flag = htonl (attr->flag);
+  attr_ser->attribute_id = attr->id;
+  attr_ser->attestation_id = attr->attestation;
+  name_len = strlen (attr->name);
+  attr_ser->name_len = htons (name_len);
+  write_ptr = (char *) &attr_ser[1];
+  GNUNET_memcpy (write_ptr, attr->name, name_len);
+  write_ptr += name_len;
+  // TODO plugin-ize
+  // data_len_ser = plugin->serialize_attribute_value (attr,
+  //                                                  &attr_ser[1]);
+  data_len_ser = attr->data_size;
+  GNUNET_memcpy (write_ptr, attr->data, attr->data_size);
+  attr_ser->data_size = htons (data_len_ser);
+
+  return sizeof(struct Attribute) + strlen (attr->name) + attr->data_size;
+}
+
+
+/**
+ * Deserialize an attribute
+ *
+ * @param data the serialized attribute
+ * @param data_size the length of the serialized data
+ *
+ * @return a GNUNET_IDENTITY_PROVIDER_Attribute, must be free'd by caller
+ */
+struct GNUNET_RECLAIM_Attribute *
+GNUNET_RECLAIM_attribute_deserialize (const char *data, size_t data_size)
+{
+  struct GNUNET_RECLAIM_Attribute *attr;
+  struct Attribute *attr_ser;
+  size_t data_len;
+  size_t name_len;
+  char *write_ptr;
+
+  if (data_size < sizeof(struct Attribute))
+    return NULL;
+
+  attr_ser = (struct Attribute *) data;
+  data_len = ntohs (attr_ser->data_size);
+  name_len = ntohs (attr_ser->name_len);
+  if (data_size < sizeof(struct Attribute) + data_len + name_len)
+  {
+    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                "Buffer too small to deserialize\n");
+    return NULL;
+  }
+  attr = GNUNET_malloc (sizeof(struct GNUNET_RECLAIM_Attribute)
+                        + data_len + name_len + 1);
+  attr->type = ntohs (attr_ser->attribute_type);
+  attr->flag = ntohl (attr_ser->attribute_flag);
+  attr->id = attr_ser->attribute_id;
+  attr->attestation = attr_ser->attestation_id;
+  attr->data_size = data_len;
+
+  write_ptr = (char *) &attr[1];
+  GNUNET_memcpy (write_ptr, &attr_ser[1], name_len);
+  write_ptr[name_len] = '\0';
+  attr->name = write_ptr;
+
+  write_ptr += name_len + 1;
+  GNUNET_memcpy (write_ptr, (char *) &attr_ser[1] + name_len, attr->data_size);
+  attr->data = write_ptr;
+  return attr;
+}
+
+
+/* end of reclaim_attribute.c */
diff --git a/src/reclaim/reclaim_attribute.h b/src/reclaim/reclaim_attribute.h
new file mode 100644
index 000000000..e54b210b9
--- /dev/null
+++ b/src/reclaim/reclaim_attribute.h
@@ -0,0 +1,102 @@
+/*
+   This file is part of GNUnet.
+   Copyright (C) 2012-2015 GNUnet e.V.
+
+   GNUnet is free software: you can redistribute it and/or modify it
+   under the terms of the GNU Affero General Public License as published
+   by the Free Software Foundation, either version 3 of the License,
+   or (at your option) any later version.
+
+   GNUnet is distributed in the hope that it will be useful, but
+   WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Affero General Public License for more details.
+
+   You should have received a copy of the GNU Affero General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+   SPDX-License-Identifier: AGPL3.0-or-later
+ */
+/**
+ * @author Martin Schanzenbach
+ * @file reclaim-attribute/reclaim_attribute.h
+ * @brief GNUnet reclaim identity attributes
+ *
+ */
+#ifndef RECLAIM_ATTRIBUTE_H
+#define RECLAIM_ATTRIBUTE_H
+
+#include "gnunet_reclaim_service.h"
+
+/**
+ * Serialized claim
+ */
+struct Attribute
+{
+  /**
+   * Attribute type
+   */
+  uint32_t attribute_type;
+
+  /**
+   * Attribute flag
+   */
+  uint32_t attribute_flag;
+
+  /**
+   * Attribute ID
+   */
+  struct GNUNET_RECLAIM_Identifier attribute_id;
+
+  /**
+   * Attestation ID
+   */
+  struct GNUNET_RECLAIM_Identifier attestation_id;
+
+  /**
+   * Name length
+   */
+  uint32_t name_len;
+
+  /**
+   * Data size
+   */
+  uint32_t data_size;
+
+  // followed by data_size Attribute value data
+};
+
+/**
+ * Serialized attestation claim
+ */
+struct Attestation
+{
+  /**
+   * Attestation type
+   */
+  uint32_t attestation_type;
+
+  /**
+   * Attestation flag
+   */
+  uint32_t attestation_flag;
+
+  /**
+   * Attestation ID
+   */
+  struct GNUNET_RECLAIM_Identifier attestation_id;
+
+  /**
+   * Name length
+   */
+  uint32_t name_len;
+
+  /**
+   * Data size
+   */
+  uint32_t data_size;
+
+  // followed by data_size Attestation value data
+};
+
+#endif