aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorAndreas Ebner <pansy007@googlemail.com>2019-06-25 15:21:12 +0200
committerSchanzenbach, Martin <mschanzenbach@posteo.de>2019-10-07 12:15:06 +0200
commitd2634b1f96dfd55ae4daef294bb6c05d687354c8 (patch)
tree85250438ba58e5c33c30003bde8e4a6bccf13ca8 /src
parent921b03e4cee5653083e61de42ced85a7278647b2 (diff)
downloadgnunet-d2634b1f96dfd55ae4daef294bb6c05d687354c8.tar.gz
gnunet-d2634b1f96dfd55ae4daef294bb6c05d687354c8.zip
Handle all credential storage via credential service, prepared for subject side storage
- new commandline parameters - new gns record type: DELEGATE for subject side storage - credential connection to namestore - store all credentials via credential service (replacing namestore) - stable, but experimental implementation, atm just using existing methods, next step: introduce own methods and replace/rename existing variables
Diffstat (limited to 'src')
-rw-r--r--src/credential/Makefile.am1
-rw-r--r--src/credential/gnunet-credential.c736
-rw-r--r--src/credential/gnunet-service-credential.c231
-rw-r--r--src/credential/plugin_gnsrecord_credential.c387
-rwxr-xr-xsrc/credential/test_credential_own.sh103
-rwxr-xr-xsrc/credential/test_credential_verify_and.sh7
-rw-r--r--src/include/gnunet_gnsrecord_lib.h2
7 files changed, 1099 insertions, 368 deletions
diff --git a/src/credential/Makefile.am b/src/credential/Makefile.am
index bc6c49deb..5b14b3def 100644
--- a/src/credential/Makefile.am
+++ b/src/credential/Makefile.am
@@ -42,6 +42,7 @@ gnunet_credential_LDADD = \
42 $(top_builddir)/src/util/libgnunetutil.la \ 42 $(top_builddir)/src/util/libgnunetutil.la \
43 $(top_builddir)/src/gnsrecord/libgnunetgnsrecord.la \ 43 $(top_builddir)/src/gnsrecord/libgnunetgnsrecord.la \
44 $(top_builddir)/src/identity/libgnunetidentity.la \ 44 $(top_builddir)/src/identity/libgnunetidentity.la \
45 $(top_builddir)/src/namestore/libgnunetnamestore.la \
45 $(GN_LIBINTL) 46 $(GN_LIBINTL)
46 47
47 48
diff --git a/src/credential/gnunet-credential.c b/src/credential/gnunet-credential.c
index 0558ca5fc..35fa6ff8a 100644
--- a/src/credential/gnunet-credential.c
+++ b/src/credential/gnunet-credential.c
@@ -11,12 +11,12 @@
11 WITHOUT ANY WARRANTY; without even the implied warranty of 11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details. 13 Affero General Public License for more details.
14 14
15 You should have received a copy of the GNU Affero General Public License 15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>. 16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17 17
18 SPDX-License-Identifier: AGPL3.0-or-later 18 SPDX-License-Identifier: AGPL3.0-or-later
19 */ 19*/
20/** 20/**
21 * @file gnunet-credential.c 21 * @file gnunet-credential.c
22 * @brief command line tool to access command line Credential service 22 * @brief command line tool to access command line Credential service
@@ -26,6 +26,7 @@
26#include <gnunet_util_lib.h> 26#include <gnunet_util_lib.h>
27#include <gnunet_credential_service.h> 27#include <gnunet_credential_service.h>
28#include <gnunet_gnsrecord_lib.h> 28#include <gnunet_gnsrecord_lib.h>
29#include <gnunet_namestore_service.h>
29#include "credential_misc.h" 30#include "credential_misc.h"
30#include "credential_serialization.h" 31#include "credential_serialization.h"
31 32
@@ -35,6 +36,16 @@
35static const struct GNUNET_CONFIGURATION_Handle *cfg; 36static const struct GNUNET_CONFIGURATION_Handle *cfg;
36 37
37/** 38/**
39 * Handle to the namestore.
40 */
41static struct GNUNET_NAMESTORE_Handle *ns;
42
43/**
44 * Private key for the our zone.
45 */
46static struct GNUNET_CRYPTO_EcdsaPrivateKey zone_pkey;
47
48/**
38 * EgoLookup 49 * EgoLookup
39 */ 50 */
40static struct GNUNET_IDENTITY_EgoLookup *el; 51static struct GNUNET_IDENTITY_EgoLookup *el;
@@ -121,6 +132,65 @@ static int create_cred;
121static int collect; 132static int collect;
122 133
123/** 134/**
135 * Create mode
136 */
137static int create_is;
138
139/**
140 * Create mode
141 */
142static int create_ss;
143
144/**
145 * Create mode
146 */
147static int sign_ss;
148
149/**
150 * Add mode
151 */
152static int add_iss;
153
154/**
155 * Signed issue credentials
156 */
157static char *extension;
158
159/**
160 * Queue entry for the 'add' operation.
161 */
162static struct GNUNET_NAMESTORE_QueueEntry *add_qe;
163
164/**
165 * Value in binary format.
166 */
167static void *data;
168
169/**
170 * Number of bytes in #data.
171 */
172static size_t data_size;
173
174/**
175 * Type string converted to DNS type value.
176 */
177static uint32_t type;
178
179/**
180 * Type of the record to add/remove, NULL to remove all.
181 */
182static char *typestring;
183/**
184 * Expiration string converted to numeric value.
185 */
186static uint64_t etime;
187
188/**
189 * Is expiration time relative or absolute time?
190 */
191static int etime_is_rel = GNUNET_SYSERR;
192
193/**
124 * Task run on shutdown. Cleans up everything. 194 * Task run on shutdown. Cleans up everything.
125 * 195 *
126 * @param cls unused 196 * @param cls unused
@@ -143,6 +213,21 @@ do_shutdown (void *cls)
143 GNUNET_SCHEDULER_cancel (tt); 213 GNUNET_SCHEDULER_cancel (tt);
144 tt = NULL; 214 tt = NULL;
145 } 215 }
216 if (NULL != el)
217 {
218 GNUNET_IDENTITY_ego_lookup_cancel (el);
219 el = NULL;
220 }
221 if (NULL != add_qe)
222 {
223 GNUNET_NAMESTORE_cancel (add_qe);
224 add_qe = NULL;
225 }
226 if (NULL != ns)
227 {
228 GNUNET_NAMESTORE_disconnect (ns);
229 ns = NULL;
230 }
146} 231}
147 232
148 233
@@ -160,18 +245,18 @@ do_timeout (void *cls)
160 245
161static void 246static void
162handle_collect_result (void *cls, 247handle_collect_result (void *cls,
163 unsigned int d_count, 248 unsigned int d_count,
164 struct GNUNET_CREDENTIAL_Delegation *dc, 249 struct GNUNET_CREDENTIAL_Delegation *dc,
165 unsigned int c_count, 250 unsigned int c_count,
166 struct GNUNET_CREDENTIAL_Credential *cred) 251 struct GNUNET_CREDENTIAL_Credential *cred)
167{ 252{
168 int i; 253 int i;
169 char*line; 254 char* line;
170 255
171 verify_request = NULL; 256 verify_request = NULL;
172 if (NULL != cred) 257 if (NULL != cred)
173 { 258 {
174 for (i = 0; i < c_count; i++) 259 for (i=0;i<c_count;i++)
175 { 260 {
176 line = GNUNET_CREDENTIAL_credential_to_string (&cred[i]); 261 line = GNUNET_CREDENTIAL_credential_to_string (&cred[i]);
177 printf ("%s\n", 262 printf ("%s\n",
@@ -193,16 +278,16 @@ handle_verify_result (void *cls,
193 struct GNUNET_CREDENTIAL_Credential *cred) 278 struct GNUNET_CREDENTIAL_Credential *cred)
194{ 279{
195 int i; 280 int i;
196 char*iss_key; 281 char* iss_key;
197 char*sub_key; 282 char* sub_key;
198 283
199 verify_request = NULL; 284 verify_request = NULL;
200 if (NULL == cred) 285 if (NULL == cred)
201 printf ("Failed.\n"); 286 printf ("Failed.\n");
202 else 287 else
203 { 288 {
204 printf ("Delegation Chain:\n"); 289 printf("Delegation Chain:\n");
205 for (i = 0; i < d_count; i++) 290 for (i=0;i<d_count;i++)
206 { 291 {
207 iss_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dc[i].issuer_key); 292 iss_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dc[i].issuer_key);
208 sub_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dc[i].subject_key); 293 sub_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dc[i].subject_key);
@@ -211,9 +296,7 @@ handle_verify_result (void *cls,
211 printf ("(%d) %s.%s <- %s.%s\n", i, 296 printf ("(%d) %s.%s <- %s.%s\n", i,
212 iss_key, dc[i].issuer_attribute, 297 iss_key, dc[i].issuer_attribute,
213 sub_key, dc[i].subject_attribute); 298 sub_key, dc[i].subject_attribute);
214 } 299 } else {
215 else
216 {
217 printf ("(%d) %s.%s <- %s\n", i, 300 printf ("(%d) %s.%s <- %s\n", i,
218 iss_key, dc[i].issuer_attribute, 301 iss_key, dc[i].issuer_attribute,
219 sub_key); 302 sub_key);
@@ -221,8 +304,8 @@ handle_verify_result (void *cls,
221 GNUNET_free (iss_key); 304 GNUNET_free (iss_key);
222 GNUNET_free (sub_key); 305 GNUNET_free (sub_key);
223 } 306 }
224 printf ("\nCredentials:\n"); 307 printf("\nCredentials:\n");
225 for (i = 0; i < c_count; i++) 308 for (i=0;i<c_count;i++)
226 { 309 {
227 iss_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred[i].issuer_key); 310 iss_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred[i].issuer_key);
228 sub_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred[i].subject_key); 311 sub_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred[i].subject_key);
@@ -231,6 +314,7 @@ handle_verify_result (void *cls,
231 sub_key); 314 sub_key);
232 GNUNET_free (iss_key); 315 GNUNET_free (iss_key);
233 GNUNET_free (sub_key); 316 GNUNET_free (sub_key);
317
234 } 318 }
235 printf ("Successful.\n"); 319 printf ("Successful.\n");
236 } 320 }
@@ -262,7 +346,7 @@ identity_cb (void *cls,
262 if (NULL != ego_name) 346 if (NULL != ego_name)
263 { 347 {
264 fprintf (stderr, 348 fprintf (stderr,
265 _ ("Ego `%s' not known to identity service\n"), 349 _("Ego `%s' not known to identity service\n"),
266 ego_name); 350 ego_name);
267 } 351 }
268 GNUNET_SCHEDULER_shutdown (); 352 GNUNET_SCHEDULER_shutdown ();
@@ -271,28 +355,29 @@ identity_cb (void *cls,
271 355
272 if (GNUNET_YES == collect) 356 if (GNUNET_YES == collect)
273 { 357 {
358
274 if (GNUNET_OK != 359 if (GNUNET_OK !=
275 GNUNET_CRYPTO_ecdsa_public_key_from_string (issuer_key, 360 GNUNET_CRYPTO_ecdsa_public_key_from_string (issuer_key,
276 strlen (issuer_key), 361 strlen (issuer_key),
277 &issuer_pkey)) 362 &issuer_pkey))
278 { 363 {
279 fprintf (stderr, 364 fprintf (stderr,
280 _ ("Issuer public key `%s' is not well-formed\n"), 365 _("Issuer public key `%s' is not well-formed\n"),
281 issuer_key); 366 issuer_key);
282 GNUNET_SCHEDULER_shutdown (); 367 GNUNET_SCHEDULER_shutdown ();
283 } 368 }
284 privkey = GNUNET_IDENTITY_ego_get_private_key (ego); 369 privkey = GNUNET_IDENTITY_ego_get_private_key (ego);
285 370
286 collect_request = GNUNET_CREDENTIAL_collect (credential, 371 collect_request = GNUNET_CREDENTIAL_collect(credential,
287 &issuer_pkey, 372 &issuer_pkey,
288 issuer_attr, // TODO argument 373 issuer_attr, //TODO argument
289 privkey, 374 privkey,
290 &handle_collect_result, 375 &handle_collect_result,
291 NULL); 376 NULL);
292 return; 377 return;
293 } 378 }
294 379
295 // Else issue 380 //Else issue
296 381
297 if (NULL == expiration) 382 if (NULL == expiration)
298 { 383 {
@@ -300,14 +385,12 @@ identity_cb (void *cls,
300 "Please specify a TTL\n"); 385 "Please specify a TTL\n");
301 GNUNET_SCHEDULER_shutdown (); 386 GNUNET_SCHEDULER_shutdown ();
302 return; 387 return;
303 } 388 } else if (GNUNET_OK == GNUNET_STRINGS_fancy_time_to_relative (expiration,
304 else if (GNUNET_OK == GNUNET_STRINGS_fancy_time_to_relative (expiration, 389 &etime_rel))
305 &etime_rel))
306 { 390 {
307 etime_abs = GNUNET_TIME_relative_to_absolute (etime_rel); 391 etime_abs = GNUNET_TIME_relative_to_absolute (etime_rel);
308 } 392 } else if (GNUNET_OK != GNUNET_STRINGS_fancy_time_to_absolute (expiration,
309 else if (GNUNET_OK != GNUNET_STRINGS_fancy_time_to_absolute (expiration, 393 &etime_abs))
310 &etime_abs))
311 { 394 {
312 fprintf (stderr, 395 fprintf (stderr,
313 "%s is not a valid ttl!\n", 396 "%s is not a valid ttl!\n",
@@ -326,13 +409,393 @@ identity_cb (void *cls,
326 &etime_abs); 409 &etime_abs);
327 410
328 res = GNUNET_CREDENTIAL_credential_to_string (crd); 411 res = GNUNET_CREDENTIAL_credential_to_string (crd);
412 fprintf(stderr,"Cred: %s\n", res);
329 GNUNET_free (crd); 413 GNUNET_free (crd);
330 printf ("%s\n", res); 414 printf ("%s\n", res);
331 GNUNET_SCHEDULER_shutdown (); 415 GNUNET_SCHEDULER_shutdown ();
332} 416}
333 417
334 418
419static char
420*strtokm(char *str, const char *delim)
421{
422 static char *tok;
423 static char *next;
424 char *m;
425
426 if (delim == NULL) return NULL;
427
428 tok = (str) ? str : next;
429 if (tok == NULL) return NULL;
335 430
431 m = strstr(tok, delim);
432
433 if (m) {
434 next = m + strlen(delim);
435 *m = '\0';
436 } else {
437 next = NULL;
438 }
439
440 if (m == tok || *tok == '\0') return strtokm(NULL, delim);
441
442 return tok;
443}
444
445void topntail(char *str) {
446 size_t len = strlen(str);
447 // check if last char is a space, if yes: remove 2 chars at the end
448 if(str[len-1] == ' ')
449 {
450 len -= 1;
451 }
452 // remove first and last char
453 memmove(str, str+1, len-2);
454 str[len-2] = 0;
455}
456
457static int
458parse_cmdl_param(const char *extensionstring)
459{
460 fprintf(stderr, "Starting to parse extension string...\n");
461 fprintf(stderr, "string to parse: %s\n", extensionstring);
462
463 //Example:
464 //--ego=epub --attribute=aasds --subject=DKCC5SMTBNV6W3VXDJ7A1N1YS6TRG7B3XC2S5N4HSXJEYYRFRCCG basd --ttl=60m
465 //--extension=NVTQZA44336VHKCP2SA20BR6899T621B2PJKC3V730AKXC37T6M0.aasds -> DKCC5SMTBNV6W3VXDJ7A1N1YS6TRG7B3XC2S5N4HSXJEYYRFRCCG | D1NuT8hHEUbkCURo1lkcSPKhYiydhv4nMkV042kc9J4MgIhB2/fQKLgJUyuGlJKvYgXLf4jHXNRHJe+aCLG7jw== | 1561126006528100
466
467 //TODO: parse, wenn nicht als argument direkt geparsed werden kann
468
469 char cmd_para[100];
470 char para_str[1024];
471 char *token;
472 char *tmp_str;
473 int matches = 0;
474
475 tmp_str = GNUNET_strdup (extensionstring);
476 // use special strtok to match multiple characters
477 token = strtokm (tmp_str, "--");
478 while (NULL != token) {
479 // also fills the variables if "regex"-like match
480 fprintf(stderr, "TOKEN: %s\n", token);
481 // match everything till =, ignore = (%*c), match everything including whitespaces (required for the extension parameter)
482 matches = SSCANF (token, "%[^=]%*c%[^\n]", cmd_para, para_str);
483 // string not well formatted
484 if (0 == matches) {
485 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, ("Failed to parse to extensionstring.\n"));
486 GNUNET_SCHEDULER_shutdown ();
487 GNUNET_free (tmp_str);
488 return GNUNET_SYSERR;
489 } else {
490 fprintf(stderr,"Found command and parameter: %s %s\n", cmd_para, para_str);
491 // assign values to variables, topntail to remove trailing/leading "
492 if(strcmp(cmd_para, "ego") == 0) {
493 fprintf(stderr,"ego found and parsed\n");
494 topntail(para_str);
495 ego_name = GNUNET_strdup(para_str);
496 } else if(strcmp(cmd_para, "attribute") == 0) {
497 fprintf(stderr,"issuer found and parsed\n");
498 topntail(para_str);
499 issuer_attr = GNUNET_strdup(para_str);
500 } else if(strcmp(cmd_para, "subject") == 0) {
501 fprintf(stderr,"subject found and parsed\n");
502 topntail(para_str);
503 subject_key = GNUNET_strdup(para_str);
504 } else if(strcmp(cmd_para, "ttl") == 0) {
505 fprintf(stderr,"ttl found and parsed\n");
506 expiration = GNUNET_strdup(para_str);
507 } else if(strcmp(cmd_para, "extension") == 0) {
508 fprintf(stderr,"extension found and parsed\n");
509 topntail(para_str);
510 extension = GNUNET_strdup(para_str);
511 }
512 }
513 token = strtokm (NULL, "--");
514 }
515 GNUNET_free (tmp_str);
516
517 //return GNUNET_SYSERR;
518 return GNUNET_OK;
519}
520
521/**
522 * Parse expiration time.
523 *
524 * @param expirationstring text to parse
525 * @param etime_is_rel[out] set to #GNUNET_YES if time is relative
526 * @param etime[out] set to expiration time (abs or rel)
527 * @return #GNUNET_OK on success
528 */
529static int
530parse_expiration (const char *expirationstring,
531 int *etime_is_rel,
532 uint64_t *etime)
533{
534 // TODO just copied from gnunet-namestore.c
535 struct GNUNET_TIME_Relative etime_rel;
536 struct GNUNET_TIME_Absolute etime_abs;
537
538 if (0 == strcmp (expirationstring,
539 "never"))
540 {
541 *etime = GNUNET_TIME_UNIT_FOREVER_ABS.abs_value_us;
542 *etime_is_rel = GNUNET_NO;
543 return GNUNET_OK;
544 }
545 if (GNUNET_OK ==
546 GNUNET_STRINGS_fancy_time_to_relative (expirationstring,
547 &etime_rel))
548 {
549 *etime_is_rel = GNUNET_YES;
550 *etime = etime_rel.rel_value_us;
551 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
552 "Storing record with relative expiration time of %s\n",
553 GNUNET_STRINGS_relative_time_to_string (etime_rel,
554 GNUNET_NO));
555 return GNUNET_OK;
556 }
557 if (GNUNET_OK ==
558 GNUNET_STRINGS_fancy_time_to_absolute (expirationstring,
559 &etime_abs))
560 {
561 *etime_is_rel = GNUNET_NO;
562 *etime = etime_abs.abs_value_us;
563 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
564 "Storing record with absolute expiration time of %s\n",
565 GNUNET_STRINGS_absolute_time_to_string (etime_abs));
566 return GNUNET_OK;
567 }
568 return GNUNET_SYSERR;
569}
570
571/**
572 * Function called if lookup fails.
573 */
574static void
575error_cb (void *cls)
576{
577 // TODO: Better
578 fprintf(stderr, "In add_error_cb\n");
579 GNUNET_SCHEDULER_shutdown ();
580 return;
581}
582static void
583add_continuation (void *cls,
584 int32_t success,
585 const char *emsg)
586{
587 fprintf(stderr, "Start: add_continuation\n");
588
589 struct GNUNET_NAMESTORE_QueueEntry **qe = cls;
590 *qe = NULL;
591
592 GNUNET_SCHEDULER_shutdown ();
593}
594
595static void
596get_existing_record (void *cls,
597 const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone_key,
598 const char *rec_name,
599 unsigned int rd_count,
600 const struct GNUNET_GNSRECORD_Data *rd)
601{
602 struct GNUNET_GNSRECORD_Data rdn[rd_count + 1];
603 struct GNUNET_GNSRECORD_Data *rde;
604
605 fprintf(stderr, "Start: get_existing_record\n");
606
607 fprintf(stderr, "count: %d\n", rd_count);
608
609
610 memset (rdn, 0, sizeof (struct GNUNET_GNSRECORD_Data));
611 GNUNET_memcpy (&rdn[1],
612 rd,
613 rd_count * sizeof (struct GNUNET_GNSRECORD_Data));
614 rde = &rdn[0];
615 rde->data = data;
616 rde->data_size = data_size;
617 rde->record_type = type;
618 // TODO: flags
619 /*if (1 == is_shadow)
620 rde->flags |= GNUNET_GNSRECORD_RF_SHADOW_RECORD;
621 if (1 != is_public)
622 rde->flags |= GNUNET_GNSRECORD_RF_PRIVATE;*/
623 rde->expiration_time = etime;
624 if (GNUNET_YES == etime_is_rel)
625 rde->flags |= GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION;
626 else if (GNUNET_NO != etime_is_rel)
627 rde->expiration_time = GNUNET_TIME_UNIT_FOREVER_ABS.abs_value_us;
628 GNUNET_assert (NULL != rec_name);
629 add_qe = GNUNET_NAMESTORE_records_store (ns,
630 &zone_pkey,
631 rec_name,
632 rd_count + 1,
633 rde,
634 &add_continuation,
635 &add_qe);
636
637 return;
638}
639
640static void
641store_cb (void *cls,
642 const struct GNUNET_IDENTITY_Ego *ego)
643{
644 const struct GNUNET_CONFIGURATION_Handle *cfg = cls;
645 struct GNUNET_CRYPTO_EcdsaPublicKey pub;
646
647 fprintf(stderr, "Start: store_cb\n");
648
649 ns = GNUNET_NAMESTORE_connect (cfg);
650 if (NULL == ns)
651 {
652 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
653 _("Failed to connect to namestore\n"));
654 GNUNET_SCHEDULER_shutdown ();
655 return;
656 }
657
658 // Key handling
659 fprintf(stderr, "Connected to ns\n");
660 zone_pkey = *GNUNET_IDENTITY_ego_get_private_key (ego);
661 fprintf(stderr, "Got zone_pkey\n");
662 // TODO rename to zone_pub?
663 GNUNET_CRYPTO_ecdsa_key_get_public (&zone_pkey, &pub);
664
665 // Check relevant cmdline parameters
666 // name ⁼ issuer_attr
667 if (NULL == issuer_attr)
668 {
669 fprintf (stderr, "Missing option -attribute for operation 'create'.\n");
670 GNUNET_SCHEDULER_shutdown ();
671 return;
672 }
673
674 // TODO later, rename subject_key to subject
675 // value ⁼ subject_key
676 if (NULL == subject_key)
677 {
678 fprintf (stderr, "Missing option -subject for operation 'create'.'\n");
679 GNUNET_SCHEDULER_shutdown ();
680 return;
681 }
682
683 // String to value conversion for storage
684 if (GNUNET_OK != GNUNET_GNSRECORD_string_to_value (type,
685 subject_key,
686 &data,
687 &data_size))
688 {
689 fprintf (stderr, "Value `%s' invalid for record type `%s'\n",
690 subject_key,
691 typestring);
692 GNUNET_SCHEDULER_shutdown ();
693 return;
694 }
695 fprintf (stderr, "Data size: `%lu'\n", data_size);
696
697 // Take care of expiration
698
699 if (NULL == expiration)
700 {
701 fprintf (stderr, "Missing option -e for operation 'create'\n");
702 GNUNET_SCHEDULER_shutdown ();
703 return;
704 }
705 if (GNUNET_OK != parse_expiration (expiration,
706 &etime_is_rel,
707 &etime))
708 {
709 fprintf (stderr, "Invalid time format `%s'\n",
710 expiration);
711 GNUNET_SCHEDULER_shutdown ();
712 return;
713 }
714
715 // Start lookup
716 add_qe = GNUNET_NAMESTORE_records_lookup (ns,
717 &zone_pkey,
718 issuer_attr,
719 &error_cb,
720 NULL,
721 &get_existing_record,
722 NULL);
723 return;
724}
725
726static void
727sign_cb (void *cls,
728 const struct GNUNET_IDENTITY_Ego *ego)
729{
730 const struct GNUNET_CRYPTO_EcdsaPrivateKey *privkey;
731 struct GNUNET_CREDENTIAL_Credential *crd;
732 struct GNUNET_TIME_Absolute etime_abs;
733 struct GNUNET_TIME_Relative etime_rel;
734 char *res;
735
736 el = NULL;
737
738
739 // work on expiration time
740 if (NULL == expiration)
741 {
742 fprintf (stderr, "Please specify a TTL\n");
743 GNUNET_SCHEDULER_shutdown ();
744 return;
745 } else if (GNUNET_OK == GNUNET_STRINGS_fancy_time_to_relative (expiration, &etime_rel))
746 {
747 etime_abs = GNUNET_TIME_relative_to_absolute (etime_rel);
748 } else if (GNUNET_OK != GNUNET_STRINGS_fancy_time_to_absolute (expiration, &etime_abs))
749 {
750 fprintf (stderr, "%s is not a valid ttl!\n", expiration);
751 GNUNET_SCHEDULER_shutdown ();
752 return;
753 }
754
755 // if contains a space - split it by the first space only - assume first token entry is subject_key
756 fprintf (stderr, "Start splitting\n");
757 char *space;
758 int idx;
759 space = strchr(subject_key, ' ');
760 idx = (int)(space - subject_key);
761
762 // TODO rename subject_key to subject
763 char *subject_pubkey_str = GNUNET_malloc(idx+1);
764 GNUNET_memcpy(subject_pubkey_str, subject_key, idx);
765 subject_pubkey_str[idx] = '\0';
766
767 fprintf(stderr, "idx: %d, str: %s\n", idx, subject_pubkey_str);
768
769 // work on keys
770 privkey = GNUNET_IDENTITY_ego_get_private_key (ego);
771
772 if (GNUNET_OK != GNUNET_CRYPTO_ecdsa_public_key_from_string (subject_pubkey_str,
773 strlen (subject_pubkey_str),
774 &subject_pkey))
775 {
776 fprintf (stderr, "Subject public key `%s' is not well-formed\n", subject_pubkey_str);
777 GNUNET_SCHEDULER_shutdown ();
778 return;
779 }
780
781 // Sign credential / TODO not credential but delegate (new method), not only pass subject_pkey but also subject_attr
782 // gnunet-credential --issue --ego=registrarb --subject=$ALICE_KEY --attribute=$REG_STUD_ATTR --ttl=5m -c test_credential_lookup.conf
783 // gnunet-credential --create --ego=epub --attribute="a" --subject="B b" --where="ss" -E 60m
784 // TODO: only signs subject_pkey at the moment, also requires subject_attr (or both in subject_key)
785 crd = GNUNET_CREDENTIAL_credential_issue (privkey,
786 &subject_pkey,
787 issuer_attr,
788 &etime_abs);
789 res = GNUNET_CREDENTIAL_credential_to_string (crd);
790 fprintf(stderr,"Dele: %s\n", res);
791 GNUNET_free (crd);
792 printf ("--ego=\"%s\" --attribute=\"%s\" --subject=\"%s\" --ttl=%s --extension=\"%s\"\n", ego_name, issuer_attr, subject_key, expiration, res);
793
794 GNUNET_free_non_null (ego_name);
795 ego_name = NULL;
796
797 GNUNET_SCHEDULER_shutdown ();
798}
336 799
337/** 800/**
338 * Main function that will be run. 801 * Main function that will be run.
@@ -348,21 +811,102 @@ run (void *cls,
348 const char *cfgfile, 811 const char *cfgfile,
349 const struct GNUNET_CONFIGURATION_Handle *c) 812 const struct GNUNET_CONFIGURATION_Handle *c)
350{ 813{
351 cfg = c;
352 814
815 cfg = c;
353 816
354 tt = GNUNET_SCHEDULER_add_delayed (timeout, 817 tt = GNUNET_SCHEDULER_add_delayed (timeout,
355 &do_timeout, NULL); 818 &do_timeout, NULL);
356 GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL); 819 GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL);
357 820
358 if (GNUNET_YES == collect) 821 if (GNUNET_YES == create_is) {
359 { 822 fprintf(stderr, "Starting to create issuer side...\n");
823
824 if (NULL == ego_name) {
825 fprintf (stderr, "ego required\n");
826 GNUNET_SCHEDULER_shutdown ();
827 return;
828 }
829
830 type = GNUNET_GNSRECORD_TYPE_ATTRIBUTE;
831 //TODO: Store normally (at issuer, for backward search)
832 // stuff from gnunet-namestore.c of namestore folder
833 fprintf (stderr, "Start: Store issuer side\n");
834 el = GNUNET_IDENTITY_ego_lookup (cfg,
835 ego_name,
836 &store_cb,
837 (void *) cfg);
838 return;
839 }
840
841 if (GNUNET_YES == create_ss) {
842 fprintf(stderr, "Starting to create subject side...\n");
843 // check if "credential"/signed parameter filled
844 if (NULL == extension) {
845 fprintf (stderr, "'extension' required\n");
846 GNUNET_SCHEDULER_shutdown ();
847 return;
848 }
849
850 // parses all the passed parameters
851 parse_cmdl_param(extension);
852
853 fprintf (stderr,"List of parsed attributes:\n");
854 fprintf (stderr,"Ego: %s\n", ego_name);
855 fprintf (stderr,"Attribute: %s\n", issuer_attr);
856 fprintf (stderr,"Subject: %s\n", subject_key);
857 fprintf (stderr,"ttl: %s\n", expiration);
858 fprintf (stderr,"Extension: %s\n", extension);
859
860 //TODO: subject key does not have to be returned, extension replaces it
861 //TODO: use own delegation type, implement string_to_value and value_to_string methods of plugin
862 //type = GNUNET_GNSRECORD_TYPE_DELEGATE;
863 type = GNUNET_GNSRECORD_TYPE_CREDENTIAL;
864 subject_key = extension;
865 fprintf (stderr, "Start: Store subject side\n");
866 el = GNUNET_IDENTITY_ego_lookup (cfg,
867 ego_name,
868 &store_cb,
869 (void *) cfg);
870
871 return;
872 }
873
874 if (GNUNET_YES == sign_ss) {
875 fprintf(stderr, "Starting to sign subject side...\n");
876
877 if (NULL == ego_name) {
878 fprintf (stderr, "ego required\n");
879 GNUNET_SCHEDULER_shutdown ();
880 return;
881 }
882
883 if (NULL == subject_key)
884 {
885 fprintf (stderr, "Subject public key needed\n");
886 GNUNET_SCHEDULER_shutdown ();
887 return;
888
889 }
890
891 //TODO: Sign like credential and return to store subject side
892 //TODO: Return everything as an input for the add
893 //TODO: Idee: Gleich add machen, statt return und neues add
894 fprintf (stderr, "Start: Sign, return and subject side store\n");
895 el = GNUNET_IDENTITY_ego_lookup (cfg,
896 ego_name,
897 &sign_cb,
898 (void *) cfg);
899 return;
900 }
901
902 if (GNUNET_YES == collect) {
360 if (NULL == issuer_key) 903 if (NULL == issuer_key)
361 { 904 {
362 fprintf (stderr, 905 fprintf (stderr,
363 _ ("Issuer public key not well-formed\n")); 906 _("Issuer public key not well-formed\n"));
364 GNUNET_SCHEDULER_shutdown (); 907 GNUNET_SCHEDULER_shutdown ();
365 return; 908 return;
909
366 } 910 }
367 911
368 credential = GNUNET_CREDENTIAL_connect (cfg); 912 credential = GNUNET_CREDENTIAL_connect (cfg);
@@ -370,22 +914,21 @@ run (void *cls,
370 if (NULL == credential) 914 if (NULL == credential)
371 { 915 {
372 fprintf (stderr, 916 fprintf (stderr,
373 _ ("Failed to connect to CREDENTIAL\n")); 917 _("Failed to connect to CREDENTIAL\n"));
374 GNUNET_SCHEDULER_shutdown (); 918 GNUNET_SCHEDULER_shutdown ();
375 return; 919 return;
376 } 920 }
377 if (NULL == issuer_attr) 921 if (NULL == issuer_attr)
378 { 922 {
379 fprintf (stderr, 923 fprintf (stderr,
380 _ ("You must provide issuer the attribute\n")); 924 _("You must provide issuer the attribute\n"));
381 GNUNET_SCHEDULER_shutdown (); 925 GNUNET_SCHEDULER_shutdown ();
382 return; 926 return;
383 } 927 }
384 928
385 if (NULL == ego_name) 929 if (NULL == ego_name) {
386 {
387 fprintf (stderr, 930 fprintf (stderr,
388 _ ("ego required\n")); 931 _("ego required\n"));
389 GNUNET_SCHEDULER_shutdown (); 932 GNUNET_SCHEDULER_shutdown ();
390 return; 933 return;
391 } 934 }
@@ -394,14 +937,16 @@ run (void *cls,
394 &identity_cb, 937 &identity_cb,
395 (void *) cfg); 938 (void *) cfg);
396 return; 939 return;
397 } 940
941 }
398 942
399 if (NULL == subject_key) 943 if (NULL == subject_key)
400 { 944 {
401 fprintf (stderr, 945 fprintf (stderr,
402 _ ("Subject public key needed\n")); 946 _("Subject public key needed\n"));
403 GNUNET_SCHEDULER_shutdown (); 947 GNUNET_SCHEDULER_shutdown ();
404 return; 948 return;
949
405 } 950 }
406 if (GNUNET_OK != 951 if (GNUNET_OK !=
407 GNUNET_CRYPTO_ecdsa_public_key_from_string (subject_key, 952 GNUNET_CRYPTO_ecdsa_public_key_from_string (subject_key,
@@ -409,19 +954,20 @@ run (void *cls,
409 &subject_pkey)) 954 &subject_pkey))
410 { 955 {
411 fprintf (stderr, 956 fprintf (stderr,
412 _ ("Subject public key `%s' is not well-formed\n"), 957 _("Subject public key `%s' is not well-formed\n"),
413 subject_key); 958 subject_key);
414 GNUNET_SCHEDULER_shutdown (); 959 GNUNET_SCHEDULER_shutdown ();
415 return; 960 return;
416 } 961 }
417 if (GNUNET_YES == verify) 962
418 { 963 if (GNUNET_YES == verify) {
419 if (NULL == issuer_key) 964 if (NULL == issuer_key)
420 { 965 {
421 fprintf (stderr, 966 fprintf (stderr,
422 _ ("Issuer public key not well-formed\n")); 967 _("Issuer public key not well-formed\n"));
423 GNUNET_SCHEDULER_shutdown (); 968 GNUNET_SCHEDULER_shutdown ();
424 return; 969 return;
970
425 } 971 }
426 if (GNUNET_OK != 972 if (GNUNET_OK !=
427 GNUNET_CRYPTO_ecdsa_public_key_from_string (issuer_key, 973 GNUNET_CRYPTO_ecdsa_public_key_from_string (issuer_key,
@@ -429,7 +975,7 @@ run (void *cls,
429 &issuer_pkey)) 975 &issuer_pkey))
430 { 976 {
431 fprintf (stderr, 977 fprintf (stderr,
432 _ ("Issuer public key `%s' is not well-formed\n"), 978 _("Issuer public key `%s' is not well-formed\n"),
433 issuer_key); 979 issuer_key);
434 GNUNET_SCHEDULER_shutdown (); 980 GNUNET_SCHEDULER_shutdown ();
435 return; 981 return;
@@ -439,19 +985,19 @@ run (void *cls,
439 if (NULL == credential) 985 if (NULL == credential)
440 { 986 {
441 fprintf (stderr, 987 fprintf (stderr,
442 _ ("Failed to connect to CREDENTIAL\n")); 988 _("Failed to connect to CREDENTIAL\n"));
443 GNUNET_SCHEDULER_shutdown (); 989 GNUNET_SCHEDULER_shutdown ();
444 return; 990 return;
445 } 991 }
446 if ((NULL == issuer_attr) ||(NULL == subject_credential) ) 992 if (NULL == issuer_attr || NULL == subject_credential)
447 { 993 {
448 fprintf (stderr, 994 fprintf (stderr,
449 _ ("You must provide issuer and subject attributes\n")); 995 _("You must provide issuer and subject attributes\n"));
450 GNUNET_SCHEDULER_shutdown (); 996 GNUNET_SCHEDULER_shutdown ();
451 return; 997 return;
452 } 998 }
453 999
454 // Subject credentials are comma separated 1000 //Subject credentials are comma separated
455 char *tmp = GNUNET_strdup (subject_credential); 1001 char *tmp = GNUNET_strdup (subject_credential);
456 char *tok = strtok (tmp, ","); 1002 char *tok = strtok (tmp, ",");
457 if (NULL == tok) 1003 if (NULL == tok)
@@ -464,60 +1010,58 @@ run (void *cls,
464 } 1010 }
465 int count = 1; 1011 int count = 1;
466 int i; 1012 int i;
467 while (NULL != (tok = strtok (NULL, ","))) 1013 while (NULL != (tok = strtok(NULL, ",")))
468 count++; 1014 count++;
469 struct GNUNET_CREDENTIAL_Credential credentials[count]; 1015 struct GNUNET_CREDENTIAL_Credential credentials[count];
470 struct GNUNET_CREDENTIAL_Credential *cred; 1016 struct GNUNET_CREDENTIAL_Credential *cred;
471 GNUNET_free (tmp); 1017 GNUNET_free (tmp);
472 tmp = GNUNET_strdup (subject_credential); 1018 tmp = GNUNET_strdup (subject_credential);
473 tok = strtok (tmp, ","); 1019 tok = strtok (tmp, ",");
474 for (i = 0; i < count; i++) 1020 for (i=0;i<count;i++)
475 { 1021 {
476 cred = GNUNET_CREDENTIAL_credential_from_string (tok); 1022 cred = GNUNET_CREDENTIAL_credential_from_string (tok);
477 GNUNET_memcpy (&credentials[i], 1023 GNUNET_memcpy (&credentials[i],
478 cred, 1024 cred,
479 sizeof(struct GNUNET_CREDENTIAL_Credential)); 1025 sizeof (struct GNUNET_CREDENTIAL_Credential));
480 credentials[i].issuer_attribute = GNUNET_strdup (cred->issuer_attribute); 1026 credentials[i].issuer_attribute = GNUNET_strdup (cred->issuer_attribute);
481 tok = strtok (NULL, ","); 1027 tok = strtok(NULL, ",");
482 GNUNET_free (cred); 1028 GNUNET_free (cred);
483 } 1029 }
484 1030
485 verify_request = GNUNET_CREDENTIAL_verify (credential, 1031 verify_request = GNUNET_CREDENTIAL_verify(credential,
486 &issuer_pkey, 1032 &issuer_pkey,
487 issuer_attr, // TODO argument 1033 issuer_attr, //TODO argument
488 &subject_pkey, 1034 &subject_pkey,
489 count, 1035 count,
490 credentials, 1036 credentials,
491 &handle_verify_result, 1037 &handle_verify_result,
492 NULL); 1038 NULL);
493 for (i = 0; i < count; i++) 1039 for (i=0;i<count;i++)
494 { 1040 {
495 GNUNET_free ((char*) credentials[i].issuer_attribute); 1041 GNUNET_free ((char*)credentials[i].issuer_attribute);
496 } 1042 }
497 GNUNET_free (tmp); 1043 GNUNET_free (tmp);
498 } 1044 } else if (GNUNET_YES == create_cred) {
499 else if (GNUNET_YES == create_cred)
500 {
501 if (NULL == ego_name) 1045 if (NULL == ego_name)
502 { 1046 {
503 fprintf (stderr, 1047 fprintf (stderr,
504 _ ("Issuer ego required\n")); 1048 _("Issuer ego required\n"));
505 GNUNET_SCHEDULER_shutdown (); 1049 GNUNET_SCHEDULER_shutdown ();
506 return; 1050 return;
1051
507 } 1052 }
508 el = GNUNET_IDENTITY_ego_lookup (cfg, 1053 el = GNUNET_IDENTITY_ego_lookup (cfg,
509 ego_name, 1054 ego_name,
510 &identity_cb, 1055 &identity_cb,
511 (void *) cfg); 1056 (void *) cfg);
1057
512 return; 1058 return;
513 } 1059 } else {
514 else
515 {
516 fprintf (stderr, 1060 fprintf (stderr,
517 _ ( 1061 _("Please specify name to lookup, subject key and issuer key!\n"));
518 "Please specify name to lookup, subject key and issuer key!\n"));
519 GNUNET_SCHEDULER_shutdown (); 1062 GNUNET_SCHEDULER_shutdown ();
520 } 1063 }
1064 fprintf (stderr, "In the end it doesnt even shutdown\n");
521 return; 1065 return;
522} 1066}
523 1067
@@ -539,26 +1083,22 @@ main (int argc, char *const *argv)
539 &create_cred), 1083 &create_cred),
540 GNUNET_GETOPT_option_flag ('V', 1084 GNUNET_GETOPT_option_flag ('V',
541 "verify", 1085 "verify",
542 gettext_noop ( 1086 gettext_noop ("verify credential against attribute"),
543 "verify credential against attribute"),
544 &verify), 1087 &verify),
545 GNUNET_GETOPT_option_string ('s', 1088 GNUNET_GETOPT_option_string ('s',
546 "subject", 1089 "subject",
547 "PKEY", 1090 "PKEY",
548 gettext_noop ( 1091 gettext_noop ("The public key of the subject to lookup the credential for"),
549 "The public key of the subject to lookup the credential for"),
550 &subject_key), 1092 &subject_key),
551 GNUNET_GETOPT_option_string ('b', 1093 GNUNET_GETOPT_option_string ('b',
552 "credential", 1094 "credential",
553 "CRED", 1095 "CRED",
554 gettext_noop ( 1096 gettext_noop ("The name of the credential presented by the subject"),
555 "The name of the credential presented by the subject"),
556 &subject_credential), 1097 &subject_credential),
557 GNUNET_GETOPT_option_string ('i', 1098 GNUNET_GETOPT_option_string ('i',
558 "issuer", 1099 "issuer",
559 "PKEY", 1100 "PKEY",
560 gettext_noop ( 1101 gettext_noop ("The public key of the authority to verify the credential against"),
561 "The public key of the authority to verify the credential against"),
562 &issuer_key), 1102 &issuer_key),
563 GNUNET_GETOPT_option_string ('e', 1103 GNUNET_GETOPT_option_string ('e',
564 "ego", 1104 "ego",
@@ -568,19 +1108,39 @@ main (int argc, char *const *argv)
568 GNUNET_GETOPT_option_string ('a', 1108 GNUNET_GETOPT_option_string ('a',
569 "attribute", 1109 "attribute",
570 "ATTR", 1110 "ATTR",
571 gettext_noop ( 1111 gettext_noop ("The issuer attribute to verify against or to issue"),
572 "The issuer attribute to verify against or to issue"),
573 &issuer_attr), 1112 &issuer_attr),
574 GNUNET_GETOPT_option_string ('T', 1113 GNUNET_GETOPT_option_string ('T',
575 "ttl", 1114 "ttl",
576 "EXP", 1115 "EXP",
577 gettext_noop ( 1116 gettext_noop ("The time to live for the credential"),
578 "The time to live for the credential"),
579 &expiration), 1117 &expiration),
580 GNUNET_GETOPT_option_flag ('g', 1118 GNUNET_GETOPT_option_flag ('g',
581 "collect", 1119 "collect",
582 gettext_noop ("collect credentials"), 1120 gettext_noop ("collect credentials"),
583 &collect), 1121 &collect),
1122
1123 GNUNET_GETOPT_option_flag ('U',
1124 "createIssuerSide",
1125 gettext_noop ("TODO: rename create to --issue, Create and issue a credential issuer side."),
1126 &create_is),
1127 GNUNET_GETOPT_option_flag ('C',
1128 "createSubjectSide",
1129 gettext_noop ("Issue a credential subject side."),
1130 &create_ss),
1131 GNUNET_GETOPT_option_flag ('S',
1132 "signSubjectSide",
1133 gettext_noop ("Create, sign and return a credential subject side."),
1134 &sign_ss),
1135 GNUNET_GETOPT_option_flag ('A',
1136 "add",
1137 gettext_noop ("Add credential to the namestore of an ego"),
1138 &add_iss),
1139 GNUNET_GETOPT_option_string ('x',
1140 "extension",
1141 "EXT",
1142 gettext_noop ("Signed issue credentials"),
1143 &extension),
584 GNUNET_GETOPT_OPTION_END 1144 GNUNET_GETOPT_OPTION_END
585 }; 1145 };
586 int ret; 1146 int ret;
@@ -593,7 +1153,7 @@ main (int argc, char *const *argv)
593 ret = 1153 ret =
594 (GNUNET_OK == 1154 (GNUNET_OK ==
595 GNUNET_PROGRAM_run (argc, argv, "gnunet-credential", 1155 GNUNET_PROGRAM_run (argc, argv, "gnunet-credential",
596 _ ("GNUnet credential resolver tool"), 1156 _("GNUnet credential resolver tool"),
597 options, 1157 options,
598 &run, NULL)) ? 0 : 1; 1158 &run, NULL)) ? 0 : 1;
599 GNUNET_free ((void*) argv); 1159 GNUNET_free ((void*) argv);
diff --git a/src/credential/gnunet-service-credential.c b/src/credential/gnunet-service-credential.c
index f4a96014f..a3c066444 100644
--- a/src/credential/gnunet-service-credential.c
+++ b/src/credential/gnunet-service-credential.c
@@ -16,7 +16,7 @@
16 along with this program. If not, see <http://www.gnu.org/licenses/>. 16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17 17
18 SPDX-License-Identifier: AGPL3.0-or-later 18 SPDX-License-Identifier: AGPL3.0-or-later
19 */ 19*/
20/** 20/**
21 * @file credential/gnunet-service-credential.c 21 * @file credential/gnunet-service-credential.c
22 * @brief GNUnet Credential Service (main service) 22 * @brief GNUnet Credential Service (main service)
@@ -225,6 +225,7 @@ struct DelegationSetQueueEntry
225 */ 225 */
226struct VerifyRequestHandle 226struct VerifyRequestHandle
227{ 227{
228
228 /** 229 /**
229 * We keep these in a DLL. 230 * We keep these in a DLL.
230 */ 231 */
@@ -358,14 +359,12 @@ cleanup_delegation_set (struct DelegationSetQueueEntry *ds_entry)
358 return; 359 return;
359 360
360 for (dq_entry = ds_entry->queue_entries_head; NULL != dq_entry; 361 for (dq_entry = ds_entry->queue_entries_head; NULL != dq_entry;
361 dq_entry = ds_entry->queue_entries_head) 362 dq_entry = ds_entry->queue_entries_head) {
362 {
363 GNUNET_CONTAINER_DLL_remove (ds_entry->queue_entries_head, 363 GNUNET_CONTAINER_DLL_remove (ds_entry->queue_entries_head,
364 ds_entry->queue_entries_tail, 364 ds_entry->queue_entries_tail,
365 dq_entry); 365 dq_entry);
366 for (child = dq_entry->set_entries_head; NULL != child; 366 for (child = dq_entry->set_entries_head; NULL != child;
367 child = dq_entry->set_entries_head) 367 child = dq_entry->set_entries_head) {
368 {
369 GNUNET_CONTAINER_DLL_remove (dq_entry->set_entries_head, 368 GNUNET_CONTAINER_DLL_remove (dq_entry->set_entries_head,
370 dq_entry->set_entries_tail, 369 dq_entry->set_entries_tail,
371 child); 370 child);
@@ -378,13 +377,11 @@ cleanup_delegation_set (struct DelegationSetQueueEntry *ds_entry)
378 GNUNET_free_non_null (ds_entry->issuer_attribute); 377 GNUNET_free_non_null (ds_entry->issuer_attribute);
379 GNUNET_free_non_null (ds_entry->unresolved_attribute_delegation); 378 GNUNET_free_non_null (ds_entry->unresolved_attribute_delegation);
380 GNUNET_free_non_null (ds_entry->attr_trailer); 379 GNUNET_free_non_null (ds_entry->attr_trailer);
381 if (NULL != ds_entry->lookup_request) 380 if (NULL != ds_entry->lookup_request) {
382 {
383 GNUNET_GNS_lookup_cancel (ds_entry->lookup_request); 381 GNUNET_GNS_lookup_cancel (ds_entry->lookup_request);
384 ds_entry->lookup_request = NULL; 382 ds_entry->lookup_request = NULL;
385 } 383 }
386 if (NULL != ds_entry->delegation_chain_entry) 384 if (NULL != ds_entry->delegation_chain_entry) {
387 {
388 GNUNET_free_non_null (ds_entry->delegation_chain_entry->subject_attribute); 385 GNUNET_free_non_null (ds_entry->delegation_chain_entry->subject_attribute);
389 GNUNET_free_non_null (ds_entry->delegation_chain_entry->issuer_attribute); 386 GNUNET_free_non_null (ds_entry->delegation_chain_entry->issuer_attribute);
390 GNUNET_free (ds_entry->delegation_chain_entry); 387 GNUNET_free (ds_entry->delegation_chain_entry);
@@ -396,18 +393,15 @@ static void
396cleanup_handle (struct VerifyRequestHandle *vrh) 393cleanup_handle (struct VerifyRequestHandle *vrh)
397{ 394{
398 struct CredentialRecordEntry *cr_entry; 395 struct CredentialRecordEntry *cr_entry;
399
400 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Cleaning up...\n"); 396 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Cleaning up...\n");
401 if (NULL != vrh->lookup_request) 397 if (NULL != vrh->lookup_request) {
402 {
403 GNUNET_GNS_lookup_cancel (vrh->lookup_request); 398 GNUNET_GNS_lookup_cancel (vrh->lookup_request);
404 vrh->lookup_request = NULL; 399 vrh->lookup_request = NULL;
405 } 400 }
406 cleanup_delegation_set (vrh->root_set); 401 cleanup_delegation_set (vrh->root_set);
407 GNUNET_free_non_null (vrh->issuer_attribute); 402 GNUNET_free_non_null (vrh->issuer_attribute);
408 for (cr_entry = vrh->cred_chain_head; NULL != vrh->cred_chain_head; 403 for (cr_entry = vrh->cred_chain_head; NULL != vrh->cred_chain_head;
409 cr_entry = vrh->cred_chain_head) 404 cr_entry = vrh->cred_chain_head) {
410 {
411 GNUNET_CONTAINER_DLL_remove (vrh->cred_chain_head, 405 GNUNET_CONTAINER_DLL_remove (vrh->cred_chain_head,
412 vrh->cred_chain_tail, 406 vrh->cred_chain_tail,
413 cr_entry); 407 cr_entry);
@@ -424,25 +418,21 @@ shutdown_task (void *cls)
424 418
425 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Shutting down!\n"); 419 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Shutting down!\n");
426 420
427 while (NULL != (vrh = vrh_head)) 421 while (NULL != (vrh = vrh_head)) {
428 {
429 // CREDENTIAL_resolver_lookup_cancel (clh->lookup); 422 // CREDENTIAL_resolver_lookup_cancel (clh->lookup);
430 GNUNET_CONTAINER_DLL_remove (vrh_head, vrh_tail, vrh); 423 GNUNET_CONTAINER_DLL_remove (vrh_head, vrh_tail, vrh);
431 cleanup_handle (vrh); 424 cleanup_handle (vrh);
432 } 425 }
433 426
434 if (NULL != gns) 427 if (NULL != gns) {
435 {
436 GNUNET_GNS_disconnect (gns); 428 GNUNET_GNS_disconnect (gns);
437 gns = NULL; 429 gns = NULL;
438 } 430 }
439 if (NULL != namestore) 431 if (NULL != namestore) {
440 {
441 GNUNET_NAMESTORE_disconnect (namestore); 432 GNUNET_NAMESTORE_disconnect (namestore);
442 namestore = NULL; 433 namestore = NULL;
443 } 434 }
444 if (NULL != statistics) 435 if (NULL != statistics) {
445 {
446 GNUNET_STATISTICS_destroy (statistics, GNUNET_NO); 436 GNUNET_STATISTICS_destroy (statistics, GNUNET_NO);
447 statistics = NULL; 437 statistics = NULL;
448 } 438 }
@@ -463,16 +453,14 @@ send_lookup_response (struct VerifyRequestHandle *vrh)
463 453
464 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Sending response\n"); 454 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Sending response\n");
465 dce = vrh->delegation_chain_head; 455 dce = vrh->delegation_chain_head;
466 for (uint32_t i = 0; i < vrh->delegation_chain_size; i++) 456 for (uint32_t i = 0; i < vrh->delegation_chain_size; i++) {
467 {
468 dd[i].issuer_key = dce->issuer_key; 457 dd[i].issuer_key = dce->issuer_key;
469 dd[i].subject_key = dce->subject_key; 458 dd[i].subject_key = dce->subject_key;
470 dd[i].issuer_attribute = dce->issuer_attribute; 459 dd[i].issuer_attribute = dce->issuer_attribute;
471 dd[i].issuer_attribute_len = strlen (dce->issuer_attribute) + 1; 460 dd[i].issuer_attribute_len = strlen (dce->issuer_attribute) + 1;
472 dd[i].subject_attribute_len = 0; 461 dd[i].subject_attribute_len = 0;
473 dd[i].subject_attribute = NULL; 462 dd[i].subject_attribute = NULL;
474 if (NULL != dce->subject_attribute) 463 if (NULL != dce->subject_attribute) {
475 {
476 dd[i].subject_attribute = dce->subject_attribute; 464 dd[i].subject_attribute = dce->subject_attribute;
477 dd[i].subject_attribute_len = strlen (dce->subject_attribute) + 1; 465 dd[i].subject_attribute_len = strlen (dce->subject_attribute) + 1;
478 } 466 }
@@ -482,10 +470,8 @@ send_lookup_response (struct VerifyRequestHandle *vrh)
482 /** 470 /**
483 * Remove all credentials not needed 471 * Remove all credentials not needed
484 */ 472 */
485 for (cd = vrh->cred_chain_head; NULL != cd;) 473 for (cd = vrh->cred_chain_head; NULL != cd;) {
486 { 474 if (cd->refcount > 0) {
487 if (cd->refcount > 0)
488 {
489 cd = cd->next; 475 cd = cd->next;
490 continue; 476 continue;
491 } 477 }
@@ -504,8 +490,7 @@ send_lookup_response (struct VerifyRequestHandle *vrh)
504 * Append at the end of rmsg 490 * Append at the end of rmsg
505 */ 491 */
506 cd = vrh->cred_chain_head; 492 cd = vrh->cred_chain_head;
507 for (uint32_t i = 0; i < vrh->cred_chain_size; i++) 493 for (uint32_t i = 0; i < vrh->cred_chain_size; i++) {
508 {
509 cred[i].issuer_key = cd->credential->issuer_key; 494 cred[i].issuer_key = cd->credential->issuer_key;
510 cred[i].subject_key = cd->credential->subject_key; 495 cred[i].subject_key = cd->credential->subject_key;
511 cred[i].issuer_attribute_len 496 cred[i].issuer_attribute_len
@@ -540,7 +525,7 @@ send_lookup_response (struct VerifyRequestHandle *vrh)
540 vrh->cred_chain_size, 525 vrh->cred_chain_size,
541 cred, 526 cred,
542 size, 527 size,
543 (char *) &rmsg[1])); 528 (char *)&rmsg[1]));
544 529
545 GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq (vrh->client), env); 530 GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq (vrh->client), env);
546 GNUNET_CONTAINER_DLL_remove (vrh_head, vrh_tail, vrh); 531 GNUNET_CONTAINER_DLL_remove (vrh_head, vrh_tail, vrh);
@@ -552,6 +537,13 @@ send_lookup_response (struct VerifyRequestHandle *vrh)
552 GNUNET_NO); 537 GNUNET_NO);
553} 538}
554 539
540static void
541test_resolution (void *cls,
542 uint32_t rd_count,
543 const struct GNUNET_GNSRECORD_Data *rd)
544{
545 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Yo, im Test und so\n");
546}
555 547
556static void 548static void
557backward_resolution (void *cls, 549backward_resolution (void *cls,
@@ -568,16 +560,17 @@ backward_resolution (void *cls,
568 char *expanded_attr; 560 char *expanded_attr;
569 char *lookup_attribute; 561 char *lookup_attribute;
570 562
571
572 current_set = cls; 563 current_set = cls;
573 current_set->lookup_request = NULL; 564 current_set->lookup_request = NULL;
574 vrh = current_set->handle; 565 vrh = current_set->handle;
575 vrh->pending_lookups--; 566 vrh->pending_lookups--;
576 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Got %d attrs\n", rd_count); 567 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Got %d attrs\n", rd_count);
577 568
569 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "# Issuer Att %s\n", current_set->issuer_attribute);
570 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "# Lookup Att %s\n", current_set->lookup_attribute);
571
578 // Each OR 572 // Each OR
579 for (uint32_t i = 0; i < rd_count; i++) 573 for (uint32_t i = 0; i < rd_count; i++) {
580 {
581 if (GNUNET_GNSRECORD_TYPE_ATTRIBUTE != rd[i].record_type) 574 if (GNUNET_GNSRECORD_TYPE_ATTRIBUTE != rd[i].record_type)
582 continue; 575 continue;
583 576
@@ -591,31 +584,29 @@ backward_resolution (void *cls,
591 if (GNUNET_OK 584 if (GNUNET_OK
592 != GNUNET_CREDENTIAL_delegation_set_deserialize ( 585 != GNUNET_CREDENTIAL_delegation_set_deserialize (
593 GNUNET_ntohll (sets->data_size), 586 GNUNET_ntohll (sets->data_size),
594 (const char *) &sets[1], 587 (const char *)&sets[1],
595 ntohl (sets->set_count), 588 ntohl (sets->set_count),
596 set)) 589 set)) {
597 {
598 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to deserialize!\n"); 590 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to deserialize!\n");
599 continue; 591 continue;
600 } 592 }
601 dq_entry = GNUNET_new (struct DelegationQueueEntry); 593 dq_entry = GNUNET_new (struct DelegationQueueEntry);
602 dq_entry->required_solutions = ntohl (sets->set_count); 594 dq_entry->required_solutions = ntohl (sets->set_count);
603 dq_entry->parent_set = current_set; 595 dq_entry->parent_set = current_set;
596
597 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "# New OR entry into queue\n");
598
604 GNUNET_CONTAINER_DLL_insert (current_set->queue_entries_head, 599 GNUNET_CONTAINER_DLL_insert (current_set->queue_entries_head,
605 current_set->queue_entries_tail, 600 current_set->queue_entries_tail,
606 dq_entry); 601 dq_entry);
607 // Each AND 602 // Each AND
608 for (uint32_t j = 0; j < ntohl (sets->set_count); j++) 603 for (uint32_t j = 0; j < ntohl (sets->set_count); j++) {
609 {
610 ds_entry = GNUNET_new (struct DelegationSetQueueEntry); 604 ds_entry = GNUNET_new (struct DelegationSetQueueEntry);
611 if (NULL != current_set->attr_trailer) 605 if (NULL != current_set->attr_trailer) {
612 { 606 if (0 == set[j].subject_attribute_len) {
613 if (0 == set[j].subject_attribute_len)
614 {
615 GNUNET_asprintf (&expanded_attr, "%s", current_set->attr_trailer); 607 GNUNET_asprintf (&expanded_attr, "%s", current_set->attr_trailer);
616 } 608
617 else 609 } else {
618 {
619 GNUNET_asprintf (&expanded_attr, 610 GNUNET_asprintf (&expanded_attr,
620 "%s.%s", 611 "%s.%s",
621 set[j].subject_attribute, 612 set[j].subject_attribute,
@@ -623,11 +614,8 @@ backward_resolution (void *cls,
623 } 614 }
624 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Expanded to %s\n", expanded_attr); 615 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Expanded to %s\n", expanded_attr);
625 ds_entry->unresolved_attribute_delegation = expanded_attr; 616 ds_entry->unresolved_attribute_delegation = expanded_attr;
626 } 617 } else {
627 else 618 if (0 != set[j].subject_attribute_len) {
628 {
629 if (0 != set[j].subject_attribute_len)
630 {
631 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 619 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
632 "Not Expanding %s\n", 620 "Not Expanding %s\n",
633 set[j].subject_attribute); 621 set[j].subject_attribute);
@@ -643,7 +631,7 @@ backward_resolution (void *cls,
643 ds_entry->issuer_key = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPublicKey); 631 ds_entry->issuer_key = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPublicKey);
644 GNUNET_memcpy (ds_entry->issuer_key, 632 GNUNET_memcpy (ds_entry->issuer_key,
645 &set[j].subject_key, 633 &set[j].subject_key,
646 sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)); 634 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
647 if (0 < set[j].subject_attribute_len) 635 if (0 < set[j].subject_attribute_len)
648 ds_entry->delegation_chain_entry->subject_attribute 636 ds_entry->delegation_chain_entry->subject_attribute
649 = GNUNET_strdup (set[j].subject_attribute); 637 = GNUNET_strdup (set[j].subject_attribute);
@@ -651,7 +639,12 @@ backward_resolution (void *cls,
651 ds_entry->delegation_chain_entry->issuer_attribute 639 ds_entry->delegation_chain_entry->issuer_attribute
652 = GNUNET_strdup (current_set->lookup_attribute); 640 = GNUNET_strdup (current_set->lookup_attribute);
653 641
654 ds_entry->parent_queue_entry = dq_entry; // current_delegation; 642 ds_entry->parent_queue_entry = dq_entry; // current_delegation;
643
644 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "# New AND DS entry into DQ queue\n");
645 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "# DS entry Issuer ATT %s\n", ds_entry->delegation_chain_entry->issuer_attribute);
646 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "# DS entry Subject ATT %s\n", ds_entry->delegation_chain_entry->subject_attribute);
647
655 GNUNET_CONTAINER_DLL_insert (dq_entry->set_entries_head, 648 GNUNET_CONTAINER_DLL_insert (dq_entry->set_entries_head,
656 dq_entry->set_entries_tail, 649 dq_entry->set_entries_tail,
657 ds_entry); 650 ds_entry);
@@ -661,11 +654,12 @@ backward_resolution (void *cls,
661 * Check if this delegation already matches one of our credentials 654 * Check if this delegation already matches one of our credentials
662 */ 655 */
663 for (cred_pointer = vrh->cred_chain_head; cred_pointer != NULL; 656 for (cred_pointer = vrh->cred_chain_head; cred_pointer != NULL;
664 cred_pointer = cred_pointer->next) 657 cred_pointer = cred_pointer->next) {
665 { 658 // If key and attribute match credential continue and backtrack
666 if (0 659 if (0
667 != GNUNET_memcmp (&set->subject_key, 660 != memcmp (&set->subject_key,
668 &cred_pointer->credential->issuer_key)) 661 &cred_pointer->credential->issuer_key,
662 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
669 continue; 663 continue;
670 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 664 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
671 "Checking if %s matches %s\n", 665 "Checking if %s matches %s\n",
@@ -681,11 +675,10 @@ backward_resolution (void *cls,
681 cred_pointer->refcount++; 675 cred_pointer->refcount++;
682 // Backtrack 676 // Backtrack
683 for (tmp_set = ds_entry; NULL != tmp_set->parent_queue_entry; 677 for (tmp_set = ds_entry; NULL != tmp_set->parent_queue_entry;
684 tmp_set = tmp_set->parent_queue_entry->parent_set) 678 tmp_set = tmp_set->parent_queue_entry->parent_set) {
685 { 679 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "# %s\n", tmp_set->unresolved_attribute_delegation);
686 tmp_set->parent_queue_entry->required_solutions--; 680 tmp_set->parent_queue_entry->required_solutions--;
687 if (NULL != tmp_set->delegation_chain_entry) 681 if (NULL != tmp_set->delegation_chain_entry) {
688 {
689 vrh->delegation_chain_size++; 682 vrh->delegation_chain_size++;
690 GNUNET_CONTAINER_DLL_insert (vrh->delegation_chain_head, 683 GNUNET_CONTAINER_DLL_insert (vrh->delegation_chain_head,
691 vrh->delegation_chain_tail, 684 vrh->delegation_chain_tail,
@@ -695,8 +688,7 @@ backward_resolution (void *cls,
695 break; 688 break;
696 } 689 }
697 690
698 if (NULL == tmp_set->parent_queue_entry) 691 if (NULL == tmp_set->parent_queue_entry) {
699 {
700 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "All solutions found\n"); 692 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "All solutions found\n");
701 // Found match 693 // Found match
702 send_lookup_response (vrh); 694 send_lookup_response (vrh);
@@ -713,9 +705,9 @@ backward_resolution (void *cls,
713 issuer_attribute_name[strlen (ds_entry->unresolved_attribute_delegation) 705 issuer_attribute_name[strlen (ds_entry->unresolved_attribute_delegation)
714 + 1]; 706 + 1];
715 strcpy (issuer_attribute_name, ds_entry->unresolved_attribute_delegation); 707 strcpy (issuer_attribute_name, ds_entry->unresolved_attribute_delegation);
708 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "# Issuer Att Name: %s\n", issuer_attribute_name);
716 char *next_attr = strtok (issuer_attribute_name, "."); 709 char *next_attr = strtok (issuer_attribute_name, ".");
717 if (NULL == next_attr) 710 if (NULL == next_attr) {
718 {
719 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 711 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
720 "Failed to parse next attribute\n"); 712 "Failed to parse next attribute\n");
721 continue; 713 continue;
@@ -723,12 +715,9 @@ backward_resolution (void *cls,
723 GNUNET_asprintf (&lookup_attribute, "%s", next_attr); 715 GNUNET_asprintf (&lookup_attribute, "%s", next_attr);
724 GNUNET_asprintf (&ds_entry->lookup_attribute, "%s", next_attr); 716 GNUNET_asprintf (&ds_entry->lookup_attribute, "%s", next_attr);
725 if (strlen (next_attr) 717 if (strlen (next_attr)
726 == strlen (ds_entry->unresolved_attribute_delegation)) 718 == strlen (ds_entry->unresolved_attribute_delegation)) {
727 {
728 ds_entry->attr_trailer = NULL; 719 ds_entry->attr_trailer = NULL;
729 } 720 } else {
730 else
731 {
732 next_attr += strlen (next_attr) + 1; 721 next_attr += strlen (next_attr) + 1;
733 ds_entry->attr_trailer = GNUNET_strdup (next_attr); 722 ds_entry->attr_trailer = GNUNET_strdup (next_attr);
734 } 723 }
@@ -746,17 +735,24 @@ backward_resolution (void *cls,
746 ds_entry->lookup_request 735 ds_entry->lookup_request
747 = GNUNET_GNS_lookup (gns, 736 = GNUNET_GNS_lookup (gns,
748 lookup_attribute, 737 lookup_attribute,
749 ds_entry->issuer_key, // issuer_key, 738 ds_entry->issuer_key, // issuer_key,
750 GNUNET_GNSRECORD_TYPE_ATTRIBUTE, 739 GNUNET_GNSRECORD_TYPE_ATTRIBUTE,
751 GNUNET_GNS_LO_DEFAULT, 740 GNUNET_GNS_LO_DEFAULT,
752 &backward_resolution, 741 &backward_resolution,
753 ds_entry); 742 ds_entry);
743 /*GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Starting\n");
744 GNUNET_GNS_lookup (gns,
745 GNUNET_GNS_EMPTY_LABEL_AT,
746 ds_entry->issuer_key, // subject_key,
747 GNUNET_GNSRECORD_TYPE_DELEGATE,
748 GNUNET_GNS_LO_DEFAULT,
749 &test_resolution,
750 ds_entry);*/
754 GNUNET_free (lookup_attribute); 751 GNUNET_free (lookup_attribute);
755 } 752 }
756 } 753 }
757 754
758 if (0 == vrh->pending_lookups) 755 if (0 == vrh->pending_lookups) {
759 {
760 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "We are all out of attributes...\n"); 756 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "We are all out of attributes...\n");
761 send_lookup_response (vrh); 757 send_lookup_response (vrh);
762 return; 758 return;
@@ -775,22 +771,20 @@ delegation_chain_resolution_start (void *cls)
775 struct VerifyRequestHandle *vrh = cls; 771 struct VerifyRequestHandle *vrh = cls;
776 struct DelegationSetQueueEntry *ds_entry; 772 struct DelegationSetQueueEntry *ds_entry;
777 struct CredentialRecordEntry *cr_entry; 773 struct CredentialRecordEntry *cr_entry;
778
779 vrh->lookup_request = NULL; 774 vrh->lookup_request = NULL;
780 775
781 if (0 == vrh->cred_chain_size) 776 if (0 == vrh->cred_chain_size) {
782 {
783 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No credentials found\n"); 777 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No credentials found\n");
784 send_lookup_response (vrh); 778 send_lookup_response (vrh);
785 return; 779 return;
786 } 780 }
787 781
788 for (cr_entry = vrh->cred_chain_head; cr_entry != NULL; 782 for (cr_entry = vrh->cred_chain_head; cr_entry != NULL;
789 cr_entry = cr_entry->next) 783 cr_entry = cr_entry->next) {
790 {
791 if (0 784 if (0
792 != GNUNET_memcmp (&cr_entry->credential->issuer_key, 785 != memcmp (&cr_entry->credential->issuer_key,
793 &vrh->issuer_key)) 786 &vrh->issuer_key,
787 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
794 continue; 788 continue;
795 if (0 789 if (0
796 != strcmp (cr_entry->credential->issuer_attribute, 790 != strcmp (cr_entry->credential->issuer_attribute,
@@ -815,13 +809,15 @@ delegation_chain_resolution_start (void *cls)
815 ds_entry->issuer_key = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPublicKey); 809 ds_entry->issuer_key = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPublicKey);
816 GNUNET_memcpy (ds_entry->issuer_key, 810 GNUNET_memcpy (ds_entry->issuer_key,
817 &vrh->issuer_key, 811 &vrh->issuer_key,
818 sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)); 812 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
819 ds_entry->issuer_attribute = GNUNET_strdup (vrh->issuer_attribute); 813 ds_entry->issuer_attribute = GNUNET_strdup (vrh->issuer_attribute);
820 ds_entry->handle = vrh; 814 ds_entry->handle = vrh;
821 ds_entry->lookup_attribute = GNUNET_strdup (vrh->issuer_attribute); 815 ds_entry->lookup_attribute = GNUNET_strdup (vrh->issuer_attribute);
822 vrh->root_set = ds_entry; 816 vrh->root_set = ds_entry;
823 vrh->pending_lookups = 1; 817 vrh->pending_lookups = 1;
824 // Start with backward resolution 818 // Start with backward resolution
819 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "# Start Backward Resolution\n");
820
825 ds_entry->lookup_request = GNUNET_GNS_lookup (gns, 821 ds_entry->lookup_request = GNUNET_GNS_lookup (gns,
826 issuer_attribute_name, 822 issuer_attribute_name,
827 &vrh->issuer_key, // issuer_key, 823 &vrh->issuer_key, // issuer_key,
@@ -838,20 +834,17 @@ check_verify (void *cls, const struct VerifyMessage *v_msg)
838 const char *attr; 834 const char *attr;
839 835
840 msg_size = ntohs (v_msg->header.size); 836 msg_size = ntohs (v_msg->header.size);
841 if (msg_size < sizeof(struct VerifyMessage)) 837 if (msg_size < sizeof (struct VerifyMessage)) {
842 {
843 GNUNET_break (0); 838 GNUNET_break (0);
844 return GNUNET_SYSERR; 839 return GNUNET_SYSERR;
845 } 840 }
846 if (ntohs (v_msg->issuer_attribute_len) > GNUNET_CREDENTIAL_MAX_LENGTH) 841 if (ntohs (v_msg->issuer_attribute_len) > GNUNET_CREDENTIAL_MAX_LENGTH) {
847 {
848 GNUNET_break (0); 842 GNUNET_break (0);
849 return GNUNET_SYSERR; 843 return GNUNET_SYSERR;
850 } 844 }
851 attr = (const char *) &v_msg[1]; 845 attr = (const char *)&v_msg[1];
852 846
853 if (strlen (attr) > GNUNET_CREDENTIAL_MAX_LENGTH) 847 if (strlen (attr) > GNUNET_CREDENTIAL_MAX_LENGTH) {
854 {
855 GNUNET_break (0); 848 GNUNET_break (0);
856 return GNUNET_SYSERR; 849 return GNUNET_SYSERR;
857 } 850 }
@@ -873,7 +866,7 @@ handle_verify (void *cls, const struct VerifyMessage *v_msg)
873 const char *utf_in; 866 const char *utf_in;
874 867
875 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Received VERIFY message\n"); 868 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Received VERIFY message\n");
876 utf_in = (const char *) &v_msg[1]; 869 utf_in = (const char *)&v_msg[1];
877 GNUNET_STRINGS_utf8_tolower (utf_in, attrptr); 870 GNUNET_STRINGS_utf8_tolower (utf_in, attrptr);
878 GNUNET_memcpy (issuer_attribute, attr, ntohs (v_msg->issuer_attribute_len)); 871 GNUNET_memcpy (issuer_attribute, attr, ntohs (v_msg->issuer_attribute_len));
879 issuer_attribute[ntohs (v_msg->issuer_attribute_len)] = '\0'; 872 issuer_attribute[ntohs (v_msg->issuer_attribute_len)] = '\0';
@@ -885,8 +878,7 @@ handle_verify (void *cls, const struct VerifyMessage *v_msg)
885 vrh->subject_key = v_msg->subject_key; 878 vrh->subject_key = v_msg->subject_key;
886 vrh->issuer_attribute = GNUNET_strdup (issuer_attribute); 879 vrh->issuer_attribute = GNUNET_strdup (issuer_attribute);
887 GNUNET_SERVICE_client_continue (vrh->client); 880 GNUNET_SERVICE_client_continue (vrh->client);
888 if (0 == strlen (issuer_attribute)) 881 if (0 == strlen (issuer_attribute)) {
889 {
890 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No issuer attribute provided!\n"); 882 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No issuer attribute provided!\n");
891 send_lookup_response (vrh); 883 send_lookup_response (vrh);
892 return; 884 return;
@@ -897,40 +889,37 @@ handle_verify (void *cls, const struct VerifyMessage *v_msg)
897 */ 889 */
898 credentials_count = ntohl (v_msg->c_count); 890 credentials_count = ntohl (v_msg->c_count);
899 credential_data_size = ntohs (v_msg->header.size) 891 credential_data_size = ntohs (v_msg->header.size)
900 - sizeof(struct VerifyMessage) 892 - sizeof (struct VerifyMessage)
901 - ntohs (v_msg->issuer_attribute_len) - 1; 893 - ntohs (v_msg->issuer_attribute_len) - 1;
902 struct GNUNET_CREDENTIAL_Credential credentials[credentials_count]; 894 struct GNUNET_CREDENTIAL_Credential credentials[credentials_count];
903 memset (credentials, 895 memset (credentials,
904 0, 896 0,
905 sizeof(struct GNUNET_CREDENTIAL_Credential) * credentials_count); 897 sizeof (struct GNUNET_CREDENTIAL_Credential) * credentials_count);
906 credential_data = (char *) &v_msg[1] + ntohs (v_msg->issuer_attribute_len) 898 credential_data = (char *)&v_msg[1] + ntohs (v_msg->issuer_attribute_len) + 1;
907 + 1;
908 if (GNUNET_OK 899 if (GNUNET_OK
909 != GNUNET_CREDENTIAL_credentials_deserialize (credential_data_size, 900 != GNUNET_CREDENTIAL_credentials_deserialize (credential_data_size,
910 credential_data, 901 credential_data,
911 credentials_count, 902 credentials_count,
912 credentials)) 903 credentials)) {
913 {
914 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Cannot deserialize credentials!\n"); 904 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Cannot deserialize credentials!\n");
915 send_lookup_response (vrh); 905 send_lookup_response (vrh);
916 return; 906 return;
917 } 907 }
918 908
919 for (uint32_t i = 0; i < credentials_count; i++) 909 for (uint32_t i = 0; i < credentials_count; i++) {
920 {
921 cr_entry = GNUNET_new (struct CredentialRecordEntry); 910 cr_entry = GNUNET_new (struct CredentialRecordEntry);
922 cr_entry->credential 911 cr_entry->credential
923 = GNUNET_malloc (sizeof(struct GNUNET_CREDENTIAL_Credential) 912 = GNUNET_malloc (sizeof (struct GNUNET_CREDENTIAL_Credential)
924 + credentials[i].issuer_attribute_len + 1); 913 + credentials[i].issuer_attribute_len + 1);
925 GNUNET_memcpy (cr_entry->credential, 914 GNUNET_memcpy (cr_entry->credential,
926 &credentials[i], 915 &credentials[i],
927 sizeof(struct GNUNET_CREDENTIAL_Credential)); 916 sizeof (struct GNUNET_CREDENTIAL_Credential));
928 GNUNET_memcpy (&cr_entry->credential[1], 917 GNUNET_memcpy (&cr_entry->credential[1],
929 credentials[i].issuer_attribute, 918 credentials[i].issuer_attribute,
930 credentials[i].issuer_attribute_len); 919 credentials[i].issuer_attribute_len);
931 cr_entry->credential->issuer_attribute_len 920 cr_entry->credential->issuer_attribute_len
932 = credentials[i].issuer_attribute_len; 921 = credentials[i].issuer_attribute_len;
933 cr_entry->credential->issuer_attribute = (char *) &cr_entry->credential[1]; 922 cr_entry->credential->issuer_attribute = (char *)&cr_entry->credential[1];
934 GNUNET_CONTAINER_DLL_insert_tail (vrh->cred_chain_head, 923 GNUNET_CONTAINER_DLL_insert_tail (vrh->cred_chain_head,
935 vrh->cred_chain_tail, 924 vrh->cred_chain_tail,
936 cr_entry); 925 cr_entry);
@@ -944,7 +933,6 @@ static void
944handle_cred_collection_error_cb (void *cls) 933handle_cred_collection_error_cb (void *cls)
945{ 934{
946 struct VerifyRequestHandle *vrh = cls; 935 struct VerifyRequestHandle *vrh = cls;
947
948 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 936 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
949 "Got disconnected from namestore database.\n"); 937 "Got disconnected from namestore database.\n");
950 vrh->cred_collection_iter = NULL; 938 vrh->cred_collection_iter = NULL;
@@ -955,7 +943,6 @@ static void
955collect_next (void *cls) 943collect_next (void *cls)
956{ 944{
957 struct VerifyRequestHandle *vrh = cls; 945 struct VerifyRequestHandle *vrh = cls;
958
959 vrh->collect_next_task = NULL; 946 vrh->collect_next_task = NULL;
960 GNUNET_assert (NULL != vrh->cred_collection_iter); 947 GNUNET_assert (NULL != vrh->cred_collection_iter);
961 GNUNET_NAMESTORE_zone_iterator_next (vrh->cred_collection_iter, 1); 948 GNUNET_NAMESTORE_zone_iterator_next (vrh->cred_collection_iter, 1);
@@ -975,15 +962,13 @@ handle_cred_collection_cb (void *cls,
975 int cred_record_count; 962 int cred_record_count;
976 963
977 cred_record_count = 0; 964 cred_record_count = 0;
978 for (uint32_t i = 0; i < rd_count; i++) 965 for (uint32_t i = 0; i < rd_count; i++) {
979 {
980 if (GNUNET_GNSRECORD_TYPE_CREDENTIAL != rd[i].record_type) 966 if (GNUNET_GNSRECORD_TYPE_CREDENTIAL != rd[i].record_type)
981 continue; 967 continue;
982 cred_record_count++; 968 cred_record_count++;
983 crd 969 crd
984 = GNUNET_CREDENTIAL_credential_deserialize (rd[i].data, rd[i].data_size); 970 = GNUNET_CREDENTIAL_credential_deserialize (rd[i].data, rd[i].data_size);
985 if (NULL == crd) 971 if (NULL == crd) {
986 {
987 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "Invalid credential found\n"); 972 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "Invalid credential found\n");
988 continue; 973 continue;
989 } 974 }
@@ -1001,7 +986,6 @@ static void
1001handle_cred_collection_finished_cb (void *cls) 986handle_cred_collection_finished_cb (void *cls)
1002{ 987{
1003 struct VerifyRequestHandle *vrh = cls; 988 struct VerifyRequestHandle *vrh = cls;
1004
1005 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Done collecting credentials.\n"); 989 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Done collecting credentials.\n");
1006 vrh->cred_collection_iter = NULL; 990 vrh->cred_collection_iter = NULL;
1007 delegation_chain_resolution_start (vrh); 991 delegation_chain_resolution_start (vrh);
@@ -1019,7 +1003,7 @@ handle_collect (void *cls, const struct CollectMessage *c_msg)
1019 1003
1020 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Received COLLECT message\n"); 1004 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Received COLLECT message\n");
1021 1005
1022 utf_in = (const char *) &c_msg[1]; 1006 utf_in = (const char *)&c_msg[1];
1023 GNUNET_STRINGS_utf8_tolower (utf_in, attrptr); 1007 GNUNET_STRINGS_utf8_tolower (utf_in, attrptr);
1024 1008
1025 GNUNET_memcpy (issuer_attribute, attr, ntohs (c_msg->issuer_attribute_len)); 1009 GNUNET_memcpy (issuer_attribute, attr, ntohs (c_msg->issuer_attribute_len));
@@ -1032,8 +1016,7 @@ handle_collect (void *cls, const struct CollectMessage *c_msg)
1032 GNUNET_CRYPTO_ecdsa_key_get_public (&c_msg->subject_key, &vrh->subject_key); 1016 GNUNET_CRYPTO_ecdsa_key_get_public (&c_msg->subject_key, &vrh->subject_key);
1033 vrh->issuer_attribute = GNUNET_strdup (issuer_attribute); 1017 vrh->issuer_attribute = GNUNET_strdup (issuer_attribute);
1034 1018
1035 if (0 == strlen (issuer_attribute)) 1019 if (0 == strlen (issuer_attribute)) {
1036 {
1037 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No issuer attribute provided!\n"); 1020 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No issuer attribute provided!\n");
1038 send_lookup_response (vrh); 1021 send_lookup_response (vrh);
1039 return; 1022 return;
@@ -1062,21 +1045,18 @@ check_collect (void *cls, const struct CollectMessage *c_msg)
1062 const char *attr; 1045 const char *attr;
1063 1046
1064 msg_size = ntohs (c_msg->header.size); 1047 msg_size = ntohs (c_msg->header.size);
1065 if (msg_size < sizeof(struct CollectMessage)) 1048 if (msg_size < sizeof (struct CollectMessage)) {
1066 {
1067 GNUNET_break (0); 1049 GNUNET_break (0);
1068 return GNUNET_SYSERR; 1050 return GNUNET_SYSERR;
1069 } 1051 }
1070 if (ntohs (c_msg->issuer_attribute_len) > GNUNET_CREDENTIAL_MAX_LENGTH) 1052 if (ntohs (c_msg->issuer_attribute_len) > GNUNET_CREDENTIAL_MAX_LENGTH) {
1071 {
1072 GNUNET_break (0); 1053 GNUNET_break (0);
1073 return GNUNET_SYSERR; 1054 return GNUNET_SYSERR;
1074 } 1055 }
1075 attr = (const char *) &c_msg[1]; 1056 attr = (const char *)&c_msg[1];
1076 1057
1077 if (('\0' != attr[msg_size - sizeof(struct CollectMessage) - 1]) 1058 if (('\0' != attr[msg_size - sizeof (struct CollectMessage) - 1])
1078 || (strlen (attr) > GNUNET_CREDENTIAL_MAX_LENGTH)) 1059 || (strlen (attr) > GNUNET_CREDENTIAL_MAX_LENGTH)) {
1079 {
1080 GNUNET_break (0); 1060 GNUNET_break (0);
1081 return GNUNET_SYSERR; 1061 return GNUNET_SYSERR;
1082 } 1062 }
@@ -1112,14 +1092,13 @@ run (void *cls,
1112 const struct GNUNET_CONFIGURATION_Handle *c, 1092 const struct GNUNET_CONFIGURATION_Handle *c,
1113 struct GNUNET_SERVICE_Handle *handle) 1093 struct GNUNET_SERVICE_Handle *handle)
1114{ 1094{
1095
1115 gns = GNUNET_GNS_connect (c); 1096 gns = GNUNET_GNS_connect (c);
1116 if (NULL == gns) 1097 if (NULL == gns) {
1117 {
1118 fprintf (stderr, _ ("Failed to connect to GNS\n")); 1098 fprintf (stderr, _ ("Failed to connect to GNS\n"));
1119 } 1099 }
1120 namestore = GNUNET_NAMESTORE_connect (c); 1100 namestore = GNUNET_NAMESTORE_connect (c);
1121 if (NULL == namestore) 1101 if (NULL == namestore) {
1122 {
1123 fprintf (stderr, _ ("Failed to connect to namestore\n")); 1102 fprintf (stderr, _ ("Failed to connect to namestore\n"));
1124 } 1103 }
1125 1104
diff --git a/src/credential/plugin_gnsrecord_credential.c b/src/credential/plugin_gnsrecord_credential.c
index 269e558c2..a4c3a94e8 100644
--- a/src/credential/plugin_gnsrecord_credential.c
+++ b/src/credential/plugin_gnsrecord_credential.c
@@ -16,7 +16,7 @@
16 along with this program. If not, see <http://www.gnu.org/licenses/>. 16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17 17
18 SPDX-License-Identifier: AGPL3.0-or-later 18 SPDX-License-Identifier: AGPL3.0-or-later
19 */ 19*/
20 20
21/** 21/**
22 * @file credential/plugin_gnsrecord_credential.c 22 * @file credential/plugin_gnsrecord_credential.c
@@ -46,79 +46,72 @@ static char *
46credential_value_to_string (void *cls, uint32_t type, const void *data, 46credential_value_to_string (void *cls, uint32_t type, const void *data,
47 size_t data_size) 47 size_t data_size)
48{ 48{
49
49 const char *cdata; 50 const char *cdata;
50 51
51 switch (type) 52 switch (type) {
52 {
53 case GNUNET_GNSRECORD_TYPE_ATTRIBUTE: { 53 case GNUNET_GNSRECORD_TYPE_ATTRIBUTE: {
54 struct GNUNET_CREDENTIAL_DelegationRecord sets; 54 struct GNUNET_CREDENTIAL_DelegationRecord sets;
55 char *attr_str; 55 char *attr_str;
56 char *subject_pkey; 56 char *subject_pkey;
57 char *tmp_str; 57 char *tmp_str;
58 int i; 58 int i;
59 if (data_size < sizeof(struct GNUNET_CREDENTIAL_DelegationRecord)) 59 if (data_size < sizeof (struct GNUNET_CREDENTIAL_DelegationRecord))
60 return NULL; /* malformed */ 60 return NULL; /* malformed */
61 GNUNET_memcpy (&sets, data, sizeof(sets)); 61
62 cdata = data; 62 GNUNET_memcpy (&sets, data, sizeof (sets));
63 struct GNUNET_CREDENTIAL_DelegationSet set[ntohl (sets.set_count)]; 63 cdata = data;
64 if (GNUNET_OK != GNUNET_CREDENTIAL_delegation_set_deserialize ( 64
65 GNUNET_ntohll (sets.data_size), &cdata[sizeof(sets)], 65 struct GNUNET_CREDENTIAL_DelegationSet set[ntohl (sets.set_count)];
66 ntohl (sets.set_count), set)) 66 if (GNUNET_OK != GNUNET_CREDENTIAL_delegation_set_deserialize (
67 return NULL; 67 GNUNET_ntohll (sets.data_size), &cdata[sizeof (sets)],
68 68 ntohl (sets.set_count), set))
69 for (i = 0; i < ntohl (sets.set_count); i++) 69 return NULL;
70 { 70
71 subject_pkey = 71 for (i = 0; i < ntohl (sets.set_count); i++) {
72 subject_pkey =
72 GNUNET_CRYPTO_ecdsa_public_key_to_string (&set[i].subject_key); 73 GNUNET_CRYPTO_ecdsa_public_key_to_string (&set[i].subject_key);
73 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "%d len attr\n", 74 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "%d len attr\n",
74 set[i].subject_attribute_len); 75 set[i].subject_attribute_len);
75 if (0 == set[i].subject_attribute_len) 76 if (0 == set[i].subject_attribute_len) {
76 { 77 if (0 == i) {
77 if (0 == i) 78 GNUNET_asprintf (&attr_str, "%s", subject_pkey);
78 { 79 } else {
79 GNUNET_asprintf (&attr_str, "%s", subject_pkey); 80 GNUNET_asprintf (&tmp_str, "%s,%s", attr_str, subject_pkey);
80 } 81 GNUNET_free (attr_str);
81 else 82 attr_str = tmp_str;
82 {
83 GNUNET_asprintf (&tmp_str, "%s,%s", attr_str, subject_pkey);
84 GNUNET_free (attr_str);
85 attr_str = tmp_str;
86 }
87 } 83 }
88 else 84 } else {
89 { 85 if (0 == i) {
90 if (0 == i) 86 GNUNET_asprintf (&attr_str, "%s %s", subject_pkey,
91 { 87 set[i].subject_attribute);
92 GNUNET_asprintf (&attr_str, "%s %s", subject_pkey, 88 } else {
93 set[i].subject_attribute); 89 GNUNET_asprintf (&tmp_str, "%s,%s %s", attr_str, subject_pkey,
94 } 90 set[i].subject_attribute);
95 else 91 GNUNET_free (attr_str);
96 { 92 attr_str = tmp_str;
97 GNUNET_asprintf (&tmp_str, "%s,%s %s", attr_str, subject_pkey,
98 set[i].subject_attribute);
99 GNUNET_free (attr_str);
100 attr_str = tmp_str;
101 }
102 } 93 }
103 GNUNET_free (subject_pkey);
104 } 94 }
105 return attr_str; 95 GNUNET_free (subject_pkey);
106 } 96 }
107 97 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "############### attr str: %s \n", attr_str);
98 //DEBUG ############### attr str: BKX50FK9QYNTFGPR6647CDASM63G21NEJC02QP58NHN7B7M8TKT0 student
99 return attr_str;
100 }
108 case GNUNET_GNSRECORD_TYPE_CREDENTIAL: { 101 case GNUNET_GNSRECORD_TYPE_CREDENTIAL: {
109 struct GNUNET_CREDENTIAL_Credential *cred; 102 struct GNUNET_CREDENTIAL_Credential *cred;
110 char *cred_str; 103 char *cred_str;
111
112 cred = GNUNET_CREDENTIAL_credential_deserialize (data, data_size);
113 cred_str = GNUNET_CREDENTIAL_credential_to_string (cred);
114 GNUNET_free (cred);
115 return cred_str;
116 }
117 104
118 case GNUNET_GNSRECORD_TYPE_POLICY: { 105 cred = GNUNET_CREDENTIAL_credential_deserialize (data, data_size);
119 return GNUNET_strndup (data, data_size); 106 cred_str = GNUNET_CREDENTIAL_credential_to_string (cred);
120 } 107 GNUNET_free (cred);
108 return cred_str;
109 }
110 case GNUNET_GNSRECORD_TYPE_DELEGATE: {
111 printf("####################################vts\n");
121 112
113 return GNUNET_strndup (data, data_size);
114 }
122 default: 115 default:
123 return NULL; 116 return NULL;
124 } 117 }
@@ -142,107 +135,203 @@ credential_string_to_value (void *cls, uint32_t type, const char *s,
142{ 135{
143 if (NULL == s) 136 if (NULL == s)
144 return GNUNET_SYSERR; 137 return GNUNET_SYSERR;
145 switch (type) 138 switch (type) {
146 {
147 case GNUNET_GNSRECORD_TYPE_ATTRIBUTE: { 139 case GNUNET_GNSRECORD_TYPE_ATTRIBUTE: {
148 struct GNUNET_CREDENTIAL_DelegationRecord *sets; 140 printf ("Start: string_to_value attribute\n");
149 char attr_str[253 + 1]; 141
150 char subject_pkey[52 + 1]; 142 struct GNUNET_CREDENTIAL_DelegationRecord *sets;
151 char *token; 143 char attr_str[253 + 1];
152 char *tmp_str; 144 char subject_pkey[52 + 1];
153 int matches = 0; 145 char *token;
154 int entries; 146 char *tmp_str;
155 size_t tmp_data_size; 147 int matches = 0;
156 int i; 148 int entries;
157 149 size_t tmp_data_size;
158 tmp_str = GNUNET_strdup (s); 150 int i;
159 token = strtok (tmp_str, ","); 151
160 entries = 0; 152 tmp_str = GNUNET_strdup (s);
161 tmp_data_size = 0; 153 token = strtok (tmp_str, ",");
162 *data_size = sizeof(struct GNUNET_CREDENTIAL_DelegationRecord); 154 entries = 0;
163 while (NULL != token) 155 tmp_data_size = 0;
164 { 156 *data_size = sizeof (struct GNUNET_CREDENTIAL_DelegationRecord);
165 matches = sscanf (token, "%s %s", subject_pkey, attr_str); 157 while (NULL != token) {
166 if (0 == matches) 158 // also fills the variables subject_pley and attr_str if "regex"-like match
167 { 159 matches = SSCANF (token, "%s %s", subject_pkey, attr_str);
168 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 160
169 _ ("Unable to parse ATTR record string `%s'\n"), s); 161 if (0 == matches) {
170 GNUNET_free (tmp_str); 162 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
171 return GNUNET_SYSERR; 163 _ ("Unable to parse ATTR record string `%s'\n"), s);
172 }
173 if (1 == matches)
174 {
175 tmp_data_size += sizeof(struct GNUNET_CREDENTIAL_DelegationRecordSet);
176 }
177 else if (2 == matches)
178 {
179 tmp_data_size += sizeof(struct GNUNET_CREDENTIAL_DelegationRecordSet)
180 + strlen (attr_str) + 1;
181 }
182 entries++;
183 token = strtok (NULL, ",");
184 }
185 GNUNET_free (tmp_str);
186 tmp_str = GNUNET_strdup (s);
187 token = strtok (tmp_str, ",");
188 if (NULL == token)
189 {
190 GNUNET_free (tmp_str); 164 GNUNET_free (tmp_str);
191 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Malformed string %s\n", s);
192 return GNUNET_SYSERR; 165 return GNUNET_SYSERR;
193 } 166 }
194 struct GNUNET_CREDENTIAL_DelegationSet set[entries]; 167
195 memset (set, 0, sizeof(struct GNUNET_CREDENTIAL_DelegationSet) * entries); 168 entries++;
196 for (i = 0; i < entries; i++) 169 token = strtok (NULL, ",");
197 { 170 }
198 matches = sscanf (token, "%s %s", subject_pkey, attr_str); 171 GNUNET_free (tmp_str);
199 GNUNET_CRYPTO_ecdsa_public_key_from_string ( 172
200 subject_pkey, strlen (subject_pkey), &set[i].subject_key); 173 tmp_str = GNUNET_strdup (s);
201 if (2 == matches) 174 token = strtok (tmp_str, ",");
202 { 175 if (NULL == token) {
203 set[i].subject_attribute_len = strlen (attr_str) + 1; 176 GNUNET_free (tmp_str);
204 set[i].subject_attribute = GNUNET_strdup (attr_str); 177 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Malformed string %s\n", s);
205 } 178 return GNUNET_SYSERR;
206 token = strtok (NULL, ","); 179 }
180
181 struct GNUNET_CREDENTIAL_DelegationSet set[entries];
182 // sets memory to be 0, starting at *set for the size of struct * entries
183 memset (set, 0, sizeof (struct GNUNET_CREDENTIAL_DelegationSet) * entries);
184 for (i = 0; i < entries; i++) {
185 matches = SSCANF (token, "%s %s", subject_pkey, attr_str);
186
187 // sets the public key for the set entry
188 GNUNET_CRYPTO_ecdsa_public_key_from_string (
189 subject_pkey, strlen (subject_pkey), &set[i].subject_key);
190
191 // If not just key, also set subject attribute (Not A.a <- B but A.a <- B.b)
192 if (2 == matches) {
193 set[i].subject_attribute_len = strlen (attr_str) + 1;
194 set[i].subject_attribute = GNUNET_strdup (attr_str);
207 } 195 }
208 tmp_data_size = GNUNET_CREDENTIAL_delegation_set_get_size (entries, set); 196 // If more entries, then token string can take the next entry (separated by ',') by calling strtok again
197 token = strtok (NULL, ",");
198 }
199 tmp_data_size = GNUNET_CREDENTIAL_delegation_set_get_size (entries, set);
200
201 if (-1 == tmp_data_size) {
202 GNUNET_free (tmp_str);
203 return GNUNET_SYSERR;
204 }
205 *data_size += tmp_data_size;
206 *data = sets = GNUNET_malloc (*data_size);
207 GNUNET_CREDENTIAL_delegation_set_serialize (entries, set, tmp_data_size,
208 (char *)&sets[1]);
209 for (i = 0; i < entries; i++) {
210 if (0 != set[i].subject_attribute_len)
211 GNUNET_free ((char *)set[i].subject_attribute);
212 }
213 sets->set_count = htonl (entries);
214 sets->data_size = GNUNET_htonll (tmp_data_size);
215
216 GNUNET_free (tmp_str);
217 return GNUNET_OK;
218 }
219 case GNUNET_GNSRECORD_TYPE_CREDENTIAL: {
220 printf ("Start: string_to_value credential\n");
209 221
210 if (-1 == tmp_data_size) 222 struct GNUNET_CREDENTIAL_Credential *cred;
211 { 223 cred = GNUNET_CREDENTIAL_credential_from_string (s);
224
225 *data_size = GNUNET_CREDENTIAL_credential_serialize (cred, (char **)data);
226 return GNUNET_OK;
227 }
228 case GNUNET_GNSRECORD_TYPE_DELEGATE: {
229 printf ("Start: string_to_value delegate\n");
230
231 char* tmp_str;
232 char* token;
233 int matches = 0;
234 int entries = 0;
235 size_t tmp_data_size = 0;
236 char issuer_attr_str[253 + 1], subject_attr_str[253 + 1];
237 char issuer_pkey[52 + 1], subject_pkey[52 + 1];
238 int i;
239
240 // Split AND
241 tmp_str = GNUNET_strdup (s);
242 // Split string by ',' and first entry stored in token
243 token = strtok (tmp_str, ",");
244 // TODO: Use of this except for entry counting and format checking (why tmp_data size in the function above?)
245 while(NULL != token) {
246 printf("DEL############### tokenX %s\n", token);
247
248 // TODO: only for type A.a <- B.b, missing other types, especially with multiple roles on the right side
249 // Alles splitten mit "%s %s <- %s %s ..." oder lieber "%s %s <- %s" und das dem lookup überlassen? Dann aber feld größe unknown
250
251 // Match with string and fill variables
252 matches = SSCANF (token, "%s %s <- %s %s", issuer_pkey, issuer_attr_str, subject_pkey, subject_attr_str);
253 printf("DEL############### issuerpkey %s, issueratt %s, subjectpkey %s, subjectattr %s\n",
254 issuer_pkey, issuer_attr_str, subject_pkey, subject_attr_str);
255
256 // Doesn't match string, DEL record string wrong formatted, throw error
257 if (2 >= matches) {
258 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
259 _ ("Unable to parse DEL record string `%s'\n"), s);
212 GNUNET_free (tmp_str); 260 GNUNET_free (tmp_str);
213 return GNUNET_SYSERR; 261 return GNUNET_SYSERR;
214 } 262 }
215 *data_size += tmp_data_size; 263
216 *data = sets = GNUNET_malloc (*data_size); 264 printf("DEL############### matches %d\n", matches);
217 GNUNET_CREDENTIAL_delegation_set_serialize (entries, set, tmp_data_size, 265 if (3 == matches) {
218 (char *) &sets[1]); 266 // Type A.a <- B
219 for (i = 0; i < entries; i++) 267 printf("DEL############### A.a <-B found\n");
220 { 268 }
221 if (0 != set[i].subject_attribute_len) 269 if (4 == matches) {
222 GNUNET_free ((char *) set[i].subject_attribute); 270 printf("DEL############### A.a <- B.b found\n");
223 } 271 }
224 sets->set_count = htonl (entries);
225 sets->data_size = GNUNET_htonll (tmp_data_size);
226 272
273 // Get next entry of tmp_str (pointer still saved), store entry in token, NULL if no more entries
274 token = strtok(NULL, ",");
275 entries++;
276 }
277 // TODO fill tmp_data_size (but what's that)
278
279 tmp_str = GNUNET_strdup (s);
280 token = strtok (tmp_str, ",");
281 if (NULL == token) {
227 GNUNET_free (tmp_str); 282 GNUNET_free (tmp_str);
228 return GNUNET_OK; 283 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Malformed string %s\n", s);
284 return GNUNET_SYSERR;
229 } 285 }
230 286
231 case GNUNET_GNSRECORD_TYPE_CREDENTIAL: { 287 // TODO own GNUNET_CREDENTIAL_Delegation struct (when I know the format)
232 struct GNUNET_CREDENTIAL_Credential *cred; 288 struct GNUNET_CREDENTIAL_Delegation set[entries];
233 cred = GNUNET_CREDENTIAL_credential_from_string (s); 289 // sets memory to be 0, starting at *set for the size of struct * entries
290 memset (set, 0, sizeof (struct GNUNET_CREDENTIAL_Delegation) * entries);
291
292 for (i = 0; i < entries; i++) {
293 matches = SSCANF (token, "%s %s <- %s %s", issuer_pkey, issuer_attr_str, subject_pkey, subject_attr_str);
294
295 // Set public keys of issuer and subject
296 GNUNET_CRYPTO_ecdsa_public_key_from_string (
297 issuer_pkey, strlen (issuer_pkey), &set[i].issuer_key);
298 GNUNET_CRYPTO_ecdsa_public_key_from_string (
299 subject_pkey, strlen (subject_pkey), &set[i].subject_key);
300
301 // Set issuer attribute, always present
302 set[i].issuer_attribute_len = strlen (issuer_attr_str) + 1;
303 set[i].issuer_attribute = GNUNET_strdup (issuer_attr_str);
304
305 if (4 == matches) {
306 // A.a <- B.b
307 set[i].subject_attribute_len = strlen (subject_attr_str) + 1;
308 set[i].subject_attribute = GNUNET_strdup (subject_attr_str);
309 }
234 310
235 *data_size = GNUNET_CREDENTIAL_credential_serialize (cred, 311 // If more entries, then token string can take the next entry (separated by ',') by calling strtok again
236 (char **) data); 312 token = strtok (NULL, ",");
237 return GNUNET_OK;
238 } 313 }
314 //TODO: own method
315 //tmp_data_size = GNUNET_CREDENTIAL_delegation_set_get_size (entries, set);
239 316
240 case GNUNET_GNSRECORD_TYPE_POLICY: { 317 if (-1 == tmp_data_size) {
241 *data_size = strlen (s); 318 GNUNET_free (tmp_str);
242 *data = GNUNET_strdup (s); 319 return GNUNET_SYSERR;
243 return GNUNET_OK;
244 } 320 }
245 321
322 //TODO: serialize
323
324
325
326
327
328
329
330
331 *data_size = strlen (s);
332 *data = GNUNET_strdup (s);
333 return GNUNET_OK;
334 }
246 default: 335 default:
247 return GNUNET_SYSERR; 336 return GNUNET_SYSERR;
248 } 337 }
@@ -257,10 +346,10 @@ static struct
257{ 346{
258 const char *name; 347 const char *name;
259 uint32_t number; 348 uint32_t number;
260} name_map[] = { { "CRED", GNUNET_GNSRECORD_TYPE_CREDENTIAL }, 349} name_map[] = {{"CRED", GNUNET_GNSRECORD_TYPE_CREDENTIAL},
261 { "ATTR", GNUNET_GNSRECORD_TYPE_ATTRIBUTE }, 350 {"ATTR", GNUNET_GNSRECORD_TYPE_ATTRIBUTE},
262 { "POLICY", GNUNET_GNSRECORD_TYPE_POLICY }, 351 {"DEL", GNUNET_GNSRECORD_TYPE_DELEGATE},
263 { NULL, UINT32_MAX } }; 352 {NULL, UINT32_MAX}};
264 353
265 354
266/** 355/**
diff --git a/src/credential/test_credential_own.sh b/src/credential/test_credential_own.sh
new file mode 100755
index 000000000..a5f567511
--- /dev/null
+++ b/src/credential/test_credential_own.sh
@@ -0,0 +1,103 @@
1#!/usr/bin/env bash
2trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
3
4LOCATION=$(which gnunet-config)
5if [ -z $LOCATION ]
6then
7 LOCATION="gnunet-config"
8fi
9$LOCATION --version 1> /dev/null
10if test $? != 0
11then
12 echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
13 exit 77
14fi
15
16rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
17
18# (1) EPub.discount <- EOrg.preferred
19# (2) EOrg.preferred <- StateU.student
20# (3) StateU.student <- RegistrarB.student
21# (4) RegistrarB.student <- Alice
22
23
24which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 30"
25gnunet-arm -s -c test_credential_lookup.conf
26gnunet-identity -C epub -c test_credential_lookup.conf
27gnunet-identity -C eorg -c test_credential_lookup.conf
28gnunet-identity -C stateu -c test_credential_lookup.conf
29gnunet-identity -C registrarb -c test_credential_lookup.conf
30gnunet-identity -C alice -c test_credential_lookup.conf
31
32EPUB_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep epub | awk '{print $3}')
33EORG_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep eorg | awk '{print $3}')
34STATEU_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep stateu | awk '{print $3}')
35REGISTRARB_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep registrarb | awk '{print $3}')
36ALICE_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep alice | awk '{print $3}')
37
38
39DISC_ATTR="discount"
40PREF_ATTR="preferred"
41STATE_STUD_ATTR="student"
42REG_STUD_ATTR="student"
43END_ATTR="end"
44
45TEST_CREDENTIAL="mygnunetcreds"
46# Test for forward search (0) StateU.student -> EOrg.end
47# gnunet-namestore -p -z eorg -a -n "@" -t DEL -V "$STATEU_KEY $STATE_STUD_ATTR <- $EORG_KEY $END_ATTR" -e 60m -c test_credential_lookup.conf
48# gnunet-namestore -D -z eorg
49
50# Alternative Format that is being implemented at the moment:
51# Issuerside:
52# gnunet-credential --create --ego=A --attribute="a" --subject="B.b" --where="is"
53 gnunet-credential --createIssuerSide --ego=epub --attribute="aasds" --subject="$EORG_KEY basd" --ttl=60m
54 SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=epub --attribute="asd" --subject="$EORG_KEY basd" --ttl=60m`
55 echo $SIGNED
56 gnunet-credential --createSubjectSide --extension "$SIGNED"
57# Subjectside:
58# X = gnunet-credential --create -e E -a "a" -s "B.b" -w ss
59# gnunet-credential --add -e E -x X
60
61# (1) EPub assigns the attribute "discount" to all entities that have been assigned "preferred" by EOrg
62gnunet-namestore -p -z epub -a -n $DISC_ATTR -t ATTR -V "$EORG_KEY $PREF_ATTR" -e 5m -c test_credential_lookup.conf
63gnunet-namestore -D -z epub
64
65# (2) EOrg assigns the attribute "preferred" to all entities that have been assigned "student" by StateU
66gnunet-namestore -p -z eorg -a -n $PREF_ATTR -t ATTR -V "$STATEU_KEY $STATE_STUD_ATTR" -e 5m -c test_credential_lookup.conf
67
68# (3) StateU assigns the attribute "student" to all entities that have been asssigned "student" by RegistrarB
69gnunet-namestore -p -z stateu -a -n $STATE_STUD_ATTR -t ATTR -V "$REGISTRARB_KEY $REG_STUD_ATTR" -e 5m -c test_credential_lookup.conf
70
71# (4) RegistrarB issues Alice the credential "student"
72CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=registrarb --subject=$ALICE_KEY --attribute=$REG_STUD_ATTR --ttl=5m -c test_credential_lookup.conf`
73
74# Alice stores the credential under "mygnunetcreds"
75gnunet-namestore -p -z alice -a -n $TEST_CREDENTIAL -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf
76
77# Starting to resolve
78echo "+++++Starting Collect"
79
80CREDS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$EPUB_KEY --attribute=$DISC_ATTR --ego=alice -c test_credential_lookup.conf | paste -d, -s`
81echo $CREDS
82echo gnunet-credential --verify --issuer=$EPUB_KEY --attribute=$DISC_ATTR --subject=$ALICE_KEY --credential=\'$CREDS\' -c test_credential_lookup.conf
83
84RES_CRED=`gnunet-credential --verify --issuer=$EPUB_KEY --attribute=$DISC_ATTR --subject=$ALICE_KEY --credential="$CREDS" -c test_credential_lookup.conf`
85
86
87# Cleanup properly
88gnunet-namestore -z alice -d -n $TEST_CREDENTIAL -t CRED -e never -c test_credential_lookup.conf
89gnunet-namestore -z epub -d -n $DISC_ATTR -t ATTR -c test_credential_lookup.conf
90gnunet-namestore -z eorg -d -n $PREF_ATTR -t ATTR -c test_credential_lookup.conf
91gnunet-namestore -z stateu -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf
92gnunet-arm -e -c test_credential_lookup.conf
93
94if [ "$RES_CRED" != "Failed." ]
95then
96 # TODO: replace echo -e bashism
97 echo -e "${RES_CRED}"
98 exit 0
99else
100 echo "FAIL: Failed to verify credential $RES_CRED."
101 exit 1
102fi
103
diff --git a/src/credential/test_credential_verify_and.sh b/src/credential/test_credential_verify_and.sh
index fa0ab34e1..aaabcd753 100755
--- a/src/credential/test_credential_verify_and.sh
+++ b/src/credential/test_credential_verify_and.sh
@@ -17,8 +17,8 @@ rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
17 17
18# (1) Service.user -> GNU.project.member 18# (1) Service.user -> GNU.project.member
19# (2) GNU.project -> GNUnet 19# (2) GNU.project -> GNUnet
20# (3) GNUnet.member -> GNUnet.developer and GNUnet.user 20# (3) GNUnet.member -> GNUnet.developer and (4)GNUnet.user
21# (4) GNUnet.developer -> Alice 21# (5) GNUnet.developer -> Alice
22 22
23 23
24which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 30" 24which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 30"
@@ -73,10 +73,9 @@ gnunet-arm -e -c test_credential_lookup.conf
73 73
74if [ "$RES_CRED" != "Failed." ] 74if [ "$RES_CRED" != "Failed." ]
75then 75then
76 # TODO: echo -e bashism
77 echo -e "${RES_CRED}" 76 echo -e "${RES_CRED}"
78 exit 0 77 exit 0
79else 78else
80 echo "FAIL: Failed to verify credential $RES_CRED." 79 echo "FAIL: Failed to verify credential $RES_CRED."
81 exit 1 80 exit 1
82fi 81fi \ No newline at end of file
diff --git a/src/include/gnunet_gnsrecord_lib.h b/src/include/gnunet_gnsrecord_lib.h
index f5b2f0dd1..ea91f9eb9 100644
--- a/src/include/gnunet_gnsrecord_lib.h
+++ b/src/include/gnunet_gnsrecord_lib.h
@@ -114,7 +114,7 @@ extern "C" {
114/** 114/**
115 * Record type for policies 115 * Record type for policies
116 */ 116 */
117#define GNUNET_GNSRECORD_TYPE_POLICY 65548 117#define GNUNET_GNSRECORD_TYPE_DELEGATE 65548
118 118
119/** 119/**
120 * Record type for reverse lookups 120 * Record type for reverse lookups