summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorMartin Schanzenbach <mschanzenbach@posteo.de>2021-04-20 19:03:41 +0200
committerMartin Schanzenbach <mschanzenbach@posteo.de>2021-04-20 19:03:41 +0200
commit22d8a6445a1807e9a9e032d85c0503ed08e70bf7 (patch)
treee9f9d6020e1f294c7fcbb31340d425f1158bf04e /src
parent5faab5da8337e5060002cba8cf5c4c1d8bc89a1e (diff)
- towards pabc fixing
Diffstat (limited to 'src')
-rw-r--r--src/reclaim/pabc_helper.c3
-rw-r--r--src/reclaim/plugin_reclaim_credential_pabc.c169
-rw-r--r--src/reclaim/plugin_rest_pabc.c32
3 files changed, 88 insertions, 116 deletions
diff --git a/src/reclaim/pabc_helper.c b/src/reclaim/pabc_helper.c
index e76977d03..c435ad5b3 100644
--- a/src/reclaim/pabc_helper.c
+++ b/src/reclaim/pabc_helper.c
@@ -29,7 +29,8 @@ write_file (char const *const filename, const char *buffer)
struct GNUNET_DISK_FileHandle *fh;
fh = GNUNET_DISK_file_open (filename,
GNUNET_DISK_OPEN_WRITE
- | GNUNET_DISK_OPEN_TRUNCATE,
+ | GNUNET_DISK_OPEN_TRUNCATE
+ | GNUNET_DISK_OPEN_CREATE,
GNUNET_DISK_PERM_USER_WRITE);
if (fh == NULL)
return GNUNET_SYSERR;
diff --git a/src/reclaim/plugin_reclaim_credential_pabc.c b/src/reclaim/plugin_reclaim_credential_pabc.c
index 148cfec13..e17520528 100644
--- a/src/reclaim/plugin_reclaim_credential_pabc.c
+++ b/src/reclaim/plugin_reclaim_credential_pabc.c
@@ -144,6 +144,22 @@ pabc_number_to_typename (void *cls, uint32_t type)
}
+static void
+inspect_attrs (char const *const key,
+ char const *const value,
+ void *ctx)
+{
+ struct GNUNET_RECLAIM_AttributeList *attrs = ctx;
+
+ GNUNET_RECLAIM_attribute_list_add (attrs,
+ key,
+ NULL,
+ GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING,
+ value,
+ strlen (value));
+}
+
+
/**
* Parse a pabc and return the respective claim value as Attribute
*
@@ -156,14 +172,9 @@ pabc_parse_attributes (void *cls,
const char *data,
size_t data_size)
{
- const char *key;
struct GNUNET_RECLAIM_AttributeList *attrs;
- char *val_str = NULL;
- char *tmp;
- json_t *value;
- json_t *attr;
- json_t *json_attrs;
json_t *json_root;
+ json_t *json_attrs;
json_error_t *json_err = NULL;
json_root = json_loads (data, JSON_DECODE_ANY, json_err);
@@ -177,55 +188,20 @@ pabc_parse_attributes (void *cls,
json_decref (json_root);
return NULL;
}
- json_attrs = json_object_get (json_root, "attributes");
+ json_attrs = json_object_get (json_root, PABC_JSON_PLAIN_ATTRS_KEY);
if ((NULL == json_attrs) ||
- (! json_is_array (json_attrs)))
+ (! json_is_object (json_attrs)))
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- "%s is not a valid pabc credentials (attributes not an array)\n",
+ "%s is not a valid pabc credentials (attributes not an object)\n",
data);
json_decref (json_root);
return NULL;
}
attrs = GNUNET_new (struct GNUNET_RECLAIM_AttributeList);
- for (int i = 0; i < json_array_size (json_attrs); i++)
- {
- attr = json_array_get (json_attrs, i);
- if (! json_is_object (attr))
- {
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- "Found json entry is not an object!\n");
- GNUNET_RECLAIM_attribute_list_destroy (attrs);
- json_decref (json_root);
- return NULL;
- }
- /**
- * This *should* only contain a single pair.
- */
- json_object_foreach (attr, key, value)
- {
- if ((0 == strcmp ("issuer", key)) ||
- (0 == strcmp ("expiration", key)) ||
- (0 == strcmp ("subject", key)))
- continue;
- val_str = json_dumps (value, JSON_ENCODE_ANY);
- tmp = val_str;
- // Remove leading " from jasson conversion
- if (tmp[0] == '"')
- tmp++;
- // Remove trailing " from jansson conversion
- if (tmp[strlen (tmp) - 1] == '"')
- tmp[strlen (tmp) - 1] = '\0';
- GNUNET_RECLAIM_attribute_list_add (attrs,
- key,
- NULL,
- GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING,
- tmp,
- strlen (tmp));
- GNUNET_free (val_str);
- }
- }
+ char *attr_str = json_dumps (json_attrs, JSON_DECODE_ANY);
+ pabc_cred_inspect_credential (attr_str, &inspect_attrs, attrs);
json_decref (json_root);
return attrs;
}
@@ -260,6 +236,23 @@ pabc_parse_attributes_p (void *cls,
return pabc_parse_attributes (cls, cred->data, cred->data_size);
}
+struct Finder
+{
+ const char* target;
+ char *result;
+};
+
+static void
+find_attr (char const *const key,
+ char const *const value,
+ void *ctx)
+{
+ struct Finder *fdr = ctx;
+ if (0 == strcmp (key, fdr->target))
+ fdr->result = GNUNET_strdup (value);
+}
+
+
/**
* Parse a pabc and return an attribute value.
@@ -267,7 +260,7 @@ pabc_parse_attributes_p (void *cls,
* @param cls the plugin
* @param data the pabc credential data
* @param data_size the pabc credential size
- * @param key the attribute key to look for.
+ * @param skey the attribute key to look for.
* @return a string, containing the isser
*/
char *
@@ -276,13 +269,8 @@ pabc_get_attribute (void *cls,
size_t data_size,
const char *skey)
{
- const char *key;
- char *val_str = NULL;
- char *tmp;
json_t *json_root;
json_t *json_attrs;
- json_t *value;
- json_t *attr;
json_error_t *json_err = NULL;
json_root = json_loads (data, JSON_DECODE_ANY, json_err);
@@ -290,50 +278,29 @@ pabc_get_attribute (void *cls,
(! json_is_object (json_root)))
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- "%s is not a valid pabc credentials (not an object)\n",
+ "%s is not a valid pabc credential (not an object)\n",
data);
if (NULL != json_root)
json_decref (json_root);
return NULL;
}
- json_attrs = json_object_get (json_root, "attributes");
+ json_attrs = json_object_get (json_root, PABC_JSON_PLAIN_ATTRS_KEY);
if ((NULL == json_attrs) ||
- (! json_is_array (json_attrs)))
+ (! json_is_object (json_attrs)))
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- "%s is not a valid pabc credentials (attributes not an array)\n",
+ "%s is not a valid pabc credential (attributes not an object)\n",
data);
json_decref (json_root);
return NULL;
}
-
- for (int i = 0; i < json_array_size (json_attrs); i++)
- {
- attr = json_array_get (json_attrs, i);
- if (! json_is_object (attr))
- continue;
- /**
- * This *should* only contain a single pair.
- */
- json_object_foreach (attr, key, value)
- {
- if (0 != strcmp (skey, key))
- continue;
- val_str = json_dumps (value, JSON_ENCODE_ANY);
- tmp = val_str;
- // Remove leading " from jasson conversion
- if (tmp[0] == '"')
- tmp++;
- // Remove trailing " from jansson conversion
- if (tmp[strlen (tmp) - 1] == '"')
- tmp[strlen (tmp) - 1] = '\0';
- GNUNET_free (val_str);
- json_decref (json_root);
- return tmp;
- }
- }
+ char *attr_str = json_dumps (json_attrs, JSON_DECODE_ANY);
json_decref (json_root);
- return NULL;
+ struct Finder fdr;
+ memset (&fdr, 0, sizeof (fdr));
+ fdr.target = skey;
+ pabc_cred_inspect_credential (attr_str, &find_attr, &fdr);
+ return fdr.result;
}
@@ -403,9 +370,8 @@ pabc_get_expiration (void *cls,
json_t *json_root;
json_t *json_attrs;
json_t *value;
- json_t *attr;
+ json_t *exp_j;
json_error_t *json_err = NULL;
- const char*key;
json_root = json_loads (data, JSON_DECODE_ANY, json_err);
if ((NULL == json_root) ||
@@ -418,24 +384,23 @@ pabc_get_expiration (void *cls,
json_decref (json_root);
return GNUNET_SYSERR;
}
- for (int i = 0; i < json_array_size (json_attrs); i++)
+ json_attrs = json_object_get (json_root, PABC_JSON_PLAIN_ATTRS_KEY);
+ if ((NULL == json_attrs) ||
+ (! json_is_object (json_attrs)))
{
- attr = json_array_get (json_attrs, i);
- if (! json_is_object (attr))
- continue;
- /**
- * This *should* only contain a single pair.
- */
- json_object_foreach (attr, key, value)
- {
- if (0 != strcmp ("expiration", key))
- continue;
- if (! json_is_integer (value))
- continue;
- exp->abs_value_us = json_integer_value (value) * 1000 * 1000;
- json_decref (json_root);
- return GNUNET_OK;
- }
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "%s is not a valid pabc credential (attributes not an object)\n",
+ data);
+ json_decref (json_root);
+ return GNUNET_SYSERR;
+ }
+ exp_j = json_object_get (json_attrs, "expiration");
+ if ((NULL != exp_j) &&
+ json_is_integer (exp_j))
+ {
+ exp->abs_value_us = json_integer_value (value) * 1000 * 1000;
+ json_decref (json_root);
+ return GNUNET_OK;
}
json_decref (json_root);
return GNUNET_SYSERR;
diff --git a/src/reclaim/plugin_rest_pabc.c b/src/reclaim/plugin_rest_pabc.c
index 1c766a716..9c1ac3c47 100644
--- a/src/reclaim/plugin_rest_pabc.c
+++ b/src/reclaim/plugin_rest_pabc.c
@@ -264,9 +264,8 @@ set_attributes_from_idtoken (const struct pabc_context *ctx,
json_string_value (value));
if (PABC_OK != status)
{
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- "Failed to set attribute.\n");
- return PABC_FAILURE;
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ "Failed to set attribute `%s'.\n", key);
}
}
return PABC_OK;
@@ -370,7 +369,7 @@ cr_cont (struct GNUNET_REST_RequestHandle *con_handle,
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
- idtoken_json = json_object_get (idtoken_json, "id_token");
+ idtoken_json = json_object_get (data_json, "id_token");
if (NULL == idtoken_json)
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
@@ -390,13 +389,18 @@ cr_cont (struct GNUNET_REST_RequestHandle *con_handle,
}
PABC_ASSERT (pabc_new_ctx (&ctx));
- // FIXME jansson does stupid escaping here maybe expect ecoded?
+ char *pp_str = json_dumps (pp_json, JSON_ENCODE_ANY);
status = pabc_decode_and_new_public_parameters (ctx,
&pp,
- json_string_value (pp_json));
+ pp_str);
+ char *ppid;
+ GNUNET_assert (PABC_OK == pabc_cred_get_ppid_from_pp (pp_str, &ppid));
+ GNUNET_free (pp_str);
if (status != PABC_OK)
{
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to read public parameters.\n");
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Failed to read public parameters: %s\n",
+ pp_str);
json_decref (data_json);
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
@@ -457,8 +461,8 @@ cr_cont (struct GNUNET_REST_RequestHandle *con_handle,
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
- // FIXME: where does this come from???
- status = pabc_decode_nonce (ctx, nonce, json_string_value (nonce_json));
+ char *nonce_str = json_dumps (nonce_json, JSON_ENCODE_ANY);
+ status = pabc_decode_nonce (ctx, nonce, nonce_str);
if (status != PABC_OK)
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to decode nonce.\n");
@@ -496,7 +500,9 @@ cr_cont (struct GNUNET_REST_RequestHandle *con_handle,
return;
}
handle->resp_object = json_object ();
- pabc_encode_credential_request (ctx, pp, cr, &response_str);
+ GNUNET_assert (PABC_OK == pabc_cred_encode_cr (ctx, pp, cr,
+ json_string_value (identity_json),
+ ppid, &response_str));
if (PABC_OK != status)
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to serialize cr.\n");
@@ -508,9 +514,9 @@ cr_cont (struct GNUNET_REST_RequestHandle *con_handle,
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
+ json_decref (handle->resp_object);
+ handle->resp_object = json_loads (response_str, JSON_DECODE_ANY, &err);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "%s\n", response_str);
- json_object_set_new (handle->resp_object, "cr",
- json_string (response_str));
GNUNET_free (response_str);
// clean up
@@ -593,7 +599,7 @@ rest_identity_process_request (struct GNUNET_REST_RequestHandle *rest_handle,
* @return NULL on error, otherwise the plugin context
*/
void *
-libgnunet_plugin_rest_reclaim_init (void *cls)
+libgnunet_plugin_rest_pabc_init (void *cls)
{
static struct Plugin plugin;
struct GNUNET_REST_Plugin *api;