diff options
author | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2020-02-07 21:15:59 +0100 |
---|---|---|
committer | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2020-02-09 20:38:11 +0100 |
commit | e8ea1f3e34e2a07cbe2fd4725e7362027d0c51c3 (patch) | |
tree | 5b11a525700872147d92d8195615e4352d6d18b1 /src | |
parent | 5f9f9cae1714eb33e0ee9c824f3d88e6aab8cf63 (diff) | |
download | gnunet-e8ea1f3e34e2a07cbe2fd4725e7362027d0c51c3.tar.gz gnunet-e8ea1f3e34e2a07cbe2fd4725e7362027d0c51c3.zip |
add expiration
Diffstat (limited to 'src')
-rw-r--r-- | src/include/gnunet_reclaim_lib.h | 15 | ||||
-rw-r--r-- | src/include/gnunet_reclaim_plugin.h | 39 | ||||
-rw-r--r-- | src/include/gnunet_reclaim_service.h | 3 | ||||
-rw-r--r-- | src/reclaim/gnunet-reclaim.c | 6 | ||||
-rw-r--r-- | src/reclaim/gnunet-service-reclaim.c | 11 | ||||
-rw-r--r-- | src/reclaim/plugin_reclaim_attestation_jwt.c | 100 | ||||
-rw-r--r-- | src/reclaim/plugin_rest_openid_connect.c | 3 | ||||
-rw-r--r-- | src/reclaim/plugin_rest_reclaim.c | 21 | ||||
-rw-r--r-- | src/reclaim/reclaim.h | 5 | ||||
-rw-r--r-- | src/reclaim/reclaim_api.c | 18 | ||||
-rw-r--r-- | src/reclaim/reclaim_attestation.c | 49 |
11 files changed, 216 insertions, 54 deletions
diff --git a/src/include/gnunet_reclaim_lib.h b/src/include/gnunet_reclaim_lib.h index 6d3503950..54d284f3c 100644 --- a/src/include/gnunet_reclaim_lib.h +++ b/src/include/gnunet_reclaim_lib.h | |||
@@ -262,7 +262,8 @@ struct GNUNET_RECLAIM_AttestationListEntry | |||
262 | */ | 262 | */ |
263 | struct GNUNET_RECLAIM_Attribute * | 263 | struct GNUNET_RECLAIM_Attribute * |
264 | GNUNET_RECLAIM_attribute_new (const char *attr_name, | 264 | GNUNET_RECLAIM_attribute_new (const char *attr_name, |
265 | const struct GNUNET_RECLAIM_Identifier *attestation, | 265 | const struct |
266 | GNUNET_RECLAIM_Identifier *attestation, | ||
266 | uint32_t type, | 267 | uint32_t type, |
267 | const void *data, | 268 | const void *data, |
268 | size_t data_size); | 269 | size_t data_size); |
@@ -489,7 +490,6 @@ GNUNET_RECLAIM_attestation_list_deserialize (const char *data, | |||
489 | size_t data_size); | 490 | size_t data_size); |
490 | 491 | ||
491 | 492 | ||
492 | |||
493 | /** | 493 | /** |
494 | * @param attestation the attestation to serialize | 494 | * @param attestation the attestation to serialize |
495 | * @return the required buffer size | 495 | * @return the required buffer size |
@@ -593,8 +593,17 @@ GNUNET_RECLAIM_attestation_typename_to_number (const char *typename); | |||
593 | * @return corresponding number, UINT32_MAX on error | 593 | * @return corresponding number, UINT32_MAX on error |
594 | */ | 594 | */ |
595 | struct GNUNET_RECLAIM_AttributeList* | 595 | struct GNUNET_RECLAIM_AttributeList* |
596 | GNUNET_RECLAIM_attestation_get_attributes (const struct GNUNET_RECLAIM_Attestation *attest); | 596 | GNUNET_RECLAIM_attestation_get_attributes (const struct |
597 | GNUNET_RECLAIM_Attestation *attest); | ||
598 | |||
599 | char* | ||
600 | GNUNET_RECLAIM_attestation_get_issuer (const struct | ||
601 | GNUNET_RECLAIM_Attestation *attest); | ||
597 | 602 | ||
603 | int | ||
604 | GNUNET_RECLAIM_attestation_get_expiration (const struct | ||
605 | GNUNET_RECLAIM_Attestation *attest, | ||
606 | struct GNUNET_TIME_Absolute *exp); | ||
598 | 607 | ||
599 | #if 0 /* keep Emacsens' auto-indent happy */ | 608 | #if 0 /* keep Emacsens' auto-indent happy */ |
600 | { | 609 | { |
diff --git a/src/include/gnunet_reclaim_plugin.h b/src/include/gnunet_reclaim_plugin.h index d42ac9502..992ad0cc3 100644 --- a/src/include/gnunet_reclaim_plugin.h +++ b/src/include/gnunet_reclaim_plugin.h | |||
@@ -166,17 +166,40 @@ typedef const char *(*GNUNET_RECLAIM_AttestationNumberToTypenameFunction) ( | |||
166 | uint32_t type); | 166 | uint32_t type); |
167 | 167 | ||
168 | /** | 168 | /** |
169 | * Function called to convert a type number (i.e. 1) to the | 169 | * Function called to extract attributes from an attestation |
170 | * corresponding type string | ||
171 | * | 170 | * |
172 | * @param cls closure | 171 | * @param cls closure |
173 | * @param type number of a type to convert | 172 | * @param attest the attestation object |
174 | * @return corresponding typestring, NULL on error | 173 | * @return an attribute list |
175 | */ | 174 | */ |
176 | typedef struct GNUNET_RECLAIM_AttributeList *(*GNUNET_RECLAIM_AttestationGetAttributesFunction) ( | 175 | typedef struct GNUNET_RECLAIM_AttributeList *(*GNUNET_RECLAIM_AttestationGetAttributesFunction) ( |
177 | void *cls, | 176 | void *cls, |
178 | const struct GNUNET_RECLAIM_Attestation *attest); | 177 | const struct GNUNET_RECLAIM_Attestation *attest); |
179 | 178 | ||
179 | /** | ||
180 | * Function called to get the issuer of the attestation (as string) | ||
181 | * | ||
182 | * @param cls closure | ||
183 | * @param attest the attestation object | ||
184 | * @return corresponding issuer string | ||
185 | */ | ||
186 | typedef char *(*GNUNET_RECLAIM_AttestationGetIssuerFunction) ( | ||
187 | void *cls, | ||
188 | const struct GNUNET_RECLAIM_Attestation *attest); | ||
189 | |||
190 | /** | ||
191 | * Function called to get the expiration of the attestation | ||
192 | * | ||
193 | * @param cls closure | ||
194 | * @param attest the attestation object | ||
195 | * @param where to write the value | ||
196 | * @return GNUNET_OK if successful | ||
197 | */ | ||
198 | typedef int (*GNUNET_RECLAIM_AttestationGetExpirationFunction) ( | ||
199 | void *cls, | ||
200 | const struct GNUNET_RECLAIM_Attestation *attest, | ||
201 | struct GNUNET_TIME_Absolute *expiration); | ||
202 | |||
180 | 203 | ||
181 | 204 | ||
182 | /** | 205 | /** |
@@ -248,7 +271,15 @@ struct GNUNET_RECLAIM_AttestationPluginFunctions | |||
248 | */ | 271 | */ |
249 | GNUNET_RECLAIM_AttestationGetAttributesFunction get_attributes; | 272 | GNUNET_RECLAIM_AttestationGetAttributesFunction get_attributes; |
250 | 273 | ||
274 | /** | ||
275 | * Attesation issuer. | ||
276 | */ | ||
277 | GNUNET_RECLAIM_AttestationGetIssuerFunction get_issuer; | ||
251 | 278 | ||
279 | /** | ||
280 | * Expiration. | ||
281 | */ | ||
282 | GNUNET_RECLAIM_AttestationGetExpirationFunction get_expiration; | ||
252 | }; | 283 | }; |
253 | 284 | ||
254 | 285 | ||
diff --git a/src/include/gnunet_reclaim_service.h b/src/include/gnunet_reclaim_service.h index c63ed0100..813bc1a59 100644 --- a/src/include/gnunet_reclaim_service.h +++ b/src/include/gnunet_reclaim_service.h | |||
@@ -143,8 +143,7 @@ typedef void (*GNUNET_RECLAIM_AttributeTicketResult) ( | |||
143 | */ | 143 | */ |
144 | typedef void (*GNUNET_RECLAIM_AttestationResult) ( | 144 | typedef void (*GNUNET_RECLAIM_AttestationResult) ( |
145 | void *cls, const struct GNUNET_CRYPTO_EcdsaPublicKey *identity, | 145 | void *cls, const struct GNUNET_CRYPTO_EcdsaPublicKey *identity, |
146 | const struct GNUNET_RECLAIM_Attestation *attestation, | 146 | const struct GNUNET_RECLAIM_Attestation *attestation); |
147 | const struct GNUNET_RECLAIM_AttributeList *attributes); | ||
148 | 147 | ||
149 | 148 | ||
150 | /** | 149 | /** |
diff --git a/src/reclaim/gnunet-reclaim.c b/src/reclaim/gnunet-reclaim.c index cb9a87e37..e7ee814b6 100644 --- a/src/reclaim/gnunet-reclaim.c +++ b/src/reclaim/gnunet-reclaim.c | |||
@@ -650,8 +650,7 @@ attest_iter_finished (void *cls) | |||
650 | static void | 650 | static void |
651 | attest_iter_cb (void *cls, | 651 | attest_iter_cb (void *cls, |
652 | const struct GNUNET_CRYPTO_EcdsaPublicKey *identity, | 652 | const struct GNUNET_CRYPTO_EcdsaPublicKey *identity, |
653 | const struct GNUNET_RECLAIM_Attestation *attest, | 653 | const struct GNUNET_RECLAIM_Attestation *attest) |
654 | const struct GNUNET_RECLAIM_AttributeList *attrs) | ||
655 | { | 654 | { |
656 | char *attest_str; | 655 | char *attest_str; |
657 | char *attr_str; | 656 | char *attr_str; |
@@ -675,6 +674,8 @@ attest_iter_cb (void *cls, | |||
675 | attest_str, | 674 | attest_str, |
676 | attest_type, | 675 | attest_type, |
677 | id); | 676 | id); |
677 | struct GNUNET_RECLAIM_AttributeList *attrs = | ||
678 | GNUNET_RECLAIM_attestation_get_attributes (attest); | ||
678 | if (NULL != attrs) | 679 | if (NULL != attrs) |
679 | { | 680 | { |
680 | fprintf (stdout, | 681 | fprintf (stdout, |
@@ -692,6 +693,7 @@ attest_iter_cb (void *cls, | |||
692 | "\t %s: %s\n", ale->attribute->name, attr_str); | 693 | "\t %s: %s\n", ale->attribute->name, attr_str); |
693 | GNUNET_free (attr_str); | 694 | GNUNET_free (attr_str); |
694 | } | 695 | } |
696 | GNUNET_RECLAIM_attribute_list_destroy (attrs); | ||
695 | } | 697 | } |
696 | GNUNET_free (id); | 698 | GNUNET_free (id); |
697 | } | 699 | } |
diff --git a/src/reclaim/gnunet-service-reclaim.c b/src/reclaim/gnunet-service-reclaim.c index ddfe05556..b617d0ec3 100644 --- a/src/reclaim/gnunet-service-reclaim.c +++ b/src/reclaim/gnunet-service-reclaim.c | |||
@@ -1865,7 +1865,6 @@ attest_iter_finished (void *cls) | |||
1865 | env = GNUNET_MQ_msg (arm, GNUNET_MESSAGE_TYPE_RECLAIM_ATTESTATION_RESULT); | 1865 | env = GNUNET_MQ_msg (arm, GNUNET_MESSAGE_TYPE_RECLAIM_ATTESTATION_RESULT); |
1866 | arm->id = htonl (ai->request_id); | 1866 | arm->id = htonl (ai->request_id); |
1867 | arm->attestation_len = htons (0); | 1867 | arm->attestation_len = htons (0); |
1868 | arm->attributes_len = htons (0); | ||
1869 | GNUNET_MQ_send (ai->client->mq, env); | 1868 | GNUNET_MQ_send (ai->client->mq, env); |
1870 | GNUNET_CONTAINER_DLL_remove (ai->client->attest_iter_head, | 1869 | GNUNET_CONTAINER_DLL_remove (ai->client->attest_iter_head, |
1871 | ai->client->attest_iter_tail, | 1870 | ai->client->attest_iter_tail, |
@@ -1908,10 +1907,8 @@ attest_iter_cb (void *cls, | |||
1908 | struct Iterator *ai = cls; | 1907 | struct Iterator *ai = cls; |
1909 | struct GNUNET_MQ_Envelope *env; | 1908 | struct GNUNET_MQ_Envelope *env; |
1910 | struct AttestationResultMessage *arm; | 1909 | struct AttestationResultMessage *arm; |
1911 | struct GNUNET_RECLAIM_AttributeList *attrs; | ||
1912 | struct GNUNET_RECLAIM_Attestation *att; | 1910 | struct GNUNET_RECLAIM_Attestation *att; |
1913 | char *data_tmp; | 1911 | char *data_tmp; |
1914 | size_t attrs_size; | ||
1915 | 1912 | ||
1916 | if ((rd_count != 1) || | 1913 | if ((rd_count != 1) || |
1917 | (GNUNET_GNSRECORD_TYPE_RECLAIM_ATTESTATION != rd->record_type)) | 1914 | (GNUNET_GNSRECORD_TYPE_RECLAIM_ATTESTATION != rd->record_type)) |
@@ -1921,24 +1918,18 @@ attest_iter_cb (void *cls, | |||
1921 | } | 1918 | } |
1922 | att = GNUNET_RECLAIM_attestation_deserialize (rd->data, | 1919 | att = GNUNET_RECLAIM_attestation_deserialize (rd->data, |
1923 | rd->data_size); | 1920 | rd->data_size); |
1924 | attrs = GNUNET_RECLAIM_attestation_get_attributes (att); | ||
1925 | attrs_size = GNUNET_RECLAIM_attribute_list_serialize_get_size (attrs); | ||
1926 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Found attestation under: %s\n", | 1921 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Found attestation under: %s\n", |
1927 | label); | 1922 | label); |
1928 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 1923 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
1929 | "Sending ATTESTATION_RESULT message\n"); | 1924 | "Sending ATTESTATION_RESULT message\n"); |
1930 | env = GNUNET_MQ_msg_extra (arm, | 1925 | env = GNUNET_MQ_msg_extra (arm, |
1931 | rd->data_size + attrs_size, | 1926 | rd->data_size, |
1932 | GNUNET_MESSAGE_TYPE_RECLAIM_ATTESTATION_RESULT); | 1927 | GNUNET_MESSAGE_TYPE_RECLAIM_ATTESTATION_RESULT); |
1933 | arm->id = htonl (ai->request_id); | 1928 | arm->id = htonl (ai->request_id); |
1934 | arm->attestation_len = htons (rd->data_size); | 1929 | arm->attestation_len = htons (rd->data_size); |
1935 | arm->attributes_len = htons (attrs_size); | ||
1936 | GNUNET_CRYPTO_ecdsa_key_get_public (zone, &arm->identity); | 1930 | GNUNET_CRYPTO_ecdsa_key_get_public (zone, &arm->identity); |
1937 | data_tmp = (char *) &arm[1]; | 1931 | data_tmp = (char *) &arm[1]; |
1938 | GNUNET_memcpy (data_tmp, rd->data, rd->data_size); | 1932 | GNUNET_memcpy (data_tmp, rd->data, rd->data_size); |
1939 | data_tmp += rd->data_size; | ||
1940 | GNUNET_RECLAIM_attribute_list_serialize (attrs, | ||
1941 | data_tmp); | ||
1942 | 1933 | ||
1943 | GNUNET_MQ_send (ai->client->mq, env); | 1934 | GNUNET_MQ_send (ai->client->mq, env); |
1944 | } | 1935 | } |
diff --git a/src/reclaim/plugin_reclaim_attestation_jwt.c b/src/reclaim/plugin_reclaim_attestation_jwt.c index 8a67b18cd..ec31584d5 100644 --- a/src/reclaim/plugin_reclaim_attestation_jwt.c +++ b/src/reclaim/plugin_reclaim_attestation_jwt.c | |||
@@ -142,12 +142,12 @@ jwt_number_to_typename (void *cls, uint32_t type) | |||
142 | return jwt_attest_name_map[i].name; | 142 | return jwt_attest_name_map[i].name; |
143 | } | 143 | } |
144 | 144 | ||
145 | |||
145 | /** | 146 | /** |
146 | * Parse a JWT and return the respective claim value as Attribute | 147 | * Parse a JWT and return the respective claim value as Attribute |
147 | * | 148 | * |
149 | * @param cls the plugin | ||
148 | * @param attest the jwt attestation | 150 | * @param attest the jwt attestation |
149 | * @param claim the name of the claim in the JWT | ||
150 | * | ||
151 | * @return a GNUNET_RECLAIM_Attribute, containing the new value | 151 | * @return a GNUNET_RECLAIM_Attribute, containing the new value |
152 | */ | 152 | */ |
153 | struct GNUNET_RECLAIM_AttributeList * | 153 | struct GNUNET_RECLAIM_AttributeList * |
@@ -163,6 +163,7 @@ jwt_parse_attributes (void *cls, | |||
163 | json_t *json_val; | 163 | json_t *json_val; |
164 | json_error_t *json_err = NULL; | 164 | json_error_t *json_err = NULL; |
165 | 165 | ||
166 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "%s\n", attest->data); | ||
166 | if (GNUNET_RECLAIM_ATTESTATION_TYPE_JWT != attest->type) | 167 | if (GNUNET_RECLAIM_ATTESTATION_TYPE_JWT != attest->type) |
167 | return NULL; | 168 | return NULL; |
168 | attrs = GNUNET_new (struct GNUNET_RECLAIM_AttributeList); | 169 | attrs = GNUNET_new (struct GNUNET_RECLAIM_AttributeList); |
@@ -170,27 +171,112 @@ jwt_parse_attributes (void *cls, | |||
170 | jwt_string = GNUNET_strdup (attest->data); | 171 | jwt_string = GNUNET_strdup (attest->data); |
171 | const char *jwt_body = strtok (jwt_string, delim); | 172 | const char *jwt_body = strtok (jwt_string, delim); |
172 | jwt_body = strtok (NULL, delim); | 173 | jwt_body = strtok (NULL, delim); |
173 | GNUNET_STRINGS_base64_decode (jwt_body, strlen (jwt_body), | 174 | GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body), |
174 | (void **) &decoded_jwt); | 175 | (void **) &decoded_jwt); |
176 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "%s\n", decoded_jwt); | ||
177 | GNUNET_assert (NULL != decoded_jwt); | ||
175 | json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, json_err); | 178 | json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, json_err); |
176 | const char *key; | 179 | const char *key; |
177 | json_t *value; | 180 | json_t *value; |
178 | json_object_foreach (json_val, key, value) { | 181 | json_object_foreach (json_val, key, value) { |
182 | if (0 == strcmp ("iss", key)) | ||
183 | continue; | ||
184 | if (0 == strcmp ("exp", key)) | ||
185 | continue; | ||
186 | if (0 == strcmp ("iat", key)) | ||
187 | continue; | ||
188 | if (0 == strcmp ("nbf", key)) | ||
189 | continue; | ||
190 | if (0 == strcmp ("aud", key)) | ||
191 | continue; | ||
179 | val_str = json_dumps (value, JSON_ENCODE_ANY); | 192 | val_str = json_dumps (value, JSON_ENCODE_ANY); |
180 | GNUNET_RECLAIM_attribute_list_add (attrs, | 193 | GNUNET_RECLAIM_attribute_list_add (attrs, |
181 | key, | 194 | key, |
182 | NULL, | 195 | NULL, |
183 | GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING,//FIXME | 196 | GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING,// FIXME |
184 | val_str, | 197 | val_str, |
185 | strlen (val_str)); | 198 | strlen (val_str)); |
186 | GNUNET_free (val_str); | 199 | GNUNET_free (val_str); |
187 | } | 200 | } |
188 | GNUNET_free (jwt_string); | 201 | GNUNET_free (jwt_string); |
189 | //FIXME needed?? | ||
190 | return attrs; | 202 | return attrs; |
191 | } | 203 | } |
192 | 204 | ||
193 | 205 | ||
206 | /** | ||
207 | * Parse a JWT and return the issuer | ||
208 | * | ||
209 | * @param cls the plugin | ||
210 | * @param attest the jwt attestation | ||
211 | * @return a string, containing the isser | ||
212 | */ | ||
213 | char * | ||
214 | jwt_get_issuer (void *cls, | ||
215 | const struct GNUNET_RECLAIM_Attestation *attest) | ||
216 | { | ||
217 | const char *jwt_body; | ||
218 | char *jwt_string; | ||
219 | char delim[] = "."; | ||
220 | char *issuer = NULL; | ||
221 | char *decoded_jwt; | ||
222 | json_t *issuer_json; | ||
223 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n"); | ||
224 | json_t *json_val; | ||
225 | json_error_t *json_err = NULL; | ||
226 | |||
227 | if (GNUNET_RECLAIM_ATTESTATION_TYPE_JWT != attest->type) | ||
228 | return NULL; | ||
229 | jwt_string = GNUNET_strdup (attest->data); | ||
230 | jwt_body = strtok (jwt_string, delim); | ||
231 | jwt_body = strtok (NULL, delim); | ||
232 | GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body), | ||
233 | (void **) &decoded_jwt); | ||
234 | json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, json_err); | ||
235 | issuer_json = json_object_get (json_val, "iss"); | ||
236 | if ((NULL == issuer_json) || (! json_is_string (issuer_json))) | ||
237 | return NULL; | ||
238 | issuer = GNUNET_strdup (json_string_value (issuer_json)); | ||
239 | GNUNET_free (jwt_string); | ||
240 | return issuer; | ||
241 | } | ||
242 | |||
243 | |||
244 | /** | ||
245 | * Parse a JWT and return the expiration | ||
246 | * | ||
247 | * @param cls the plugin | ||
248 | * @param attest the jwt attestation | ||
249 | * @return a string, containing the isser | ||
250 | */ | ||
251 | int | ||
252 | jwt_get_expiration (void *cls, | ||
253 | const struct GNUNET_RECLAIM_Attestation *attest, | ||
254 | struct GNUNET_TIME_Absolute *exp) | ||
255 | { | ||
256 | const char *jwt_body; | ||
257 | char *jwt_string; | ||
258 | char delim[] = "."; | ||
259 | char *decoded_jwt; | ||
260 | json_t *exp_json; | ||
261 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n"); | ||
262 | json_t *json_val; | ||
263 | json_error_t *json_err = NULL; | ||
264 | |||
265 | if (GNUNET_RECLAIM_ATTESTATION_TYPE_JWT != attest->type) | ||
266 | return GNUNET_NO; | ||
267 | jwt_string = GNUNET_strdup (attest->data); | ||
268 | jwt_body = strtok (jwt_string, delim); | ||
269 | jwt_body = strtok (NULL, delim); | ||
270 | GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body), | ||
271 | (void **) &decoded_jwt); | ||
272 | json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, json_err); | ||
273 | exp_json = json_object_get (json_val, "exp"); | ||
274 | if ((NULL == exp_json) || (! json_is_integer (exp_json))) | ||
275 | return GNUNET_SYSERR; | ||
276 | exp->abs_value_us = json_integer_value (exp_json) * 1000 * 1000; | ||
277 | GNUNET_free (jwt_string); | ||
278 | return GNUNET_OK; | ||
279 | } | ||
194 | 280 | ||
195 | 281 | ||
196 | /** | 282 | /** |
@@ -210,6 +296,8 @@ libgnunet_plugin_reclaim_attestation_jwt_init (void *cls) | |||
210 | api->typename_to_number = &jwt_typename_to_number; | 296 | api->typename_to_number = &jwt_typename_to_number; |
211 | api->number_to_typename = &jwt_number_to_typename; | 297 | api->number_to_typename = &jwt_number_to_typename; |
212 | api->get_attributes = &jwt_parse_attributes; | 298 | api->get_attributes = &jwt_parse_attributes; |
299 | api->get_issuer = &jwt_get_issuer; | ||
300 | api->get_expiration = &jwt_get_expiration; | ||
213 | return api; | 301 | return api; |
214 | } | 302 | } |
215 | 303 | ||
diff --git a/src/reclaim/plugin_rest_openid_connect.c b/src/reclaim/plugin_rest_openid_connect.c index 3e138f259..14a96ed19 100644 --- a/src/reclaim/plugin_rest_openid_connect.c +++ b/src/reclaim/plugin_rest_openid_connect.c | |||
@@ -988,8 +988,7 @@ oidc_attest_collect_finished_cb (void *cls) | |||
988 | static void | 988 | static void |
989 | oidc_attest_collect (void *cls, | 989 | oidc_attest_collect (void *cls, |
990 | const struct GNUNET_CRYPTO_EcdsaPublicKey *identity, | 990 | const struct GNUNET_CRYPTO_EcdsaPublicKey *identity, |
991 | const struct GNUNET_RECLAIM_Attestation *attest, | 991 | const struct GNUNET_RECLAIM_Attestation *attest) |
992 | const struct GNUNET_RECLAIM_AttributeList *attrs) | ||
993 | { | 992 | { |
994 | struct RequestHandle *handle = cls; | 993 | struct RequestHandle *handle = cls; |
995 | struct GNUNET_RECLAIM_AttributeListEntry *le; | 994 | struct GNUNET_RECLAIM_AttributeListEntry *le; |
diff --git a/src/reclaim/plugin_rest_reclaim.c b/src/reclaim/plugin_rest_reclaim.c index 8b3aee8ba..780a184d2 100644 --- a/src/reclaim/plugin_rest_reclaim.c +++ b/src/reclaim/plugin_rest_reclaim.c | |||
@@ -621,21 +621,24 @@ add_attestation_cont (struct GNUNET_REST_RequestHandle *con_handle, | |||
621 | static void | 621 | static void |
622 | attest_collect (void *cls, | 622 | attest_collect (void *cls, |
623 | const struct GNUNET_CRYPTO_EcdsaPublicKey *identity, | 623 | const struct GNUNET_CRYPTO_EcdsaPublicKey *identity, |
624 | const struct GNUNET_RECLAIM_Attestation *attest, | 624 | const struct GNUNET_RECLAIM_Attestation *attest) |
625 | const struct GNUNET_RECLAIM_AttributeList *attrs) | ||
626 | { | 625 | { |
627 | struct RequestHandle *handle = cls; | 626 | struct RequestHandle *handle = cls; |
627 | struct GNUNET_RECLAIM_AttributeList *attrs; | ||
628 | struct GNUNET_RECLAIM_AttributeListEntry *ale; | 628 | struct GNUNET_RECLAIM_AttributeListEntry *ale; |
629 | struct GNUNET_TIME_Absolute exp; | ||
629 | json_t *attr_obj; | 630 | json_t *attr_obj; |
630 | json_t *attest_obj; | 631 | json_t *attest_obj; |
631 | const char *type; | 632 | const char *type; |
632 | char *tmp_value; | 633 | char *tmp_value; |
633 | char *id_str; | 634 | char *id_str; |
635 | char *issuer; | ||
634 | 636 | ||
635 | 637 | ||
636 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Adding attestation: %s\n", | 638 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Adding attestation: %s\n", |
637 | attest->name); | 639 | attest->name); |
638 | 640 | attrs = GNUNET_RECLAIM_attestation_get_attributes (attest); | |
641 | issuer = GNUNET_RECLAIM_attestation_get_issuer (attest); | ||
639 | tmp_value = GNUNET_RECLAIM_attestation_value_to_string (attest->type, | 642 | tmp_value = GNUNET_RECLAIM_attestation_value_to_string (attest->type, |
640 | attest->data, | 643 | attest->data, |
641 | attest->data_size); | 644 | attest->data_size); |
@@ -644,10 +647,21 @@ attest_collect (void *cls, | |||
644 | json_object_set_new (attest_obj, "name", json_string (attest->name)); | 647 | json_object_set_new (attest_obj, "name", json_string (attest->name)); |
645 | type = GNUNET_RECLAIM_attestation_number_to_typename (attest->type); | 648 | type = GNUNET_RECLAIM_attestation_number_to_typename (attest->type); |
646 | json_object_set_new (attest_obj, "type", json_string (type)); | 649 | json_object_set_new (attest_obj, "type", json_string (type)); |
650 | if (NULL != issuer) | ||
651 | { | ||
652 | json_object_set_new (attest_obj, "issuer", json_string (issuer)); | ||
653 | GNUNET_free (issuer); | ||
654 | } | ||
655 | if (GNUNET_OK == GNUNET_RECLAIM_attestation_get_expiration (attest, | ||
656 | &exp)) | ||
657 | { | ||
658 | json_object_set_new (attest_obj, "expiration", json_integer (exp.abs_value_us)); | ||
659 | } | ||
647 | id_str = GNUNET_STRINGS_data_to_string_alloc (&attest->id, | 660 | id_str = GNUNET_STRINGS_data_to_string_alloc (&attest->id, |
648 | sizeof(attest->id)); | 661 | sizeof(attest->id)); |
649 | json_object_set_new (attest_obj, "id", json_string (id_str)); | 662 | json_object_set_new (attest_obj, "id", json_string (id_str)); |
650 | GNUNET_free (tmp_value); | 663 | GNUNET_free (tmp_value); |
664 | GNUNET_free (id_str); | ||
651 | if (NULL != attrs) | 665 | if (NULL != attrs) |
652 | { | 666 | { |
653 | json_t *attr_arr = json_array (); | 667 | json_t *attr_arr = json_array (); |
@@ -673,6 +687,7 @@ attest_collect (void *cls, | |||
673 | json_object_set_new (attest_obj, "attributes", attr_arr); | 687 | json_object_set_new (attest_obj, "attributes", attr_arr); |
674 | } | 688 | } |
675 | json_array_append_new (handle->resp_object, attest_obj); | 689 | json_array_append_new (handle->resp_object, attest_obj); |
690 | GNUNET_RECLAIM_attribute_list_destroy (attrs); | ||
676 | GNUNET_RECLAIM_get_attestations_next (handle->attest_it); | 691 | GNUNET_RECLAIM_get_attestations_next (handle->attest_it); |
677 | } | 692 | } |
678 | 693 | ||
diff --git a/src/reclaim/reclaim.h b/src/reclaim/reclaim.h index 2cd07e861..7b5d7ab19 100644 --- a/src/reclaim/reclaim.h +++ b/src/reclaim/reclaim.h | |||
@@ -179,11 +179,6 @@ struct AttestationResultMessage | |||
179 | uint16_t attestation_len GNUNET_PACKED; | 179 | uint16_t attestation_len GNUNET_PACKED; |
180 | 180 | ||
181 | /** | 181 | /** |
182 | * Length of serialized attribute data | ||
183 | */ | ||
184 | uint16_t attributes_len GNUNET_PACKED; | ||
185 | |||
186 | /** | ||
187 | * always zero (for alignment) | 182 | * always zero (for alignment) |
188 | */ | 183 | */ |
189 | uint16_t reserved GNUNET_PACKED; | 184 | uint16_t reserved GNUNET_PACKED; |
diff --git a/src/reclaim/reclaim_api.c b/src/reclaim/reclaim_api.c index 8558b19df..b863789a2 100644 --- a/src/reclaim/reclaim_api.c +++ b/src/reclaim/reclaim_api.c | |||
@@ -779,14 +779,11 @@ static int | |||
779 | check_attestation_result (void *cls, const struct AttestationResultMessage *msg) | 779 | check_attestation_result (void *cls, const struct AttestationResultMessage *msg) |
780 | { | 780 | { |
781 | size_t msg_len; | 781 | size_t msg_len; |
782 | size_t attr_len; | ||
783 | size_t attest_len; | 782 | size_t attest_len; |
784 | 783 | ||
785 | msg_len = ntohs (msg->header.size); | 784 | msg_len = ntohs (msg->header.size); |
786 | attest_len = ntohs (msg->attestation_len); | 785 | attest_len = ntohs (msg->attestation_len); |
787 | attr_len = ntohs (msg->attributes_len); | 786 | if (msg_len != sizeof(struct AttestationResultMessage) + attest_len) |
788 | if (msg_len != sizeof(struct AttestationResultMessage) | ||
789 | + attr_len + attest_len) | ||
790 | { | 787 | { |
791 | GNUNET_break (0); | 788 | GNUNET_break (0); |
792 | return GNUNET_SYSERR; | 789 | return GNUNET_SYSERR; |
@@ -809,14 +806,11 @@ handle_attestation_result (void *cls, const struct | |||
809 | static struct GNUNET_CRYPTO_EcdsaPrivateKey identity_dummy; | 806 | static struct GNUNET_CRYPTO_EcdsaPrivateKey identity_dummy; |
810 | struct GNUNET_RECLAIM_Handle *h = cls; | 807 | struct GNUNET_RECLAIM_Handle *h = cls; |
811 | struct GNUNET_RECLAIM_AttestationIterator *it; | 808 | struct GNUNET_RECLAIM_AttestationIterator *it; |
812 | struct GNUNET_RECLAIM_AttributeList *attrs; | ||
813 | struct GNUNET_RECLAIM_Operation *op; | 809 | struct GNUNET_RECLAIM_Operation *op; |
814 | size_t att_len; | 810 | size_t att_len; |
815 | size_t attrs_len; | ||
816 | uint32_t r_id = ntohl (msg->id); | 811 | uint32_t r_id = ntohl (msg->id); |
817 | 812 | ||
818 | att_len = ntohs (msg->attestation_len); | 813 | att_len = ntohs (msg->attestation_len); |
819 | attrs_len = ntohs (msg->attributes_len); | ||
820 | LOG (GNUNET_ERROR_TYPE_DEBUG, "Processing attestation result.\n"); | 814 | LOG (GNUNET_ERROR_TYPE_DEBUG, "Processing attestation result.\n"); |
821 | 815 | ||
822 | 816 | ||
@@ -847,7 +841,7 @@ handle_attestation_result (void *cls, const struct | |||
847 | if (NULL != op) | 841 | if (NULL != op) |
848 | { | 842 | { |
849 | if (NULL != op->at_cb) | 843 | if (NULL != op->at_cb) |
850 | op->at_cb (op->cls, NULL, NULL, NULL); | 844 | op->at_cb (op->cls, NULL, NULL); |
851 | GNUNET_CONTAINER_DLL_remove (h->op_head, h->op_tail, op); | 845 | GNUNET_CONTAINER_DLL_remove (h->op_head, h->op_tail, op); |
852 | free_op (op); | 846 | free_op (op); |
853 | } | 847 | } |
@@ -857,22 +851,18 @@ handle_attestation_result (void *cls, const struct | |||
857 | { | 851 | { |
858 | struct GNUNET_RECLAIM_Attestation *att; | 852 | struct GNUNET_RECLAIM_Attestation *att; |
859 | att = GNUNET_RECLAIM_attestation_deserialize ((char *) &msg[1], att_len); | 853 | att = GNUNET_RECLAIM_attestation_deserialize ((char *) &msg[1], att_len); |
860 | char *read_ptr = ((char *) &msg[1]) + att_len; | ||
861 | attrs = GNUNET_RECLAIM_attribute_list_deserialize (read_ptr, attrs_len); | ||
862 | 854 | ||
863 | if (NULL != it) | 855 | if (NULL != it) |
864 | { | 856 | { |
865 | if (NULL != it->proc) | 857 | if (NULL != it->proc) |
866 | it->proc (it->proc_cls, &msg->identity, att, attrs); | 858 | it->proc (it->proc_cls, &msg->identity, att); |
867 | } | 859 | } |
868 | else if (NULL != op) | 860 | else if (NULL != op) |
869 | { | 861 | { |
870 | if (NULL != op->at_cb) | 862 | if (NULL != op->at_cb) |
871 | op->at_cb (op->cls, &msg->identity, att, attrs); | 863 | op->at_cb (op->cls, &msg->identity, att); |
872 | } | 864 | } |
873 | GNUNET_free (att); | 865 | GNUNET_free (att); |
874 | if (NULL != attrs) | ||
875 | GNUNET_RECLAIM_attribute_list_destroy (attrs); | ||
876 | return; | 866 | return; |
877 | } | 867 | } |
878 | GNUNET_assert (0); | 868 | GNUNET_assert (0); |
diff --git a/src/reclaim/reclaim_attestation.c b/src/reclaim/reclaim_attestation.c index 961c6ede4..66da8e74a 100644 --- a/src/reclaim/reclaim_attestation.c +++ b/src/reclaim/reclaim_attestation.c | |||
@@ -501,8 +501,10 @@ GNUNET_RECLAIM_attestation_deserialize (const char *data, size_t data_size) | |||
501 | return attestation; | 501 | return attestation; |
502 | } | 502 | } |
503 | 503 | ||
504 | |||
504 | struct GNUNET_RECLAIM_AttributeList* | 505 | struct GNUNET_RECLAIM_AttributeList* |
505 | GNUNET_RECLAIM_attestation_get_attributes (const struct GNUNET_RECLAIM_Attestation *attest) | 506 | GNUNET_RECLAIM_attestation_get_attributes (const struct |
507 | GNUNET_RECLAIM_Attestation *attest) | ||
506 | { | 508 | { |
507 | unsigned int i; | 509 | unsigned int i; |
508 | struct Plugin *plugin; | 510 | struct Plugin *plugin; |
@@ -512,9 +514,50 @@ GNUNET_RECLAIM_attestation_get_attributes (const struct GNUNET_RECLAIM_Attestati | |||
512 | { | 514 | { |
513 | plugin = attest_plugins[i]; | 515 | plugin = attest_plugins[i]; |
514 | if (NULL != | 516 | if (NULL != |
515 | (ret = plugin->api->get_attributes (plugin->api->cls, | 517 | (ret = plugin->api->get_attributes (plugin->api->cls, |
516 | attest))) | 518 | attest))) |
517 | return ret; | 519 | return ret; |
518 | } | 520 | } |
519 | return NULL; | 521 | return NULL; |
520 | } | 522 | } |
523 | |||
524 | |||
525 | char* | ||
526 | GNUNET_RECLAIM_attestation_get_issuer (const struct | ||
527 | GNUNET_RECLAIM_Attestation *attest) | ||
528 | { | ||
529 | unsigned int i; | ||
530 | struct Plugin *plugin; | ||
531 | char *ret; | ||
532 | init (); | ||
533 | for (i = 0; i < num_plugins; i++) | ||
534 | { | ||
535 | plugin = attest_plugins[i]; | ||
536 | if (NULL != | ||
537 | (ret = plugin->api->get_issuer (plugin->api->cls, | ||
538 | attest))) | ||
539 | return ret; | ||
540 | } | ||
541 | return NULL; | ||
542 | } | ||
543 | |||
544 | |||
545 | int | ||
546 | GNUNET_RECLAIM_attestation_get_expiration (const struct | ||
547 | GNUNET_RECLAIM_Attestation *attest, | ||
548 | struct GNUNET_TIME_Absolute* exp) | ||
549 | { | ||
550 | unsigned int i; | ||
551 | struct Plugin *plugin; | ||
552 | init (); | ||
553 | for (i = 0; i < num_plugins; i++) | ||
554 | { | ||
555 | plugin = attest_plugins[i]; | ||
556 | if (GNUNET_OK != plugin->api->get_expiration (plugin->api->cls, | ||
557 | attest, | ||
558 | exp)) | ||
559 | continue; | ||
560 | return GNUNET_OK; | ||
561 | } | ||
562 | return GNUNET_SYSERR; | ||
563 | } | ||