diff options
author | Schanzenbach, Martin <martin.schanzenbach@aisec.fraunhofer.de> | 2017-12-04 17:39:36 +0100 |
---|---|---|
committer | Schanzenbach, Martin <martin.schanzenbach@aisec.fraunhofer.de> | 2017-12-04 17:39:36 +0100 |
commit | 24a0b84d503375bf66b5df932cd18631cc88cf8d (patch) | |
tree | d32c94186abe6612e52942c41dfdccf7991bfc2e /src | |
parent | 02861d7594513ad336f86ff20162a861489f20b1 (diff) | |
download | gnunet-24a0b84d503375bf66b5df932cd18631cc88cf8d.tar.gz gnunet-24a0b84d503375bf66b5df932cd18631cc88cf8d.zip |
-start jwt
Diffstat (limited to 'src')
-rw-r--r-- | src/identity-attribute/Makefile.am | 3 | ||||
-rw-r--r-- | src/identity-attribute/jwt.c (renamed from src/identity-provider/jwt.c) | 30 | ||||
-rw-r--r-- | src/include/gnunet_identity_attribute_lib.h | 14 |
3 files changed, 35 insertions, 12 deletions
diff --git a/src/identity-attribute/Makefile.am b/src/identity-attribute/Makefile.am index 583545344..b84ad3492 100644 --- a/src/identity-attribute/Makefile.am +++ b/src/identity-attribute/Makefile.am | |||
@@ -20,7 +20,8 @@ lib_LTLIBRARIES = \ | |||
20 | libgnunetidentityattribute.la | 20 | libgnunetidentityattribute.la |
21 | 21 | ||
22 | libgnunetidentityattribute_la_SOURCES = \ | 22 | libgnunetidentityattribute_la_SOURCES = \ |
23 | identity_attribute.c | 23 | identity_attribute.c \ |
24 | jwt.c | ||
24 | libgnunetidentityattribute_la_LIBADD = \ | 25 | libgnunetidentityattribute_la_LIBADD = \ |
25 | $(top_builddir)/src/util/libgnunetutil.la \ | 26 | $(top_builddir)/src/util/libgnunetutil.la \ |
26 | $(GN_LIBINTL) | 27 | $(GN_LIBINTL) |
diff --git a/src/identity-provider/jwt.c b/src/identity-attribute/jwt.c index c8bc67806..935e0a79d 100644 --- a/src/identity-provider/jwt.c +++ b/src/identity-attribute/jwt.c | |||
@@ -26,7 +26,7 @@ | |||
26 | #include "platform.h" | 26 | #include "platform.h" |
27 | #include "gnunet_util_lib.h" | 27 | #include "gnunet_util_lib.h" |
28 | #include "gnunet_signatures.h" | 28 | #include "gnunet_signatures.h" |
29 | #include "identity_attribute.h" | 29 | #include "gnunet_identity_attribute_lib.h" |
30 | #include <jansson.h> | 30 | #include <jansson.h> |
31 | 31 | ||
32 | 32 | ||
@@ -55,18 +55,20 @@ create_jwt_header(void) | |||
55 | } | 55 | } |
56 | 56 | ||
57 | /** | 57 | /** |
58 | * Create a JWT from a ticket and attributes | 58 | * Create a JWT from attributes |
59 | * | 59 | * |
60 | * @param ticket the ticket | 60 | * @param sub_key the public of the subject |
61 | * @param attrs the attribute list | 61 | * @param attrs the attribute list |
62 | * @param priv_key the key used to sign the JWT | ||
62 | * @return a new base64-encoded JWT string. | 63 | * @return a new base64-encoded JWT string. |
63 | */ | 64 | */ |
64 | char* | 65 | char* |
65 | jwt_create (const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket, | 66 | GNUNET_IDENTITY_ATTRIBUTE_jwt_create_from_list (const struct GNUNET_CRYPTO_EcdsaPublicKey *sub_key, |
66 | const struct GNUNET_IDENTITY_PROVIDER_AttributeList *attrs, | 67 | const struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs, |
67 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key) | 68 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key) |
68 | { | 69 | { |
69 | struct GNUNET_IDENTITY_PROVIDER_AttributeListEntry *le; | 70 | struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *le; |
71 | struct GNUNET_CRYPTO_EcdsaPublicKey iss_key; | ||
70 | struct GNUNET_CRYPTO_EcdsaSignature signature; | 72 | struct GNUNET_CRYPTO_EcdsaSignature signature; |
71 | struct GNUNET_CRYPTO_EccSignaturePurpose *purpose; | 73 | struct GNUNET_CRYPTO_EccSignaturePurpose *purpose; |
72 | char* audience; | 74 | char* audience; |
@@ -79,12 +81,14 @@ jwt_create (const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket, | |||
79 | char* body_base64; | 81 | char* body_base64; |
80 | char* signature_target; | 82 | char* signature_target; |
81 | char* signature_base64; | 83 | char* signature_base64; |
84 | char* attr_val_str; | ||
82 | json_t* body; | 85 | json_t* body; |
83 | 86 | ||
87 | GNUNET_CRYPTO_ecdsa_key_get_public (priv_key, &iss_key); | ||
84 | /* TODO maybe we should use a local identity here */ | 88 | /* TODO maybe we should use a local identity here */ |
85 | issuer = GNUNET_STRINGS_data_to_string_alloc (&ticket->identity, | 89 | issuer = GNUNET_STRINGS_data_to_string_alloc (&iss_key, |
86 | sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)); | 90 | sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)); |
87 | audience = GNUNET_STRINGS_data_to_string_alloc (&ticket->audience, | 91 | audience = GNUNET_STRINGS_data_to_string_alloc (sub_key, |
88 | sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)); | 92 | sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)); |
89 | header = create_jwt_header (); | 93 | header = create_jwt_header (); |
90 | body = json_object (); | 94 | body = json_object (); |
@@ -103,9 +107,13 @@ jwt_create (const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket, | |||
103 | * calls the Attribute plugins to create a | 107 | * calls the Attribute plugins to create a |
104 | * json representation for its value | 108 | * json representation for its value |
105 | */ | 109 | */ |
110 | attr_val_str = GNUNET_IDENTITY_ATTRIBUTE_value_to_string (le->claim->type, | ||
111 | le->claim->data, | ||
112 | le->claim->data_size); | ||
106 | json_object_set_new (body, | 113 | json_object_set_new (body, |
107 | le->attribute->name, | 114 | le->claim->name, |
108 | json_string (le->attribute->data)); | 115 | json_string (attr_val_str)); |
116 | GNUNET_free (attr_val_str); | ||
109 | } | 117 | } |
110 | body_str = json_dumps (body, JSON_INDENT(0)); | 118 | body_str = json_dumps (body, JSON_INDENT(0)); |
111 | json_decref (body); | 119 | json_decref (body); |
diff --git a/src/include/gnunet_identity_attribute_lib.h b/src/include/gnunet_identity_attribute_lib.h index a43b509da..4c765515b 100644 --- a/src/include/gnunet_identity_attribute_lib.h +++ b/src/include/gnunet_identity_attribute_lib.h | |||
@@ -260,6 +260,20 @@ GNUNET_IDENTITY_ATTRIBUTE_value_to_string (uint32_t type, | |||
260 | const char* | 260 | const char* |
261 | GNUNET_IDENTITY_ATTRIBUTE_number_to_typename (uint32_t type); | 261 | GNUNET_IDENTITY_ATTRIBUTE_number_to_typename (uint32_t type); |
262 | 262 | ||
263 | |||
264 | /** | ||
265 | * Create a JWT from attributes | ||
266 | * | ||
267 | * @param sub_key the public of the subject | ||
268 | * @param attrs the attribute list | ||
269 | * @param priv_key the key used to sign the JWT | ||
270 | * @return a new base64-encoded JWT string. | ||
271 | */ | ||
272 | char* | ||
273 | GNUNET_IDENTITY_ATTRIBUTE_jwt_create_from_list (const struct GNUNET_CRYPTO_EcdsaPublicKey *sub_key, | ||
274 | const struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs, | ||
275 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key); | ||
276 | |||
263 | #if 0 /* keep Emacsens' auto-indent happy */ | 277 | #if 0 /* keep Emacsens' auto-indent happy */ |
264 | { | 278 | { |
265 | #endif | 279 | #endif |