aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorSchanzenbach, Martin <mschanzenbach@posteo.de>2016-12-28 18:40:17 +0100
committerSchanzenbach, Martin <mschanzenbach@posteo.de>2016-12-28 18:40:17 +0100
commita84624407eedd5418d36de590571da47d2f47015 (patch)
tree2f8d9fd84df5f1dba55a4e85c7d98722cc42cada /src
parent43b34377e10d329075327104e4a295ee9d3c53b4 (diff)
downloadgnunet-a84624407eedd5418d36de590571da47d2f47015.tar.gz
gnunet-a84624407eedd5418d36de590571da47d2f47015.zip
-change api
Diffstat (limited to 'src')
-rw-r--r--src/credential/Makefile.am1
-rw-r--r--src/credential/credential.h47
-rw-r--r--src/credential/credential_api.c142
-rw-r--r--src/credential/credential_misc.c1
-rw-r--r--src/credential/credential_serialization.c175
-rw-r--r--src/credential/credential_serialization.h17
-rw-r--r--src/credential/gnunet-credential.c171
-rw-r--r--src/credential/gnunet-service-credential.c367
-rw-r--r--src/credential/plugin_rest_credential.c3
-rwxr-xr-xsrc/credential/test_credential_collect.sh47
-rw-r--r--src/credential/test_credential_lookup.conf2
-rwxr-xr-xsrc/credential/test_credential_verify.sh5
-rw-r--r--src/include/gnunet_credential_service.h15
-rw-r--r--src/include/gnunet_protocols.h4
14 files changed, 797 insertions, 200 deletions
diff --git a/src/credential/Makefile.am b/src/credential/Makefile.am
index db3bc8027..ca11c5e4f 100644
--- a/src/credential/Makefile.am
+++ b/src/credential/Makefile.am
@@ -69,6 +69,7 @@ gnunet_service_credential_LDADD = \
69 libgnunetcredential.la \ 69 libgnunetcredential.la \
70 $(top_builddir)/src/util/libgnunetutil.la \ 70 $(top_builddir)/src/util/libgnunetutil.la \
71 $(top_builddir)/src/gns/libgnunetgns.la \ 71 $(top_builddir)/src/gns/libgnunetgns.la \
72 $(top_builddir)/src/namestore/libgnunetnamestore.la \
72 $(top_builddir)/src/statistics/libgnunetstatistics.la \ 73 $(top_builddir)/src/statistics/libgnunetstatistics.la \
73 $(GN_LIBINTL) 74 $(GN_LIBINTL)
74 75
diff --git a/src/credential/credential.h b/src/credential/credential.h
index c5c0183cc..f16249c1b 100644
--- a/src/credential/credential.h
+++ b/src/credential/credential.h
@@ -30,6 +30,41 @@
30GNUNET_NETWORK_STRUCT_BEGIN 30GNUNET_NETWORK_STRUCT_BEGIN
31 31
32/** 32/**
33 * Message from client to Credential service to collect credentials.
34 */
35struct CollectMessage
36{
37 /**
38 * Header of type #GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY
39 */
40 struct GNUNET_MessageHeader header;
41
42 /**
43 * Subject public key
44 */
45 struct GNUNET_CRYPTO_EcdsaPrivateKey subject_key;
46
47 /**
48 * Trust anchor
49 */
50 struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key;
51
52 /**
53 * Length of the issuer attribute
54 */
55 uint16_t issuer_attribute_len;
56
57 /**
58 * Unique identifier for this request (for key collisions).
59 */
60 uint32_t id GNUNET_PACKED;
61
62 /* Followed by the zero-terminated attribute */
63
64};
65
66
67/**
33 * Message from client to Credential service to verify attributes. 68 * Message from client to Credential service to verify attributes.
34 */ 69 */
35struct VerifyMessage 70struct VerifyMessage
@@ -50,21 +85,21 @@ struct VerifyMessage
50 struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key; 85 struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key;
51 86
52 /** 87 /**
53 * Length of the issuer attribute 88 * Number of credentials
54 */ 89 */
55 uint16_t issuer_attribute_len; 90 uint32_t c_count;
56 91
57 /** 92 /**
58 * Length of the subject attribute 93 * Length of the issuer attribute
59 */ 94 */
60 uint16_t subject_attribute_len; 95 uint16_t issuer_attribute_len;
61 96
62 /** 97 /**
63 * Unique identifier for this request (for key collisions). 98 * Unique identifier for this request (for key collisions).
64 */ 99 */
65 uint32_t id GNUNET_PACKED; 100 uint32_t id GNUNET_PACKED;
66 101
67 /* Followed by the zero-terminated attributes to look up */ 102 /* Followed by the zero-terminated attribute and credentials to look up */
68 103
69}; 104};
70 105
@@ -72,7 +107,7 @@ struct VerifyMessage
72/** 107/**
73 * Message from CREDENTIAL service to client: new results. 108 * Message from CREDENTIAL service to client: new results.
74 */ 109 */
75struct VerifyResultMessage 110struct DelegationChainResultMessage
76{ 111{
77 /** 112 /**
78 * Header of type #GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT 113 * Header of type #GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT
diff --git a/src/credential/credential_api.c b/src/credential/credential_api.c
index e991b4153..b201d4d9c 100644
--- a/src/credential/credential_api.c
+++ b/src/credential/credential_api.c
@@ -61,7 +61,7 @@ struct GNUNET_CREDENTIAL_Request
61 /** 61 /**
62 * processor to call on verify result 62 * processor to call on verify result
63 */ 63 */
64 GNUNET_CREDENTIAL_VerifyResultProcessor verify_proc; 64 GNUNET_CREDENTIAL_CredentialResultProcessor verify_proc;
65 65
66 /** 66 /**
67 * @e verify_proc closure 67 * @e verify_proc closure
@@ -100,12 +100,12 @@ struct GNUNET_CREDENTIAL_Handle
100 /** 100 /**
101 * Head of linked list of active verify requests. 101 * Head of linked list of active verify requests.
102 */ 102 */
103 struct GNUNET_CREDENTIAL_Request *verify_head; 103 struct GNUNET_CREDENTIAL_Request *request_head;
104 104
105 /** 105 /**
106 * Tail of linked list of active verify requests. 106 * Tail of linked list of active verify requests.
107 */ 107 */
108 struct GNUNET_CREDENTIAL_Request *verify_tail; 108 struct GNUNET_CREDENTIAL_Request *request_tail;
109 109
110 /** 110 /**
111 * Reconnect task 111 * Reconnect task
@@ -185,7 +185,6 @@ mq_error_handler (void *cls,
185 force_reconnect (handle); 185 force_reconnect (handle);
186} 186}
187 187
188
189/** 188/**
190 * Check validity of message received from the CREDENTIAL service 189 * Check validity of message received from the CREDENTIAL service
191 * 190 *
@@ -194,7 +193,7 @@ mq_error_handler (void *cls,
194 */ 193 */
195static int 194static int
196check_result (void *cls, 195check_result (void *cls,
197 const struct VerifyResultMessage *vr_msg) 196 const struct DelegationChainResultMessage *vr_msg)
198{ 197{
199 //TODO 198 //TODO
200 return GNUNET_OK; 199 return GNUNET_OK;
@@ -209,7 +208,7 @@ check_result (void *cls,
209 */ 208 */
210static void 209static void
211handle_result (void *cls, 210handle_result (void *cls,
212 const struct VerifyResultMessage *vr_msg) 211 const struct DelegationChainResultMessage *vr_msg)
213{ 212{
214 struct GNUNET_CREDENTIAL_Handle *handle = cls; 213 struct GNUNET_CREDENTIAL_Handle *handle = cls;
215 uint32_t r_id = ntohl (vr_msg->id); 214 uint32_t r_id = ntohl (vr_msg->id);
@@ -219,30 +218,30 @@ handle_result (void *cls,
219 uint32_t c_count = ntohl (vr_msg->c_count); 218 uint32_t c_count = ntohl (vr_msg->c_count);
220 struct GNUNET_CREDENTIAL_Delegation d_chain[d_count]; 219 struct GNUNET_CREDENTIAL_Delegation d_chain[d_count];
221 struct GNUNET_CREDENTIAL_Credential creds[c_count]; 220 struct GNUNET_CREDENTIAL_Credential creds[c_count];
222 GNUNET_CREDENTIAL_VerifyResultProcessor proc; 221 GNUNET_CREDENTIAL_CredentialResultProcessor proc;
223 void *proc_cls; 222 void *proc_cls;
224 223
225 LOG (GNUNET_ERROR_TYPE_DEBUG, 224 LOG (GNUNET_ERROR_TYPE_DEBUG,
226 "Received verify reply from CREDENTIAL service\n"); 225 "Received verify reply from CREDENTIAL service\n");
227 for (vr = handle->verify_head; NULL != vr; vr = vr->next) 226 for (vr = handle->request_head; NULL != vr; vr = vr->next)
228 if (vr->r_id == r_id) 227 if (vr->r_id == r_id)
229 break; 228 break;
230 if (NULL == vr) 229 if (NULL == vr)
231 return; 230 return;
232 proc = vr->verify_proc; 231 proc = vr->verify_proc;
233 proc_cls = vr->proc_cls; 232 proc_cls = vr->proc_cls;
234 GNUNET_CONTAINER_DLL_remove (handle->verify_head, 233 GNUNET_CONTAINER_DLL_remove (handle->request_head,
235 handle->verify_tail, 234 handle->request_tail,
236 vr); 235 vr);
237 GNUNET_MQ_discard (vr->env); 236 GNUNET_MQ_discard (vr->env);
238 GNUNET_free (vr); 237 GNUNET_free (vr);
239 GNUNET_assert (GNUNET_OK == 238 GNUNET_assert (GNUNET_OK ==
240 GNUNET_CREDENTIAL_delegation_chain_deserialize (mlen, 239 GNUNET_CREDENTIAL_delegation_chain_deserialize (mlen,
241 (const char*) &vr_msg[1], 240 (const char*) &vr_msg[1],
242 d_count, 241 d_count,
243 d_chain, 242 d_chain,
244 c_count, 243 c_count,
245 creds)); 244 creds));
246 if (GNUNET_NO == ntohl (vr_msg->cred_found)) 245 if (GNUNET_NO == ntohl (vr_msg->cred_found))
247 { 246 {
248 proc (proc_cls, 247 proc (proc_cls,
@@ -271,7 +270,11 @@ reconnect (struct GNUNET_CREDENTIAL_Handle *handle)
271 struct GNUNET_MQ_MessageHandler handlers[] = { 270 struct GNUNET_MQ_MessageHandler handlers[] = {
272 GNUNET_MQ_hd_var_size (result, 271 GNUNET_MQ_hd_var_size (result,
273 GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT, 272 GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT,
274 struct VerifyResultMessage, 273 struct DelegationChainResultMessage,
274 handle),
275 GNUNET_MQ_hd_var_size (result,
276 GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT_RESULT,
277 struct DelegationChainResultMessage,
275 handle), 278 handle),
276 GNUNET_MQ_handler_end () 279 GNUNET_MQ_handler_end ()
277 }; 280 };
@@ -287,7 +290,7 @@ reconnect (struct GNUNET_CREDENTIAL_Handle *handle)
287 handle); 290 handle);
288 if (NULL == handle->mq) 291 if (NULL == handle->mq)
289 return; 292 return;
290 for (vr = handle->verify_head; NULL != vr; vr = vr->next) 293 for (vr = handle->request_head; NULL != vr; vr = vr->next)
291 GNUNET_MQ_send_copy (handle->mq, 294 GNUNET_MQ_send_copy (handle->mq,
292 vr->env); 295 vr->env);
293} 296}
@@ -334,7 +337,7 @@ GNUNET_CREDENTIAL_disconnect (struct GNUNET_CREDENTIAL_Handle *handle)
334 GNUNET_SCHEDULER_cancel (handle->reconnect_task); 337 GNUNET_SCHEDULER_cancel (handle->reconnect_task);
335 handle->reconnect_task = NULL; 338 handle->reconnect_task = NULL;
336 } 339 }
337 GNUNET_assert (NULL == handle->verify_head); 340 GNUNET_assert (NULL == handle->request_head);
338 GNUNET_free (handle); 341 GNUNET_free (handle);
339} 342}
340 343
@@ -349,13 +352,81 @@ GNUNET_CREDENTIAL_verify_cancel (struct GNUNET_CREDENTIAL_Request *vr)
349{ 352{
350 struct GNUNET_CREDENTIAL_Handle *handle = vr->credential_handle; 353 struct GNUNET_CREDENTIAL_Handle *handle = vr->credential_handle;
351 354
352 GNUNET_CONTAINER_DLL_remove (handle->verify_head, 355 GNUNET_CONTAINER_DLL_remove (handle->request_head,
353 handle->verify_tail, 356 handle->request_tail,
354 vr); 357 vr);
355 GNUNET_MQ_discard (vr->env); 358 GNUNET_MQ_discard (vr->env);
356 GNUNET_free (vr); 359 GNUNET_free (vr);
357} 360}
358 361
362
363/**
364 * Performs attribute collection.
365 * Collects all credentials of subject to fulfill the
366 * attribute, if possible
367 *
368 * @param handle handle to the Credential service
369 * @param issuer_key the issuer public key
370 * @param issuer_attribute the issuer attribute
371 * @param subject_key the subject public key
372 * @param credential_count number of credentials provided
373 * @param credentials subject credentials
374 * @param proc function to call on result
375 * @param proc_cls closure for processor
376 * @return handle to the queued request
377 */
378struct GNUNET_CREDENTIAL_Request*
379GNUNET_CREDENTIAL_collect (struct GNUNET_CREDENTIAL_Handle *handle,
380 const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
381 const char *issuer_attribute,
382 const struct GNUNET_CRYPTO_EcdsaPrivateKey *subject_key,
383 GNUNET_CREDENTIAL_CredentialResultProcessor proc,
384 void *proc_cls)
385{
386 /* IPC to shorten credential names, return shorten_handle */
387 struct CollectMessage *c_msg;
388 struct GNUNET_CREDENTIAL_Request *vr;
389 size_t nlen;
390
391 if (NULL == issuer_attribute)
392 {
393 GNUNET_break (0);
394 return NULL;
395 }
396
397 //DEBUG LOG
398 LOG (GNUNET_ERROR_TYPE_DEBUG,
399 "Trying to collect `%s' in CREDENTIAL\n",
400 issuer_attribute);
401 nlen = strlen (issuer_attribute) + 1;
402 if (nlen >= GNUNET_SERVER_MAX_MESSAGE_SIZE - sizeof (*vr))
403 {
404 GNUNET_break (0);
405 return NULL;
406 }
407 vr = GNUNET_new (struct GNUNET_CREDENTIAL_Request);
408 vr->credential_handle = handle;
409 vr->verify_proc = proc;
410 vr->proc_cls = proc_cls;
411 vr->r_id = handle->r_id_gen++;
412 vr->env = GNUNET_MQ_msg_extra (c_msg,
413 nlen,
414 GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT);
415 c_msg->id = htonl (vr->r_id);
416 c_msg->subject_key = *subject_key;
417 c_msg->issuer_key = *issuer_key;
418 c_msg->issuer_attribute_len = htons(strlen(issuer_attribute));
419 GNUNET_memcpy (&c_msg[1],
420 issuer_attribute,
421 strlen (issuer_attribute));
422 GNUNET_CONTAINER_DLL_insert (handle->request_head,
423 handle->request_tail,
424 vr);
425 if (NULL != handle->mq)
426 GNUNET_MQ_send_copy (handle->mq,
427 vr->env);
428 return vr;
429}
359/** 430/**
360 * Performs attribute verification. 431 * Performs attribute verification.
361 * Checks if there is a delegation chain from 432 * Checks if there is a delegation chain from
@@ -368,7 +439,8 @@ GNUNET_CREDENTIAL_verify_cancel (struct GNUNET_CREDENTIAL_Request *vr)
368 * @param issuer_key the issuer public key 439 * @param issuer_key the issuer public key
369 * @param issuer_attribute the issuer attribute 440 * @param issuer_attribute the issuer attribute
370 * @param subject_key the subject public key 441 * @param subject_key the subject public key
371 * @param subject_attribute the attribute claimed by the subject 442 * @param credential_count number of credentials provided
443 * @param credentials subject credentials
372 * @param proc function to call on result 444 * @param proc function to call on result
373 * @param proc_cls closure for processor 445 * @param proc_cls closure for processor
374 * @return handle to the queued request 446 * @return handle to the queued request
@@ -378,25 +450,31 @@ GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle,
378 const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key, 450 const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
379 const char *issuer_attribute, 451 const char *issuer_attribute,
380 const struct GNUNET_CRYPTO_EcdsaPublicKey *subject_key, 452 const struct GNUNET_CRYPTO_EcdsaPublicKey *subject_key,
381 const char *subject_attribute, 453 uint32_t credential_count,
382 GNUNET_CREDENTIAL_VerifyResultProcessor proc, 454 const struct GNUNET_CREDENTIAL_Credential *credentials,
455 GNUNET_CREDENTIAL_CredentialResultProcessor proc,
383 void *proc_cls) 456 void *proc_cls)
384{ 457{
385 /* IPC to shorten credential names, return shorten_handle */ 458 /* IPC to shorten credential names, return shorten_handle */
386 struct VerifyMessage *v_msg; 459 struct VerifyMessage *v_msg;
387 struct GNUNET_CREDENTIAL_Request *vr; 460 struct GNUNET_CREDENTIAL_Request *vr;
388 size_t nlen; 461 size_t nlen;
462 size_t clen;
389 463
390 if (NULL == issuer_attribute || NULL == subject_attribute) 464 if (NULL == issuer_attribute || NULL == credentials)
391 { 465 {
392 GNUNET_break (0); 466 GNUNET_break (0);
393 return NULL; 467 return NULL;
394 } 468 }
469
470 clen = GNUNET_CREDENTIAL_credentials_get_size (credential_count,
471 credentials);
472
395 //DEBUG LOG 473 //DEBUG LOG
396 LOG (GNUNET_ERROR_TYPE_DEBUG, 474 LOG (GNUNET_ERROR_TYPE_DEBUG,
397 "Trying to verify `%s' in CREDENTIAL\n", 475 "Trying to verify `%s' in CREDENTIAL\n",
398 issuer_attribute); 476 issuer_attribute);
399 nlen = strlen (issuer_attribute) + strlen (subject_attribute) + 1; 477 nlen = strlen (issuer_attribute) + 1 + clen;
400 if (nlen >= GNUNET_SERVER_MAX_MESSAGE_SIZE - sizeof (*vr)) 478 if (nlen >= GNUNET_SERVER_MAX_MESSAGE_SIZE - sizeof (*vr))
401 { 479 {
402 GNUNET_break (0); 480 GNUNET_break (0);
@@ -412,17 +490,19 @@ GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle,
412 GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY); 490 GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY);
413 v_msg->id = htonl (vr->r_id); 491 v_msg->id = htonl (vr->r_id);
414 v_msg->subject_key = *subject_key; 492 v_msg->subject_key = *subject_key;
493 v_msg->c_count = htonl(credential_count);
415 v_msg->issuer_key = *issuer_key; 494 v_msg->issuer_key = *issuer_key;
416 v_msg->issuer_attribute_len = htons(strlen(issuer_attribute)); 495 v_msg->issuer_attribute_len = htons(strlen(issuer_attribute));
417 v_msg->subject_attribute_len = htons(strlen(subject_attribute));
418 GNUNET_memcpy (&v_msg[1], 496 GNUNET_memcpy (&v_msg[1],
419 issuer_attribute, 497 issuer_attribute,
420 strlen (issuer_attribute)); 498 strlen (issuer_attribute));
421 GNUNET_memcpy (((char*)&v_msg[1]) + strlen (issuer_attribute), 499 GNUNET_CREDENTIAL_credentials_serialize (credential_count,
422 subject_attribute, 500 credentials,
423 strlen (subject_attribute)); 501 clen,
424 GNUNET_CONTAINER_DLL_insert (handle->verify_head, 502 ((char*)&v_msg[1])
425 handle->verify_tail, 503 + strlen (issuer_attribute) + 1);
504 GNUNET_CONTAINER_DLL_insert (handle->request_head,
505 handle->request_tail,
426 vr); 506 vr);
427 if (NULL != handle->mq) 507 if (NULL != handle->mq)
428 GNUNET_MQ_send_copy (handle->mq, 508 GNUNET_MQ_send_copy (handle->mq,
diff --git a/src/credential/credential_misc.c b/src/credential/credential_misc.c
index f1be433e0..7849e81e6 100644
--- a/src/credential/credential_misc.c
+++ b/src/credential/credential_misc.c
@@ -105,6 +105,7 @@ GNUNET_CREDENTIAL_credential_from_string (const char* s)
105 GNUNET_memcpy (&cred[1], 105 GNUNET_memcpy (&cred[1],
106 name, 106 name,
107 strlen (name)+1); 107 strlen (name)+1);
108 cred->issuer_attribute_len = strlen ((char*)&cred[1]);
108 cred->issuer_attribute = (char*)&cred[1]; 109 cred->issuer_attribute = (char*)&cred[1];
109 return cred; 110 return cred;
110} 111}
diff --git a/src/credential/credential_serialization.c b/src/credential/credential_serialization.c
index 0586e6baa..76bf491c9 100644
--- a/src/credential/credential_serialization.c
+++ b/src/credential/credential_serialization.c
@@ -138,6 +138,121 @@ GNUNET_CREDENTIAL_delegation_set_deserialize (size_t len,
138 } 138 }
139 return GNUNET_OK; 139 return GNUNET_OK;
140} 140}
141
142
143/**
144 * Calculate how many bytes we will need to serialize
145 * the credentials
146 *
147 * @param c_count number of credential entries
148 * @param cd a #GNUNET_CREDENTIAL_Credential
149 * @return the required size to serialize
150 */
151size_t
152GNUNET_CREDENTIAL_credentials_get_size (unsigned int c_count,
153 const struct GNUNET_CREDENTIAL_Credential *cd)
154{
155 unsigned int i;
156 size_t ret;
157
158 ret = sizeof (struct CredentialEntry) * (c_count);
159
160 for (i=0; i<c_count;i++)
161 {
162 GNUNET_assert ((ret + cd[i].issuer_attribute_len) >= ret);
163 ret += cd[i].issuer_attribute_len;
164 }
165 return ret;
166}
167/**
168 * Serizalize the given credentials
169 *
170 * @param c_count number of credential entries
171 * @param cd a #GNUNET_CREDENTIAL_Credential
172 * @param dest_size size of the destination
173 * @param dest where to store the result
174 * @return the size of the data, -1 on failure
175 */
176ssize_t
177GNUNET_CREDENTIAL_credentials_serialize (unsigned int c_count,
178 const struct GNUNET_CREDENTIAL_Credential *cd,
179 size_t dest_size,
180 char *dest)
181{
182 struct CredentialEntry c_rec;
183 unsigned int i;
184 size_t off;
185
186 off = 0;
187 for (i=0;i<c_count;i++)
188 {
189 c_rec.issuer_attribute_len = htonl ((uint32_t) cd[i].issuer_attribute_len);
190 c_rec.issuer_key = cd[i].issuer_key;
191 c_rec.subject_key = cd[i].subject_key;
192 c_rec.signature = cd[i].signature;
193 c_rec.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_CREDENTIAL);
194 c_rec.purpose.size = htonl ((sizeof (struct CredentialEntry) + cd[i].issuer_attribute_len) - sizeof (struct GNUNET_CRYPTO_EcdsaSignature));
195 c_rec.expiration = htonl ((uint32_t) cd[i].expiration.abs_value_us);
196 if (off + sizeof (c_rec) > dest_size)
197 return -1;
198 GNUNET_memcpy (&dest[off],
199 &c_rec,
200 sizeof (c_rec));
201 off += sizeof (c_rec);
202 if (off + cd[i].issuer_attribute_len > dest_size)
203 return -1;
204 GNUNET_memcpy (&dest[off],
205 cd[i].issuer_attribute,
206 cd[i].issuer_attribute_len);
207 off += cd[i].issuer_attribute_len;
208 }
209
210 return off;
211}
212
213
214
215/**
216 * Deserialize the given destination
217 *
218 * @param len size of the serialized creds
219 * @param src the serialized data
220 * @param c_count the number of credential entries
221 * @param cd where to put the credential data
222 * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
223 */
224int
225GNUNET_CREDENTIAL_credentials_deserialize (size_t len,
226 const char *src,
227 unsigned int c_count,
228 struct GNUNET_CREDENTIAL_Credential *cd)
229{
230 struct CredentialEntry c_rec;
231 unsigned int i;
232 size_t off;
233
234 off = 0;
235 for (i=0;i<c_count;i++)
236 {
237 if (off + sizeof (c_rec) > len)
238 return GNUNET_SYSERR;
239 GNUNET_memcpy (&c_rec, &src[off], sizeof (c_rec));
240 cd[i].issuer_attribute_len = ntohl ((uint32_t) c_rec.issuer_attribute_len);
241 cd[i].issuer_key = c_rec.issuer_key;
242 cd[i].subject_key = c_rec.subject_key;
243 cd[i].signature = c_rec.signature;
244 cd[i].expiration.abs_value_us = ntohl((uint32_t) c_rec.expiration);
245 off += sizeof (c_rec);
246 if (off + cd[i].issuer_attribute_len > len)
247 return GNUNET_SYSERR;
248 cd[i].issuer_attribute = &src[off];
249 off += cd[i].issuer_attribute_len;
250 }
251 return GNUNET_OK;
252}
253
254
255
141/** 256/**
142 * Calculate how many bytes we will need to serialize 257 * Calculate how many bytes we will need to serialize
143 * the given delegation chain and credential 258 * the given delegation chain and credential
@@ -158,7 +273,6 @@ GNUNET_CREDENTIAL_delegation_chain_get_size (unsigned int d_count,
158 size_t ret; 273 size_t ret;
159 274
160 ret = sizeof (struct ChainEntry) * (d_count); 275 ret = sizeof (struct ChainEntry) * (d_count);
161 ret += sizeof (struct CredentialEntry) * (c_count);
162 276
163 for (i=0; i<d_count;i++) 277 for (i=0; i<d_count;i++)
164 { 278 {
@@ -167,11 +281,7 @@ GNUNET_CREDENTIAL_delegation_chain_get_size (unsigned int d_count,
167 dd[i].subject_attribute_len) >= ret); 281 dd[i].subject_attribute_len) >= ret);
168 ret += dd[i].issuer_attribute_len + dd[i].subject_attribute_len; 282 ret += dd[i].issuer_attribute_len + dd[i].subject_attribute_len;
169 } 283 }
170 for (i=0; i<c_count;i++) 284 return ret+GNUNET_CREDENTIAL_credentials_get_size(c_count, cd);
171 {
172 GNUNET_assert ((ret + cd[i].issuer_attribute_len) >= ret);
173 ret += cd[i].issuer_attribute_len;
174 }
175 return ret; 285 return ret;
176} 286}
177 287
@@ -195,7 +305,6 @@ GNUNET_CREDENTIAL_delegation_chain_serialize (unsigned int d_count,
195 char *dest) 305 char *dest)
196{ 306{
197 struct ChainEntry rec; 307 struct ChainEntry rec;
198 struct CredentialEntry c_rec;
199 unsigned int i; 308 unsigned int i;
200 size_t off; 309 size_t off;
201 310
@@ -227,30 +336,10 @@ GNUNET_CREDENTIAL_delegation_chain_serialize (unsigned int d_count,
227 dd[i].subject_attribute_len); 336 dd[i].subject_attribute_len);
228 off += dd[i].subject_attribute_len; 337 off += dd[i].subject_attribute_len;
229 } 338 }
230 for (i=0;i<c_count;i++) 339 return off+GNUNET_CREDENTIAL_credentials_serialize (c_count,
231 { 340 cd,
232 c_rec.issuer_attribute_len = htonl ((uint32_t) cd[i].issuer_attribute_len); 341 dest_size-off,
233 c_rec.issuer_key = cd[i].issuer_key; 342 &dest[off]);
234 c_rec.subject_key = cd[i].subject_key;
235 c_rec.signature = cd[i].signature;
236 c_rec.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_CREDENTIAL);
237 c_rec.purpose.size = htonl ((sizeof (struct CredentialEntry) + cd[i].issuer_attribute_len) - sizeof (struct GNUNET_CRYPTO_EcdsaSignature));
238 c_rec.expiration = htonl ((uint32_t) cd[i].expiration.abs_value_us);
239 if (off + sizeof (c_rec) > dest_size)
240 return -1;
241 GNUNET_memcpy (&dest[off],
242 &c_rec,
243 sizeof (c_rec));
244 off += sizeof (c_rec);
245 if (off + cd[i].issuer_attribute_len > dest_size)
246 return -1;
247 GNUNET_memcpy (&dest[off],
248 cd[i].issuer_attribute,
249 cd[i].issuer_attribute_len);
250 off += cd[i].issuer_attribute_len;
251 }
252
253 return off;
254} 343}
255 344
256 345
@@ -274,7 +363,6 @@ GNUNET_CREDENTIAL_delegation_chain_deserialize (size_t len,
274 struct GNUNET_CREDENTIAL_Credential *cd) 363 struct GNUNET_CREDENTIAL_Credential *cd)
275{ 364{
276 struct ChainEntry rec; 365 struct ChainEntry rec;
277 struct CredentialEntry c_rec;
278 unsigned int i; 366 unsigned int i;
279 size_t off; 367 size_t off;
280 368
@@ -298,26 +386,11 @@ GNUNET_CREDENTIAL_delegation_chain_deserialize (size_t len,
298 dd[i].subject_attribute = &src[off]; 386 dd[i].subject_attribute = &src[off];
299 off += dd[i].subject_attribute_len; 387 off += dd[i].subject_attribute_len;
300 } 388 }
301 for (i=0;i<c_count;i++) 389 return GNUNET_CREDENTIAL_credentials_deserialize (len-off,
302 { 390 &src[off],
303 if (off + sizeof (c_rec) > len) 391 c_count,
304 return GNUNET_SYSERR; 392 cd);
305 GNUNET_memcpy (&c_rec, &src[off], sizeof (c_rec));
306 cd[i].issuer_attribute_len = ntohl ((uint32_t) c_rec.issuer_attribute_len);
307 cd[i].issuer_key = c_rec.issuer_key;
308 cd[i].subject_key = c_rec.subject_key;
309 cd[i].signature = c_rec.signature;
310 cd[i].expiration.abs_value_us = ntohl((uint32_t) c_rec.expiration);
311 off += sizeof (c_rec);
312 if (off + cd[i].issuer_attribute_len > len)
313 return GNUNET_SYSERR;
314 cd[i].issuer_attribute = &src[off];
315 off += cd[i].issuer_attribute_len;
316 }
317 return GNUNET_OK;
318} 393}
319
320
321int 394int
322GNUNET_CREDENTIAL_credential_serialize (struct GNUNET_CREDENTIAL_Credential *cred, 395GNUNET_CREDENTIAL_credential_serialize (struct GNUNET_CREDENTIAL_Credential *cred,
323 char **data) 396 char **data)
diff --git a/src/credential/credential_serialization.h b/src/credential/credential_serialization.h
index eb1327f34..b870d47dc 100644
--- a/src/credential/credential_serialization.h
+++ b/src/credential/credential_serialization.h
@@ -130,6 +130,23 @@ GNUNET_CREDENTIAL_delegation_set_deserialize (size_t len,
130 struct GNUNET_CREDENTIAL_Delegation *dd, 130 struct GNUNET_CREDENTIAL_Delegation *dd,
131 unsigned int c_count, 131 unsigned int c_count,
132 struct GNUNET_CREDENTIAL_Credential *cd); 132 struct GNUNET_CREDENTIAL_Credential *cd);
133 size_t
134 GNUNET_CREDENTIAL_credentials_get_size (unsigned int c_count,
135 const struct GNUNET_CREDENTIAL_Credential *cd);
136
137ssize_t
138GNUNET_CREDENTIAL_credentials_serialize (unsigned int c_count,
139 const struct GNUNET_CREDENTIAL_Credential *cd,
140 size_t dest_size,
141 char *dest);
142
143
144int
145GNUNET_CREDENTIAL_credentials_deserialize (size_t len,
146 const char *src,
147 unsigned int c_count,
148 struct GNUNET_CREDENTIAL_Credential *cd);
149
133 150
134int 151int
135GNUNET_CREDENTIAL_credential_serialize (struct GNUNET_CREDENTIAL_Credential *cred, 152GNUNET_CREDENTIAL_credential_serialize (struct GNUNET_CREDENTIAL_Credential *cred,
diff --git a/src/credential/gnunet-credential.c b/src/credential/gnunet-credential.c
index b31c2f66e..fb7bdb7f8 100644
--- a/src/credential/gnunet-credential.c
+++ b/src/credential/gnunet-credential.c
@@ -55,6 +55,11 @@ static struct GNUNET_TIME_Relative timeout;
55static struct GNUNET_CREDENTIAL_Request *verify_request; 55static struct GNUNET_CREDENTIAL_Request *verify_request;
56 56
57/** 57/**
58 * Handle to collect request
59 */
60static struct GNUNET_CREDENTIAL_Request *collect_request;
61
62/**
58 * Task scheduled to handle timeout. 63 * Task scheduled to handle timeout.
59 */ 64 */
60static struct GNUNET_SCHEDULER_Task *tt; 65static struct GNUNET_SCHEDULER_Task *tt;
@@ -91,9 +96,9 @@ struct GNUNET_CRYPTO_EcdsaPublicKey issuer_pkey;
91static char *issuer_key; 96static char *issuer_key;
92 97
93/** 98/**
94 * Issuer ego 99 * ego
95 */ 100 */
96static char *issuer_ego_name; 101static char *ego_name;
97 102
98/** 103/**
99 * Issuer attribute 104 * Issuer attribute
@@ -110,6 +115,10 @@ static uint32_t verify;
110 */ 115 */
111static uint32_t create_cred; 116static uint32_t create_cred;
112 117
118/**
119 * Collect mode
120 */
121static uint32_t collect;
113 122
114/** 123/**
115 * Task run on shutdown. Cleans up everything. 124 * Task run on shutdown. Cleans up everything.
@@ -149,6 +158,39 @@ do_timeout (void *cls)
149 GNUNET_SCHEDULER_shutdown (); 158 GNUNET_SCHEDULER_shutdown ();
150} 159}
151 160
161/**
162 * Function called with the result of a Credential lookup.
163 *
164 * @param cls the 'const char *' name that was resolved
165 * @param cd_count number of records returned
166 * @param cd array of @a cd_count records with the results
167 */
168static void
169handle_collect_result (void *cls,
170 unsigned int d_count,
171 struct GNUNET_CREDENTIAL_Delegation *dc,
172 unsigned int c_count,
173 struct GNUNET_CREDENTIAL_Credential *cred)
174{
175 int i;
176 char* line;
177
178 verify_request = NULL;
179 if (NULL != cred)
180 {
181 for (i=0;i<c_count;i++)
182 {
183 line = GNUNET_CREDENTIAL_credential_to_string (&cred[i]);
184 printf ("%s\n",
185 line);
186 GNUNET_free (line);
187 }
188 }
189
190
191 GNUNET_SCHEDULER_shutdown ();
192}
193
152 194
153/** 195/**
154 * Function called with the result of a Credential lookup. 196 * Function called with the result of a Credential lookup.
@@ -230,15 +272,42 @@ identity_cb (void *cls,
230 el = NULL; 272 el = NULL;
231 if (NULL == ego) 273 if (NULL == ego)
232 { 274 {
233 if (NULL != issuer_ego_name) 275 if (NULL != ego_name)
234 { 276 {
235 fprintf (stderr, 277 fprintf (stderr,
236 _("Ego `%s' not known to identity service\n"), 278 _("Ego `%s' not known to identity service\n"),
237 issuer_ego_name); 279 ego_name);
238 } 280 }
239 GNUNET_SCHEDULER_shutdown (); 281 GNUNET_SCHEDULER_shutdown ();
240 return; 282 return;
241 } 283 }
284
285 if (GNUNET_YES == collect)
286 {
287
288 if (GNUNET_OK !=
289 GNUNET_CRYPTO_ecdsa_public_key_from_string (issuer_key,
290 strlen (issuer_key),
291 &issuer_pkey))
292 {
293 fprintf (stderr,
294 _("Issuer public key `%s' is not well-formed\n"),
295 issuer_key);
296 GNUNET_SCHEDULER_shutdown ();
297 }
298 privkey = GNUNET_IDENTITY_ego_get_private_key (ego);
299
300 collect_request = GNUNET_CREDENTIAL_collect(credential,
301 &issuer_pkey,
302 issuer_attr, //TODO argument
303 privkey,
304 &handle_collect_result,
305 NULL);
306 return;
307 }
308
309 //Else issue
310
242 if (NULL == expiration) 311 if (NULL == expiration)
243 { 312 {
244 fprintf (stderr, 313 fprintf (stderr,
@@ -261,8 +330,8 @@ identity_cb (void *cls,
261 330
262 331
263 privkey = GNUNET_IDENTITY_ego_get_private_key (ego); 332 privkey = GNUNET_IDENTITY_ego_get_private_key (ego);
264 GNUNET_free_non_null (issuer_ego_name); 333 GNUNET_free_non_null (ego_name);
265 issuer_ego_name = NULL; 334 ego_name = NULL;
266 crd = GNUNET_CREDENTIAL_credential_issue (privkey, 335 crd = GNUNET_CREDENTIAL_credential_issue (privkey,
267 &subject_pkey, 336 &subject_pkey,
268 issuer_attr, 337 issuer_attr,
@@ -299,7 +368,46 @@ run (void *cls,
299 &do_timeout, NULL); 368 &do_timeout, NULL);
300 GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL); 369 GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL);
301 370
371 if (GNUNET_YES == collect) {
372 if (NULL == issuer_key)
373 {
374 fprintf (stderr,
375 _("Issuer public key not well-formed\n"));
376 GNUNET_SCHEDULER_shutdown ();
377 return;
378
379 }
380
381 credential = GNUNET_CREDENTIAL_connect (cfg);
382
383 if (NULL == credential)
384 {
385 fprintf (stderr,
386 _("Failed to connect to CREDENTIAL\n"));
387 GNUNET_SCHEDULER_shutdown ();
388 }
389 if (NULL == issuer_attr)
390 {
391 fprintf (stderr,
392 _("You must provide issuer the attribute\n"));
393 GNUNET_SCHEDULER_shutdown ();
394 }
395
396 if (NULL == ego_name)
397 {
398 fprintf (stderr,
399 _("ego required\n"));
400 GNUNET_SCHEDULER_shutdown ();
401 return;
402
403 }
404 el = GNUNET_IDENTITY_ego_lookup (cfg,
405 ego_name,
406 &identity_cb,
407 (void *) cfg);
408 return;
302 409
410 }
303 411
304 if (NULL == subject_key) 412 if (NULL == subject_key)
305 { 413 {
@@ -320,7 +428,6 @@ run (void *cls,
320 GNUNET_SCHEDULER_shutdown (); 428 GNUNET_SCHEDULER_shutdown ();
321 return; 429 return;
322 } 430 }
323
324 if (GNUNET_YES == verify) { 431 if (GNUNET_YES == verify) {
325 if (NULL == issuer_key) 432 if (NULL == issuer_key)
326 { 433 {
@@ -348,7 +455,6 @@ run (void *cls,
348 _("Failed to connect to CREDENTIAL\n")); 455 _("Failed to connect to CREDENTIAL\n"));
349 GNUNET_SCHEDULER_shutdown (); 456 GNUNET_SCHEDULER_shutdown ();
350 } 457 }
351
352 if (NULL == issuer_attr || NULL == subject_credential) 458 if (NULL == issuer_attr || NULL == subject_credential)
353 { 459 {
354 fprintf (stderr, 460 fprintf (stderr,
@@ -356,18 +462,50 @@ run (void *cls,
356 GNUNET_SCHEDULER_shutdown (); 462 GNUNET_SCHEDULER_shutdown ();
357 } 463 }
358 464
359 printf ("Trying to find a chain from a credential under %s of %s to the attribute %s issued by %s\n", 465 //Subject credentials are comma separated
360 subject_credential, subject_key, issuer_attr, issuer_key); 466 char *tmp = GNUNET_strdup (subject_credential);
467 char *tok = strtok (tmp, ",");
468 if (NULL == tok)
469 {
470 fprintf (stderr,
471 "Invalid subject credentials\n");
472 GNUNET_free (tmp);
473 GNUNET_SCHEDULER_shutdown ();
474 }
475 int count = 1;
476 int i;
477 while (NULL != (tok = strtok(NULL, ",")))
478 count++;
479 struct GNUNET_CREDENTIAL_Credential credentials[count];
480 struct GNUNET_CREDENTIAL_Credential *cred;
481 GNUNET_free (tmp);
482 tmp = GNUNET_strdup (subject_credential);
483 tok = strtok (tmp, ",");
484 for (i=0;i<count;i++)
485 {
486 cred = GNUNET_CREDENTIAL_credential_from_string (tok);
487 GNUNET_memcpy (&credentials[i],
488 cred,
489 sizeof (struct GNUNET_CREDENTIAL_Credential));
490 credentials[i].issuer_attribute = GNUNET_strdup (cred->issuer_attribute);
491 tok = strtok(NULL, ",");
492 GNUNET_free (cred);
493 }
361 494
362 verify_request = GNUNET_CREDENTIAL_verify(credential, 495 verify_request = GNUNET_CREDENTIAL_verify(credential,
363 &issuer_pkey, 496 &issuer_pkey,
364 issuer_attr, //TODO argument 497 issuer_attr, //TODO argument
365 &subject_pkey, 498 &subject_pkey,
366 subject_credential, 499 count,
500 credentials,
367 &handle_verify_result, 501 &handle_verify_result,
368 NULL); 502 NULL);
503 for (i=0;i<count;i++)
504 {
505 GNUNET_free ((char*)credentials[i].issuer_attribute);
506 }
369 } else if (GNUNET_YES == create_cred) { 507 } else if (GNUNET_YES == create_cred) {
370 if (NULL == issuer_ego_name) 508 if (NULL == ego_name)
371 { 509 {
372 fprintf (stderr, 510 fprintf (stderr,
373 _("Issuer ego required\n")); 511 _("Issuer ego required\n"));
@@ -376,7 +514,7 @@ run (void *cls,
376 514
377 } 515 }
378 el = GNUNET_IDENTITY_ego_lookup (cfg, 516 el = GNUNET_IDENTITY_ego_lookup (cfg,
379 issuer_ego_name, 517 ego_name,
380 &identity_cb, 518 &identity_cb,
381 (void *) cfg); 519 (void *) cfg);
382 return; 520 return;
@@ -416,14 +554,17 @@ main (int argc, char *const *argv)
416 gettext_noop ("The public key of the authority to verify the credential against"), 1, 554 gettext_noop ("The public key of the authority to verify the credential against"), 1,
417 &GNUNET_GETOPT_set_string, &issuer_key}, 555 &GNUNET_GETOPT_set_string, &issuer_key},
418 {'e', "ego", "EGO", 556 {'e', "ego", "EGO",
419 gettext_noop ("The ego to use to issue"), 1, 557 gettext_noop ("The ego to use"), 1,
420 &GNUNET_GETOPT_set_string, &issuer_ego_name}, 558 &GNUNET_GETOPT_set_string, &ego_name},
421 {'a', "attribute", "ATTR", 559 {'a', "attribute", "ATTR",
422 gettext_noop ("The issuer attribute to verify against or to issue"), 1, 560 gettext_noop ("The issuer attribute to verify against or to issue"), 1,
423 &GNUNET_GETOPT_set_string, &issuer_attr}, 561 &GNUNET_GETOPT_set_string, &issuer_attr},
424 {'T', "ttl", "EXP", 562 {'T', "ttl", "EXP",
425 gettext_noop ("The time to live for the credential"), 1, 563 gettext_noop ("The time to live for the credential"), 1,
426 &GNUNET_GETOPT_set_string, &expiration}, 564 &GNUNET_GETOPT_set_string, &expiration},
565 {'g', "collect", NULL,
566 gettext_noop ("collect credentials"), 0,
567 &GNUNET_GETOPT_set_one, &collect},
427 GNUNET_GETOPT_OPTION_END 568 GNUNET_GETOPT_OPTION_END
428 }; 569 };
429 int ret; 570 int ret;
diff --git a/src/credential/gnunet-service-credential.c b/src/credential/gnunet-service-credential.c
index 942b38652..4841370b3 100644
--- a/src/credential/gnunet-service-credential.c
+++ b/src/credential/gnunet-service-credential.c
@@ -31,15 +31,11 @@
31#include "gnunet_protocols.h" 31#include "gnunet_protocols.h"
32#include "gnunet_signatures.h" 32#include "gnunet_signatures.h"
33 33
34// For Looking up GNS request
35#include <gnunet_dnsparser_lib.h> 34#include <gnunet_dnsparser_lib.h>
36#include <gnunet_identity_service.h> 35#include <gnunet_identity_service.h>
37#include <gnunet_gnsrecord_lib.h> 36#include <gnunet_gnsrecord_lib.h>
38#include <gnunet_namestore_service.h> 37#include <gnunet_namestore_service.h>
39#include <gnunet_gns_service.h> 38#include <gnunet_gns_service.h>
40#include "gnunet_gns_service.h"
41
42
43 39
44 40
45#define GNUNET_CREDENTIAL_MAX_LENGTH 255 41#define GNUNET_CREDENTIAL_MAX_LENGTH 255
@@ -311,6 +307,16 @@ struct VerifyRequestHandle
311 */ 307 */
312 uint64_t pending_lookups; 308 uint64_t pending_lookups;
313 309
310 /**
311 * Credential iterator
312 */
313 struct GNUNET_NAMESTORE_ZoneIterator *cred_collection_iter;
314
315 /**
316 * Collect task
317 */
318 struct GNUNET_SCHEDULER_Task *collect_next_task;
319
314}; 320};
315 321
316 322
@@ -335,6 +341,11 @@ static struct GNUNET_STATISTICS_Handle *statistics;
335static struct GNUNET_GNS_Handle *gns; 341static struct GNUNET_GNS_Handle *gns;
336 342
337 343
344/**
345 * Handle to namestore service
346 */
347static struct GNUNET_NAMESTORE_Handle *namestore;
348
338static void 349static void
339cleanup_delegation_set (struct DelegationSetQueueEntry *ds_entry) 350cleanup_delegation_set (struct DelegationSetQueueEntry *ds_entry)
340{ 351{
@@ -444,6 +455,11 @@ shutdown_task (void *cls)
444 GNUNET_GNS_disconnect (gns); 455 GNUNET_GNS_disconnect (gns);
445 gns = NULL; 456 gns = NULL;
446 } 457 }
458 if (NULL != namestore)
459 {
460 GNUNET_NAMESTORE_disconnect (namestore);
461 namestore = NULL;
462 }
447 if (NULL != statistics) 463 if (NULL != statistics)
448 { 464 {
449 GNUNET_STATISTICS_destroy (statistics, 465 GNUNET_STATISTICS_destroy (statistics,
@@ -453,42 +469,7 @@ shutdown_task (void *cls)
453 469
454} 470}
455 471
456/**
457 * Checks a #GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY message
458 *
459 * @param cls client sending the message
460 * @param v_msg message of type `struct VerifyMessage`
461 * @return #GNUNET_OK if @a v_msg is well-formed
462 */
463static int
464check_verify (void *cls,
465 const struct VerifyMessage *v_msg)
466{
467 size_t msg_size;
468 const char* attrs;
469 472
470 msg_size = ntohs (v_msg->header.size);
471 if (msg_size < sizeof (struct VerifyMessage))
472 {
473 GNUNET_break (0);
474 return GNUNET_SYSERR;
475 }
476 if ((ntohs (v_msg->issuer_attribute_len) > GNUNET_CREDENTIAL_MAX_LENGTH) ||
477 (ntohs (v_msg->subject_attribute_len) > GNUNET_CREDENTIAL_MAX_LENGTH))
478 {
479 GNUNET_break (0);
480 return GNUNET_SYSERR;
481 }
482 attrs = (const char *) &v_msg[1];
483
484 if ( ('\0' != attrs[ntohs(v_msg->header.size) - sizeof (struct VerifyMessage) - 1]) ||
485 (strlen (attrs) > GNUNET_CREDENTIAL_MAX_LENGTH * 2) )
486 {
487 GNUNET_break (0);
488 return GNUNET_SYSERR;
489 }
490 return GNUNET_OK;
491}
492 473
493/** 474/**
494 * Send. 475 * Send.
@@ -499,7 +480,7 @@ static void
499send_lookup_response (struct VerifyRequestHandle *vrh) 480send_lookup_response (struct VerifyRequestHandle *vrh)
500{ 481{
501 struct GNUNET_MQ_Envelope *env; 482 struct GNUNET_MQ_Envelope *env;
502 struct VerifyResultMessage *rmsg; 483 struct DelegationChainResultMessage *rmsg;
503 struct DelegationChainEntry *dce; 484 struct DelegationChainEntry *dce;
504 struct GNUNET_CREDENTIAL_Delegation dd[vrh->delegation_chain_size]; 485 struct GNUNET_CREDENTIAL_Delegation dd[vrh->delegation_chain_size];
505 struct GNUNET_CREDENTIAL_Credential cred[vrh->cred_chain_size]; 486 struct GNUNET_CREDENTIAL_Credential cred[vrh->cred_chain_size];
@@ -792,21 +773,14 @@ backward_resolution (void* cls,
792 * @param rd the record data 773 * @param rd the record data
793 */ 774 */
794static void 775static void
795handle_credential_query (void* cls, 776delegation_chain_resolution_start (void* cls)
796 uint32_t rd_count,
797 const struct GNUNET_GNSRECORD_Data *rd)
798{ 777{
799 struct VerifyRequestHandle *vrh = cls; 778 struct VerifyRequestHandle *vrh = cls;
800 struct DelegationSetQueueEntry *ds_entry; 779 struct DelegationSetQueueEntry *ds_entry;
801 struct GNUNET_CREDENTIAL_Credential *crd;
802 struct CredentialRecordEntry *cr_entry; 780 struct CredentialRecordEntry *cr_entry;
803 int cred_record_count;
804 int i;
805
806 vrh->lookup_request = NULL; 781 vrh->lookup_request = NULL;
807 cred_record_count = 0;
808 782
809 if (0 == rd_count) 783 if (0 == vrh->cred_chain_size)
810 { 784 {
811 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 785 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
812 "No credentials found\n"); 786 "No credentials found\n");
@@ -814,31 +788,13 @@ handle_credential_query (void* cls,
814 return; 788 return;
815 } 789 }
816 790
817 for (i=0; i < rd_count; i++) 791 for (cr_entry = vrh->cred_chain_head; cr_entry != NULL; cr_entry = cr_entry->next)
818 { 792 {
819 if (GNUNET_GNSRECORD_TYPE_CREDENTIAL != rd[i].record_type) 793 if (0 != memcmp (&cr_entry->credential->issuer_key,
820 continue;
821 cred_record_count++;
822 crd = GNUNET_CREDENTIAL_credential_deserialize (rd[i].data,
823 rd[i].data_size);
824 if (NULL == crd)
825 {
826 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
827 "Invalid credential found\n");
828 continue;
829 }
830 cr_entry = GNUNET_new (struct CredentialRecordEntry);
831 cr_entry->credential = crd;
832 GNUNET_CONTAINER_DLL_insert_tail (vrh->cred_chain_head,
833 vrh->cred_chain_tail,
834 cr_entry);
835 vrh->cred_chain_size++;
836
837 if (0 != memcmp (&crd->issuer_key,
838 &vrh->issuer_key, 794 &vrh->issuer_key,
839 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey))) 795 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
840 continue; 796 continue;
841 if (0 != strcmp (crd->issuer_attribute, vrh->issuer_attribute)) 797 if (0 != strcmp (cr_entry->credential->issuer_attribute, vrh->issuer_attribute))
842 continue; 798 continue;
843 //Found match prematurely 799 //Found match prematurely
844 send_lookup_response (vrh); 800 send_lookup_response (vrh);
@@ -878,6 +834,40 @@ handle_credential_query (void* cls,
878 ds_entry); 834 ds_entry);
879} 835}
880 836
837/**
838 * Checks a #GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY message
839 *
840 * @param cls client sending the message
841 * @param v_msg message of type `struct VerifyMessage`
842 * @return #GNUNET_OK if @a v_msg is well-formed
843 */
844static int
845check_verify (void *cls,
846 const struct VerifyMessage *v_msg)
847{
848 size_t msg_size;
849 const char* attr;
850
851 msg_size = ntohs (v_msg->header.size);
852 if (msg_size < sizeof (struct VerifyMessage))
853 {
854 GNUNET_break (0);
855 return GNUNET_SYSERR;
856 }
857 if (ntohs (v_msg->issuer_attribute_len) > GNUNET_CREDENTIAL_MAX_LENGTH)
858 {
859 GNUNET_break (0);
860 return GNUNET_SYSERR;
861 }
862 attr = (const char *) &v_msg[1];
863
864 if ( strlen (attr) > GNUNET_CREDENTIAL_MAX_LENGTH)
865 {
866 GNUNET_break (0);
867 return GNUNET_SYSERR;
868 }
869 return GNUNET_OK;
870}
881 871
882/** 872/**
883 * Handle Credential verification requests from client 873 * Handle Credential verification requests from client
@@ -890,12 +880,11 @@ static void
890handle_verify (void *cls, 880handle_verify (void *cls,
891 const struct VerifyMessage *v_msg) 881 const struct VerifyMessage *v_msg)
892{ 882{
893 char attrs[GNUNET_CREDENTIAL_MAX_LENGTH*2 + 1]; 883 char attr[GNUNET_CREDENTIAL_MAX_LENGTH + 1];
894 char issuer_attribute[GNUNET_CREDENTIAL_MAX_LENGTH + 1]; 884 char issuer_attribute[GNUNET_CREDENTIAL_MAX_LENGTH + 1];
895 char subject_attribute[GNUNET_CREDENTIAL_MAX_LENGTH + 1 + 4];
896 struct VerifyRequestHandle *vrh; 885 struct VerifyRequestHandle *vrh;
897 struct GNUNET_SERVICE_Client *client = cls; 886 struct GNUNET_SERVICE_Client *client = cls;
898 char *attrptr = attrs; 887 char *attrptr = attr;
899 const char *utf_in; 888 const char *utf_in;
900 889
901 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 890 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
@@ -904,12 +893,8 @@ handle_verify (void *cls,
904 utf_in = (const char *) &v_msg[1]; 893 utf_in = (const char *) &v_msg[1];
905 GNUNET_STRINGS_utf8_tolower (utf_in, attrptr); 894 GNUNET_STRINGS_utf8_tolower (utf_in, attrptr);
906 895
907 GNUNET_memcpy (issuer_attribute, attrs, ntohs (v_msg->issuer_attribute_len)); 896 GNUNET_memcpy (issuer_attribute, attr, ntohs (v_msg->issuer_attribute_len));
908 issuer_attribute[ntohs (v_msg->issuer_attribute_len)] = '\0'; 897 issuer_attribute[ntohs (v_msg->issuer_attribute_len)] = '\0';
909 GNUNET_memcpy (subject_attribute, attrs+strlen(issuer_attribute), ntohs (v_msg->subject_attribute_len));
910 strcpy (subject_attribute+ntohs (v_msg->subject_attribute_len),
911 ".gnu");
912 subject_attribute[ntohs (v_msg->subject_attribute_len)+4] = '\0';
913 vrh = GNUNET_new (struct VerifyRequestHandle); 898 vrh = GNUNET_new (struct VerifyRequestHandle);
914 GNUNET_CONTAINER_DLL_insert (vrh_head, vrh_tail, vrh); 899 GNUNET_CONTAINER_DLL_insert (vrh_head, vrh_tail, vrh);
915 vrh->client = client; 900 vrh->client = client;
@@ -917,14 +902,169 @@ handle_verify (void *cls,
917 vrh->issuer_key = v_msg->issuer_key; 902 vrh->issuer_key = v_msg->issuer_key;
918 vrh->subject_key = v_msg->subject_key; 903 vrh->subject_key = v_msg->subject_key;
919 vrh->issuer_attribute = GNUNET_strdup (issuer_attribute); 904 vrh->issuer_attribute = GNUNET_strdup (issuer_attribute);
920 905 if (NULL == issuer_attribute)
921 if (NULL == subject_attribute)
922 { 906 {
923 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 907 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
924 "No subject attribute provided!\n"); 908 "No issuer attribute provided!\n");
909 send_lookup_response (vrh);
910 return;
911 }
912 /**
913 * First, collect credentials
914 * TODO: cleanup!
915 */
916 uint32_t credentials_count = ntohl(v_msg->c_count);
917 int i;
918 uint32_t credential_data_size = ntohs (v_msg->header.size)
919 - sizeof (struct VerifyMessage)
920 - ntohs (v_msg->issuer_attribute_len)
921 - 1;
922 struct GNUNET_CREDENTIAL_Credential credentials[credentials_count];
923 char *credential_data = (char*)&v_msg[1] + ntohs (v_msg->issuer_attribute_len) + 1;
924 struct CredentialRecordEntry *cr_entry;
925 if (GNUNET_OK != GNUNET_CREDENTIAL_credentials_deserialize (credential_data_size,
926 credential_data,
927 credentials_count,
928 credentials))
929 {
930 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
931 "Cannot deserialize credentials!\n");
925 send_lookup_response (vrh); 932 send_lookup_response (vrh);
926 return; 933 return;
927 } 934 }
935
936 for (i=0;i<credentials_count;i++) {
937 cr_entry = GNUNET_new (struct CredentialRecordEntry);
938 cr_entry->credential = GNUNET_malloc (sizeof (struct GNUNET_CREDENTIAL_Credential) +
939 strlen (credentials[i].issuer_attribute) + 1);
940 GNUNET_memcpy (cr_entry->credential,
941 &credentials[i],
942 sizeof (struct GNUNET_CREDENTIAL_Credential));
943 GNUNET_memcpy (&cr_entry->credential[1],
944 credentials[i].issuer_attribute,
945 strlen (credentials[i].issuer_attribute));
946 cr_entry->credential->issuer_attribute = (char*)&cr_entry->credential[1];
947 GNUNET_CONTAINER_DLL_insert_tail (vrh->cred_chain_head,
948 vrh->cred_chain_tail,
949 cr_entry);
950 vrh->cred_chain_size++;
951 }
952
953 delegation_chain_resolution_start (vrh);
954
955}
956
957/**
958 * We encountered an error while collecting
959 */
960static void
961handle_cred_collection_error_cb (void *cls)
962{
963 struct VerifyRequestHandle *vrh = cls;
964 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
965 "Got disconnected from namestore database.\n");
966 vrh->cred_collection_iter = NULL;
967 send_lookup_response (vrh);
968}
969
970static void
971collect_next (void *cls)
972{
973 struct VerifyRequestHandle *vrh = cls;
974 vrh->collect_next_task = NULL;
975 GNUNET_assert (NULL != vrh->cred_collection_iter);
976 GNUNET_NAMESTORE_zone_iterator_next (vrh->cred_collection_iter);
977}
978
979/**
980 * Store credential
981 */
982static void
983handle_cred_collection_cb (void *cls,
984 const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
985 const char *label,
986 unsigned int rd_count,
987 const struct GNUNET_GNSRECORD_Data *rd)
988{
989 struct VerifyRequestHandle *vrh = cls;
990 struct GNUNET_CREDENTIAL_Credential *crd;
991 struct CredentialRecordEntry *cr_entry;
992 int cred_record_count;
993 int i;
994
995 cred_record_count = 0;
996 for (i=0; i < rd_count; i++)
997 {
998 if (GNUNET_GNSRECORD_TYPE_CREDENTIAL != rd[i].record_type)
999 continue;
1000 cred_record_count++;
1001 crd = GNUNET_CREDENTIAL_credential_deserialize (rd[i].data,
1002 rd[i].data_size);
1003 if (NULL == crd)
1004 {
1005 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
1006 "Invalid credential found\n");
1007 continue;
1008 }
1009 cr_entry = GNUNET_new (struct CredentialRecordEntry);
1010 cr_entry->credential = crd;
1011 GNUNET_CONTAINER_DLL_insert_tail (vrh->cred_chain_head,
1012 vrh->cred_chain_tail,
1013 cr_entry);
1014 vrh->cred_chain_size++;
1015 }
1016 vrh->collect_next_task = GNUNET_SCHEDULER_add_now (&collect_next,
1017 vrh);
1018}
1019
1020/**
1021 * We encountered an error while collecting
1022 */
1023static void
1024handle_cred_collection_finished_cb (void *cls)
1025{
1026 struct VerifyRequestHandle *vrh = cls;
1027 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1028 "Done collecting credentials.\n");
1029 vrh->cred_collection_iter = NULL;
1030 delegation_chain_resolution_start (vrh);
1031}
1032
1033/**
1034 * Handle Credential collection requests from client
1035 *
1036 * @param cls the closure
1037 * @param client the client
1038 * @param message the message
1039 */
1040static void
1041handle_collect (void *cls,
1042 const struct CollectMessage *c_msg)
1043{
1044 char attr[GNUNET_CREDENTIAL_MAX_LENGTH + 1];
1045 char issuer_attribute[GNUNET_CREDENTIAL_MAX_LENGTH + 1];
1046 struct VerifyRequestHandle *vrh;
1047 struct GNUNET_SERVICE_Client *client = cls;
1048 char *attrptr = attr;
1049 const char *utf_in;
1050
1051 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1052 "Received COLLECT message\n");
1053
1054 utf_in = (const char *) &c_msg[1];
1055 GNUNET_STRINGS_utf8_tolower (utf_in, attrptr);
1056
1057 GNUNET_memcpy (issuer_attribute, attr, ntohs (c_msg->issuer_attribute_len));
1058 issuer_attribute[ntohs (c_msg->issuer_attribute_len)] = '\0';
1059 vrh = GNUNET_new (struct VerifyRequestHandle);
1060 GNUNET_CONTAINER_DLL_insert (vrh_head, vrh_tail, vrh);
1061 vrh->client = client;
1062 vrh->request_id = c_msg->id;
1063 vrh->issuer_key = c_msg->issuer_key;
1064 GNUNET_CRYPTO_ecdsa_key_get_public (&c_msg->subject_key,
1065 &vrh->subject_key);
1066 vrh->issuer_attribute = GNUNET_strdup (issuer_attribute);
1067
928 if (NULL == issuer_attribute) 1068 if (NULL == issuer_attribute)
929 { 1069 {
930 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 1070 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
@@ -933,23 +1073,58 @@ handle_verify (void *cls,
933 return; 1073 return;
934 } 1074 }
935 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1075 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
936 "Looking up %s\n", 1076 "Getting credentials for subject\n");
937 subject_attribute);
938 /** 1077 /**
939 * First, get attribute from subject 1078 * First, get attribute from subject
940 */ 1079 */
941 vrh->lookup_request = GNUNET_GNS_lookup (gns, 1080 vrh->cred_collection_iter = GNUNET_NAMESTORE_zone_iteration_start (namestore,
942 subject_attribute, 1081 &c_msg->subject_key,
943 &v_msg->subject_key, //subject_pkey, 1082 &handle_cred_collection_error_cb,
944 GNUNET_GNSRECORD_TYPE_CREDENTIAL, 1083 vrh,
945 GNUNET_GNS_LO_DEFAULT, 1084 &handle_cred_collection_cb,
946 NULL, //shorten_key, always NULL 1085 vrh,
947 &handle_credential_query, 1086 &handle_cred_collection_finished_cb,
948 vrh); 1087 vrh);
949} 1088}
950 1089
951 1090
952/** 1091/**
1092 * Checks a #GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT message
1093 *
1094 * @param cls client sending the message
1095 * @param v_msg message of type `struct CollectMessage`
1096 * @return #GNUNET_OK if @a v_msg is well-formed
1097 */
1098static int
1099check_collect (void *cls,
1100 const struct CollectMessage *c_msg)
1101{
1102 size_t msg_size;
1103 const char* attr;
1104
1105 msg_size = ntohs (c_msg->header.size);
1106 if (msg_size < sizeof (struct CollectMessage))
1107 {
1108 GNUNET_break (0);
1109 return GNUNET_SYSERR;
1110 }
1111 if (ntohs (c_msg->issuer_attribute_len) > GNUNET_CREDENTIAL_MAX_LENGTH)
1112 {
1113 GNUNET_break (0);
1114 return GNUNET_SYSERR;
1115 }
1116 attr = (const char *) &c_msg[1];
1117
1118 if ( ('\0' != attr[ntohs(c_msg->header.size) - sizeof (struct CollectMessage) - 1]) ||
1119 (strlen (attr) > GNUNET_CREDENTIAL_MAX_LENGTH) )
1120 {
1121 GNUNET_break (0);
1122 return GNUNET_SYSERR;
1123 }
1124 return GNUNET_OK;
1125}
1126
1127/**
953 * One of our clients disconnected, clean up after it. 1128 * One of our clients disconnected, clean up after it.
954 * 1129 *
955 * @param cls NULL 1130 * @param cls NULL
@@ -1003,6 +1178,12 @@ run (void *cls,
1003 fprintf (stderr, 1178 fprintf (stderr,
1004 _("Failed to connect to GNS\n")); 1179 _("Failed to connect to GNS\n"));
1005 } 1180 }
1181 namestore = GNUNET_NAMESTORE_connect (c);
1182 if (NULL == namestore)
1183 {
1184 fprintf (stderr,
1185 _("Failed to connect to namestore\n"));
1186 }
1006 1187
1007 statistics = GNUNET_STATISTICS_create ("credential", c); 1188 statistics = GNUNET_STATISTICS_create ("credential", c);
1008 GNUNET_SCHEDULER_add_shutdown (&shutdown_task, NULL); 1189 GNUNET_SCHEDULER_add_shutdown (&shutdown_task, NULL);
@@ -1023,6 +1204,10 @@ GNUNET_SERVICE_MAIN
1023 GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY, 1204 GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY,
1024 struct VerifyMessage, 1205 struct VerifyMessage,
1025 NULL), 1206 NULL),
1207 GNUNET_MQ_hd_var_size (collect,
1208 GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT,
1209 struct CollectMessage,
1210 NULL),
1026 GNUNET_MQ_handler_end()); 1211 GNUNET_MQ_handler_end());
1027 1212
1028/* end of gnunet-service-credential.c */ 1213/* end of gnunet-service-credential.c */
diff --git a/src/credential/plugin_rest_credential.c b/src/credential/plugin_rest_credential.c
index 651de0075..f13e26cd4 100644
--- a/src/credential/plugin_rest_credential.c
+++ b/src/credential/plugin_rest_credential.c
@@ -492,7 +492,8 @@ verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
492 &handle->issuer_key, 492 &handle->issuer_key,
493 handle->issuer_attr, 493 handle->issuer_attr,
494 &handle->subject_key, 494 &handle->subject_key,
495 handle->subject_attr, 495 0,
496 NULL,//TODOhandle->subject_attr,
496 &handle_verify_response, 497 &handle_verify_response,
497 handle); 498 handle);
498 499
diff --git a/src/credential/test_credential_collect.sh b/src/credential/test_credential_collect.sh
new file mode 100755
index 000000000..6c713063f
--- /dev/null
+++ b/src/credential/test_credential_collect.sh
@@ -0,0 +1,47 @@
1#!/bin/bash
2trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
3
4LOCATION=$(which gnunet-config)
5if [ -z $LOCATION ]
6then
7 LOCATION="gnunet-config"
8fi
9$LOCATION --version 1> /dev/null
10if test $? != 0
11then
12 echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
13 exit 77
14fi
15
16rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
17
18# (1) PKEY1.user -> PKEY2.resu.user
19# (2) PKEY2.resu -> PKEY3
20# (3) PKEY3.user -> PKEY4
21
22
23which timeout &> /dev/null && DO_TIMEOUT="timeout 30"
24
25TEST_ATTR="test"
26TEST_ATTR2="test2"
27gnunet-arm -s -c test_credential_lookup.conf
28gnunet-identity -C testissuer -c test_credential_lookup.conf
29gnunet-identity -C testsubject -c test_credential_lookup.conf
30SUBJECT_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep testsubject | awk '{print $3}')
31ISSUER_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep testissuer | awk '{print $3}')
32#TODO1 Get credential and store it with subject (3)
33CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=testissuer --subject=$SUBJECT_KEY --attribute=$TEST_ATTR --ttl=5m -c test_credential_lookup.conf`
34$DO_TIMEOUT gnunet-namestore -a -z testsubject -n c1 -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf
35CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=testissuer --subject=$SUBJECT_KEY --attribute=$TEST_ATTR2 --ttl=5m -c test_credential_lookup.conf`
36$DO_TIMEOUT gnunet-namestore -a -z testsubject -n c2 -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf
37CREDS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$ISSUER_KEY --attribute=$TEST_ATTR --ego=testsubject -c test_credential_lookup.conf | paste -d, -s`
38echo $CREDS
39RES=$?
40gnunet-arm -e -c test_credential_lookup.conf
41
42if test $? != 0
43then
44 echo "Error collecting..."
45 exit 1
46fi
47
diff --git a/src/credential/test_credential_lookup.conf b/src/credential/test_credential_lookup.conf
index 7aa193abd..93b4864d9 100644
--- a/src/credential/test_credential_lookup.conf
+++ b/src/credential/test_credential_lookup.conf
@@ -11,7 +11,7 @@ PLUGINS =
11 11
12[credential] 12[credential]
13AUTOSTART = YES 13AUTOSTART = YES
14#PREFIX = valgrind --leak-check=full --track-origins=yes --log-file=/tmp/credlog 14PREFIX = valgrind --leak-check=full --track-origins=yes --log-file=/tmp/credlog
15 15
16[rest] 16[rest]
17#PREFIX = valgrind --leak-check=full --track-origins=yes --log-file=/tmp/restlog 17#PREFIX = valgrind --leak-check=full --track-origins=yes --log-file=/tmp/restlog
diff --git a/src/credential/test_credential_verify.sh b/src/credential/test_credential_verify.sh
index 6d69e337b..d042bcfe6 100755
--- a/src/credential/test_credential_verify.sh
+++ b/src/credential/test_credential_verify.sh
@@ -57,8 +57,11 @@ CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=gnunet --subject=$ALICE_KEY --
57# Alice stores the credential under "mygnunetcreds" 57# Alice stores the credential under "mygnunetcreds"
58gnunet-namestore -p -z alice -a -n $TEST_CREDENTIAL -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf 58gnunet-namestore -p -z alice -a -n $TEST_CREDENTIAL -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf
59 59
60CREDS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$SERVICE_KEY --attribute=$USER_ATTR --ego=alice -c test_credential_lookup.conf | paste -d, -s`
61
62echo gnunet-credential --verify --issuer=$SERVICE_KEY --attribute=$USER_ATTR --subject=$ALICE_KEY --credential=\'$CREDS\' -c test_credential_lookup.conf
60#TODO2 Add -z swich like in gnunet-gns 63#TODO2 Add -z swich like in gnunet-gns
61RES_CRED=`gnunet-credential --verify --issuer=$SERVICE_KEY --attribute=$USER_ATTR --subject=$ALICE_KEY --credential=$TEST_CREDENTIAL -c test_credential_lookup.conf` 64gnunet-credential --verify --issuer=$SERVICE_KEY --attribute=$USER_ATTR --subject=$ALICE_KEY --credential="$CREDS" -c test_credential_lookup.conf
62 65
63 66
64#TODO cleanup properly 67#TODO cleanup properly
diff --git a/src/include/gnunet_credential_service.h b/src/include/gnunet_credential_service.h
index 906163c14..d04c0a253 100644
--- a/src/include/gnunet_credential_service.h
+++ b/src/include/gnunet_credential_service.h
@@ -235,7 +235,7 @@ GNUNET_CREDENTIAL_disconnect (struct GNUNET_CREDENTIAL_Handle *handle);
235 * @param c_count the number of credentials found 235 * @param c_count the number of credentials found
236 * @param credential the credentials 236 * @param credential the credentials
237 */ 237 */
238typedef void (*GNUNET_CREDENTIAL_VerifyResultProcessor) (void *cls, 238typedef void (*GNUNET_CREDENTIAL_CredentialResultProcessor) (void *cls,
239 unsigned int d_count, 239 unsigned int d_count,
240 struct GNUNET_CREDENTIAL_Delegation *delegation_chain, 240 struct GNUNET_CREDENTIAL_Delegation *delegation_chain,
241 unsigned int c_count, 241 unsigned int c_count,
@@ -286,10 +286,19 @@ GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle,
286 const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key, 286 const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
287 const char *issuer_attribute, 287 const char *issuer_attribute,
288 const struct GNUNET_CRYPTO_EcdsaPublicKey *subject_key, 288 const struct GNUNET_CRYPTO_EcdsaPublicKey *subject_key,
289 const char *subject_attribute, 289 uint32_t credential_count,
290 GNUNET_CREDENTIAL_VerifyResultProcessor proc, 290 const struct GNUNET_CREDENTIAL_Credential *credentials,
291 GNUNET_CREDENTIAL_CredentialResultProcessor proc,
291 void *proc_cls); 292 void *proc_cls);
292 293
294struct GNUNET_CREDENTIAL_Request*
295GNUNET_CREDENTIAL_collect (struct GNUNET_CREDENTIAL_Handle *handle,
296 const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
297 const char *issuer_attribute,
298 const struct GNUNET_CRYPTO_EcdsaPrivateKey *subject_key,
299 GNUNET_CREDENTIAL_CredentialResultProcessor proc,
300 void *proc_cls);
301
293/** 302/**
294 * Delegate an attribute 303 * Delegate an attribute
295 * 304 *
diff --git a/src/include/gnunet_protocols.h b/src/include/gnunet_protocols.h
index 596196311..cf26f1727 100644
--- a/src/include/gnunet_protocols.h
+++ b/src/include/gnunet_protocols.h
@@ -2616,6 +2616,10 @@ extern "C"
2616 2616
2617#define GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT 972 2617#define GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT 972
2618 2618
2619#define GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT 973
2620
2621#define GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT_RESULT 974
2622
2619/******************************************************************************/ 2623/******************************************************************************/
2620 2624
2621 2625