1 files changed, 511 insertions, 0 deletions
diff --git a/src/credential/credential_api.c b/src/credential/credential_api.c
new file mode 100644
index 000000000..677cb9ad4
--- /dev/null
+++ b/src/credential/credential_api.c
@@ -0,0 +1,511 @@
+/*
+     This file is part of GNUnet.
+     Copyright (C) 2009-2013, 2016 GNUnet e.V.
+     GNUnet is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published
+     by the Free Software Foundation; either version 3, or (at your
+     option) any later version.
+     GNUnet is distributed in the hope that it will be useful, but
+     WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+     General Public License for more details.
+     You should have received a copy of the GNU General Public License
+     along with GNUnet; see the file COPYING.  If not, write to the
+     Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+     Boston, MA 02110-1301, USA.
+*/
+/**
+ * @file credential/credential_api.c
+ * @brief library to access the CREDENTIAL service
+ * @author Martin Schanzenbach
+ */
+#include "platform.h"
+#include "gnunet_util_lib.h"
+#include "gnunet_constants.h"
+#include "gnunet_arm_service.h"
+#include "gnunet_hello_lib.h"
+#include "gnunet_protocols.h"
+#include "gnunet_signatures.h"
+#include "credential.h"
+#include "credential_serialization.h"
+#include "gnunet_credential_service.h"
+#include "gnunet_identity_service.h"
+#define LOG(kind,...) GNUNET_log_from (kind, "credential-api",__VA_ARGS__)
+/**
+ * Handle to a verify request
+ */
+struct GNUNET_CREDENTIAL_Request
+{
+  /**
+   * DLL
+   */
+  struct GNUNET_CREDENTIAL_Request *next;
+  /**
+   * DLL
+   */
+  struct GNUNET_CREDENTIAL_Request *prev;
+  /**
+   * handle to credential service
+   */
+  struct GNUNET_CREDENTIAL_Handle *credential_handle;
+  /**
+   * processor to call on verify result
+   */
+  GNUNET_CREDENTIAL_CredentialResultProcessor verify_proc;
+  /**
+   * @e verify_proc closure
+   */
+  void *proc_cls;
+  /**
+   * Envelope with the message for this queue entry.
+   */
+  struct GNUNET_MQ_Envelope *env;
+  /**
+   * request id
+   */
+  uint32_t r_id;
+};
+/**
+ * Connection to the CREDENTIAL service.
+ */
+struct GNUNET_CREDENTIAL_Handle
+{
+  /**
+   * Configuration to use.
+   */
+  const struct GNUNET_CONFIGURATION_Handle *cfg;
+  /**
+   * Connection to service (if available).
+   */
+  struct GNUNET_MQ_Handle *mq;
+  /**
+   * Head of linked list of active verify requests.
+   */
+  struct GNUNET_CREDENTIAL_Request *request_head;
+  /**
+   * Tail of linked list of active verify requests.
+   */
+  struct GNUNET_CREDENTIAL_Request *request_tail;
+  /**
+   * Reconnect task
+   */
+  struct GNUNET_SCHEDULER_Task *reconnect_task;
+  /**
+   * How long do we wait until we try to reconnect?
+   */
+  struct GNUNET_TIME_Relative reconnect_backoff;
+  /**
+   * Request Id generator.  Incremented by one for each request.
+   */
+  uint32_t r_id_gen;
+};
+/**
+ * Reconnect to CREDENTIAL service.
+ *
+ * @param handle the handle to the CREDENTIAL service
+ */
+static void
+reconnect (struct GNUNET_CREDENTIAL_Handle *handle);
+/**
+ * Reconnect to CREDENTIAL
+ *
+ * @param cls the handle
+ */
+static void
+reconnect_task (void *cls)
+{
+  struct GNUNET_CREDENTIAL_Handle *handle = cls;
+  handle->reconnect_task = NULL;
+  reconnect (handle);
+}
+/**
+ * Disconnect from service and then reconnect.
+ *
+ * @param handle our handle
+ */
+static void
+force_reconnect (struct GNUNET_CREDENTIAL_Handle *handle)
+{
+  GNUNET_MQ_destroy (handle->mq);
+  handle->mq = NULL;
+  handle->reconnect_backoff
+    = GNUNET_TIME_STD_BACKOFF (handle->reconnect_backoff);
+  handle->reconnect_task
+    = GNUNET_SCHEDULER_add_delayed (handle->reconnect_backoff,
+                        &reconnect_task,
+                        handle);
+}
+/**
+ * Generic error handler, called with the appropriate error code and
+ * the same closure specified at the creation of the message queue.
+ * Not every message queue implementation supports an error handler.
+ *
+ * @param cls closure with the `struct GNUNET_CREDENTIAL_Handle *`
+ * @param error error code
+ */
+static void
+mq_error_handler (void *cls,
+                  enum GNUNET_MQ_Error error)
+{
+  struct GNUNET_CREDENTIAL_Handle *handle = cls;
+  force_reconnect (handle);
+}
+/**
+ * Check validity of message received from the CREDENTIAL service
+ *
+ * @param cls the `struct GNUNET_CREDENTIAL_Handle *`
+ * @param vr_msg the incoming message
+ */
+static int
+check_result (void *cls,
+              const struct DelegationChainResultMessage *vr_msg)
+{
+  //TODO
+  return GNUNET_OK;
+}
+/**
+ * Handler for messages received from the CREDENTIAL service
+ *
+ * @param cls the `struct GNUNET_CREDENTIAL_Handle *`
+ * @param vr_msg the incoming message
+ */
+static void
+handle_result (void *cls,
+               const struct DelegationChainResultMessage *vr_msg)
+{
+  struct GNUNET_CREDENTIAL_Handle *handle = cls;
+  uint32_t r_id = ntohl (vr_msg->id);
+  struct GNUNET_CREDENTIAL_Request *vr;
+  size_t mlen = ntohs (vr_msg->header.size) - sizeof (*vr_msg);
+  uint32_t d_count = ntohl (vr_msg->d_count);
+  uint32_t c_count = ntohl (vr_msg->c_count);
+  struct GNUNET_CREDENTIAL_Delegation d_chain[d_count];
+  struct GNUNET_CREDENTIAL_Credential creds[c_count];
+  GNUNET_CREDENTIAL_CredentialResultProcessor proc;
+  void *proc_cls;
+  LOG (GNUNET_ERROR_TYPE_DEBUG,
+       "Received verify reply from CREDENTIAL service\n");
+  for (vr = handle->request_head; NULL != vr; vr = vr->next)
+    if (vr->r_id == r_id)
+      break;
+  if (NULL == vr)
+    return;
+  proc = vr->verify_proc;
+  proc_cls = vr->proc_cls;
+  GNUNET_CONTAINER_DLL_remove (handle->request_head,
+                               handle->request_tail,
+                               vr);
+  GNUNET_MQ_discard (vr->env);
+  GNUNET_free (vr);
+  GNUNET_assert (GNUNET_OK ==
+                 GNUNET_CREDENTIAL_delegation_chain_deserialize (mlen,
+                                                                 (const char*) &vr_msg[1],
+                                                                 d_count,
+                                                                 d_chain,
+                                                                 c_count,
+                                                                 creds));
+  if (GNUNET_NO == ntohl (vr_msg->cred_found))
+  {
+    proc (proc_cls,
+          0,
+          NULL,
+          0,
+          NULL); // TODO
+  } else {
+    proc (proc_cls,
+          d_count,
+          d_chain,
+          c_count,
+          creds);
+  }
+}
+/**
+ * Reconnect to CREDENTIAL service.
+ *
+ * @param handle the handle to the CREDENTIAL service
+ */
+static void
+reconnect (struct GNUNET_CREDENTIAL_Handle *handle)
+{
+  struct GNUNET_MQ_MessageHandler handlers[] = {
+    GNUNET_MQ_hd_var_size (result,
+                           GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT,
+                           struct DelegationChainResultMessage,
+                           handle),
+    GNUNET_MQ_hd_var_size (result,
+                           GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT_RESULT,
+                           struct DelegationChainResultMessage,
+                           handle),
+    GNUNET_MQ_handler_end ()
+  };
+  struct GNUNET_CREDENTIAL_Request *vr;
+  GNUNET_assert (NULL == handle->mq);
+  LOG (GNUNET_ERROR_TYPE_DEBUG,
+       "Trying to connect to CREDENTIAL\n");
+  handle->mq = GNUNET_CLIENT_connect (handle->cfg,
+                                      "credential",
+                                      handlers,
+                                      &mq_error_handler,
+                                      handle);
+  if (NULL == handle->mq)
+    return;
+  for (vr = handle->request_head; NULL != vr; vr = vr->next)
+    GNUNET_MQ_send_copy (handle->mq,
+                         vr->env);
+}
+/**
+ * Initialize the connection with the CREDENTIAL service.
+ *
+ * @param cfg configuration to use
+ * @return handle to the CREDENTIAL service, or NULL on error
+ */
+struct GNUNET_CREDENTIAL_Handle *
+GNUNET_CREDENTIAL_connect (const struct GNUNET_CONFIGURATION_Handle *cfg)
+{
+  struct GNUNET_CREDENTIAL_Handle *handle;
+  handle = GNUNET_new (struct GNUNET_CREDENTIAL_Handle);
+  handle->cfg = cfg;
+  reconnect (handle);
+  if (NULL == handle->mq)
+  {
+    GNUNET_free (handle);
+    return NULL;
+  }
+  return handle;
+}
+/**
+ * Shutdown connection with the CREDENTIAL service.
+ *
+ * @param handle handle of the CREDENTIAL connection to stop
+ */
+void
+GNUNET_CREDENTIAL_disconnect (struct GNUNET_CREDENTIAL_Handle *handle)
+{
+  if (NULL != handle->mq)
+  {
+    GNUNET_MQ_destroy (handle->mq);
+    handle->mq = NULL;
+  }
+  if (NULL != handle->reconnect_task)
+  {
+    GNUNET_SCHEDULER_cancel (handle->reconnect_task);
+    handle->reconnect_task = NULL;
+  }
+  GNUNET_assert (NULL == handle->request_head);
+  GNUNET_free (handle);
+}
+/**
+ * Cancel pending verify request
+ *
+ * @param lr the verify request to cancel
+ */
+void
+GNUNET_CREDENTIAL_request_cancel (struct GNUNET_CREDENTIAL_Request *lr)
+{
+  struct GNUNET_CREDENTIAL_Handle *handle = lr->credential_handle;
+  GNUNET_CONTAINER_DLL_remove (handle->request_head,
+                               handle->request_tail,
+                               lr);
+  GNUNET_MQ_discard (lr->env);
+  GNUNET_free (lr);
+}
+/**
+ * Performs attribute collection.
+ * Collects all credentials of subject to fulfill the 
+ * attribute, if possible
+ *
+ * @param handle handle to the Credential service
+ * @param issuer_key the issuer public key
+ * @param issuer_attribute the issuer attribute
+ * @param subject_key the subject public key
+ * @param proc function to call on result
+ * @param proc_cls closure for processor
+ * @return handle to the queued request
+ */
+struct GNUNET_CREDENTIAL_Request*
+GNUNET_CREDENTIAL_collect (struct GNUNET_CREDENTIAL_Handle *handle,
+                           const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
+                           const char *issuer_attribute,
+                           const struct GNUNET_CRYPTO_EcdsaPrivateKey *subject_key,
+                           GNUNET_CREDENTIAL_CredentialResultProcessor proc,
+                           void *proc_cls)
+{
+  /* IPC to shorten credential names, return shorten_handle */
+  struct CollectMessage *c_msg;
+  struct GNUNET_CREDENTIAL_Request *vr;
+  size_t nlen;
+  if (NULL == issuer_attribute)
+  {
+    GNUNET_break (0);
+    return NULL;
+  }
+  //DEBUG LOG
+  LOG (GNUNET_ERROR_TYPE_DEBUG,
+       "Trying to collect `%s' in CREDENTIAL\n",
+       issuer_attribute);
+  nlen = strlen (issuer_attribute) + 1;
+  if (nlen >= GNUNET_MAX_MESSAGE_SIZE - sizeof (*vr))
+  {
+    GNUNET_break (0);
+    return NULL;
+  }
+  vr = GNUNET_new (struct GNUNET_CREDENTIAL_Request);
+  vr->credential_handle = handle;
+  vr->verify_proc = proc;
+  vr->proc_cls = proc_cls;
+  vr->r_id = handle->r_id_gen++;
+  vr->env = GNUNET_MQ_msg_extra (c_msg,
+                                 nlen,
+                                 GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT);
+  c_msg->id = htonl (vr->r_id);
+  c_msg->subject_key = *subject_key;
+  c_msg->issuer_key =  *issuer_key;
+  c_msg->issuer_attribute_len = htons(strlen(issuer_attribute));
+  GNUNET_memcpy (&c_msg[1],
+                 issuer_attribute,
+                 strlen (issuer_attribute));
+  GNUNET_CONTAINER_DLL_insert (handle->request_head,
+                               handle->request_tail,
+                               vr);
+  if (NULL != handle->mq)
+    GNUNET_MQ_send_copy (handle->mq,
+                         vr->env);
+  return vr;
+}
+/**
+ * Performs attribute verification.
+ * Checks if there is a delegation chain from
+ * attribute ``issuer_attribute'' issued by the issuer
+ * with public key ``issuer_key'' maps to the attribute
+ * ``subject_attribute'' claimed by the subject with key
+ * ``subject_key''
+ *
+ * @param handle handle to the Credential service
+ * @param issuer_key the issuer public key
+ * @param issuer_attribute the issuer attribute
+ * @param subject_key the subject public key
+ * @param credential_count number of credentials provided
+ * @param credentials subject credentials
+ * @param proc function to call on result
+ * @param proc_cls closure for processor
+ * @return handle to the queued request
+ */
+struct GNUNET_CREDENTIAL_Request*
+GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle,
+                          const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
+                          const char *issuer_attribute,
+                          const struct GNUNET_CRYPTO_EcdsaPublicKey *subject_key,
+                          uint32_t credential_count,
+                          const struct GNUNET_CREDENTIAL_Credential *credentials,
+                          GNUNET_CREDENTIAL_CredentialResultProcessor proc,
+                          void *proc_cls)
+{
+  /* IPC to shorten credential names, return shorten_handle */
+  struct VerifyMessage *v_msg;
+  struct GNUNET_CREDENTIAL_Request *vr;
+  size_t nlen;
+  size_t clen;
+  if (NULL == issuer_attribute || NULL == credentials)
+  {
+    GNUNET_break (0);
+    return NULL;
+  }
+  clen = GNUNET_CREDENTIAL_credentials_get_size (credential_count,
+                                                 credentials);
+  //DEBUG LOG
+  LOG (GNUNET_ERROR_TYPE_DEBUG,
+       "Trying to verify `%s' in CREDENTIAL\n",
+       issuer_attribute);
+  nlen = strlen (issuer_attribute) + 1 + clen;
+  if (nlen >= GNUNET_MAX_MESSAGE_SIZE - sizeof (*vr))
+  {
+    GNUNET_break (0);
+    return NULL;
+  }
+  vr = GNUNET_new (struct GNUNET_CREDENTIAL_Request);
+  vr->credential_handle = handle;
+  vr->verify_proc = proc;
+  vr->proc_cls = proc_cls;
+  vr->r_id = handle->r_id_gen++;
+  vr->env = GNUNET_MQ_msg_extra (v_msg,
+                                 nlen,
+                                 GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY);
+  v_msg->id = htonl (vr->r_id);
+  v_msg->subject_key = *subject_key;
+  v_msg->c_count = htonl(credential_count);
+  v_msg->issuer_key =  *issuer_key;
+  v_msg->issuer_attribute_len = htons(strlen(issuer_attribute));
+  GNUNET_memcpy (&v_msg[1],
+                 issuer_attribute,
+                 strlen (issuer_attribute));
+  GNUNET_CREDENTIAL_credentials_serialize (credential_count,
+                                           credentials,
+                                           clen,
+                                           ((char*)&v_msg[1])
+                                           + strlen (issuer_attribute) + 1);
+  GNUNET_CONTAINER_DLL_insert (handle->request_head,
+                               handle->request_tail,
+                               vr);
+  if (NULL != handle->mq)
+    GNUNET_MQ_send_copy (handle->mq,
+                         vr->env);
+  return vr;
+}
+/* end of credential_api.c */

diff --git a/src/credential/credential_api.c b/src/credential/credential_api.c new file mode 100644 index 000000000..677cb9ad4 --- /dev/null +++ b/src/credential/credential_api.c
@@ -0,0 +1,511 @@
	1	/*
	2	This file is part of GNUnet.
	3	Copyright (C) 2009-2013, 2016 GNUnet e.V.
	4
	5	GNUnet is free software; you can redistribute it and/or modify
	6	it under the terms of the GNU General Public License as published
	7	by the Free Software Foundation; either version 3, or (at your
	8	option) any later version.
	9
	10	GNUnet is distributed in the hope that it will be useful, but
	11	WITHOUT ANY WARRANTY; without even the implied warranty of
	12	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	13	General Public License for more details.
	14
	15	You should have received a copy of the GNU General Public License
	16	along with GNUnet; see the file COPYING. If not, write to the
	17	Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
	18	Boston, MA 02110-1301, USA.
	19	*/
	20	/**
	21	* @file credential/credential_api.c
	22	* @brief library to access the CREDENTIAL service
	23	* @author Martin Schanzenbach
	24	*/
	25	#include "platform.h"
	26	#include "gnunet_util_lib.h"
	27	#include "gnunet_constants.h"
	28	#include "gnunet_arm_service.h"
	29	#include "gnunet_hello_lib.h"
	30	#include "gnunet_protocols.h"
	31	#include "gnunet_signatures.h"
	32	#include "credential.h"
	33	#include "credential_serialization.h"
	34	#include "gnunet_credential_service.h"
	35	#include "gnunet_identity_service.h"
	36
	37
	38	#define LOG(kind,...) GNUNET_log_from (kind, "credential-api",__VA_ARGS__)
	39
	40	/**
	41	* Handle to a verify request
	42	*/
	43	struct GNUNET_CREDENTIAL_Request
	44	{
	45
	46	/**
	47	* DLL
	48	*/
	49	struct GNUNET_CREDENTIAL_Request *next;
	50
	51	/**
	52	* DLL
	53	*/
	54	struct GNUNET_CREDENTIAL_Request *prev;
	55
	56	/**
	57	* handle to credential service
	58	*/
	59	struct GNUNET_CREDENTIAL_Handle *credential_handle;
	60
	61	/**
	62	* processor to call on verify result
	63	*/
	64	GNUNET_CREDENTIAL_CredentialResultProcessor verify_proc;
	65
	66	/**
	67	* @e verify_proc closure
	68	*/
	69	void *proc_cls;
	70
	71	/**
	72	* Envelope with the message for this queue entry.
	73	*/
	74	struct GNUNET_MQ_Envelope *env;
	75
	76	/**
	77	* request id
	78	*/
	79	uint32_t r_id;
	80
	81	};
	82
	83
	84	/**
	85	* Connection to the CREDENTIAL service.
	86	*/
	87	struct GNUNET_CREDENTIAL_Handle
	88	{
	89
	90	/**
	91	* Configuration to use.
	92	*/
	93	const struct GNUNET_CONFIGURATION_Handle *cfg;
	94
	95	/**
	96	* Connection to service (if available).
	97	*/
	98	struct GNUNET_MQ_Handle *mq;
	99
	100	/**
	101	* Head of linked list of active verify requests.
	102	*/
	103	struct GNUNET_CREDENTIAL_Request *request_head;
	104
	105	/**
	106	* Tail of linked list of active verify requests.
	107	*/
	108	struct GNUNET_CREDENTIAL_Request *request_tail;
	109
	110	/**
	111	* Reconnect task
	112	*/
	113	struct GNUNET_SCHEDULER_Task *reconnect_task;
	114
	115	/**
	116	* How long do we wait until we try to reconnect?
	117	*/
	118	struct GNUNET_TIME_Relative reconnect_backoff;
	119
	120	/**
	121	* Request Id generator. Incremented by one for each request.
	122	*/
	123	uint32_t r_id_gen;
	124
	125	};
	126
	127
	128	/**
	129	* Reconnect to CREDENTIAL service.
	130	*
	131	* @param handle the handle to the CREDENTIAL service
	132	*/
	133	static void
	134	reconnect (struct GNUNET_CREDENTIAL_Handle *handle);
	135
	136
	137	/**
	138	* Reconnect to CREDENTIAL
	139	*
	140	* @param cls the handle
	141	*/
	142	static void
	143	reconnect_task (void *cls)
	144	{
	145	struct GNUNET_CREDENTIAL_Handle *handle = cls;
	146
	147	handle->reconnect_task = NULL;
	148	reconnect (handle);
	149	}
	150
	151
	152	/**
	153	* Disconnect from service and then reconnect.
	154	*
	155	* @param handle our handle
	156	*/
	157	static void
	158	force_reconnect (struct GNUNET_CREDENTIAL_Handle *handle)
	159	{
	160	GNUNET_MQ_destroy (handle->mq);
	161	handle->mq = NULL;
	162	handle->reconnect_backoff
	163	= GNUNET_TIME_STD_BACKOFF (handle->reconnect_backoff);
	164	handle->reconnect_task
	165	= GNUNET_SCHEDULER_add_delayed (handle->reconnect_backoff,
	166	&reconnect_task,
	167	handle);
	168	}
	169
	170
	171	/**
	172	* Generic error handler, called with the appropriate error code and
	173	* the same closure specified at the creation of the message queue.
	174	* Not every message queue implementation supports an error handler.
	175	*
	176	* @param cls closure with the `struct GNUNET_CREDENTIAL_Handle *`
	177	* @param error error code
	178	*/
	179	static void
	180	mq_error_handler (void *cls,
	181	enum GNUNET_MQ_Error error)
	182	{
	183	struct GNUNET_CREDENTIAL_Handle *handle = cls;
	184
	185	force_reconnect (handle);
	186	}
	187
	188	/**
	189	* Check validity of message received from the CREDENTIAL service
	190	*
	191	* @param cls the `struct GNUNET_CREDENTIAL_Handle *`
	192	* @param vr_msg the incoming message
	193	*/
	194	static int
	195	check_result (void *cls,
	196	const struct DelegationChainResultMessage *vr_msg)
	197	{
	198	//TODO
	199	return GNUNET_OK;
	200	}
	201
	202
	203	/**
	204	* Handler for messages received from the CREDENTIAL service
	205	*
	206	* @param cls the `struct GNUNET_CREDENTIAL_Handle *`
	207	* @param vr_msg the incoming message
	208	*/
	209	static void
	210	handle_result (void *cls,
	211	const struct DelegationChainResultMessage *vr_msg)
	212	{
	213	struct GNUNET_CREDENTIAL_Handle *handle = cls;
	214	uint32_t r_id = ntohl (vr_msg->id);
	215	struct GNUNET_CREDENTIAL_Request *vr;
	216	size_t mlen = ntohs (vr_msg->header.size) - sizeof (*vr_msg);
	217	uint32_t d_count = ntohl (vr_msg->d_count);
	218	uint32_t c_count = ntohl (vr_msg->c_count);
	219	struct GNUNET_CREDENTIAL_Delegation d_chain[d_count];
	220	struct GNUNET_CREDENTIAL_Credential creds[c_count];
	221	GNUNET_CREDENTIAL_CredentialResultProcessor proc;
	222	void *proc_cls;
	223
	224	LOG (GNUNET_ERROR_TYPE_DEBUG,
	225	"Received verify reply from CREDENTIAL service\n");
	226	for (vr = handle->request_head; NULL != vr; vr = vr->next)
	227	if (vr->r_id == r_id)
	228	break;
	229	if (NULL == vr)
	230	return;
	231	proc = vr->verify_proc;
	232	proc_cls = vr->proc_cls;
	233	GNUNET_CONTAINER_DLL_remove (handle->request_head,
	234	handle->request_tail,
	235	vr);
	236	GNUNET_MQ_discard (vr->env);
	237	GNUNET_free (vr);
	238	GNUNET_assert (GNUNET_OK ==
	239	GNUNET_CREDENTIAL_delegation_chain_deserialize (mlen,
	240	(const char*) &vr_msg[1],
	241	d_count,
	242	d_chain,
	243	c_count,
	244	creds));
	245	if (GNUNET_NO == ntohl (vr_msg->cred_found))
	246	{
	247	proc (proc_cls,
	248	0,
	249	NULL,
	250	0,
	251	NULL); // TODO
	252	} else {
	253	proc (proc_cls,
	254	d_count,
	255	d_chain,
	256	c_count,
	257	creds);
	258	}
	259	}
	260
	261
	262	/**
	263	* Reconnect to CREDENTIAL service.
	264	*
	265	* @param handle the handle to the CREDENTIAL service
	266	*/
	267	static void
	268	reconnect (struct GNUNET_CREDENTIAL_Handle *handle)
	269	{
	270	struct GNUNET_MQ_MessageHandler handlers[] = {
	271	GNUNET_MQ_hd_var_size (result,
	272	GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT,
	273	struct DelegationChainResultMessage,
	274	handle),
	275	GNUNET_MQ_hd_var_size (result,
	276	GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT_RESULT,
	277	struct DelegationChainResultMessage,
	278	handle),
	279	GNUNET_MQ_handler_end ()
	280	};
	281	struct GNUNET_CREDENTIAL_Request *vr;
	282
	283	GNUNET_assert (NULL == handle->mq);
	284	LOG (GNUNET_ERROR_TYPE_DEBUG,
	285	"Trying to connect to CREDENTIAL\n");
	286	handle->mq = GNUNET_CLIENT_connect (handle->cfg,
	287	"credential",
	288	handlers,
	289	&mq_error_handler,
	290	handle);
	291	if (NULL == handle->mq)
	292	return;
	293	for (vr = handle->request_head; NULL != vr; vr = vr->next)
	294	GNUNET_MQ_send_copy (handle->mq,
	295	vr->env);
	296	}
	297
	298
	299	/**
	300	* Initialize the connection with the CREDENTIAL service.
	301	*
	302	* @param cfg configuration to use
	303	* @return handle to the CREDENTIAL service, or NULL on error
	304	*/
	305	struct GNUNET_CREDENTIAL_Handle *
	306	GNUNET_CREDENTIAL_connect (const struct GNUNET_CONFIGURATION_Handle *cfg)
	307	{
	308	struct GNUNET_CREDENTIAL_Handle *handle;
	309
	310	handle = GNUNET_new (struct GNUNET_CREDENTIAL_Handle);
	311	handle->cfg = cfg;
	312	reconnect (handle);
	313	if (NULL == handle->mq)
	314	{
	315	GNUNET_free (handle);
	316	return NULL;
	317	}
	318	return handle;
	319	}
	320
	321
	322	/**
	323	* Shutdown connection with the CREDENTIAL service.
	324	*
	325	* @param handle handle of the CREDENTIAL connection to stop
	326	*/
	327	void
	328	GNUNET_CREDENTIAL_disconnect (struct GNUNET_CREDENTIAL_Handle *handle)
	329	{
	330	if (NULL != handle->mq)
	331	{
	332	GNUNET_MQ_destroy (handle->mq);
	333	handle->mq = NULL;
	334	}
	335	if (NULL != handle->reconnect_task)
	336	{
	337	GNUNET_SCHEDULER_cancel (handle->reconnect_task);
	338	handle->reconnect_task = NULL;
	339	}
	340	GNUNET_assert (NULL == handle->request_head);
	341	GNUNET_free (handle);
	342	}
	343
	344
	345	/**
	346	* Cancel pending verify request
	347	*
	348	* @param lr the verify request to cancel
	349	*/
	350	void
	351	GNUNET_CREDENTIAL_request_cancel (struct GNUNET_CREDENTIAL_Request *lr)
	352	{
	353	struct GNUNET_CREDENTIAL_Handle *handle = lr->credential_handle;
	354
	355	GNUNET_CONTAINER_DLL_remove (handle->request_head,
	356	handle->request_tail,
	357	lr);
	358	GNUNET_MQ_discard (lr->env);
	359	GNUNET_free (lr);
	360	}
	361
	362
	363	/**
	364	* Performs attribute collection.
	365	* Collects all credentials of subject to fulfill the
	366	* attribute, if possible
	367	*
	368	* @param handle handle to the Credential service
	369	* @param issuer_key the issuer public key
	370	* @param issuer_attribute the issuer attribute
	371	* @param subject_key the subject public key
	372	* @param proc function to call on result
	373	* @param proc_cls closure for processor
	374	* @return handle to the queued request
	375	*/
	376	struct GNUNET_CREDENTIAL_Request*
	377	GNUNET_CREDENTIAL_collect (struct GNUNET_CREDENTIAL_Handle *handle,
	378	const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
	379	const char *issuer_attribute,
	380	const struct GNUNET_CRYPTO_EcdsaPrivateKey *subject_key,
	381	GNUNET_CREDENTIAL_CredentialResultProcessor proc,
	382	void *proc_cls)
	383	{
	384	/* IPC to shorten credential names, return shorten_handle */
	385	struct CollectMessage *c_msg;
	386	struct GNUNET_CREDENTIAL_Request *vr;
	387	size_t nlen;
	388
	389	if (NULL == issuer_attribute)
	390	{
	391	GNUNET_break (0);
	392	return NULL;
	393	}
	394
	395	//DEBUG LOG
	396	LOG (GNUNET_ERROR_TYPE_DEBUG,
	397	"Trying to collect `%s' in CREDENTIAL\n",
	398	issuer_attribute);
	399	nlen = strlen (issuer_attribute) + 1;
	400	if (nlen >= GNUNET_MAX_MESSAGE_SIZE - sizeof (*vr))
	401	{
	402	GNUNET_break (0);
	403	return NULL;
	404	}
	405	vr = GNUNET_new (struct GNUNET_CREDENTIAL_Request);
	406	vr->credential_handle = handle;
	407	vr->verify_proc = proc;
	408	vr->proc_cls = proc_cls;
	409	vr->r_id = handle->r_id_gen++;
	410	vr->env = GNUNET_MQ_msg_extra (c_msg,
	411	nlen,
	412	GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT);
	413	c_msg->id = htonl (vr->r_id);
	414	c_msg->subject_key = *subject_key;
	415	c_msg->issuer_key = *issuer_key;
	416	c_msg->issuer_attribute_len = htons(strlen(issuer_attribute));
	417	GNUNET_memcpy (&c_msg[1],
	418	issuer_attribute,
	419	strlen (issuer_attribute));
	420	GNUNET_CONTAINER_DLL_insert (handle->request_head,
	421	handle->request_tail,
	422	vr);
	423	if (NULL != handle->mq)
	424	GNUNET_MQ_send_copy (handle->mq,
	425	vr->env);
	426	return vr;
	427	}
	428	/**
	429	* Performs attribute verification.
	430	* Checks if there is a delegation chain from
	431	* attribute ``issuer_attribute'' issued by the issuer
	432	* with public key ``issuer_key'' maps to the attribute
	433	* ``subject_attribute'' claimed by the subject with key
	434	* ``subject_key''
	435	*
	436	* @param handle handle to the Credential service
	437	* @param issuer_key the issuer public key
	438	* @param issuer_attribute the issuer attribute
	439	* @param subject_key the subject public key
	440	* @param credential_count number of credentials provided
	441	* @param credentials subject credentials
	442	* @param proc function to call on result
	443	* @param proc_cls closure for processor
	444	* @return handle to the queued request
	445	*/
	446	struct GNUNET_CREDENTIAL_Request*
	447	GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle,
	448	const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
	449	const char *issuer_attribute,
	450	const struct GNUNET_CRYPTO_EcdsaPublicKey *subject_key,
	451	uint32_t credential_count,
	452	const struct GNUNET_CREDENTIAL_Credential *credentials,
	453	GNUNET_CREDENTIAL_CredentialResultProcessor proc,
	454	void *proc_cls)
	455	{
	456	/* IPC to shorten credential names, return shorten_handle */
	457	struct VerifyMessage *v_msg;
	458	struct GNUNET_CREDENTIAL_Request *vr;
	459	size_t nlen;
	460	size_t clen;
	461
	462	if (NULL == issuer_attribute \|\| NULL == credentials)
	463	{
	464	GNUNET_break (0);
	465	return NULL;
	466	}
	467
	468	clen = GNUNET_CREDENTIAL_credentials_get_size (credential_count,
	469	credentials);
	470
	471	//DEBUG LOG
	472	LOG (GNUNET_ERROR_TYPE_DEBUG,
	473	"Trying to verify `%s' in CREDENTIAL\n",
	474	issuer_attribute);
	475	nlen = strlen (issuer_attribute) + 1 + clen;
	476	if (nlen >= GNUNET_MAX_MESSAGE_SIZE - sizeof (*vr))
	477	{
	478	GNUNET_break (0);
	479	return NULL;
	480	}
	481	vr = GNUNET_new (struct GNUNET_CREDENTIAL_Request);
	482	vr->credential_handle = handle;
	483	vr->verify_proc = proc;
	484	vr->proc_cls = proc_cls;
	485	vr->r_id = handle->r_id_gen++;
	486	vr->env = GNUNET_MQ_msg_extra (v_msg,
	487	nlen,
	488	GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY);
	489	v_msg->id = htonl (vr->r_id);
	490	v_msg->subject_key = *subject_key;
	491	v_msg->c_count = htonl(credential_count);
	492	v_msg->issuer_key = *issuer_key;
	493	v_msg->issuer_attribute_len = htons(strlen(issuer_attribute));
	494	GNUNET_memcpy (&v_msg[1],
	495	issuer_attribute,
	496	strlen (issuer_attribute));
	497	GNUNET_CREDENTIAL_credentials_serialize (credential_count,
	498	credentials,
	499	clen,
	500	((char*)&v_msg[1])
	501	+ strlen (issuer_attribute) + 1);
	502	GNUNET_CONTAINER_DLL_insert (handle->request_head,
	503	handle->request_tail,
	504	vr);
	505	if (NULL != handle->mq)
	506	GNUNET_MQ_send_copy (handle->mq,
	507	vr->env);
	508	return vr;
	509	}
	510
	511	/* end of credential_api.c */