diff options
Diffstat (limited to 'src/credential/gnunet-credential.c')
-rw-r--r-- | src/credential/gnunet-credential.c | 171 |
1 files changed, 156 insertions, 15 deletions
diff --git a/src/credential/gnunet-credential.c b/src/credential/gnunet-credential.c index b31c2f66e..fb7bdb7f8 100644 --- a/src/credential/gnunet-credential.c +++ b/src/credential/gnunet-credential.c | |||
@@ -55,6 +55,11 @@ static struct GNUNET_TIME_Relative timeout; | |||
55 | static struct GNUNET_CREDENTIAL_Request *verify_request; | 55 | static struct GNUNET_CREDENTIAL_Request *verify_request; |
56 | 56 | ||
57 | /** | 57 | /** |
58 | * Handle to collect request | ||
59 | */ | ||
60 | static struct GNUNET_CREDENTIAL_Request *collect_request; | ||
61 | |||
62 | /** | ||
58 | * Task scheduled to handle timeout. | 63 | * Task scheduled to handle timeout. |
59 | */ | 64 | */ |
60 | static struct GNUNET_SCHEDULER_Task *tt; | 65 | static struct GNUNET_SCHEDULER_Task *tt; |
@@ -91,9 +96,9 @@ struct GNUNET_CRYPTO_EcdsaPublicKey issuer_pkey; | |||
91 | static char *issuer_key; | 96 | static char *issuer_key; |
92 | 97 | ||
93 | /** | 98 | /** |
94 | * Issuer ego | 99 | * ego |
95 | */ | 100 | */ |
96 | static char *issuer_ego_name; | 101 | static char *ego_name; |
97 | 102 | ||
98 | /** | 103 | /** |
99 | * Issuer attribute | 104 | * Issuer attribute |
@@ -110,6 +115,10 @@ static uint32_t verify; | |||
110 | */ | 115 | */ |
111 | static uint32_t create_cred; | 116 | static uint32_t create_cred; |
112 | 117 | ||
118 | /** | ||
119 | * Collect mode | ||
120 | */ | ||
121 | static uint32_t collect; | ||
113 | 122 | ||
114 | /** | 123 | /** |
115 | * Task run on shutdown. Cleans up everything. | 124 | * Task run on shutdown. Cleans up everything. |
@@ -149,6 +158,39 @@ do_timeout (void *cls) | |||
149 | GNUNET_SCHEDULER_shutdown (); | 158 | GNUNET_SCHEDULER_shutdown (); |
150 | } | 159 | } |
151 | 160 | ||
161 | /** | ||
162 | * Function called with the result of a Credential lookup. | ||
163 | * | ||
164 | * @param cls the 'const char *' name that was resolved | ||
165 | * @param cd_count number of records returned | ||
166 | * @param cd array of @a cd_count records with the results | ||
167 | */ | ||
168 | static void | ||
169 | handle_collect_result (void *cls, | ||
170 | unsigned int d_count, | ||
171 | struct GNUNET_CREDENTIAL_Delegation *dc, | ||
172 | unsigned int c_count, | ||
173 | struct GNUNET_CREDENTIAL_Credential *cred) | ||
174 | { | ||
175 | int i; | ||
176 | char* line; | ||
177 | |||
178 | verify_request = NULL; | ||
179 | if (NULL != cred) | ||
180 | { | ||
181 | for (i=0;i<c_count;i++) | ||
182 | { | ||
183 | line = GNUNET_CREDENTIAL_credential_to_string (&cred[i]); | ||
184 | printf ("%s\n", | ||
185 | line); | ||
186 | GNUNET_free (line); | ||
187 | } | ||
188 | } | ||
189 | |||
190 | |||
191 | GNUNET_SCHEDULER_shutdown (); | ||
192 | } | ||
193 | |||
152 | 194 | ||
153 | /** | 195 | /** |
154 | * Function called with the result of a Credential lookup. | 196 | * Function called with the result of a Credential lookup. |
@@ -230,15 +272,42 @@ identity_cb (void *cls, | |||
230 | el = NULL; | 272 | el = NULL; |
231 | if (NULL == ego) | 273 | if (NULL == ego) |
232 | { | 274 | { |
233 | if (NULL != issuer_ego_name) | 275 | if (NULL != ego_name) |
234 | { | 276 | { |
235 | fprintf (stderr, | 277 | fprintf (stderr, |
236 | _("Ego `%s' not known to identity service\n"), | 278 | _("Ego `%s' not known to identity service\n"), |
237 | issuer_ego_name); | 279 | ego_name); |
238 | } | 280 | } |
239 | GNUNET_SCHEDULER_shutdown (); | 281 | GNUNET_SCHEDULER_shutdown (); |
240 | return; | 282 | return; |
241 | } | 283 | } |
284 | |||
285 | if (GNUNET_YES == collect) | ||
286 | { | ||
287 | |||
288 | if (GNUNET_OK != | ||
289 | GNUNET_CRYPTO_ecdsa_public_key_from_string (issuer_key, | ||
290 | strlen (issuer_key), | ||
291 | &issuer_pkey)) | ||
292 | { | ||
293 | fprintf (stderr, | ||
294 | _("Issuer public key `%s' is not well-formed\n"), | ||
295 | issuer_key); | ||
296 | GNUNET_SCHEDULER_shutdown (); | ||
297 | } | ||
298 | privkey = GNUNET_IDENTITY_ego_get_private_key (ego); | ||
299 | |||
300 | collect_request = GNUNET_CREDENTIAL_collect(credential, | ||
301 | &issuer_pkey, | ||
302 | issuer_attr, //TODO argument | ||
303 | privkey, | ||
304 | &handle_collect_result, | ||
305 | NULL); | ||
306 | return; | ||
307 | } | ||
308 | |||
309 | //Else issue | ||
310 | |||
242 | if (NULL == expiration) | 311 | if (NULL == expiration) |
243 | { | 312 | { |
244 | fprintf (stderr, | 313 | fprintf (stderr, |
@@ -261,8 +330,8 @@ identity_cb (void *cls, | |||
261 | 330 | ||
262 | 331 | ||
263 | privkey = GNUNET_IDENTITY_ego_get_private_key (ego); | 332 | privkey = GNUNET_IDENTITY_ego_get_private_key (ego); |
264 | GNUNET_free_non_null (issuer_ego_name); | 333 | GNUNET_free_non_null (ego_name); |
265 | issuer_ego_name = NULL; | 334 | ego_name = NULL; |
266 | crd = GNUNET_CREDENTIAL_credential_issue (privkey, | 335 | crd = GNUNET_CREDENTIAL_credential_issue (privkey, |
267 | &subject_pkey, | 336 | &subject_pkey, |
268 | issuer_attr, | 337 | issuer_attr, |
@@ -299,7 +368,46 @@ run (void *cls, | |||
299 | &do_timeout, NULL); | 368 | &do_timeout, NULL); |
300 | GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL); | 369 | GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL); |
301 | 370 | ||
371 | if (GNUNET_YES == collect) { | ||
372 | if (NULL == issuer_key) | ||
373 | { | ||
374 | fprintf (stderr, | ||
375 | _("Issuer public key not well-formed\n")); | ||
376 | GNUNET_SCHEDULER_shutdown (); | ||
377 | return; | ||
378 | |||
379 | } | ||
380 | |||
381 | credential = GNUNET_CREDENTIAL_connect (cfg); | ||
382 | |||
383 | if (NULL == credential) | ||
384 | { | ||
385 | fprintf (stderr, | ||
386 | _("Failed to connect to CREDENTIAL\n")); | ||
387 | GNUNET_SCHEDULER_shutdown (); | ||
388 | } | ||
389 | if (NULL == issuer_attr) | ||
390 | { | ||
391 | fprintf (stderr, | ||
392 | _("You must provide issuer the attribute\n")); | ||
393 | GNUNET_SCHEDULER_shutdown (); | ||
394 | } | ||
395 | |||
396 | if (NULL == ego_name) | ||
397 | { | ||
398 | fprintf (stderr, | ||
399 | _("ego required\n")); | ||
400 | GNUNET_SCHEDULER_shutdown (); | ||
401 | return; | ||
402 | |||
403 | } | ||
404 | el = GNUNET_IDENTITY_ego_lookup (cfg, | ||
405 | ego_name, | ||
406 | &identity_cb, | ||
407 | (void *) cfg); | ||
408 | return; | ||
302 | 409 | ||
410 | } | ||
303 | 411 | ||
304 | if (NULL == subject_key) | 412 | if (NULL == subject_key) |
305 | { | 413 | { |
@@ -320,7 +428,6 @@ run (void *cls, | |||
320 | GNUNET_SCHEDULER_shutdown (); | 428 | GNUNET_SCHEDULER_shutdown (); |
321 | return; | 429 | return; |
322 | } | 430 | } |
323 | |||
324 | if (GNUNET_YES == verify) { | 431 | if (GNUNET_YES == verify) { |
325 | if (NULL == issuer_key) | 432 | if (NULL == issuer_key) |
326 | { | 433 | { |
@@ -348,7 +455,6 @@ run (void *cls, | |||
348 | _("Failed to connect to CREDENTIAL\n")); | 455 | _("Failed to connect to CREDENTIAL\n")); |
349 | GNUNET_SCHEDULER_shutdown (); | 456 | GNUNET_SCHEDULER_shutdown (); |
350 | } | 457 | } |
351 | |||
352 | if (NULL == issuer_attr || NULL == subject_credential) | 458 | if (NULL == issuer_attr || NULL == subject_credential) |
353 | { | 459 | { |
354 | fprintf (stderr, | 460 | fprintf (stderr, |
@@ -356,18 +462,50 @@ run (void *cls, | |||
356 | GNUNET_SCHEDULER_shutdown (); | 462 | GNUNET_SCHEDULER_shutdown (); |
357 | } | 463 | } |
358 | 464 | ||
359 | printf ("Trying to find a chain from a credential under %s of %s to the attribute %s issued by %s\n", | 465 | //Subject credentials are comma separated |
360 | subject_credential, subject_key, issuer_attr, issuer_key); | 466 | char *tmp = GNUNET_strdup (subject_credential); |
467 | char *tok = strtok (tmp, ","); | ||
468 | if (NULL == tok) | ||
469 | { | ||
470 | fprintf (stderr, | ||
471 | "Invalid subject credentials\n"); | ||
472 | GNUNET_free (tmp); | ||
473 | GNUNET_SCHEDULER_shutdown (); | ||
474 | } | ||
475 | int count = 1; | ||
476 | int i; | ||
477 | while (NULL != (tok = strtok(NULL, ","))) | ||
478 | count++; | ||
479 | struct GNUNET_CREDENTIAL_Credential credentials[count]; | ||
480 | struct GNUNET_CREDENTIAL_Credential *cred; | ||
481 | GNUNET_free (tmp); | ||
482 | tmp = GNUNET_strdup (subject_credential); | ||
483 | tok = strtok (tmp, ","); | ||
484 | for (i=0;i<count;i++) | ||
485 | { | ||
486 | cred = GNUNET_CREDENTIAL_credential_from_string (tok); | ||
487 | GNUNET_memcpy (&credentials[i], | ||
488 | cred, | ||
489 | sizeof (struct GNUNET_CREDENTIAL_Credential)); | ||
490 | credentials[i].issuer_attribute = GNUNET_strdup (cred->issuer_attribute); | ||
491 | tok = strtok(NULL, ","); | ||
492 | GNUNET_free (cred); | ||
493 | } | ||
361 | 494 | ||
362 | verify_request = GNUNET_CREDENTIAL_verify(credential, | 495 | verify_request = GNUNET_CREDENTIAL_verify(credential, |
363 | &issuer_pkey, | 496 | &issuer_pkey, |
364 | issuer_attr, //TODO argument | 497 | issuer_attr, //TODO argument |
365 | &subject_pkey, | 498 | &subject_pkey, |
366 | subject_credential, | 499 | count, |
500 | credentials, | ||
367 | &handle_verify_result, | 501 | &handle_verify_result, |
368 | NULL); | 502 | NULL); |
503 | for (i=0;i<count;i++) | ||
504 | { | ||
505 | GNUNET_free ((char*)credentials[i].issuer_attribute); | ||
506 | } | ||
369 | } else if (GNUNET_YES == create_cred) { | 507 | } else if (GNUNET_YES == create_cred) { |
370 | if (NULL == issuer_ego_name) | 508 | if (NULL == ego_name) |
371 | { | 509 | { |
372 | fprintf (stderr, | 510 | fprintf (stderr, |
373 | _("Issuer ego required\n")); | 511 | _("Issuer ego required\n")); |
@@ -376,7 +514,7 @@ run (void *cls, | |||
376 | 514 | ||
377 | } | 515 | } |
378 | el = GNUNET_IDENTITY_ego_lookup (cfg, | 516 | el = GNUNET_IDENTITY_ego_lookup (cfg, |
379 | issuer_ego_name, | 517 | ego_name, |
380 | &identity_cb, | 518 | &identity_cb, |
381 | (void *) cfg); | 519 | (void *) cfg); |
382 | return; | 520 | return; |
@@ -416,14 +554,17 @@ main (int argc, char *const *argv) | |||
416 | gettext_noop ("The public key of the authority to verify the credential against"), 1, | 554 | gettext_noop ("The public key of the authority to verify the credential against"), 1, |
417 | &GNUNET_GETOPT_set_string, &issuer_key}, | 555 | &GNUNET_GETOPT_set_string, &issuer_key}, |
418 | {'e', "ego", "EGO", | 556 | {'e', "ego", "EGO", |
419 | gettext_noop ("The ego to use to issue"), 1, | 557 | gettext_noop ("The ego to use"), 1, |
420 | &GNUNET_GETOPT_set_string, &issuer_ego_name}, | 558 | &GNUNET_GETOPT_set_string, &ego_name}, |
421 | {'a', "attribute", "ATTR", | 559 | {'a', "attribute", "ATTR", |
422 | gettext_noop ("The issuer attribute to verify against or to issue"), 1, | 560 | gettext_noop ("The issuer attribute to verify against or to issue"), 1, |
423 | &GNUNET_GETOPT_set_string, &issuer_attr}, | 561 | &GNUNET_GETOPT_set_string, &issuer_attr}, |
424 | {'T', "ttl", "EXP", | 562 | {'T', "ttl", "EXP", |
425 | gettext_noop ("The time to live for the credential"), 1, | 563 | gettext_noop ("The time to live for the credential"), 1, |
426 | &GNUNET_GETOPT_set_string, &expiration}, | 564 | &GNUNET_GETOPT_set_string, &expiration}, |
565 | {'g', "collect", NULL, | ||
566 | gettext_noop ("collect credentials"), 0, | ||
567 | &GNUNET_GETOPT_set_one, &collect}, | ||
427 | GNUNET_GETOPT_OPTION_END | 568 | GNUNET_GETOPT_OPTION_END |
428 | }; | 569 | }; |
429 | int ret; | 570 | int ret; |