diff options
Diffstat (limited to 'src/credential/plugin_rest_credential.c')
-rw-r--r-- | src/credential/plugin_rest_credential.c | 153 |
1 files changed, 148 insertions, 5 deletions
diff --git a/src/credential/plugin_rest_credential.c b/src/credential/plugin_rest_credential.c index 51d91079a..137f55c47 100644 --- a/src/credential/plugin_rest_credential.c +++ b/src/credential/plugin_rest_credential.c | |||
@@ -37,6 +37,12 @@ | |||
37 | 37 | ||
38 | #define GNUNET_REST_API_NS_CREDENTIAL "/credential" | 38 | #define GNUNET_REST_API_NS_CREDENTIAL "/credential" |
39 | 39 | ||
40 | #define GNUNET_REST_JSONAPI_CREDENTIAL "credential" | ||
41 | |||
42 | #define GNUNET_REST_JSONAPI_CREDENTIAL_TYPEINFO "credential" | ||
43 | |||
44 | #define GNUNET_REST_JSONAPI_CREDENTIAL_CHAIN "chain" | ||
45 | |||
40 | #define GNUNET_REST_JSONAPI_CREDENTIAL_ISSUER_ATTR "attribute" | 46 | #define GNUNET_REST_JSONAPI_CREDENTIAL_ISSUER_ATTR "attribute" |
41 | 47 | ||
42 | #define GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_ATTR "credential" | 48 | #define GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_ATTR "credential" |
@@ -174,6 +180,143 @@ do_error (void *cls) | |||
174 | cleanup_handle (handle); | 180 | cleanup_handle (handle); |
175 | } | 181 | } |
176 | 182 | ||
183 | /** | ||
184 | * Attribute delegation to JSON | ||
185 | * @param attr the attribute | ||
186 | * @return JSON, NULL if failed | ||
187 | */ | ||
188 | static json_t* | ||
189 | attribute_delegation_to_json (struct GNUNET_CREDENTIAL_AttributeRecordData *attr) | ||
190 | { | ||
191 | char *subject; | ||
192 | char *attribute; | ||
193 | json_t *attr_obj; | ||
194 | |||
195 | subject = GNUNET_CRYPTO_ecdsa_public_key_to_string (&attr->subject_key); | ||
196 | { | ||
197 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
198 | "Subject in credential malformed\n"); | ||
199 | return NULL; | ||
200 | } | ||
201 | attribute = (char*)&attr[1]; | ||
202 | attr_obj = json_object (); | ||
203 | json_object_set_new (attr_obj, "subject", json_string (subject)); | ||
204 | json_object_set_new (attr_obj, "attribute", json_string (attribute)); | ||
205 | GNUNET_free (subject); | ||
206 | return attr_obj; | ||
207 | } | ||
208 | |||
209 | /** | ||
210 | * Credential to JSON | ||
211 | * @param cred the credential | ||
212 | * @return the resulting json, NULL if failed | ||
213 | */ | ||
214 | static json_t* | ||
215 | credential_to_json (struct GNUNET_CREDENTIAL_CredentialRecordData *cred) | ||
216 | { | ||
217 | struct GNUNET_TIME_Absolute exp; | ||
218 | const char* exp_str; | ||
219 | char *issuer; | ||
220 | char *subject; | ||
221 | char *attribute; | ||
222 | char *signature; | ||
223 | json_t *cred_obj; | ||
224 | |||
225 | issuer = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->issuer_key); | ||
226 | if (NULL == issuer) | ||
227 | { | ||
228 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
229 | "Issuer in credential malformed\n"); | ||
230 | return NULL; | ||
231 | } | ||
232 | subject = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->subject_key); | ||
233 | if (NULL == subject) | ||
234 | { | ||
235 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
236 | "Subject in credential malformed\n"); | ||
237 | GNUNET_free (issuer); | ||
238 | return NULL; | ||
239 | } | ||
240 | GNUNET_STRINGS_base64_encode ((char*)&cred->signature, | ||
241 | sizeof (struct GNUNET_CRYPTO_EcdsaSignature), | ||
242 | &signature); | ||
243 | attribute = (char*)&cred[1]; | ||
244 | exp.abs_value_us = ntohs (cred->expiration); | ||
245 | exp_str = GNUNET_STRINGS_absolute_time_to_string (exp); | ||
246 | cred_obj = json_object (); | ||
247 | json_object_set_new (cred_obj, "issuer", json_string (issuer)); | ||
248 | json_object_set_new (cred_obj, "subject", json_string (subject)); | ||
249 | json_object_set_new (cred_obj, "attribute", json_string (attribute)); | ||
250 | json_object_set_new (cred_obj, "signature", json_string (signature)); | ||
251 | json_object_set_new (cred_obj, "expiration", json_string (exp_str)); | ||
252 | GNUNET_free (issuer); | ||
253 | GNUNET_free (subject); | ||
254 | GNUNET_free (signature); | ||
255 | return cred_obj; | ||
256 | } | ||
257 | |||
258 | /** | ||
259 | * Function called with the result of a Credential lookup. | ||
260 | * | ||
261 | * @param cls the 'const char *' name that was resolved | ||
262 | * @param cd_count number of records returned | ||
263 | * @param cd array of @a cd_count records with the results | ||
264 | */ | ||
265 | static void | ||
266 | handle_verify_response (void *cls, | ||
267 | struct GNUNET_CREDENTIAL_CredentialRecordData *cred, | ||
268 | uint32_t delegation_count, | ||
269 | struct GNUNET_CREDENTIAL_AttributeRecordData *deleg) | ||
270 | { | ||
271 | |||
272 | struct VerifyHandle *handle = cls; | ||
273 | struct MHD_Response *resp; | ||
274 | struct GNUNET_JSONAPI_Document *json_document; | ||
275 | struct GNUNET_JSONAPI_Resource *json_resource; | ||
276 | json_t *cred_obj; | ||
277 | json_t *attr_obj; | ||
278 | json_t *result_array; | ||
279 | char *result; | ||
280 | uint32_t i; | ||
281 | |||
282 | handle->verify_request = NULL; | ||
283 | if (NULL == cred) { | ||
284 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
285 | "Verify failed.\n"); | ||
286 | handle->response_code = MHD_HTTP_NOT_FOUND; | ||
287 | GNUNET_SCHEDULER_add_now (&do_error, handle); | ||
288 | return; | ||
289 | } | ||
290 | json_document = GNUNET_JSONAPI_document_new (); | ||
291 | json_resource = GNUNET_JSONAPI_resource_new (GNUNET_REST_JSONAPI_CREDENTIAL_TYPEINFO, | ||
292 | handle->issuer_attr); | ||
293 | cred_obj = credential_to_json (cred); | ||
294 | result_array = json_array (); | ||
295 | for (i = 0; i < delegation_count; i++) | ||
296 | { | ||
297 | attr_obj = attribute_delegation_to_json (&(deleg[i])); | ||
298 | json_array_append (result_array, attr_obj); | ||
299 | json_decref (attr_obj); | ||
300 | } | ||
301 | GNUNET_JSONAPI_resource_add_attr (json_resource, | ||
302 | GNUNET_REST_JSONAPI_CREDENTIAL, | ||
303 | cred_obj); | ||
304 | GNUNET_JSONAPI_resource_add_attr (json_resource, | ||
305 | GNUNET_REST_JSONAPI_CREDENTIAL_CHAIN, | ||
306 | result_array); | ||
307 | GNUNET_JSONAPI_document_resource_add (json_document, json_resource); | ||
308 | GNUNET_JSONAPI_document_serialize (json_document, &result); | ||
309 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
310 | "Result %s\n", | ||
311 | result); | ||
312 | json_decref (result_array); | ||
313 | GNUNET_JSONAPI_document_delete (json_document); | ||
314 | resp = GNUNET_REST_create_response (result); | ||
315 | handle->proc (handle->proc_cls, resp, MHD_HTTP_OK); | ||
316 | GNUNET_free (result); | ||
317 | cleanup_handle (handle); | ||
318 | } | ||
319 | |||
177 | 320 | ||
178 | static void | 321 | static void |
179 | verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle, | 322 | verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle, |
@@ -292,14 +435,14 @@ verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle, | |||
292 | } | 435 | } |
293 | handle->subject_attr = GNUNET_strdup (tmp); | 436 | handle->subject_attr = GNUNET_strdup (tmp); |
294 | GNUNET_free (entity_attr); | 437 | GNUNET_free (entity_attr); |
295 | 438 | ||
296 | handle->verify_request = GNUNET_CREDENTIAL_verify (handle->credential, | 439 | handle->verify_request = GNUNET_CREDENTIAL_verify (handle->credential, |
297 | &handle->issuer_key, | 440 | &handle->issuer_key, |
298 | handle->issuer_attr, | 441 | handle->issuer_attr, |
299 | &handle->subject_key, | 442 | &handle->subject_key, |
300 | handle->subject_attr, | 443 | handle->subject_attr, |
301 | NULL, | 444 | &handle_verify_response, |
302 | NULL); | 445 | handle); |
303 | 446 | ||
304 | } | 447 | } |
305 | 448 | ||
@@ -341,8 +484,8 @@ options_cont (struct GNUNET_REST_RequestHandle *con_handle, | |||
341 | */ | 484 | */ |
342 | static void | 485 | static void |
343 | rest_credential_process_request(struct GNUNET_REST_RequestHandle *conndata_handle, | 486 | rest_credential_process_request(struct GNUNET_REST_RequestHandle *conndata_handle, |
344 | GNUNET_REST_ResultProcessor proc, | 487 | GNUNET_REST_ResultProcessor proc, |
345 | void *proc_cls) | 488 | void *proc_cls) |
346 | { | 489 | { |
347 | struct VerifyHandle *handle = GNUNET_new (struct VerifyHandle); | 490 | struct VerifyHandle *handle = GNUNET_new (struct VerifyHandle); |
348 | struct GNUNET_REST_RequestHandlerError err; | 491 | struct GNUNET_REST_RequestHandlerError err; |