aboutsummaryrefslogtreecommitdiff
path: root/src/credential
diff options
context:
space:
mode:
Diffstat (limited to 'src/credential')
-rw-r--r--src/credential/Makefile.am1
-rw-r--r--src/credential/credential_serialization.c129
-rw-r--r--src/credential/credential_serialization.h91
-rw-r--r--src/credential/gnunet-service-credential.c520
-rw-r--r--src/credential/plugin_gnsrecord_credential.c168
-rwxr-xr-xsrc/credential/test_credential_verify.sh4
6 files changed, 645 insertions, 268 deletions
diff --git a/src/credential/Makefile.am b/src/credential/Makefile.am
index 51dbb34d7..5852bd0a0 100644
--- a/src/credential/Makefile.am
+++ b/src/credential/Makefile.am
@@ -55,6 +55,7 @@ gnunet_credential_LDADD = \
55libgnunet_plugin_gnsrecord_credential_la_SOURCES = \ 55libgnunet_plugin_gnsrecord_credential_la_SOURCES = \
56 plugin_gnsrecord_credential.c 56 plugin_gnsrecord_credential.c
57libgnunet_plugin_gnsrecord_credential_la_LIBADD = \ 57libgnunet_plugin_gnsrecord_credential_la_LIBADD = \
58 libgnunetcredential.la \
58 $(top_builddir)/src/util/libgnunetutil.la \ 59 $(top_builddir)/src/util/libgnunetutil.la \
59 $(LTLIBINTL) 60 $(LTLIBINTL)
60libgnunet_plugin_gnsrecord_credential_la_LDFLAGS = \ 61libgnunet_plugin_gnsrecord_credential_la_LDFLAGS = \
diff --git a/src/credential/credential_serialization.c b/src/credential/credential_serialization.c
index 2fbcebd9f..99138441e 100644
--- a/src/credential/credential_serialization.c
+++ b/src/credential/credential_serialization.c
@@ -32,7 +32,21 @@
32 32
33GNUNET_NETWORK_STRUCT_BEGIN 33GNUNET_NETWORK_STRUCT_BEGIN
34 34
35struct NetworkRecord 35struct DelegationRecordData
36{
37 /**
38 * Subject key
39 */
40 struct GNUNET_CRYPTO_EcdsaPublicKey subject_key;
41
42 /**
43 * Subject attributes
44 */
45 uint32_t subject_attribute_len GNUNET_PACKED;
46};
47
48
49struct ChainEntry
36{ 50{
37 /** 51 /**
38 * Issuer key 52 * Issuer key
@@ -57,6 +71,113 @@ struct NetworkRecord
57 71
58GNUNET_NETWORK_STRUCT_END 72GNUNET_NETWORK_STRUCT_END
59 73
74
75/**
76 * Calculate how many bytes we will need to serialize
77 * the given delegation chain and credential
78 *
79 * @param d_count number of delegation chain entries
80 * @param dd array of #GNUNET_CREDENTIAL_Delegation
81 * @param cd a #GNUNET_CREDENTIAL_Credential
82 * @return the required size to serialize
83 */
84size_t
85GNUNET_CREDENTIAL_delegation_set_get_size (unsigned int ds_count,
86 const struct GNUNET_CREDENTIAL_DelegationSetRecord *dsr)
87{
88 unsigned int i;
89 size_t ret;
90
91 ret = sizeof (struct DelegationRecordData) * (ds_count);
92
93 for (i=0; i<ds_count;i++)
94 {
95 GNUNET_assert ((ret + dsr[i].subject_attribute_len) >= ret);
96 ret += dsr[i].subject_attribute_len;
97 }
98 return ret;
99}
100
101/**
102 * Serizalize the given delegation chain entries and credential
103 *
104 * @param d_count number of delegation chain entries
105 * @param dd array of #GNUNET_CREDENTIAL_Delegation
106 * @param cd a #GNUNET_CREDENTIAL_Credential
107 * @param dest_size size of the destination
108 * @param dest where to store the result
109 * @return the size of the data, -1 on failure
110 */
111ssize_t
112GNUNET_CREDENTIAL_delegation_set_serialize (unsigned int d_count,
113 const struct GNUNET_CREDENTIAL_DelegationSetRecord *dsr,
114 size_t dest_size,
115 char *dest)
116{
117 struct DelegationRecordData rec;
118 unsigned int i;
119 size_t off;
120
121 off = 0;
122 for (i=0;i<d_count;i++)
123 {
124 rec.subject_attribute_len = htonl ((uint32_t) dsr[i].subject_attribute_len);
125 rec.subject_key = dsr[i].subject_key;
126 if (off + sizeof (rec) > dest_size)
127 return -1;
128 GNUNET_memcpy (&dest[off],
129 &rec,
130 sizeof (rec));
131 off += sizeof (rec);
132 if (0 == dsr[i].subject_attribute_len)
133 continue;
134 if (off + dsr[i].subject_attribute_len > dest_size)
135 return -1;
136 GNUNET_memcpy (&dest[off],
137 dsr[i].subject_attribute,
138 dsr[i].subject_attribute_len);
139 off += dsr[i].subject_attribute_len;
140 }
141 return off;
142}
143
144
145/**
146 * Deserialize the given destination
147 *
148 * @param len size of the serialized delegation chain and cred
149 * @param src the serialized data
150 * @param d_count the number of delegation chain entries
151 * @param dd where to put the delegation chain entries
152 * @param cd where to put the credential data
153 * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
154 */
155int
156GNUNET_CREDENTIAL_delegation_set_deserialize (size_t len,
157 const char *src,
158 unsigned int d_count,
159 struct GNUNET_CREDENTIAL_DelegationSetRecord *dsr)
160{
161 struct DelegationRecordData rec;
162 unsigned int i;
163 size_t off;
164
165 off = 0;
166 for (i=0;i<d_count;i++)
167 {
168 if (off + sizeof (rec) > len)
169 return GNUNET_SYSERR;
170 GNUNET_memcpy (&rec, &src[off], sizeof (rec));
171 dsr[i].subject_key = rec.subject_key;
172 off += sizeof (rec);
173 dsr[i].subject_attribute_len = ntohl ((uint32_t) rec.subject_attribute_len);
174 if (off + dsr[i].subject_attribute_len > len)
175 return GNUNET_SYSERR;
176 dsr[i].subject_attribute = &src[off];
177 off += dsr[i].subject_attribute_len;
178 }
179 return GNUNET_OK;
180}
60/** 181/**
61 * Calculate how many bytes we will need to serialize 182 * Calculate how many bytes we will need to serialize
62 * the given delegation chain and credential 183 * the given delegation chain and credential
@@ -74,7 +195,7 @@ GNUNET_CREDENTIAL_delegation_chain_get_size (unsigned int d_count,
74 unsigned int i; 195 unsigned int i;
75 size_t ret; 196 size_t ret;
76 197
77 ret = sizeof (struct NetworkRecord) * (d_count + 1); 198 ret = sizeof (struct ChainEntry) * (d_count + 1);
78 199
79 for (i=0; i<d_count;i++) 200 for (i=0; i<d_count;i++)
80 { 201 {
@@ -105,7 +226,7 @@ GNUNET_CREDENTIAL_delegation_chain_serialize (unsigned int d_count,
105 size_t dest_size, 226 size_t dest_size,
106 char *dest) 227 char *dest)
107{ 228{
108 struct NetworkRecord rec; 229 struct ChainEntry rec;
109 unsigned int i; 230 unsigned int i;
110 size_t off; 231 size_t off;
111 232
@@ -174,7 +295,7 @@ GNUNET_CREDENTIAL_delegation_chain_deserialize (size_t len,
174 struct GNUNET_CREDENTIAL_Delegation *dd, 295 struct GNUNET_CREDENTIAL_Delegation *dd,
175 struct GNUNET_CREDENTIAL_Credential *cd) 296 struct GNUNET_CREDENTIAL_Credential *cd)
176{ 297{
177 struct NetworkRecord rec; 298 struct ChainEntry rec;
178 unsigned int i; 299 unsigned int i;
179 size_t off; 300 size_t off;
180 301
diff --git a/src/credential/credential_serialization.h b/src/credential/credential_serialization.h
index 7e984ce0a..7f6d0dda9 100644
--- a/src/credential/credential_serialization.h
+++ b/src/credential/credential_serialization.h
@@ -32,50 +32,93 @@
32 32
33/** 33/**
34 * Calculate how many bytes we will need to serialize 34 * Calculate how many bytes we will need to serialize
35 * the given delegation chain and credential 35 * the given delegation record
36 * 36 *
37 * @param d_count number of delegation chain entries 37 * @param ds_count number of delegation chain entries
38 * @param dd array of #GNUNET_CREDENTIAL_Delegation 38 * @param dsr array of #GNUNET_CREDENTIAL_Delegation
39 * @param cd a #GNUNET_CREDENTIAL_Credential
40 * @return the required size to serialize 39 * @return the required size to serialize
41 */ 40 */
42size_t 41size_t
43GNUNET_CREDENTIAL_delegation_chain_get_size (unsigned int d_count, 42GNUNET_CREDENTIAL_delegation_set_get_size (unsigned int ds_count,
44 const struct GNUNET_CREDENTIAL_Delegation *dd, 43 const struct GNUNET_CREDENTIAL_DelegationSetRecord *dsr);
45 const struct GNUNET_CREDENTIAL_Credential *cd);
46 44
47/** 45/**
48 * Serizalize the given delegation chain entries and credential 46 * Serizalize the given delegation record entries
49 * 47 *
50 * @param d_count number of delegation chain entries 48 * @param d_count number of delegation chain entries
51 * @param dd array of #GNUNET_CREDENTIAL_Delegation 49 * @param dsr array of #GNUNET_CREDENTIAL_Delegation
52 * @param cd a #GNUNET_CREDENTIAL_Credential
53 * @param dest_size size of the destination 50 * @param dest_size size of the destination
54 * @param dest where to store the result 51 * @param dest where to store the result
55 * @return the size of the data, -1 on failure 52 * @return the size of the data, -1 on failure
56 */ 53 */
57ssize_t 54ssize_t
58GNUNET_CREDENTIAL_delegation_chain_serialize (unsigned int d_count, 55GNUNET_CREDENTIAL_delegation_set_serialize (unsigned int d_count,
59 const struct GNUNET_CREDENTIAL_Delegation *dd, 56 const struct GNUNET_CREDENTIAL_DelegationSetRecord *dsr,
60 const struct GNUNET_CREDENTIAL_Credential *cd, 57 size_t dest_size,
61 size_t dest_size, 58 char *dest);
62 char *dest);
63 59
64 60
65/** 61/**
66 * Deserialize the given destination 62 * Deserialize the given destination
67 * 63 *
68 * @param len size of the serialized delegation chain and cred 64 * @param len size of the serialized delegation recird
69 * @param src the serialized data 65 * @param src the serialized data
70 * @param d_count the number of delegation chain entries 66 * @param d_count the number of delegation chain entries
71 * @param dd where to put the delegation chain entries 67 * @param dsr where to put the delegation chain entries
72 * @param cd where to put the credential data
73 * @return #GNUNET_OK on success, #GNUNET_SYSERR on error 68 * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
74 */ 69 */
75int 70int
76GNUNET_CREDENTIAL_delegation_chain_deserialize (size_t len, 71GNUNET_CREDENTIAL_delegation_set_deserialize (size_t len,
77 const char *src, 72 const char *src,
78 unsigned int d_count, 73 unsigned int d_count,
79 struct GNUNET_CREDENTIAL_Delegation *dd, 74 struct GNUNET_CREDENTIAL_DelegationSetRecord *dsr);
80 struct GNUNET_CREDENTIAL_Credential *cd); 75
81/* end of credential_serialization.h */ 76 /**
77 * Calculate how many bytes we will need to serialize
78 * the given delegation chain and credential
79 *
80 * @param d_count number of delegation chain entries
81 * @param dd array of #GNUNET_CREDENTIAL_Delegation
82 * @param cd a #GNUNET_CREDENTIAL_Credential
83 * @return the required size to serialize
84 */
85 size_t
86 GNUNET_CREDENTIAL_delegation_chain_get_size (unsigned int d_count,
87 const struct GNUNET_CREDENTIAL_Delegation *dd,
88 const struct GNUNET_CREDENTIAL_Credential *cd);
89
90 /**
91 * Serizalize the given delegation chain entries and credential
92 *
93 * @param d_count number of delegation chain entries
94 * @param dd array of #GNUNET_CREDENTIAL_Delegation
95 * @param cd a #GNUNET_CREDENTIAL_Credential
96 * @param dest_size size of the destination
97 * @param dest where to store the result
98 * @return the size of the data, -1 on failure
99 */
100 ssize_t
101 GNUNET_CREDENTIAL_delegation_chain_serialize (unsigned int d_count,
102 const struct GNUNET_CREDENTIAL_Delegation *dd,
103 const struct GNUNET_CREDENTIAL_Credential *cd,
104 size_t dest_size,
105 char *dest);
106
107
108 /**
109 * Deserialize the given destination
110 *
111 * @param len size of the serialized delegation chain and cred
112 * @param src the serialized data
113 * @param d_count the number of delegation chain entries
114 * @param dd where to put the delegation chain entries
115 * @param cd where to put the credential data
116 * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
117 */
118 int
119 GNUNET_CREDENTIAL_delegation_chain_deserialize (size_t len,
120 const char *src,
121 unsigned int d_count,
122 struct GNUNET_CREDENTIAL_Delegation *dd,
123 struct GNUNET_CREDENTIAL_Credential *cd);
124 /* end of credential_serialization.h */
diff --git a/src/credential/gnunet-service-credential.c b/src/credential/gnunet-service-credential.c
index 8f7d71b28..8843abfd6 100644
--- a/src/credential/gnunet-service-credential.c
+++ b/src/credential/gnunet-service-credential.c
@@ -46,9 +46,22 @@
46 46
47struct VerifyRequestHandle; 47struct VerifyRequestHandle;
48 48
49struct GNUNET_CREDENTIAL_DelegationChainEntry 49struct DelegationSetEntry;
50
51
52struct DelegationChainEntry
50{ 53{
51 /** 54 /**
55 * DLL
56 */
57 struct DelegationChainEntry *next;
58
59 /**
60 * DLL
61 */
62 struct DelegationChainEntry *prev;
63
64 /**
52 * The issuer 65 * The issuer
53 */ 66 */
54 struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key; 67 struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key;
@@ -97,8 +110,8 @@ struct CredentialRecordEntry
97}; 110};
98 111
99/** 112/**
100 * DLL for delegations - Used as a queue 113 * DLL used for delegations
101 * Insert tail - Pop head 114 * Used for OR delegations
102 */ 115 */
103struct DelegationQueueEntry 116struct DelegationQueueEntry
104{ 117{
@@ -113,16 +126,43 @@ struct DelegationQueueEntry
113 struct DelegationQueueEntry *prev; 126 struct DelegationQueueEntry *prev;
114 127
115 /** 128 /**
116 * Children of this attribute 129 * Sets under this Queue
117 */ 130 */
118 struct DelegationQueueEntry *children_head; 131 struct DelegationSetEntry *set_entries_head;
119 132
120 /** 133 /**
121 * Children of this attribute 134 * Sets under this Queue
122 */ 135 */
123 struct DelegationQueueEntry *children_tail; 136 struct DelegationSetEntry *set_entries_tail;
124 137
125 /** 138 /**
139 * Parent set
140 */
141 struct DelegationSetEntry *parent_set;
142
143 /**
144 * Required solutions
145 */
146 uint32_t required_solutions;
147};
148
149/**
150 * DLL for delegation sets
151 * Used for AND delegation set
152 */
153struct DelegationSetEntry
154{
155 /**
156 * DLL
157 */
158 struct DelegationSetEntry *next;
159
160 /**
161 * DLL
162 */
163 struct DelegationSetEntry *prev;
164
165 /**
126 * GNS handle 166 * GNS handle
127 */ 167 */
128 struct GNUNET_GNS_LookupRequest *lookup_request; 168 struct GNUNET_GNS_LookupRequest *lookup_request;
@@ -143,6 +183,21 @@ struct DelegationQueueEntry
143 struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key; 183 struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key;
144 184
145 /** 185 /**
186 * Queue entries of this set
187 */
188 struct DelegationQueueEntry *queue_entries_head;
189
190 /**
191 * Queue entries of this set
192 */
193 struct DelegationQueueEntry *queue_entries_tail;
194
195 /**
196 * Parent QueueEntry
197 */
198 struct DelegationQueueEntry *parent_queue_entry;
199
200 /**
146 * Issuer attribute delegated to 201 * Issuer attribute delegated to
147 */ 202 */
148 char *issuer_attribute; 203 char *issuer_attribute;
@@ -161,16 +216,12 @@ struct DelegationQueueEntry
161 * Still to resolve delegation as string 216 * Still to resolve delegation as string
162 */ 217 */
163 char *unresolved_attribute_delegation; 218 char *unresolved_attribute_delegation;
164 219
165 /** 220 /**
166 * The delegation chain entry 221 * The delegation chain entry
167 */ 222 */
168 struct GNUNET_CREDENTIAL_DelegationChainEntry *delegation_chain_entry; 223 struct DelegationChainEntry *delegation_chain_entry;
169 224
170 /**
171 * Delegation chain length until now
172 */
173 uint32_t d_count;
174}; 225};
175 226
176 227
@@ -194,18 +245,32 @@ struct VerifyRequestHandle
194 * Handle to the requesting client 245 * Handle to the requesting client
195 */ 246 */
196 struct GNUNET_SERVICE_Client *client; 247 struct GNUNET_SERVICE_Client *client;
197 248
198 /** 249 /**
199 * GNS handle 250 * GNS handle
200 */ 251 */
201 struct GNUNET_GNS_LookupRequest *lookup_request; 252 struct GNUNET_GNS_LookupRequest *lookup_request;
202 253
254 /**
255 * Size of delegation tree
256 */
257 uint32_t delegation_chain_size;
258
259 /**
260 * Children of this attribute
261 */
262 struct DelegationChainEntry *delegation_chain_head;
263
264 /**
265 * Children of this attribute
266 */
267 struct DelegationChainEntry *delegation_chain_tail;
203 268
204 /** 269 /**
205 * Issuer public key 270 * Issuer public key
206 */ 271 */
207 struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key; 272 struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key;
208 273
209 /** 274 /**
210 * Issuer attribute 275 * Issuer attribute
211 */ 276 */
@@ -227,15 +292,10 @@ struct VerifyRequestHandle
227 struct CredentialRecordEntry *cred_chain_tail; 292 struct CredentialRecordEntry *cred_chain_tail;
228 293
229 /** 294 /**
230 * Delegation Queue 295 * Root Delegation Set
231 */ 296 */
232 struct DelegationQueueEntry *chain_start; 297 struct DelegationSetEntry *root_set;
233 298
234 /**
235 * Delegation Queue
236 */
237 struct DelegationQueueEntry *chain_end;
238
239 /** 299 /**
240 * Current Delegation Pointer 300 * Current Delegation Pointer
241 */ 301 */
@@ -252,11 +312,6 @@ struct VerifyRequestHandle
252 uint32_t credential_size; 312 uint32_t credential_size;
253 313
254 /** 314 /**
255 * Length of found delegation chain
256 */
257 uint32_t d_count;
258
259 /**
260 * request id 315 * request id
261 */ 316 */
262 uint32_t request_id; 317 uint32_t request_id;
@@ -291,43 +346,56 @@ static struct GNUNET_GNS_Handle *gns;
291 346
292 347
293static void 348static void
294cleanup_delegation_queue (struct DelegationQueueEntry *dq_entry) 349cleanup_delegation_set (struct DelegationSetEntry *ds_entry)
295{ 350{
296 struct DelegationQueueEntry *child; 351 struct DelegationQueueEntry *dq_entry;
297 if (NULL == dq_entry) 352 struct DelegationSetEntry *child;
353
354 if (NULL == ds_entry)
298 return; 355 return;
299 356
300 for (child = dq_entry->children_head; NULL != child; child = dq_entry->children_head) 357 for (dq_entry = ds_entry->queue_entries_head;
358 NULL != dq_entry;
359 dq_entry = ds_entry->queue_entries_head)
301 { 360 {
302 GNUNET_CONTAINER_DLL_remove (dq_entry->children_head, 361 GNUNET_CONTAINER_DLL_remove (ds_entry->queue_entries_head,
303 dq_entry->children_tail, 362 ds_entry->queue_entries_tail,
304 child); 363 dq_entry);
305 cleanup_delegation_queue (child); 364 for (child = dq_entry->set_entries_head;
365 NULL != child;
366 child = dq_entry->set_entries_head)
367 {
368 GNUNET_CONTAINER_DLL_remove (dq_entry->set_entries_head,
369 dq_entry->set_entries_tail,
370 child);
371 cleanup_delegation_set (child);
372 }
373 GNUNET_free (dq_entry);
306 } 374 }
307 if (NULL != dq_entry->issuer_key) 375 if (NULL != ds_entry->issuer_key)
308 GNUNET_free (dq_entry->issuer_key); 376 GNUNET_free (ds_entry->issuer_key);
309 if (NULL != dq_entry->lookup_attribute) 377 if (NULL != ds_entry->lookup_attribute)
310 GNUNET_free (dq_entry->lookup_attribute); 378 GNUNET_free (ds_entry->lookup_attribute);
311 if (NULL != dq_entry->issuer_attribute) 379 if (NULL != ds_entry->issuer_attribute)
312 GNUNET_free (dq_entry->issuer_attribute); 380 GNUNET_free (ds_entry->issuer_attribute);
313 if (NULL != dq_entry->unresolved_attribute_delegation) 381 if (NULL != ds_entry->unresolved_attribute_delegation)
314 GNUNET_free (dq_entry->unresolved_attribute_delegation); 382 GNUNET_free (ds_entry->unresolved_attribute_delegation);
315 if (NULL != dq_entry->attr_trailer) 383 if (NULL != ds_entry->attr_trailer)
316 GNUNET_free (dq_entry->attr_trailer); 384 GNUNET_free (ds_entry->attr_trailer);
317 if (NULL != dq_entry->lookup_request) 385 if (NULL != ds_entry->lookup_request)
318 { 386 {
319 GNUNET_GNS_lookup_cancel (dq_entry->lookup_request); 387 GNUNET_GNS_lookup_cancel (ds_entry->lookup_request);
320 dq_entry->lookup_request = NULL; 388 ds_entry->lookup_request = NULL;
321 } 389 }
322 if (NULL != dq_entry->delegation_chain_entry) 390 if (NULL != ds_entry->delegation_chain_entry)
323 { 391 {
324 if (NULL != dq_entry->delegation_chain_entry->subject_attribute) 392 if (NULL != ds_entry->delegation_chain_entry->subject_attribute)
325 GNUNET_free (dq_entry->delegation_chain_entry->subject_attribute); 393 GNUNET_free (ds_entry->delegation_chain_entry->subject_attribute);
326 if (NULL != dq_entry->delegation_chain_entry->issuer_attribute) 394 if (NULL != ds_entry->delegation_chain_entry->issuer_attribute)
327 GNUNET_free (dq_entry->delegation_chain_entry->issuer_attribute); 395 GNUNET_free (ds_entry->delegation_chain_entry->issuer_attribute);
328 GNUNET_free (dq_entry->delegation_chain_entry); 396 GNUNET_free (ds_entry->delegation_chain_entry);
329 } 397 }
330 GNUNET_free (dq_entry); 398 GNUNET_free (ds_entry);
331} 399}
332 400
333static void 401static void
@@ -343,7 +411,7 @@ cleanup_handle (struct VerifyRequestHandle *vrh)
343 } 411 }
344 if (NULL != vrh->credential) 412 if (NULL != vrh->credential)
345 GNUNET_free (vrh->credential); 413 GNUNET_free (vrh->credential);
346 cleanup_delegation_queue (vrh->chain_start); 414 cleanup_delegation_set (vrh->root_set);
347 if (NULL != vrh->issuer_attribute) 415 if (NULL != vrh->issuer_attribute)
348 GNUNET_free (vrh->issuer_attribute); 416 GNUNET_free (vrh->issuer_attribute);
349 for (cr_entry = vrh->cred_chain_head; 417 for (cr_entry = vrh->cred_chain_head;
@@ -444,57 +512,63 @@ send_lookup_response (struct VerifyRequestHandle *vrh)
444{ 512{
445 struct GNUNET_MQ_Envelope *env; 513 struct GNUNET_MQ_Envelope *env;
446 struct VerifyResultMessage *rmsg; 514 struct VerifyResultMessage *rmsg;
447 struct DelegationQueueEntry *dq_entry; 515 struct DelegationChainEntry *dce;
448 size_t size = vrh->credential_size; 516 size_t size = vrh->credential_size;
449 struct GNUNET_CREDENTIAL_Delegation dd[vrh->d_count]; 517 struct GNUNET_CREDENTIAL_Delegation dd[vrh->delegation_chain_size];
450 struct GNUNET_CREDENTIAL_Credential cred; 518 struct GNUNET_CREDENTIAL_Credential cred;
519 int i;
451 520
452 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 521 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
453 "Sending response\n"); 522 "Sending response\n");
454 dq_entry = vrh->chain_end; 523 i = 0;
455 for (int i=0; i<vrh->d_count; i++) 524 for (dce = vrh->delegation_chain_head;
525 NULL != dce;
526 dce = dce->next)
456 { 527 {
457 dd[i].issuer_key = dq_entry->delegation_chain_entry->issuer_key; 528 dd[i].issuer_key = dce->issuer_key;
458 dd[i].subject_key = dq_entry->delegation_chain_entry->subject_key; 529 dd[i].subject_key = dce->subject_key;
459 dd[i].issuer_attribute = dq_entry->delegation_chain_entry->issuer_attribute; 530 dd[i].issuer_attribute = dce->issuer_attribute;
460 dd[i].issuer_attribute_len = strlen (dq_entry->delegation_chain_entry->issuer_attribute)+1; 531 dd[i].issuer_attribute_len = strlen (dce->issuer_attribute)+1;
461 dd[i].subject_attribute_len = 0; 532 dd[i].subject_attribute_len = 0;
462 if (NULL != dq_entry->delegation_chain_entry->subject_attribute) 533 if (NULL != dce->subject_attribute)
463 { 534 {
464 dd[i].subject_attribute = dq_entry->delegation_chain_entry->subject_attribute; 535 dd[i].subject_attribute = dce->subject_attribute;
465 dd[i].subject_attribute_len = strlen(dq_entry->delegation_chain_entry->subject_attribute)+1; 536 dd[i].subject_attribute_len = strlen(dce->subject_attribute)+1;
466 } 537 }
467 dq_entry = dq_entry->parent; 538 i++;
468 } 539 }
469 540
470 /** 541 /**
471 * Get serialized record data 542 * Get serialized record data
472 * Append at the end of rmsg 543 * Append at the end of rmsg
473 */ 544 */
474 cred.issuer_key = vrh->credential->issuer_key; 545 cred.issuer_key = vrh->credential->issuer_key;
475 cred.subject_key = vrh->credential->subject_key; 546 cred.subject_key = vrh->credential->subject_key;
476 cred.issuer_attribute_len = strlen((char*)&vrh->credential[1]); 547 cred.issuer_attribute_len = strlen((char*)&vrh->credential[1])+1;
477 cred.issuer_attribute = (char*)&vrh->credential[1]; 548 cred.issuer_attribute = (char*)&vrh->credential[1];
478 size = GNUNET_CREDENTIAL_delegation_chain_get_size (vrh->d_count, 549 size = GNUNET_CREDENTIAL_delegation_chain_get_size (vrh->delegation_chain_size,
479 dd, 550 dd,
480 &cred); 551 &cred);
552 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
553 "SIZE; %llu count: %d\n",size,vrh->delegation_chain_size);
481 env = GNUNET_MQ_msg_extra (rmsg, 554 env = GNUNET_MQ_msg_extra (rmsg,
482 size, 555 size,
483 GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT); 556 GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT);
484 //Assign id so that client can find associated request 557 //Assign id so that client can find associated request
485 rmsg->id = vrh->request_id; 558 rmsg->id = vrh->request_id;
486 rmsg->d_count = htonl (vrh->d_count); 559 rmsg->d_count = htonl (vrh->delegation_chain_size);
487 560
488 if (NULL != vrh->credential) 561 if (NULL != vrh->credential)
489 rmsg->cred_found = htonl (GNUNET_YES); 562 rmsg->cred_found = htonl (GNUNET_YES);
490 else 563 else
491 rmsg->cred_found = htonl (GNUNET_NO); 564 rmsg->cred_found = htonl (GNUNET_NO);
492 565
493 GNUNET_assert (-1 != GNUNET_CREDENTIAL_delegation_chain_serialize (vrh->d_count, 566 GNUNET_assert (-1 !=
494 dd, 567 GNUNET_CREDENTIAL_delegation_chain_serialize (vrh->delegation_chain_size,
495 &cred, 568 dd,
496 size, 569 &cred,
497 (char*)&rmsg[1])); 570 size,
571 (char*)&rmsg[1]));
498 572
499 GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq(vrh->client), 573 GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq(vrh->client),
500 env); 574 env);
@@ -515,146 +589,194 @@ backward_resolution (void* cls,
515 589
516 struct VerifyRequestHandle *vrh; 590 struct VerifyRequestHandle *vrh;
517 struct GNUNET_CREDENTIAL_CredentialRecordData *cred; 591 struct GNUNET_CREDENTIAL_CredentialRecordData *cred;
518 const struct GNUNET_CREDENTIAL_AttributeRecordData *attr; 592 const struct GNUNET_CREDENTIAL_DelegationRecordData *sets;
519 struct CredentialRecordEntry *cred_pointer; 593 struct CredentialRecordEntry *cred_pointer;
520 struct DelegationQueueEntry *current_delegation; 594 struct DelegationSetEntry *current_set;
595 struct DelegationSetEntry *ds_entry;
596 struct DelegationSetEntry *tmp_set;
521 struct DelegationQueueEntry *dq_entry; 597 struct DelegationQueueEntry *dq_entry;
522 char *expanded_attr; 598 char *expanded_attr;
523 char *lookup_attribute; 599 char *lookup_attribute;
524 int i; 600 int i;
601 int j;
525 602
526 603
527 current_delegation = cls; 604 current_set = cls;
528 current_delegation->lookup_request = NULL; 605 current_set->lookup_request = NULL;
529 vrh = current_delegation->handle; 606 vrh = current_set->handle;
530 vrh->pending_lookups--; 607 vrh->pending_lookups--;
531 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 608 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
532 "Got %d attrs\n", rd_count); 609 "Got %d attrs\n", rd_count);
533 610
611 // Each OR
534 for (i=0; i < rd_count; i++) 612 for (i=0; i < rd_count; i++)
535 { 613 {
536 if (GNUNET_GNSRECORD_TYPE_ATTRIBUTE != rd[i].record_type) 614 if (GNUNET_GNSRECORD_TYPE_ATTRIBUTE != rd[i].record_type)
537 continue; 615 continue;
538 616
617 sets = rd[i].data;
618 struct GNUNET_CREDENTIAL_DelegationSetRecord set[ntohl(sets->set_count)];
539 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 619 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
540 "Found new attribute delegation. Creating new Job...\n"); 620 "Found new attribute delegation with %d sets. Creating new Job...\n",
541 attr = rd[i].data; 621 ntohl (sets->set_count));
622
623 if (GNUNET_OK !=GNUNET_CREDENTIAL_delegation_set_deserialize (GNUNET_ntohll(sets->data_size),
624 (const char*)&sets[1],
625 ntohl(sets->set_count),
626 set))
627 {
628 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
629 "Failed to deserialize!\n");
630 continue;
631 }
542 dq_entry = GNUNET_new (struct DelegationQueueEntry); 632 dq_entry = GNUNET_new (struct DelegationQueueEntry);
543 if (NULL != current_delegation->attr_trailer) 633 dq_entry->required_solutions = ntohl(sets->set_count);
634 dq_entry->parent_set = current_set;
635 GNUNET_CONTAINER_DLL_insert (current_set->queue_entries_head,
636 current_set->queue_entries_tail,
637 dq_entry);
638 // Each AND
639 for (j=0; j<ntohl(sets->set_count); j++)
544 { 640 {
545 if (rd[i].data_size == sizeof (struct GNUNET_CREDENTIAL_AttributeRecordData)) 641 ds_entry = GNUNET_new (struct DelegationSetEntry);
642 if (NULL != current_set->attr_trailer)
546 { 643 {
547 GNUNET_asprintf (&expanded_attr, 644 if (0 == set[j].subject_attribute_len)
548 "%s", 645 {
549 current_delegation->attr_trailer); 646 GNUNET_asprintf (&expanded_attr,
550 647 "%s",
648 current_set->attr_trailer);
649
650 } else {
651 GNUNET_asprintf (&expanded_attr,
652 "%s.%s",
653 set[j].subject_attribute,
654 current_set->attr_trailer);
655 }
656 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
657 "Expanded to %s\n", expanded_attr);
658 ds_entry->unresolved_attribute_delegation = expanded_attr;
551 } else { 659 } else {
552 GNUNET_asprintf (&expanded_attr, 660 if (0 != set[j].subject_attribute_len)
553 "%s.%s", 661 {
554 (char*)&attr[1], 662 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
555 current_delegation->attr_trailer); 663 "Not Expanding %s\n", set[j].subject_attribute);
664 ds_entry->unresolved_attribute_delegation = GNUNET_strdup (set[j].subject_attribute);
665 }
556 } 666 }
667
668 //Add a credential chain entry
669 ds_entry->delegation_chain_entry = GNUNET_new (struct DelegationChainEntry);
670 ds_entry->delegation_chain_entry->subject_key = set[j].subject_key;
671 ds_entry->issuer_key = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPublicKey);
672 GNUNET_memcpy (ds_entry->issuer_key,
673 &set[j].subject_key,
674 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
675 if (0 < set[j].subject_attribute_len)
676 ds_entry->delegation_chain_entry->subject_attribute = GNUNET_strdup (set[j].subject_attribute);
677 ds_entry->delegation_chain_entry->issuer_key = *current_set->issuer_key;
678 ds_entry->delegation_chain_entry->issuer_attribute = GNUNET_strdup (current_set->lookup_attribute);
679
680 ds_entry->parent_queue_entry = dq_entry; //current_delegation;
681 GNUNET_CONTAINER_DLL_insert (dq_entry->set_entries_head,
682 dq_entry->set_entries_tail,
683 ds_entry);
684
557 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 685 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
558 "Expanded to %s\n", expanded_attr); 686 "Checking for cred match\n");
559 dq_entry->unresolved_attribute_delegation = expanded_attr; 687 /**
560 } else { 688 * Check if this delegation already matches one of our credentials
561 if (rd[i].data_size > sizeof (struct GNUNET_CREDENTIAL_AttributeRecordData)) 689 */
690 for(cred_pointer = vrh->cred_chain_head; cred_pointer != NULL;
691 cred_pointer = cred_pointer->next)
562 { 692 {
693 cred = cred_pointer->data;
694 if(0 != memcmp (&set->subject_key,
695 &cred_pointer->data->issuer_key,
696 sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)))
697 continue;
563 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 698 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
564 "Not Expanding %s\n", (char*)&attr[1]); 699 "Checking if %s matches %s\n",
565 dq_entry->unresolved_attribute_delegation = GNUNET_strdup ((char*)&attr[1]); 700 ds_entry->unresolved_attribute_delegation, (char*)&cred[1]);
566 }
567 }
568 701
569 //Add a credential chain entry 702 if (0 != strcmp (ds_entry->unresolved_attribute_delegation, (char*)&cred[1]))
570 dq_entry->delegation_chain_entry = GNUNET_new (struct GNUNET_CREDENTIAL_DelegationChainEntry); 703 continue;
571 dq_entry->delegation_chain_entry->subject_key = attr->subject_key;
572 dq_entry->issuer_key = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPublicKey);
573 GNUNET_memcpy (dq_entry->issuer_key,
574 &attr->subject_key,
575 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
576 if (rd[i].data_size > sizeof (struct GNUNET_CREDENTIAL_AttributeRecordData))
577 dq_entry->delegation_chain_entry->subject_attribute = GNUNET_strdup ((char*)&attr[1]);
578 dq_entry->delegation_chain_entry->issuer_key = *current_delegation->issuer_key;
579 dq_entry->delegation_chain_entry->issuer_attribute = GNUNET_strdup (current_delegation->lookup_attribute);
580
581 dq_entry->parent = current_delegation;
582 dq_entry->d_count = current_delegation->d_count + 1;
583 GNUNET_CONTAINER_DLL_insert (current_delegation->children_head,
584 current_delegation->children_tail,
585 dq_entry);
586 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
587 "Checking for cred match\n");
588 /**
589 * Check if this delegation already matches one of our credentials
590 */
591 for(cred_pointer = vrh->cred_chain_head; cred_pointer != NULL;
592 cred_pointer = cred_pointer->next)
593 {
594 cred = cred_pointer->data;
595 if(0 != memcmp (&attr->subject_key,
596 &cred_pointer->data->issuer_key,
597 sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)))
598 continue;
599 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
600 "Checking if %s matches %s\n",
601 dq_entry->unresolved_attribute_delegation, (char*)&cred[1]);
602 704
603 if (0 != strcmp (dq_entry->unresolved_attribute_delegation, (char*)&cred[1])) 705 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
604 continue; 706 "Found issuer\n");
707
708 //Backtrack
709 for (tmp_set = ds_entry;
710 NULL != tmp_set->parent_queue_entry;
711 tmp_set = tmp_set->parent_queue_entry->parent_set)
712 {
713 tmp_set->parent_queue_entry->required_solutions--;
714 if (NULL != tmp_set->delegation_chain_entry)
715 {
716 vrh->delegation_chain_size++;
717 GNUNET_CONTAINER_DLL_insert (vrh->delegation_chain_head,
718 vrh->delegation_chain_tail,
719 tmp_set->delegation_chain_entry);
720 }
721 if (0 < tmp_set->parent_queue_entry->required_solutions)
722 break;
723 }
724
725 if (NULL == tmp_set->parent_queue_entry)
726 {
727 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
728 "All solutions found\n");
729 vrh->credential = GNUNET_malloc (cred_pointer->data_size);
730 memcpy (vrh->credential,
731 cred,
732 cred_pointer->data_size);
733 vrh->credential_size = cred_pointer->data_size;
734 //Found match
735 send_lookup_response (vrh);
736 return;
737 }
605 738
739 }
606 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 740 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
607 "Found issuer\n"); 741 "Building new lookup request from %s\n",
608 vrh->credential = GNUNET_malloc (cred_pointer->data_size); 742 ds_entry->unresolved_attribute_delegation);
609 memcpy (vrh->credential, 743 //Continue with backward resolution
610 cred, 744 char issuer_attribute_name[strlen (ds_entry->unresolved_attribute_delegation)+1];
611 cred_pointer->data_size); 745 strcpy (issuer_attribute_name,
612 vrh->credential_size = cred_pointer->data_size; 746 ds_entry->unresolved_attribute_delegation);
613 vrh->chain_end = dq_entry; 747 char *next_attr = strtok (issuer_attribute_name, ".");
614 vrh->d_count = dq_entry->d_count; 748 GNUNET_asprintf (&lookup_attribute,
615 //Found match 749 "%s.gnu",
616 send_lookup_response (vrh); 750 next_attr);
617 return; 751 GNUNET_asprintf (&ds_entry->lookup_attribute,
618 752 "%s",
619 } 753 next_attr);
620 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 754 if (strlen (next_attr) == strlen (ds_entry->unresolved_attribute_delegation))
621 "Building new lookup request\n"); 755 {
622 //Continue with backward resolution 756 ds_entry->attr_trailer = NULL;
623 char issuer_attribute_name[strlen (dq_entry->unresolved_attribute_delegation)+1]; 757 } else {
624 strcpy (issuer_attribute_name, 758 next_attr += strlen (next_attr) + 1;
625 dq_entry->unresolved_attribute_delegation); 759 ds_entry->attr_trailer = GNUNET_strdup (next_attr);
626 char *next_attr = strtok (issuer_attribute_name, "."); 760 }
627 GNUNET_asprintf (&lookup_attribute,
628 "%s.gnu",
629 next_attr);
630 GNUNET_asprintf (&dq_entry->lookup_attribute,
631 "%s",
632 next_attr);
633 if (strlen (next_attr) == strlen (dq_entry->unresolved_attribute_delegation))
634 {
635 dq_entry->attr_trailer = NULL;
636 } else {
637 next_attr += strlen (next_attr) + 1;
638 dq_entry->attr_trailer = GNUNET_strdup (next_attr);
639 }
640 761
641 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
642 "Looking up %s\n", dq_entry->lookup_attribute);
643 if (NULL != dq_entry->attr_trailer)
644 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 762 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
645 "%s still to go...\n", dq_entry->attr_trailer); 763 "Looking up %s\n", ds_entry->lookup_attribute);
646 764 if (NULL != ds_entry->attr_trailer)
647 vrh->pending_lookups++; 765 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
648 dq_entry->handle = vrh; 766 "%s still to go...\n", ds_entry->attr_trailer);
649 dq_entry->lookup_request = GNUNET_GNS_lookup (gns, 767
650 lookup_attribute, 768 vrh->pending_lookups++;
651 dq_entry->issuer_key, //issuer_key, 769 ds_entry->handle = vrh;
652 GNUNET_GNSRECORD_TYPE_ATTRIBUTE, 770 ds_entry->lookup_request = GNUNET_GNS_lookup (gns,
653 GNUNET_GNS_LO_DEFAULT, 771 lookup_attribute,
654 NULL, //shorten_key, always NULL 772 ds_entry->issuer_key, //issuer_key,
655 &backward_resolution, 773 GNUNET_GNSRECORD_TYPE_ATTRIBUTE,
656 dq_entry); 774 GNUNET_GNS_LO_DEFAULT,
657 GNUNET_free (lookup_attribute); 775 NULL, //shorten_key, always NULL
776 &backward_resolution,
777 ds_entry);
778 GNUNET_free (lookup_attribute);
779 }
658 } 780 }
659 781
660 if(0 == vrh->pending_lookups) 782 if(0 == vrh->pending_lookups)
@@ -681,7 +803,7 @@ handle_credential_query (void* cls,
681 const struct GNUNET_GNSRECORD_Data *rd) 803 const struct GNUNET_GNSRECORD_Data *rd)
682{ 804{
683 struct VerifyRequestHandle *vrh = cls; 805 struct VerifyRequestHandle *vrh = cls;
684 struct DelegationQueueEntry *dq_entry; 806 struct DelegationSetEntry *ds_entry;
685 const struct GNUNET_CREDENTIAL_CredentialRecordData *crd; 807 const struct GNUNET_CREDENTIAL_CredentialRecordData *crd;
686 struct CredentialRecordEntry *cr_entry; 808 struct CredentialRecordEntry *cr_entry;
687 int cred_record_count; 809 int cred_record_count;
@@ -725,7 +847,6 @@ handle_credential_query (void* cls,
725 rd[i].data, 847 rd[i].data,
726 rd[i].data_size); 848 rd[i].data_size);
727 vrh->credential_size = rd[i].data_size; 849 vrh->credential_size = rd[i].data_size;
728 vrh->chain_end = NULL;
729 //Found match prematurely 850 //Found match prematurely
730 send_lookup_response (vrh); 851 send_lookup_response (vrh);
731 return; 852 return;
@@ -743,26 +864,25 @@ handle_credential_query (void* cls,
743 ".gnu"); 864 ".gnu");
744 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 865 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
745 "Looking up %s\n", issuer_attribute_name); 866 "Looking up %s\n", issuer_attribute_name);
746 dq_entry = GNUNET_new (struct DelegationQueueEntry); 867 ds_entry = GNUNET_new (struct DelegationSetEntry);
747 dq_entry->issuer_key = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPublicKey); 868 ds_entry->issuer_key = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPublicKey);
748 memcpy (dq_entry->issuer_key, 869 memcpy (ds_entry->issuer_key,
749 &vrh->issuer_key, 870 &vrh->issuer_key,
750 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)); 871 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
751 dq_entry->issuer_attribute = GNUNET_strdup (vrh->issuer_attribute); 872 ds_entry->issuer_attribute = GNUNET_strdup (vrh->issuer_attribute);
752 dq_entry->handle = vrh; 873 ds_entry->handle = vrh;
753 dq_entry->lookup_attribute = GNUNET_strdup (vrh->issuer_attribute); 874 ds_entry->lookup_attribute = GNUNET_strdup (vrh->issuer_attribute);
754 dq_entry->d_count = 0; 875 vrh->root_set = ds_entry;
755 vrh->chain_start = dq_entry;
756 vrh->pending_lookups = 1; 876 vrh->pending_lookups = 1;
757 //Start with backward resolution 877 //Start with backward resolution
758 dq_entry->lookup_request = GNUNET_GNS_lookup (gns, 878 ds_entry->lookup_request = GNUNET_GNS_lookup (gns,
759 issuer_attribute_name, 879 issuer_attribute_name,
760 &vrh->issuer_key, //issuer_key, 880 &vrh->issuer_key, //issuer_key,
761 GNUNET_GNSRECORD_TYPE_ATTRIBUTE, 881 GNUNET_GNSRECORD_TYPE_ATTRIBUTE,
762 GNUNET_GNS_LO_DEFAULT, 882 GNUNET_GNS_LO_DEFAULT,
763 NULL, //shorten_key, always NULL 883 NULL, //shorten_key, always NULL
764 &backward_resolution, 884 &backward_resolution,
765 dq_entry); 885 ds_entry);
766} 886}
767 887
768 888
@@ -819,7 +939,7 @@ handle_verify (void *cls,
819 send_lookup_response (vrh); 939 send_lookup_response (vrh);
820 return; 940 return;
821 } 941 }
822 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 942 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
823 "Looking up %s\n", 943 "Looking up %s\n",
824 subject_attribute); 944 subject_attribute);
825 /** 945 /**
diff --git a/src/credential/plugin_gnsrecord_credential.c b/src/credential/plugin_gnsrecord_credential.c
index 281113a34..d21185981 100644
--- a/src/credential/plugin_gnsrecord_credential.c
+++ b/src/credential/plugin_gnsrecord_credential.c
@@ -30,6 +30,7 @@
30#include "gnunet_credential_service.h" 30#include "gnunet_credential_service.h"
31#include "gnunet_gnsrecord_plugin.h" 31#include "gnunet_gnsrecord_plugin.h"
32#include "gnunet_signatures.h" 32#include "gnunet_signatures.h"
33#include "credential_serialization.h"
33 34
34 35
35/** 36/**
@@ -54,27 +55,69 @@ credential_value_to_string (void *cls,
54 { 55 {
55 case GNUNET_GNSRECORD_TYPE_ATTRIBUTE: 56 case GNUNET_GNSRECORD_TYPE_ATTRIBUTE:
56 { 57 {
57 struct GNUNET_CREDENTIAL_AttributeRecordData attr; 58 struct GNUNET_CREDENTIAL_DelegationRecordData sets;
58 char *attr_str; 59 char *attr_str;
59 char *subject_pkey; 60 char *subject_pkey;
60 61 char *tmp_str;
61 if (data_size < sizeof (struct GNUNET_CREDENTIAL_AttributeRecordData)) 62 int i;
63 if (data_size < sizeof (struct GNUNET_CREDENTIAL_DelegationRecordData))
62 return NULL; /* malformed */ 64 return NULL; /* malformed */
63 memcpy (&attr, 65 memcpy (&sets,
64 data, 66 data,
65 sizeof (attr)); 67 sizeof (sets));
68 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
69 "SIZE %llu needed: %llu + %llu\n",
70 data_size,
71 GNUNET_ntohll (sets.data_size),
72 sizeof (sets));
73
66 cdata = data; 74 cdata = data;
67 subject_pkey = GNUNET_CRYPTO_ecdsa_public_key_to_string (&attr.subject_key); 75 struct GNUNET_CREDENTIAL_DelegationSetRecord set[ntohl(sets.set_count)];
68 if (data_size == sizeof (struct GNUNET_CREDENTIAL_AttributeRecordData)) 76 if (GNUNET_OK != GNUNET_CREDENTIAL_delegation_set_deserialize (GNUNET_ntohll (sets.data_size),
77 &cdata[sizeof (sets)],
78 ntohl (sets.set_count),
79 set))
80 return NULL;
81
82 for (i=0;i<ntohl(sets.set_count);i++)
69 { 83 {
70 return subject_pkey; 84 subject_pkey = GNUNET_CRYPTO_ecdsa_public_key_to_string (&set[i].subject_key);
71 } else { 85 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
72 GNUNET_asprintf (&attr_str, 86 "%d len attr\n", set[i].subject_attribute_len);
73 "%s %s", 87 if (0 == set[i].subject_attribute_len)
74 subject_pkey, 88 {
75 &cdata[sizeof (attr)]); 89 if (0 == i)
90 {
91 GNUNET_asprintf (&attr_str,
92 "%s",
93 subject_pkey);
94 } else {
95 GNUNET_asprintf (&tmp_str,
96 "%s,%s",
97 attr_str,
98 subject_pkey);
99 GNUNET_free (attr_str);
100 attr_str = tmp_str;
101 }
102 } else {
103 if (0 == i)
104 {
105 GNUNET_asprintf (&attr_str,
106 "%s %s",
107 subject_pkey,
108 set[i].subject_attribute);
109 } else {
110 GNUNET_asprintf (&tmp_str,
111 "%s,%s %s",
112 attr_str,
113 subject_pkey,
114 set[i].subject_attribute);
115 GNUNET_free (attr_str);
116 attr_str = tmp_str;
117 }
118 }
119 GNUNET_free (subject_pkey);
76 } 120 }
77 GNUNET_free (subject_pkey);
78 return attr_str; 121 return attr_str;
79 } 122 }
80 case GNUNET_GNSRECORD_TYPE_CREDENTIAL: 123 case GNUNET_GNSRECORD_TYPE_CREDENTIAL:
@@ -143,37 +186,84 @@ credential_string_to_value (void *cls,
143 { 186 {
144 case GNUNET_GNSRECORD_TYPE_ATTRIBUTE: 187 case GNUNET_GNSRECORD_TYPE_ATTRIBUTE:
145 { 188 {
146 struct GNUNET_CREDENTIAL_AttributeRecordData *attr; 189 struct GNUNET_CREDENTIAL_DelegationRecordData *sets;
147 char attr_str[253 + 1]; 190 char attr_str[253 + 1];
148 char subject_pkey[52 + 1]; 191 char subject_pkey[52 + 1];
192 char *token;
193 char *tmp_str;
149 int matches = 0; 194 int matches = 0;
150 matches = SSCANF (s, 195 int entries;
151 "%s %s", 196 size_t tmp_data_size;
152 subject_pkey, 197 int i;
153 attr_str); 198
154 if (0 == matches) 199 tmp_str = GNUNET_strdup (s);
200 token = strtok (tmp_str, ",");
201 entries = 0;
202 tmp_data_size = 0;
203 *data_size = sizeof (struct GNUNET_CREDENTIAL_DelegationRecordData);
204 while (NULL != token)
155 { 205 {
156 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 206 matches = SSCANF (token,
157 _("Unable to parse ATTR record string `%s'\n"), 207 "%s %s",
158 s); 208 subject_pkey,
159 return GNUNET_SYSERR; 209 attr_str);
160 210 if (0 == matches)
211 {
212 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
213 _("Unable to parse ATTR record string `%s'\n"),
214 s);
215 GNUNET_free (tmp_str);
216 return GNUNET_SYSERR;
217 }
218 if (1 == matches) {
219 tmp_data_size += sizeof (struct GNUNET_CREDENTIAL_DelegationSetRecord);
220 } else if (2 == matches) {
221 tmp_data_size += sizeof (struct GNUNET_CREDENTIAL_DelegationSetRecord) + strlen (attr_str) + 1;
222 }
223 entries++;
224 token = strtok (NULL, ",");
161 } 225 }
162 if (1 == matches) { 226 GNUNET_free (tmp_str);
163 *data_size = sizeof (struct GNUNET_CREDENTIAL_AttributeRecordData); 227 tmp_str = GNUNET_strdup (s);
164 } else if (2 == matches) { 228 token = strtok (tmp_str, ",");
165 *data_size = sizeof (struct GNUNET_CREDENTIAL_AttributeRecordData) + strlen (attr_str) + 1; 229 struct GNUNET_CREDENTIAL_DelegationSetRecord *set;
230 set = GNUNET_malloc (entries * sizeof (struct GNUNET_CREDENTIAL_DelegationSetRecord));
231 for (i=0;i<entries;i++)
232 {
233 matches = SSCANF (token,
234 "%s %s",
235 subject_pkey,
236 attr_str);
237 GNUNET_CRYPTO_ecdsa_public_key_from_string (subject_pkey,
238 strlen (subject_pkey),
239 &set[i].subject_key);
240 if (2 == matches) {
241 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
242 "Adding %s (data size %llu)\n",
243 attr_str,
244 tmp_data_size);
245 /*GNUNET_memcpy (&set[1],
246 attr_str,
247 strlen (attr_str)+1);*/
248 set[i].subject_attribute_len = strlen (attr_str) + 1;
249 set[i].subject_attribute = GNUNET_strdup (attr_str);//(const char*)&set[1];
250 }
251 token = strtok (NULL , ",");
166 } 252 }
167 *data = attr = GNUNET_malloc (*data_size); 253 tmp_data_size = GNUNET_CREDENTIAL_delegation_set_get_size (entries,
168 GNUNET_CRYPTO_ecdsa_public_key_from_string (subject_pkey, 254 set);
169 strlen (subject_pkey), 255 if (-1 == tmp_data_size)
170 &attr->subject_key); 256 return GNUNET_SYSERR;
171 if (NULL != attr_str) 257 *data_size += tmp_data_size;
172 GNUNET_memcpy (&attr[1], 258 *data = sets = GNUNET_malloc (*data_size);
173 attr_str, 259 GNUNET_CREDENTIAL_delegation_set_serialize (entries,
174 strlen (attr_str)); 260 set,
175 261 tmp_data_size,
176 262 (char*)&sets[1]);
263 sets->set_count = htonl (entries);
264 sets->data_size = GNUNET_htonll (tmp_data_size);
265
266 GNUNET_free (tmp_str);
177 return GNUNET_OK; 267 return GNUNET_OK;
178 } 268 }
179 case GNUNET_GNSRECORD_TYPE_CREDENTIAL: 269 case GNUNET_GNSRECORD_TYPE_CREDENTIAL:
diff --git a/src/credential/test_credential_verify.sh b/src/credential/test_credential_verify.sh
index 6d69e337b..52a4fd2fc 100755
--- a/src/credential/test_credential_verify.sh
+++ b/src/credential/test_credential_verify.sh
@@ -23,7 +23,7 @@ rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
23 23
24 24
25which timeout &> /dev/null && DO_TIMEOUT="timeout 30" 25which timeout &> /dev/null && DO_TIMEOUT="timeout 30"
26gnunet-arm -s -c test_credential_lookup.conf 26#gnunet-arm -s -c test_credential_lookup.conf
27gnunet-identity -C service -c test_credential_lookup.conf 27gnunet-identity -C service -c test_credential_lookup.conf
28gnunet-identity -C alice -c test_credential_lookup.conf 28gnunet-identity -C alice -c test_credential_lookup.conf
29gnunet-identity -C gnu -c test_credential_lookup.conf 29gnunet-identity -C gnu -c test_credential_lookup.conf
@@ -44,6 +44,8 @@ TEST_CREDENTIAL="mygnunetcreds"
44# (1) A service assigns the attribute "user" to all entities that have been assigned "member" by entities that werde assigned "project" from GNU 44# (1) A service assigns the attribute "user" to all entities that have been assigned "member" by entities that werde assigned "project" from GNU
45gnunet-namestore -p -z service -a -n $USER_ATTR -t ATTR -V "$GNU_KEY $GNU_PROJECT_ATTR.$MEMBER_ATTR" -e 5m -c test_credential_lookup.conf 45gnunet-namestore -p -z service -a -n $USER_ATTR -t ATTR -V "$GNU_KEY $GNU_PROJECT_ATTR.$MEMBER_ATTR" -e 5m -c test_credential_lookup.conf
46 46
47valgrind gnunet-namestore -D -z service -c test_credential_lookup.conf
48
47# (2) GNU recognized GNUnet as a GNU project and delegates the "project" attribute 49# (2) GNU recognized GNUnet as a GNU project and delegates the "project" attribute
48gnunet-namestore -p -z gnu -a -n $GNU_PROJECT_ATTR -t ATTR -V "$GNUNET_KEY" -e 5m -c test_credential_lookup.conf 50gnunet-namestore -p -z gnu -a -n $GNU_PROJECT_ATTR -t ATTR -V "$GNUNET_KEY" -e 5m -c test_credential_lookup.conf
49 51
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-23 08:58:30 +0000