diff options
Diffstat (limited to 'src/identity-provider/gnunet-service-identity-provider.c')
-rw-r--r-- | src/identity-provider/gnunet-service-identity-provider.c | 360 |
1 files changed, 333 insertions, 27 deletions
diff --git a/src/identity-provider/gnunet-service-identity-provider.c b/src/identity-provider/gnunet-service-identity-provider.c index 0eb6599e6..9a919102f 100644 --- a/src/identity-provider/gnunet-service-identity-provider.c +++ b/src/identity-provider/gnunet-service-identity-provider.c | |||
@@ -310,7 +310,65 @@ struct VerifiedAttributeEntry | |||
310 | char* name; | 310 | char* name; |
311 | }; | 311 | }; |
312 | 312 | ||
313 | struct ParallelLookups; | 313 | struct ParallelLookup; |
314 | struct ParallelLookup2; | ||
315 | |||
316 | struct ConsumeTicketHandle | ||
317 | { | ||
318 | |||
319 | /** | ||
320 | * Client connection | ||
321 | */ | ||
322 | struct IdpClient *client; | ||
323 | |||
324 | /** | ||
325 | * Ticket | ||
326 | */ | ||
327 | struct GNUNET_IDENTITY_PROVIDER_Ticket2 ticket; | ||
328 | |||
329 | /** | ||
330 | * LookupRequest | ||
331 | */ | ||
332 | struct GNUNET_GNS_LookupRequest *lookup_request; | ||
333 | |||
334 | /** | ||
335 | * Audience Key | ||
336 | */ | ||
337 | struct GNUNET_CRYPTO_EcdsaPrivateKey identity; | ||
338 | |||
339 | /** | ||
340 | * Audience Key | ||
341 | */ | ||
342 | struct GNUNET_CRYPTO_EcdsaPublicKey identity_pub; | ||
343 | |||
344 | /** | ||
345 | * ParallelLookups DLL | ||
346 | */ | ||
347 | struct ParallelLookup2 *parallel_lookups_head; | ||
348 | struct ParallelLookup2 *parallel_lookups_tail; | ||
349 | |||
350 | struct GNUNET_SCHEDULER_Task *kill_task; | ||
351 | struct GNUNET_CRYPTO_AbeKey *key; | ||
352 | |||
353 | /** | ||
354 | * request id | ||
355 | */ | ||
356 | uint32_t r_id; | ||
357 | }; | ||
358 | |||
359 | struct ParallelLookup2 | ||
360 | { | ||
361 | struct ParallelLookup2 *next; | ||
362 | |||
363 | struct ParallelLookup2 *prev; | ||
364 | |||
365 | struct GNUNET_GNS_LookupRequest *lookup_request; | ||
366 | |||
367 | struct ConsumeTicketHandle *handle; | ||
368 | |||
369 | char *label; | ||
370 | }; | ||
371 | |||
314 | 372 | ||
315 | struct ExchangeHandle | 373 | struct ExchangeHandle |
316 | { | 374 | { |
@@ -1657,28 +1715,6 @@ store_ticket_issue_cont (void *cls, | |||
1657 | 1715 | ||
1658 | 1716 | ||
1659 | 1717 | ||
1660 | /** | ||
1661 | * Checks a ticket issue message | ||
1662 | * | ||
1663 | * @param cls client sending the message | ||
1664 | * @param im message of type `struct TicketIssueMessage` | ||
1665 | * @return #GNUNET_OK if @a im is well-formed | ||
1666 | */ | ||
1667 | static int | ||
1668 | check_ticket_issue_message(void *cls, | ||
1669 | const struct TicketIssueMessage *im) | ||
1670 | { | ||
1671 | uint16_t size; | ||
1672 | |||
1673 | size = ntohs (im->header.size); | ||
1674 | if (size <= sizeof (struct IssueMessage)) | ||
1675 | { | ||
1676 | GNUNET_break (0); | ||
1677 | return GNUNET_SYSERR; | ||
1678 | } | ||
1679 | return GNUNET_OK; | ||
1680 | } | ||
1681 | |||
1682 | int | 1718 | int |
1683 | serialize_abe_keyinfo2 (const struct TicketIssueHandle *handle, | 1719 | serialize_abe_keyinfo2 (const struct TicketIssueHandle *handle, |
1684 | const struct GNUNET_CRYPTO_AbeKey *rp_key, | 1720 | const struct GNUNET_CRYPTO_AbeKey *rp_key, |
@@ -1707,7 +1743,13 @@ serialize_abe_keyinfo2 (const struct TicketIssueHandle *handle, | |||
1707 | } | 1743 | } |
1708 | buf = GNUNET_malloc (attrs_str_len + size); | 1744 | buf = GNUNET_malloc (attrs_str_len + size); |
1709 | write_ptr = buf; | 1745 | write_ptr = buf; |
1746 | GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, | ||
1747 | "Writing attributes\n"); | ||
1710 | for (le = handle->attrs->list_head; NULL != le; le = le->next) { | 1748 | for (le = handle->attrs->list_head; NULL != le; le = le->next) { |
1749 | GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, | ||
1750 | "%s\n", le->attribute->name); | ||
1751 | |||
1752 | |||
1711 | GNUNET_memcpy (write_ptr, | 1753 | GNUNET_memcpy (write_ptr, |
1712 | le->attribute->name, | 1754 | le->attribute->name, |
1713 | strlen (le->attribute->name)); | 1755 | strlen (le->attribute->name)); |
@@ -1750,7 +1792,7 @@ serialize_abe_keyinfo2 (const struct TicketIssueHandle *handle, | |||
1750 | 1792 | ||
1751 | static void | 1793 | static void |
1752 | issue_ticket_after_abe_bootstrap (void *cls, | 1794 | issue_ticket_after_abe_bootstrap (void *cls, |
1753 | struct GNUNET_CRYPTO_AbeMasterKey *abe_key) | 1795 | struct GNUNET_CRYPTO_AbeMasterKey *abe_key) |
1754 | { | 1796 | { |
1755 | struct TicketIssueHandle *ih = cls; | 1797 | struct TicketIssueHandle *ih = cls; |
1756 | struct GNUNET_IDENTITY_PROVIDER_AttributeListEntry *le; | 1798 | struct GNUNET_IDENTITY_PROVIDER_AttributeListEntry *le; |
@@ -1768,15 +1810,16 @@ issue_ticket_after_abe_bootstrap (void *cls, | |||
1768 | attrs_len = 0; | 1810 | attrs_len = 0; |
1769 | for (le = ih->attrs->list_head; NULL != le; le = le->next) | 1811 | for (le = ih->attrs->list_head; NULL != le; le = le->next) |
1770 | attrs_len++; | 1812 | attrs_len++; |
1771 | attrs = GNUNET_malloc (attrs_len); | 1813 | attrs = GNUNET_malloc ((attrs_len + 1)*sizeof (char*)); |
1772 | i = 0; | 1814 | i = 0; |
1773 | for (le = ih->attrs->list_head; NULL != le; le = le->next) { | 1815 | for (le = ih->attrs->list_head; NULL != le; le = le->next) { |
1774 | attrs[i] = (char*) le->attribute->name; | 1816 | attrs[i] = (char*) le->attribute->name; |
1775 | i++; | 1817 | i++; |
1776 | } | 1818 | } |
1819 | attrs[i] = NULL; | ||
1777 | rp_key = GNUNET_CRYPTO_cpabe_create_key (abe_key, | 1820 | rp_key = GNUNET_CRYPTO_cpabe_create_key (abe_key, |
1778 | attrs); | 1821 | attrs); |
1779 | 1822 | ||
1780 | //TODO review this wireformat | 1823 | //TODO review this wireformat |
1781 | code_record_len = serialize_abe_keyinfo2 (ih, | 1824 | code_record_len = serialize_abe_keyinfo2 (ih, |
1782 | rp_key, | 1825 | rp_key, |
@@ -1805,6 +1848,29 @@ issue_ticket_after_abe_bootstrap (void *cls, | |||
1805 | 1848 | ||
1806 | 1849 | ||
1807 | /** | 1850 | /** |
1851 | * Checks a ticket issue message | ||
1852 | * | ||
1853 | * @param cls client sending the message | ||
1854 | * @param im message of type `struct TicketIssueMessage` | ||
1855 | * @return #GNUNET_OK if @a im is well-formed | ||
1856 | */ | ||
1857 | static int | ||
1858 | check_ticket_issue_message(void *cls, | ||
1859 | const struct TicketIssueMessage *im) | ||
1860 | { | ||
1861 | uint16_t size; | ||
1862 | |||
1863 | size = ntohs (im->header.size); | ||
1864 | if (size <= sizeof (struct TicketIssueMessage)) | ||
1865 | { | ||
1866 | GNUNET_break (0); | ||
1867 | return GNUNET_SYSERR; | ||
1868 | } | ||
1869 | return GNUNET_OK; | ||
1870 | } | ||
1871 | |||
1872 | |||
1873 | /** | ||
1808 | * | 1874 | * |
1809 | * Handler for ticket issue message | 1875 | * Handler for ticket issue message |
1810 | * | 1876 | * |
@@ -1849,7 +1915,242 @@ cleanup_as_handle (struct AttributeStoreHandle *handle) | |||
1849 | GNUNET_free (handle); | 1915 | GNUNET_free (handle); |
1850 | } | 1916 | } |
1851 | 1917 | ||
1918 | /** | ||
1919 | * Checks a ticket consume message | ||
1920 | * | ||
1921 | * @param cls client sending the message | ||
1922 | * @param im message of type `struct ConsumeTicketMessage` | ||
1923 | * @return #GNUNET_OK if @a im is well-formed | ||
1924 | */ | ||
1925 | static int | ||
1926 | check_consume_ticket_message(void *cls, | ||
1927 | const struct ConsumeTicketMessage *cm) | ||
1928 | { | ||
1929 | uint16_t size; | ||
1930 | |||
1931 | size = ntohs (cm->header.size); | ||
1932 | if (size <= sizeof (struct ConsumeTicketMessage)) | ||
1933 | { | ||
1934 | GNUNET_break (0); | ||
1935 | return GNUNET_SYSERR; | ||
1936 | } | ||
1937 | return GNUNET_OK; | ||
1938 | } | ||
1852 | 1939 | ||
1940 | static void | ||
1941 | process_parallel_lookup2 (void *cls, uint32_t rd_count, | ||
1942 | const struct GNUNET_GNSRECORD_Data *rd) | ||
1943 | { | ||
1944 | GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, | ||
1945 | "Parallel lookup finished (count=%u)\n", rd_count); | ||
1946 | struct ParallelLookup2 *parallel_lookup = cls; | ||
1947 | struct ConsumeTicketHandle *handle = parallel_lookup->handle; | ||
1948 | struct AttributeResultMessage *arm; | ||
1949 | struct GNUNET_MQ_Envelope *env; | ||
1950 | char *data; | ||
1951 | char *data_tmp; | ||
1952 | size_t msg_extra_len; | ||
1953 | |||
1954 | GNUNET_CONTAINER_DLL_remove (handle->parallel_lookups_head, | ||
1955 | handle->parallel_lookups_tail, | ||
1956 | parallel_lookup); | ||
1957 | GNUNET_free (parallel_lookup); | ||
1958 | if (1 != rd_count) | ||
1959 | GNUNET_break(0);//TODO | ||
1960 | if (rd->record_type == GNUNET_GNSRECORD_TYPE_ID_ATTR) | ||
1961 | { | ||
1962 | msg_extra_len = GNUNET_CRYPTO_cpabe_decrypt (rd->data, | ||
1963 | rd->data_size, | ||
1964 | handle->key, | ||
1965 | (void**)&data); | ||
1966 | env = GNUNET_MQ_msg_extra (arm, | ||
1967 | msg_extra_len, | ||
1968 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_RESULT); | ||
1969 | arm->id = htonl (handle->r_id); | ||
1970 | arm->attr_len = htons (msg_extra_len); | ||
1971 | arm->identity = handle->ticket.identity; | ||
1972 | data_tmp = (char *) &arm[1]; | ||
1973 | GNUNET_memcpy (data_tmp, | ||
1974 | data, | ||
1975 | msg_extra_len); | ||
1976 | GNUNET_MQ_send (handle->client->mq, env); | ||
1977 | GNUNET_free (data); | ||
1978 | } | ||
1979 | if (NULL != handle->parallel_lookups_head) | ||
1980 | return; //Wait for more | ||
1981 | //Else we are done | ||
1982 | GNUNET_SCHEDULER_cancel (handle->kill_task); | ||
1983 | env = GNUNET_MQ_msg (arm, | ||
1984 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_RESULT); | ||
1985 | arm->id = htonl (handle->r_id); | ||
1986 | arm->attr_len = htons (0); | ||
1987 | GNUNET_MQ_send (handle->client->mq, env); | ||
1988 | } | ||
1989 | |||
1990 | void | ||
1991 | abort_parallel_lookups2 (void *cls) | ||
1992 | { | ||
1993 | struct ConsumeTicketHandle *handle = cls; | ||
1994 | struct ParallelLookup2 *lu; | ||
1995 | struct ParallelLookup2 *tmp; | ||
1996 | struct AttributeResultMessage *arm; | ||
1997 | struct GNUNET_MQ_Envelope *env; | ||
1998 | |||
1999 | for (lu = handle->parallel_lookups_head; | ||
2000 | NULL != lu;) { | ||
2001 | GNUNET_GNS_lookup_cancel (lu->lookup_request); | ||
2002 | GNUNET_free (lu->label); | ||
2003 | tmp = lu->next; | ||
2004 | GNUNET_CONTAINER_DLL_remove (handle->parallel_lookups_head, | ||
2005 | handle->parallel_lookups_tail, | ||
2006 | lu); | ||
2007 | GNUNET_free (lu); | ||
2008 | lu = tmp; | ||
2009 | } | ||
2010 | env = GNUNET_MQ_msg (arm, | ||
2011 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_RESULT); | ||
2012 | arm->id = htonl (handle->r_id); | ||
2013 | arm->attr_len = htons (0); | ||
2014 | GNUNET_MQ_send (handle->client->mq, env); | ||
2015 | |||
2016 | } | ||
2017 | |||
2018 | static void | ||
2019 | cleanup_consume_ticket_handle (struct ConsumeTicketHandle *handle) | ||
2020 | { | ||
2021 | if (NULL != handle->key) | ||
2022 | GNUNET_free (handle->key); | ||
2023 | GNUNET_free (handle); | ||
2024 | } | ||
2025 | |||
2026 | |||
2027 | static void | ||
2028 | process_consume_abe_key (void *cls, uint32_t rd_count, | ||
2029 | const struct GNUNET_GNSRECORD_Data *rd) | ||
2030 | { | ||
2031 | struct ConsumeTicketHandle *handle = cls; | ||
2032 | struct GNUNET_HashCode new_key_hash; | ||
2033 | struct GNUNET_CRYPTO_SymmetricSessionKey enc_key; | ||
2034 | struct GNUNET_CRYPTO_SymmetricInitializationVector enc_iv; | ||
2035 | struct GNUNET_CRYPTO_EcdhePublicKey *ecdh_key; | ||
2036 | struct ParallelLookup2 *parallel_lookup; | ||
2037 | size_t size; | ||
2038 | char *buf; | ||
2039 | char *scope; | ||
2040 | char *lookup_query; | ||
2041 | |||
2042 | handle->lookup_request = NULL; | ||
2043 | if (1 != rd_count) | ||
2044 | { | ||
2045 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
2046 | "Number of keys %d != 1.", | ||
2047 | rd_count); | ||
2048 | cleanup_consume_ticket_handle (handle); | ||
2049 | GNUNET_SCHEDULER_add_now (&do_shutdown, NULL); | ||
2050 | return; | ||
2051 | } | ||
2052 | |||
2053 | //Decrypt | ||
2054 | ecdh_key = (struct GNUNET_CRYPTO_EcdhePublicKey *)rd->data; | ||
2055 | |||
2056 | buf = GNUNET_malloc (rd->data_size - sizeof (struct GNUNET_CRYPTO_EcdhePublicKey)); | ||
2057 | |||
2058 | //Calculate symmetric key from ecdh parameters | ||
2059 | GNUNET_assert (GNUNET_OK == | ||
2060 | GNUNET_CRYPTO_ecdsa_ecdh (&handle->identity, | ||
2061 | ecdh_key, | ||
2062 | &new_key_hash)); | ||
2063 | create_sym_key_from_ecdh (&new_key_hash, | ||
2064 | &enc_key, | ||
2065 | &enc_iv); | ||
2066 | size = GNUNET_CRYPTO_symmetric_decrypt (rd->data + sizeof (struct GNUNET_CRYPTO_EcdhePublicKey), | ||
2067 | rd->data_size - sizeof (struct GNUNET_CRYPTO_EcdhePublicKey), | ||
2068 | &enc_key, | ||
2069 | &enc_iv, | ||
2070 | buf); | ||
2071 | |||
2072 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2073 | "Decrypted bytes: %zd Expected bytes: %zd\n", | ||
2074 | size, rd->data_size - sizeof (struct GNUNET_CRYPTO_EcdhePublicKey)); | ||
2075 | |||
2076 | scopes = GNUNET_strdup (buf); | ||
2077 | GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, | ||
2078 | "Scopes %s\n", scopes); | ||
2079 | handle->key = GNUNET_CRYPTO_cpabe_deserialize_key ((void*)(buf + strlen (scopes) + 1), | ||
2080 | rd->data_size - sizeof (struct GNUNET_CRYPTO_EcdhePublicKey) | ||
2081 | - strlen (scopes) - 1); | ||
2082 | |||
2083 | for (scope = strtok (scopes, ","); NULL != scope; scope = strtok (NULL, ",")) | ||
2084 | { | ||
2085 | GNUNET_asprintf (&lookup_query, | ||
2086 | "%s.gnu", | ||
2087 | scope); | ||
2088 | GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, | ||
2089 | "Looking up %s\n", lookup_query); | ||
2090 | parallel_lookup = GNUNET_new (struct ParallelLookup2); | ||
2091 | parallel_lookup->handle = handle; | ||
2092 | parallel_lookup->label = GNUNET_strdup (scope); | ||
2093 | parallel_lookup->lookup_request | ||
2094 | = GNUNET_GNS_lookup (gns_handle, | ||
2095 | lookup_query, | ||
2096 | &handle->ticket.identity, | ||
2097 | GNUNET_GNSRECORD_TYPE_ID_ATTR, | ||
2098 | GNUNET_GNS_LO_LOCAL_MASTER, | ||
2099 | &process_parallel_lookup2, | ||
2100 | parallel_lookup); | ||
2101 | GNUNET_CONTAINER_DLL_insert (handle->parallel_lookups_head, | ||
2102 | handle->parallel_lookups_tail, | ||
2103 | parallel_lookup); | ||
2104 | } | ||
2105 | handle->kill_task = GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_relative_multiply(GNUNET_TIME_UNIT_MINUTES,3), | ||
2106 | &abort_parallel_lookups2, | ||
2107 | handle); | ||
2108 | } | ||
2109 | |||
2110 | |||
2111 | /** | ||
2112 | * | ||
2113 | * Handler for ticket issue message | ||
2114 | * | ||
2115 | * @param cls unused | ||
2116 | * @param client who sent the message | ||
2117 | * @param message the message | ||
2118 | */ | ||
2119 | static void | ||
2120 | handle_consume_ticket_message (void *cls, | ||
2121 | const struct ConsumeTicketMessage *cm) | ||
2122 | { | ||
2123 | struct ConsumeTicketHandle *ch; | ||
2124 | struct IdpClient *idp = cls; | ||
2125 | char* lookup_query; | ||
2126 | char* rnd_label; | ||
2127 | |||
2128 | ch = GNUNET_new (struct ConsumeTicketHandle); | ||
2129 | ch->r_id = ntohl (cm->id); | ||
2130 | ch->client = idp; | ||
2131 | ch->identity = cm->identity; | ||
2132 | GNUNET_CRYPTO_ecdsa_key_get_public (&ch->identity, | ||
2133 | &ch->identity_pub); | ||
2134 | ch->ticket = *((struct GNUNET_IDENTITY_PROVIDER_Ticket2*)&cm[1]); | ||
2135 | rnd_label = GNUNET_STRINGS_data_to_string_alloc (&ch->ticket.rnd, | ||
2136 | sizeof (uint64_t)); | ||
2137 | GNUNET_asprintf (&lookup_query, | ||
2138 | "%s.gnu", | ||
2139 | rnd_label); | ||
2140 | GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, | ||
2141 | "Looking for ABE key under %s\n", lookup_query); | ||
2142 | |||
2143 | ch->lookup_request | ||
2144 | = GNUNET_GNS_lookup (gns_handle, | ||
2145 | lookup_query, | ||
2146 | &ch->ticket.identity, | ||
2147 | GNUNET_GNSRECORD_TYPE_ABE_KEY, | ||
2148 | GNUNET_GNS_LO_LOCAL_MASTER, | ||
2149 | &process_consume_abe_key, | ||
2150 | ch); | ||
2151 | GNUNET_free (lookup_query); | ||
2152 | GNUNET_SERVICE_client_continue (idp->client); | ||
2153 | } | ||
1853 | 2154 | ||
1854 | void | 2155 | void |
1855 | attr_store_cont (void *cls, | 2156 | attr_store_cont (void *cls, |
@@ -2066,7 +2367,8 @@ attr_iter_cb (void *cls, | |||
2066 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_RESULT); | 2367 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_RESULT); |
2067 | arm->id = htonl (ai->request_id); | 2368 | arm->id = htonl (ai->request_id); |
2068 | arm->attr_len = htons (msg_extra_len); | 2369 | arm->attr_len = htons (msg_extra_len); |
2069 | arm->identity = *zone; | 2370 | GNUNET_CRYPTO_ecdsa_key_get_public (zone, |
2371 | &arm->identity); | ||
2070 | data_tmp = (char *) &arm[1]; | 2372 | data_tmp = (char *) &arm[1]; |
2071 | GNUNET_memcpy (data_tmp, | 2373 | GNUNET_memcpy (data_tmp, |
2072 | attr_ser, | 2374 | attr_ser, |
@@ -2339,5 +2641,9 @@ GNUNET_SERVICE_MAIN | |||
2339 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ISSUE, | 2641 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ISSUE, |
2340 | struct TicketIssueMessage, | 2642 | struct TicketIssueMessage, |
2341 | NULL), | 2643 | NULL), |
2644 | GNUNET_MQ_hd_var_size (consume_ticket_message, | ||
2645 | GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_CONSUME_TICKET, | ||
2646 | struct ConsumeTicketMessage, | ||
2647 | NULL), | ||
2342 | GNUNET_MQ_handler_end()); | 2648 | GNUNET_MQ_handler_end()); |
2343 | /* end of gnunet-service-identity-provider.c */ | 2649 | /* end of gnunet-service-identity-provider.c */ |