1 files changed, 270 insertions, 37 deletions
diff --git a/src/identity-provider/identity_provider.h b/src/identity-provider/identity_provider.h
index 6fe6102c8..be9fdc6f5 100644
--- a/src/identity-provider/identity_provider.h
+++ b/src/identity-provider/identity_provider.h
@@ -34,34 +34,157 @@
 GNUNET_NETWORK_STRUCT_BEGIN
 /**
- * The token
+ * Use to store an identity attribute
 */
-struct GNUNET_IDENTITY_PROVIDER_Token
+struct AttributeStoreMessage
 {
  /**
-   * The JWT representation of the identity token
+   * Type: #GNUNET_MESSAGE_TYPE_IDENTITY_SET_DEFAULT
+   */
+  struct GNUNET_MessageHeader header;
+  /**
+   * Unique identifier for this request (for key collisions).
   */
-  char *data;
+  uint32_t id GNUNET_PACKED;
+  /**
+   * The length of the attribute
+   */
+  uint32_t attr_len GNUNET_PACKED;
+  /**
+   * Identity
+   */
+  struct GNUNET_CRYPTO_EcdsaPrivateKey identity;
+  /* followed by the serialized attribute */
 };
 /**
- * The ticket
+ * Attribute store response message
 */
-struct GNUNET_IDENTITY_PROVIDER_Ticket
+struct AttributeStoreResultMessage
 {
  /**
-   * The Base64 representation of the ticket
+   * Message header
+   */
+  struct GNUNET_MessageHeader header;
+  
+  /**
+   * Unique identifier for this request (for key collisions).
+   */
+  uint32_t id GNUNET_PACKED;
+  /**
+   * #GNUNET_SYSERR on failure, #GNUNET_OK on success
+   */
+  int32_t op_result GNUNET_PACKED;
+};
+/**
+ * Attribute is returned from the idp.
+ */
+struct AttributeResultMessage
+{
+  /**
+   * Message header
+   */
+  struct GNUNET_MessageHeader header;
+   /**
+   * Unique identifier for this request (for key collisions).
+   */
+  uint32_t id GNUNET_PACKED;
+  /**
+   * Length of serialized attribute data
+   */
+  uint16_t attr_len GNUNET_PACKED;
+  /**
+   * always zero (for alignment)
+   */
+  uint16_t reserved GNUNET_PACKED;
+  /**
+   * The public key of the identity.
+   */
+  struct GNUNET_CRYPTO_EcdsaPublicKey identity;
+  /* followed by:
+   * serialized attribute data
+   */
+};
+/**
+ * Start a attribute iteration for the given identity
+ */
+struct AttributeIterationStartMessage
+{
+  /**
+   * Message
+   */
+  struct GNUNET_MessageHeader header;
+  /**
+   * Unique identifier for this request (for key collisions).
+   */
+  uint32_t id GNUNET_PACKED;
+  /**
+   * Identity.
+   */
+  struct GNUNET_CRYPTO_EcdsaPrivateKey identity;
+};
+/**
+ * Ask for next result of attribute iteration for the given operation
+ */
+struct AttributeIterationNextMessage
+{
+  /**
+   * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_ITERATION_NEXT
+   */
+  struct GNUNET_MessageHeader header;
+  /**
+   * Unique identifier for this request (for key collisions).
+   */
+  uint32_t id GNUNET_PACKED;
+};
+/**
+ * Stop attribute iteration for the given operation
+ */
+struct AttributeIterationStopMessage
+{
+  /**
+   * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_ITERATION_STOP
+   */
+  struct GNUNET_MessageHeader header;
+  /**
+   * Unique identifier for this request (for key collisions).
   */
-  char *data;
+  uint32_t id GNUNET_PACKED;
 };
 /**
- * Answer from service to client after issue operation
+ * Start a ticket iteration for the given identity
 */
-struct IssueResultMessage
+struct TicketIterationStartMessage
 {
  /**
-   * Type: #GNUNET_MESSAGE_TYPE_IDENTITY_RESULT_CODE
+   * Message
   */
  struct GNUNET_MessageHeader header;
@@ -70,18 +193,25 @@ struct IssueResultMessage
   */
  uint32_t id GNUNET_PACKED;
-  /* followed by 0-terminated label,ticket,token */
+  /**
+   * Identity.
+   */
+  struct GNUNET_CRYPTO_EcdsaPublicKey identity;
+  /**
+   * Identity is audience or issuer
+   */
+  uint32_t is_audience GNUNET_PACKED;
 };
 /**
- * Ticket exchange message.
+ * Ask for next result of ticket iteration for the given operation
 */
-struct ExchangeResultMessage
+struct TicketIterationNextMessage
 {
  /**
-   * Type: #GNUNET_MESSAGE_TYPE_IDENTITY_UPDATE
+   * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ITERATION_NEXT
   */
  struct GNUNET_MessageHeader header;
@@ -90,25 +220,35 @@ struct ExchangeResultMessage
   */
  uint32_t id GNUNET_PACKED;
+};
+/**
+ * Stop ticket iteration for the given operation
+ */
+struct TicketIterationStopMessage
+{
  /**
-   * Nonce found in ticket. NBO
+   * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ITERATION_STOP
-   * 0 on error.
   */
-  uint64_t ticket_nonce GNUNET_PACKED;
+  struct GNUNET_MessageHeader header;
-  /* followed by 0-terminated token */
+  /**
+   * Unique identifier for this request (for key collisions).
+   */
+  uint32_t id GNUNET_PACKED;
 };
 /**
- * Client requests IdP to issue token.
+ * Ticket issue message
 */
-struct IssueMessage
+struct IssueTicketMessage
 {
  /**
-   * Type: #GNUNET_MESSAGE_TYPE_IDENTITY_GET_DEFAULT
+   * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ISSUE
   */
  struct GNUNET_MessageHeader header;
@@ -117,40 +257,98 @@ struct IssueMessage
   */
  uint32_t id GNUNET_PACKED;
+  /**
+   * Identity.
+   */
+  struct GNUNET_CRYPTO_EcdsaPrivateKey identity;
  /**
-   * Issuer identity private key
+   * Requesting party.
   */
-  struct GNUNET_CRYPTO_EcdsaPrivateKey iss_key;
+  struct GNUNET_CRYPTO_EcdsaPublicKey rp;
  /**
-   * Audience public key
+   * length of serialized attribute list
   */
-  struct GNUNET_CRYPTO_EcdsaPublicKey aud_key;
+  uint32_t attr_len GNUNET_PACKED;
+  //Followed by a serialized attribute list
+};
+/**
+ * Ticket revoke message
+ */
+struct RevokeTicketMessage
+{
  /**
-   * Nonce
+   * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ISSUE
   */
-  uint64_t nonce;
+  struct GNUNET_MessageHeader header;
  /**
-   * Expiration of token in NBO.
+   * Unique identifier for this request (for key collisions).
   */
-  struct GNUNET_TIME_AbsoluteNBO expiration;
+  uint32_t id GNUNET_PACKED;
+  /**
+   * Identity.
+   */
+  struct GNUNET_CRYPTO_EcdsaPrivateKey identity;
-  /* followed by 0-terminated comma-separated scope list */
+  /**
+   * length of serialized attribute list
+   */
+  uint32_t attrs_len GNUNET_PACKED;
+  //Followed by a ticket and serialized attribute list
+};
+/**
+ * Ticket revoke message
+ */
+struct RevokeTicketResultMessage
+{
+  /**
+   * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ISSUE
+   */
+  struct GNUNET_MessageHeader header;
+  /**
+   * Unique identifier for this request (for key collisions).
+   */
+  uint32_t id GNUNET_PACKED;
+  /**
+   * Revocation result
+   */
+  uint32_t success GNUNET_PACKED;
 };
 /**
- * Use to exchange a ticket for a token
+ * Ticket result message
 */
-struct ExchangeMessage
+struct TicketResultMessage
 {
  /**
-   * Type: #GNUNET_MESSAGE_TYPE_IDENTITY_SET_DEFAULT
+   * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_RESULT
+   */
+  struct GNUNET_MessageHeader header;
+  /**
+   * Unique identifier for this request (for key collisions).
+   */
+  uint32_t id GNUNET_PACKED;
+};
+/**
+ * Ticket consume message
+ */
+struct ConsumeTicketMessage
+{
+  /**
+   * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ISSUE
   */
  struct GNUNET_MessageHeader header;
@@ -160,15 +358,50 @@ struct ExchangeMessage
  uint32_t id GNUNET_PACKED;
  /**
-   * Audience identity private key
+   * Identity.
+   */
+  struct GNUNET_CRYPTO_EcdsaPrivateKey identity;
+  //Followed by a serialized ticket
+};
+/**
+ * Attribute list is returned from the idp.
+ */
+struct ConsumeTicketResultMessage
+{
+  /**
+   * Message header
+   */
+  struct GNUNET_MessageHeader header;
+   /**
+   * Unique identifier for this request (for key collisions).
+   */
+  uint32_t id GNUNET_PACKED;
+  /**
+   * Length of serialized attribute data
   */
-  struct GNUNET_CRYPTO_EcdsaPrivateKey aud_privkey;
+  uint16_t attrs_len GNUNET_PACKED;
-  /* followed by 0-terminated ticket string */
+  /**
+   * always zero (for alignment)
+   */
+  uint16_t reserved GNUNET_PACKED;
+  /**
+   * The public key of the identity.
+   */
+  struct GNUNET_CRYPTO_EcdsaPublicKey identity;
+  /* followed by:
+   * serialized attributes data
+   */
 };
 GNUNET_NETWORK_STRUCT_END
 #endif

diff --git a/src/identity-provider/identity_provider.h b/src/identity-provider/identity_provider.h index 6fe6102c8..be9fdc6f5 100644 --- a/src/identity-provider/identity_provider.h +++ b/src/identity-provider/identity_provider.h
@@ -34,34 +34,157 @@
34	GNUNET_NETWORK_STRUCT_BEGIN	34	GNUNET_NETWORK_STRUCT_BEGIN
35		35
36	/**	36	/**
37	* The token	37	* Use to store an identity attribute
38	*/	38	*/
39	struct GNUNET_IDENTITY_PROVIDER_Token	39	struct AttributeStoreMessage
40	{	40	{
41	/**	41	/**
42	* The JWT representation of the identity token	42	* Type: #GNUNET_MESSAGE_TYPE_IDENTITY_SET_DEFAULT
		43	*/
		44	struct GNUNET_MessageHeader header;
		45
		46	/**
		47	* Unique identifier for this request (for key collisions).
43	*/	48	*/
44	char *data;	49	uint32_t id GNUNET_PACKED;
		50
		51	/**
		52	* The length of the attribute
		53	*/
		54	uint32_t attr_len GNUNET_PACKED;
		55
		56	/**
		57	* Identity
		58	*/
		59	struct GNUNET_CRYPTO_EcdsaPrivateKey identity;
		60
		61	/* followed by the serialized attribute */
		62
45	};	63	};
46		64
47	/**	65	/**
48	* The ticket	66	* Attribute store response message
49	*/	67	*/
50	struct GNUNET_IDENTITY_PROVIDER_Ticket	68	struct AttributeStoreResultMessage
51	{	69	{
52	/**	70	/**
53	* The Base64 representation of the ticket	71	* Message header
		72	*/
		73	struct GNUNET_MessageHeader header;
		74
		75	/**
		76	* Unique identifier for this request (for key collisions).
		77	*/
		78	uint32_t id GNUNET_PACKED;
		79
		80	/**
		81	* #GNUNET_SYSERR on failure, #GNUNET_OK on success
		82	*/
		83	int32_t op_result GNUNET_PACKED;
		84
		85	};
		86
		87	/**
		88	* Attribute is returned from the idp.
		89	*/
		90	struct AttributeResultMessage
		91	{
		92	/**
		93	* Message header
		94	*/
		95	struct GNUNET_MessageHeader header;
		96
		97	/**
		98	* Unique identifier for this request (for key collisions).
		99	*/
		100	uint32_t id GNUNET_PACKED;
		101
		102	/**
		103	* Length of serialized attribute data
		104	*/
		105	uint16_t attr_len GNUNET_PACKED;
		106
		107	/**
		108	* always zero (for alignment)
		109	*/
		110	uint16_t reserved GNUNET_PACKED;
		111
		112	/**
		113	* The public key of the identity.
		114	*/
		115	struct GNUNET_CRYPTO_EcdsaPublicKey identity;
		116
		117	/* followed by:
		118	* serialized attribute data
		119	*/
		120	};
		121
		122
		123	/**
		124	* Start a attribute iteration for the given identity
		125	*/
		126	struct AttributeIterationStartMessage
		127	{
		128	/**
		129	* Message
		130	*/
		131	struct GNUNET_MessageHeader header;
		132
		133	/**
		134	* Unique identifier for this request (for key collisions).
		135	*/
		136	uint32_t id GNUNET_PACKED;
		137
		138	/**
		139	* Identity.
		140	*/
		141	struct GNUNET_CRYPTO_EcdsaPrivateKey identity;
		142
		143	};
		144
		145
		146	/**
		147	* Ask for next result of attribute iteration for the given operation
		148	*/
		149	struct AttributeIterationNextMessage
		150	{
		151	/**
		152	* Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_ITERATION_NEXT
		153	*/
		154	struct GNUNET_MessageHeader header;
		155
		156	/**
		157	* Unique identifier for this request (for key collisions).
		158	*/
		159	uint32_t id GNUNET_PACKED;
		160
		161	};
		162
		163
		164	/**
		165	* Stop attribute iteration for the given operation
		166	*/
		167	struct AttributeIterationStopMessage
		168	{
		169	/**
		170	* Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_ITERATION_STOP
		171	*/
		172	struct GNUNET_MessageHeader header;
		173
		174	/**
		175	* Unique identifier for this request (for key collisions).
54	*/	176	*/
55	char *data;	177	uint32_t id GNUNET_PACKED;
		178
56	};	179	};
57		180
58	/**	181	/**
59	* Answer from service to client after issue operation	182	* Start a ticket iteration for the given identity
60	*/	183	*/
61	struct IssueResultMessage	184	struct TicketIterationStartMessage
62	{	185	{
63	/**	186	/**
64	* Type: #GNUNET_MESSAGE_TYPE_IDENTITY_RESULT_CODE	187	* Message
65	*/	188	*/
66	struct GNUNET_MessageHeader header;	189	struct GNUNET_MessageHeader header;
67		190
@@ -70,18 +193,25 @@ struct IssueResultMessage
70	*/	193	*/
71	uint32_t id GNUNET_PACKED;	194	uint32_t id GNUNET_PACKED;
72		195
73	/* followed by 0-terminated label,ticket,token */	196	/**
		197	* Identity.
		198	*/
		199	struct GNUNET_CRYPTO_EcdsaPublicKey identity;
74		200
		201	/**
		202	* Identity is audience or issuer
		203	*/
		204	uint32_t is_audience GNUNET_PACKED;
75	};	205	};
76		206
77		207
78	/**	208	/**
79	* Ticket exchange message.	209	* Ask for next result of ticket iteration for the given operation
80	*/	210	*/
81	struct ExchangeResultMessage	211	struct TicketIterationNextMessage
82	{	212	{
83	/**	213	/**
84	* Type: #GNUNET_MESSAGE_TYPE_IDENTITY_UPDATE	214	* Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ITERATION_NEXT
85	*/	215	*/
86	struct GNUNET_MessageHeader header;	216	struct GNUNET_MessageHeader header;
87		217
@@ -90,25 +220,35 @@ struct ExchangeResultMessage
90	*/	220	*/
91	uint32_t id GNUNET_PACKED;	221	uint32_t id GNUNET_PACKED;
92		222
		223	};
		224
		225
		226	/**
		227	* Stop ticket iteration for the given operation
		228	*/
		229	struct TicketIterationStopMessage
		230	{
93	/**	231	/**
94	* Nonce found in ticket. NBO	232	* Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ITERATION_STOP
95	* 0 on error.
96	*/	233	*/
97	uint64_t ticket_nonce GNUNET_PACKED;	234	struct GNUNET_MessageHeader header;
98		235
99	/* followed by 0-terminated token */	236	/**
		237	* Unique identifier for this request (for key collisions).
		238	*/
		239	uint32_t id GNUNET_PACKED;
100		240
101	};	241	};
102		242
103		243
104		244
105	/**	245	/**
106	* Client requests IdP to issue token.	246	* Ticket issue message
107	*/	247	*/
108	struct IssueMessage	248	struct IssueTicketMessage
109	{	249	{
110	/**	250	/**
111	* Type: #GNUNET_MESSAGE_TYPE_IDENTITY_GET_DEFAULT	251	* Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ISSUE
112	*/	252	*/
113	struct GNUNET_MessageHeader header;	253	struct GNUNET_MessageHeader header;
114		254
@@ -117,40 +257,98 @@ struct IssueMessage
117	*/	257	*/
118	uint32_t id GNUNET_PACKED;	258	uint32_t id GNUNET_PACKED;
119		259
		260	/**
		261	* Identity.
		262	*/
		263	struct GNUNET_CRYPTO_EcdsaPrivateKey identity;
120		264
121	/**	265	/**
122	* Issuer identity private key	266	* Requesting party.
123	*/	267	*/
124	struct GNUNET_CRYPTO_EcdsaPrivateKey iss_key;	268	struct GNUNET_CRYPTO_EcdsaPublicKey rp;
125		269
126	/**	270	/**
127	* Audience public key	271	* length of serialized attribute list
128	*/	272	*/
129	struct GNUNET_CRYPTO_EcdsaPublicKey aud_key;	273	uint32_t attr_len GNUNET_PACKED;
130		274
		275	//Followed by a serialized attribute list
		276	};
		277
		278	/**
		279	* Ticket revoke message
		280	*/
		281	struct RevokeTicketMessage
		282	{
131	/**	283	/**
132	* Nonce	284	* Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ISSUE
133	*/	285	*/
134	uint64_t nonce;	286	struct GNUNET_MessageHeader header;
135		287
136	/**	288	/**
137	* Expiration of token in NBO.	289	* Unique identifier for this request (for key collisions).
138	*/	290	*/
139	struct GNUNET_TIME_AbsoluteNBO expiration;	291	uint32_t id GNUNET_PACKED;
140		292
		293	/**
		294	* Identity.
		295	*/
		296	struct GNUNET_CRYPTO_EcdsaPrivateKey identity;
141		297
142	/* followed by 0-terminated comma-separated scope list */	298	/**
		299	* length of serialized attribute list
		300	*/
		301	uint32_t attrs_len GNUNET_PACKED;
143		302
		303	//Followed by a ticket and serialized attribute list
		304	};
		305
		306	/**
		307	* Ticket revoke message
		308	*/
		309	struct RevokeTicketResultMessage
		310	{
		311	/**
		312	* Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ISSUE
		313	*/
		314	struct GNUNET_MessageHeader header;
		315
		316	/**
		317	* Unique identifier for this request (for key collisions).
		318	*/
		319	uint32_t id GNUNET_PACKED;
		320
		321	/**
		322	* Revocation result
		323	*/
		324	uint32_t success GNUNET_PACKED;
144	};	325	};
145		326
146		327
147	/**	328	/**
148	* Use to exchange a ticket for a token	329	* Ticket result message
149	*/	330	*/
150	struct ExchangeMessage	331	struct TicketResultMessage
151	{	332	{
152	/**	333	/**
153	* Type: #GNUNET_MESSAGE_TYPE_IDENTITY_SET_DEFAULT	334	* Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_RESULT
		335	*/
		336	struct GNUNET_MessageHeader header;
		337
		338	/**
		339	* Unique identifier for this request (for key collisions).
		340	*/
		341	uint32_t id GNUNET_PACKED;
		342
		343	};
		344
		345	/**
		346	* Ticket consume message
		347	*/
		348	struct ConsumeTicketMessage
		349	{
		350	/**
		351	* Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ISSUE
154	*/	352	*/
155	struct GNUNET_MessageHeader header;	353	struct GNUNET_MessageHeader header;
156		354
@@ -160,15 +358,50 @@ struct ExchangeMessage
160	uint32_t id GNUNET_PACKED;	358	uint32_t id GNUNET_PACKED;
161		359
162	/**	360	/**
163	* Audience identity private key	361	* Identity.
		362	*/
		363	struct GNUNET_CRYPTO_EcdsaPrivateKey identity;
		364
		365	//Followed by a serialized ticket
		366	};
		367
		368	/**
		369	* Attribute list is returned from the idp.
		370	*/
		371	struct ConsumeTicketResultMessage
		372	{
		373	/**
		374	* Message header
		375	*/
		376	struct GNUNET_MessageHeader header;
		377
		378	/**
		379	* Unique identifier for this request (for key collisions).
		380	*/
		381	uint32_t id GNUNET_PACKED;
		382
		383	/**
		384	* Length of serialized attribute data
164	*/	385	*/
165	struct GNUNET_CRYPTO_EcdsaPrivateKey aud_privkey;	386	uint16_t attrs_len GNUNET_PACKED;
166		387
167	/* followed by 0-terminated ticket string */	388	/**
		389	* always zero (for alignment)
		390	*/
		391	uint16_t reserved GNUNET_PACKED;
168		392
		393	/**
		394	* The public key of the identity.
		395	*/
		396	struct GNUNET_CRYPTO_EcdsaPublicKey identity;
		397
		398	/* followed by:
		399	* serialized attributes data
		400	*/
169	};	401	};
170		402
171		403
		404
172	GNUNET_NETWORK_STRUCT_END	405	GNUNET_NETWORK_STRUCT_END
173		406
174	#endif	407	#endif