diff options
Diffstat (limited to 'src/identity-provider/identity_provider.h')
-rw-r--r-- | src/identity-provider/identity_provider.h | 307 |
1 files changed, 270 insertions, 37 deletions
diff --git a/src/identity-provider/identity_provider.h b/src/identity-provider/identity_provider.h index 6fe6102c8..be9fdc6f5 100644 --- a/src/identity-provider/identity_provider.h +++ b/src/identity-provider/identity_provider.h | |||
@@ -34,34 +34,157 @@ | |||
34 | GNUNET_NETWORK_STRUCT_BEGIN | 34 | GNUNET_NETWORK_STRUCT_BEGIN |
35 | 35 | ||
36 | /** | 36 | /** |
37 | * The token | 37 | * Use to store an identity attribute |
38 | */ | 38 | */ |
39 | struct GNUNET_IDENTITY_PROVIDER_Token | 39 | struct AttributeStoreMessage |
40 | { | 40 | { |
41 | /** | 41 | /** |
42 | * The JWT representation of the identity token | 42 | * Type: #GNUNET_MESSAGE_TYPE_IDENTITY_SET_DEFAULT |
43 | */ | ||
44 | struct GNUNET_MessageHeader header; | ||
45 | |||
46 | /** | ||
47 | * Unique identifier for this request (for key collisions). | ||
43 | */ | 48 | */ |
44 | char *data; | 49 | uint32_t id GNUNET_PACKED; |
50 | |||
51 | /** | ||
52 | * The length of the attribute | ||
53 | */ | ||
54 | uint32_t attr_len GNUNET_PACKED; | ||
55 | |||
56 | /** | ||
57 | * Identity | ||
58 | */ | ||
59 | struct GNUNET_CRYPTO_EcdsaPrivateKey identity; | ||
60 | |||
61 | /* followed by the serialized attribute */ | ||
62 | |||
45 | }; | 63 | }; |
46 | 64 | ||
47 | /** | 65 | /** |
48 | * The ticket | 66 | * Attribute store response message |
49 | */ | 67 | */ |
50 | struct GNUNET_IDENTITY_PROVIDER_Ticket | 68 | struct AttributeStoreResultMessage |
51 | { | 69 | { |
52 | /** | 70 | /** |
53 | * The Base64 representation of the ticket | 71 | * Message header |
72 | */ | ||
73 | struct GNUNET_MessageHeader header; | ||
74 | |||
75 | /** | ||
76 | * Unique identifier for this request (for key collisions). | ||
77 | */ | ||
78 | uint32_t id GNUNET_PACKED; | ||
79 | |||
80 | /** | ||
81 | * #GNUNET_SYSERR on failure, #GNUNET_OK on success | ||
82 | */ | ||
83 | int32_t op_result GNUNET_PACKED; | ||
84 | |||
85 | }; | ||
86 | |||
87 | /** | ||
88 | * Attribute is returned from the idp. | ||
89 | */ | ||
90 | struct AttributeResultMessage | ||
91 | { | ||
92 | /** | ||
93 | * Message header | ||
94 | */ | ||
95 | struct GNUNET_MessageHeader header; | ||
96 | |||
97 | /** | ||
98 | * Unique identifier for this request (for key collisions). | ||
99 | */ | ||
100 | uint32_t id GNUNET_PACKED; | ||
101 | |||
102 | /** | ||
103 | * Length of serialized attribute data | ||
104 | */ | ||
105 | uint16_t attr_len GNUNET_PACKED; | ||
106 | |||
107 | /** | ||
108 | * always zero (for alignment) | ||
109 | */ | ||
110 | uint16_t reserved GNUNET_PACKED; | ||
111 | |||
112 | /** | ||
113 | * The public key of the identity. | ||
114 | */ | ||
115 | struct GNUNET_CRYPTO_EcdsaPublicKey identity; | ||
116 | |||
117 | /* followed by: | ||
118 | * serialized attribute data | ||
119 | */ | ||
120 | }; | ||
121 | |||
122 | |||
123 | /** | ||
124 | * Start a attribute iteration for the given identity | ||
125 | */ | ||
126 | struct AttributeIterationStartMessage | ||
127 | { | ||
128 | /** | ||
129 | * Message | ||
130 | */ | ||
131 | struct GNUNET_MessageHeader header; | ||
132 | |||
133 | /** | ||
134 | * Unique identifier for this request (for key collisions). | ||
135 | */ | ||
136 | uint32_t id GNUNET_PACKED; | ||
137 | |||
138 | /** | ||
139 | * Identity. | ||
140 | */ | ||
141 | struct GNUNET_CRYPTO_EcdsaPrivateKey identity; | ||
142 | |||
143 | }; | ||
144 | |||
145 | |||
146 | /** | ||
147 | * Ask for next result of attribute iteration for the given operation | ||
148 | */ | ||
149 | struct AttributeIterationNextMessage | ||
150 | { | ||
151 | /** | ||
152 | * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_ITERATION_NEXT | ||
153 | */ | ||
154 | struct GNUNET_MessageHeader header; | ||
155 | |||
156 | /** | ||
157 | * Unique identifier for this request (for key collisions). | ||
158 | */ | ||
159 | uint32_t id GNUNET_PACKED; | ||
160 | |||
161 | }; | ||
162 | |||
163 | |||
164 | /** | ||
165 | * Stop attribute iteration for the given operation | ||
166 | */ | ||
167 | struct AttributeIterationStopMessage | ||
168 | { | ||
169 | /** | ||
170 | * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_ITERATION_STOP | ||
171 | */ | ||
172 | struct GNUNET_MessageHeader header; | ||
173 | |||
174 | /** | ||
175 | * Unique identifier for this request (for key collisions). | ||
54 | */ | 176 | */ |
55 | char *data; | 177 | uint32_t id GNUNET_PACKED; |
178 | |||
56 | }; | 179 | }; |
57 | 180 | ||
58 | /** | 181 | /** |
59 | * Answer from service to client after issue operation | 182 | * Start a ticket iteration for the given identity |
60 | */ | 183 | */ |
61 | struct IssueResultMessage | 184 | struct TicketIterationStartMessage |
62 | { | 185 | { |
63 | /** | 186 | /** |
64 | * Type: #GNUNET_MESSAGE_TYPE_IDENTITY_RESULT_CODE | 187 | * Message |
65 | */ | 188 | */ |
66 | struct GNUNET_MessageHeader header; | 189 | struct GNUNET_MessageHeader header; |
67 | 190 | ||
@@ -70,18 +193,25 @@ struct IssueResultMessage | |||
70 | */ | 193 | */ |
71 | uint32_t id GNUNET_PACKED; | 194 | uint32_t id GNUNET_PACKED; |
72 | 195 | ||
73 | /* followed by 0-terminated label,ticket,token */ | 196 | /** |
197 | * Identity. | ||
198 | */ | ||
199 | struct GNUNET_CRYPTO_EcdsaPublicKey identity; | ||
74 | 200 | ||
201 | /** | ||
202 | * Identity is audience or issuer | ||
203 | */ | ||
204 | uint32_t is_audience GNUNET_PACKED; | ||
75 | }; | 205 | }; |
76 | 206 | ||
77 | 207 | ||
78 | /** | 208 | /** |
79 | * Ticket exchange message. | 209 | * Ask for next result of ticket iteration for the given operation |
80 | */ | 210 | */ |
81 | struct ExchangeResultMessage | 211 | struct TicketIterationNextMessage |
82 | { | 212 | { |
83 | /** | 213 | /** |
84 | * Type: #GNUNET_MESSAGE_TYPE_IDENTITY_UPDATE | 214 | * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ITERATION_NEXT |
85 | */ | 215 | */ |
86 | struct GNUNET_MessageHeader header; | 216 | struct GNUNET_MessageHeader header; |
87 | 217 | ||
@@ -90,25 +220,35 @@ struct ExchangeResultMessage | |||
90 | */ | 220 | */ |
91 | uint32_t id GNUNET_PACKED; | 221 | uint32_t id GNUNET_PACKED; |
92 | 222 | ||
223 | }; | ||
224 | |||
225 | |||
226 | /** | ||
227 | * Stop ticket iteration for the given operation | ||
228 | */ | ||
229 | struct TicketIterationStopMessage | ||
230 | { | ||
93 | /** | 231 | /** |
94 | * Nonce found in ticket. NBO | 232 | * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ITERATION_STOP |
95 | * 0 on error. | ||
96 | */ | 233 | */ |
97 | uint64_t ticket_nonce GNUNET_PACKED; | 234 | struct GNUNET_MessageHeader header; |
98 | 235 | ||
99 | /* followed by 0-terminated token */ | 236 | /** |
237 | * Unique identifier for this request (for key collisions). | ||
238 | */ | ||
239 | uint32_t id GNUNET_PACKED; | ||
100 | 240 | ||
101 | }; | 241 | }; |
102 | 242 | ||
103 | 243 | ||
104 | 244 | ||
105 | /** | 245 | /** |
106 | * Client requests IdP to issue token. | 246 | * Ticket issue message |
107 | */ | 247 | */ |
108 | struct IssueMessage | 248 | struct IssueTicketMessage |
109 | { | 249 | { |
110 | /** | 250 | /** |
111 | * Type: #GNUNET_MESSAGE_TYPE_IDENTITY_GET_DEFAULT | 251 | * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ISSUE |
112 | */ | 252 | */ |
113 | struct GNUNET_MessageHeader header; | 253 | struct GNUNET_MessageHeader header; |
114 | 254 | ||
@@ -117,40 +257,98 @@ struct IssueMessage | |||
117 | */ | 257 | */ |
118 | uint32_t id GNUNET_PACKED; | 258 | uint32_t id GNUNET_PACKED; |
119 | 259 | ||
260 | /** | ||
261 | * Identity. | ||
262 | */ | ||
263 | struct GNUNET_CRYPTO_EcdsaPrivateKey identity; | ||
120 | 264 | ||
121 | /** | 265 | /** |
122 | * Issuer identity private key | 266 | * Requesting party. |
123 | */ | 267 | */ |
124 | struct GNUNET_CRYPTO_EcdsaPrivateKey iss_key; | 268 | struct GNUNET_CRYPTO_EcdsaPublicKey rp; |
125 | 269 | ||
126 | /** | 270 | /** |
127 | * Audience public key | 271 | * length of serialized attribute list |
128 | */ | 272 | */ |
129 | struct GNUNET_CRYPTO_EcdsaPublicKey aud_key; | 273 | uint32_t attr_len GNUNET_PACKED; |
130 | 274 | ||
275 | //Followed by a serialized attribute list | ||
276 | }; | ||
277 | |||
278 | /** | ||
279 | * Ticket revoke message | ||
280 | */ | ||
281 | struct RevokeTicketMessage | ||
282 | { | ||
131 | /** | 283 | /** |
132 | * Nonce | 284 | * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ISSUE |
133 | */ | 285 | */ |
134 | uint64_t nonce; | 286 | struct GNUNET_MessageHeader header; |
135 | 287 | ||
136 | /** | 288 | /** |
137 | * Expiration of token in NBO. | 289 | * Unique identifier for this request (for key collisions). |
138 | */ | 290 | */ |
139 | struct GNUNET_TIME_AbsoluteNBO expiration; | 291 | uint32_t id GNUNET_PACKED; |
140 | 292 | ||
293 | /** | ||
294 | * Identity. | ||
295 | */ | ||
296 | struct GNUNET_CRYPTO_EcdsaPrivateKey identity; | ||
141 | 297 | ||
142 | /* followed by 0-terminated comma-separated scope list */ | 298 | /** |
299 | * length of serialized attribute list | ||
300 | */ | ||
301 | uint32_t attrs_len GNUNET_PACKED; | ||
143 | 302 | ||
303 | //Followed by a ticket and serialized attribute list | ||
304 | }; | ||
305 | |||
306 | /** | ||
307 | * Ticket revoke message | ||
308 | */ | ||
309 | struct RevokeTicketResultMessage | ||
310 | { | ||
311 | /** | ||
312 | * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ISSUE | ||
313 | */ | ||
314 | struct GNUNET_MessageHeader header; | ||
315 | |||
316 | /** | ||
317 | * Unique identifier for this request (for key collisions). | ||
318 | */ | ||
319 | uint32_t id GNUNET_PACKED; | ||
320 | |||
321 | /** | ||
322 | * Revocation result | ||
323 | */ | ||
324 | uint32_t success GNUNET_PACKED; | ||
144 | }; | 325 | }; |
145 | 326 | ||
146 | 327 | ||
147 | /** | 328 | /** |
148 | * Use to exchange a ticket for a token | 329 | * Ticket result message |
149 | */ | 330 | */ |
150 | struct ExchangeMessage | 331 | struct TicketResultMessage |
151 | { | 332 | { |
152 | /** | 333 | /** |
153 | * Type: #GNUNET_MESSAGE_TYPE_IDENTITY_SET_DEFAULT | 334 | * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_RESULT |
335 | */ | ||
336 | struct GNUNET_MessageHeader header; | ||
337 | |||
338 | /** | ||
339 | * Unique identifier for this request (for key collisions). | ||
340 | */ | ||
341 | uint32_t id GNUNET_PACKED; | ||
342 | |||
343 | }; | ||
344 | |||
345 | /** | ||
346 | * Ticket consume message | ||
347 | */ | ||
348 | struct ConsumeTicketMessage | ||
349 | { | ||
350 | /** | ||
351 | * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ISSUE | ||
154 | */ | 352 | */ |
155 | struct GNUNET_MessageHeader header; | 353 | struct GNUNET_MessageHeader header; |
156 | 354 | ||
@@ -160,15 +358,50 @@ struct ExchangeMessage | |||
160 | uint32_t id GNUNET_PACKED; | 358 | uint32_t id GNUNET_PACKED; |
161 | 359 | ||
162 | /** | 360 | /** |
163 | * Audience identity private key | 361 | * Identity. |
362 | */ | ||
363 | struct GNUNET_CRYPTO_EcdsaPrivateKey identity; | ||
364 | |||
365 | //Followed by a serialized ticket | ||
366 | }; | ||
367 | |||
368 | /** | ||
369 | * Attribute list is returned from the idp. | ||
370 | */ | ||
371 | struct ConsumeTicketResultMessage | ||
372 | { | ||
373 | /** | ||
374 | * Message header | ||
375 | */ | ||
376 | struct GNUNET_MessageHeader header; | ||
377 | |||
378 | /** | ||
379 | * Unique identifier for this request (for key collisions). | ||
380 | */ | ||
381 | uint32_t id GNUNET_PACKED; | ||
382 | |||
383 | /** | ||
384 | * Length of serialized attribute data | ||
164 | */ | 385 | */ |
165 | struct GNUNET_CRYPTO_EcdsaPrivateKey aud_privkey; | 386 | uint16_t attrs_len GNUNET_PACKED; |
166 | 387 | ||
167 | /* followed by 0-terminated ticket string */ | 388 | /** |
389 | * always zero (for alignment) | ||
390 | */ | ||
391 | uint16_t reserved GNUNET_PACKED; | ||
168 | 392 | ||
393 | /** | ||
394 | * The public key of the identity. | ||
395 | */ | ||
396 | struct GNUNET_CRYPTO_EcdsaPublicKey identity; | ||
397 | |||
398 | /* followed by: | ||
399 | * serialized attributes data | ||
400 | */ | ||
169 | }; | 401 | }; |
170 | 402 | ||
171 | 403 | ||
404 | |||
172 | GNUNET_NETWORK_STRUCT_END | 405 | GNUNET_NETWORK_STRUCT_END |
173 | 406 | ||
174 | #endif | 407 | #endif |