diff options
Diffstat (limited to 'src/identity-provider/identity_token.c')
-rw-r--r-- | src/identity-provider/identity_token.c | 62 |
1 files changed, 36 insertions, 26 deletions
diff --git a/src/identity-provider/identity_token.c b/src/identity-provider/identity_token.c index 10e142ca0..6cf0d4222 100644 --- a/src/identity-provider/identity_token.c +++ b/src/identity-provider/identity_token.c | |||
@@ -167,7 +167,8 @@ encrypt_str_ecdhe (const char *plaintext, | |||
167 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Encrypting string %s\n (len=%d)", | 167 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Encrypting string %s\n (len=%d)", |
168 | plaintext, | 168 | plaintext, |
169 | strlen (plaintext)); | 169 | strlen (plaintext)); |
170 | enc_size = GNUNET_CRYPTO_symmetric_encrypt (plaintext, strlen (plaintext), | 170 | enc_size = GNUNET_CRYPTO_symmetric_encrypt (plaintext, |
171 | strlen (plaintext), | ||
171 | &skey, &iv, | 172 | &skey, &iv, |
172 | *cyphertext); | 173 | *cyphertext); |
173 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Encrypted (len=%d)", enc_size); | 174 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Encrypted (len=%d)", enc_size); |
@@ -494,14 +495,16 @@ ticket_payload_create (const char* nonce, | |||
494 | void | 495 | void |
495 | ticket_payload_destroy (struct TokenTicketPayload* payload) | 496 | ticket_payload_destroy (struct TokenTicketPayload* payload) |
496 | { | 497 | { |
497 | GNUNET_free (payload->nonce); | 498 | if (NULL != payload->nonce) |
498 | GNUNET_free (payload->label); | 499 | GNUNET_free (payload->nonce); |
500 | if (NULL != payload->label) | ||
501 | GNUNET_free (payload->label); | ||
499 | GNUNET_free (payload); | 502 | GNUNET_free (payload); |
500 | } | 503 | } |
501 | 504 | ||
502 | void | 505 | void |
503 | ticket_payload_serialize (struct TokenTicketPayload *payload, | 506 | ticket_payload_serialize (struct TokenTicketPayload *payload, |
504 | char **result) | 507 | char **result) |
505 | { | 508 | { |
506 | char* identity_key_str; | 509 | char* identity_key_str; |
507 | 510 | ||
@@ -525,17 +528,17 @@ ticket_payload_serialize (struct TokenTicketPayload *payload, | |||
525 | */ | 528 | */ |
526 | struct TokenTicket* | 529 | struct TokenTicket* |
527 | ticket_create (const char* nonce_str, | 530 | ticket_create (const char* nonce_str, |
528 | const struct GNUNET_CRYPTO_EcdsaPublicKey* identity_pkey, | 531 | const struct GNUNET_CRYPTO_EcdsaPublicKey* identity_pkey, |
529 | const char* lbl_str, | 532 | const char* lbl_str, |
530 | const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key) | 533 | const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key) |
531 | { | 534 | { |
532 | struct TokenTicket *ticket; | 535 | struct TokenTicket *ticket; |
533 | struct TokenTicketPayload *code_payload; | 536 | struct TokenTicketPayload *code_payload; |
534 | 537 | ||
535 | ticket = GNUNET_malloc (sizeof (struct TokenTicket)); | 538 | ticket = GNUNET_malloc (sizeof (struct TokenTicket)); |
536 | code_payload = ticket_payload_create (nonce_str, | 539 | code_payload = ticket_payload_create (nonce_str, |
537 | identity_pkey, | 540 | identity_pkey, |
538 | lbl_str); | 541 | lbl_str); |
539 | ticket->aud_key = *aud_key; | 542 | ticket->aud_key = *aud_key; |
540 | ticket->payload = code_payload; | 543 | ticket->payload = code_payload; |
541 | 544 | ||
@@ -552,8 +555,8 @@ ticket_destroy (struct TokenTicket *ticket) | |||
552 | 555 | ||
553 | int | 556 | int |
554 | ticket_serialize (struct TokenTicket *ticket, | 557 | ticket_serialize (struct TokenTicket *ticket, |
555 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, | 558 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, |
556 | char **result) | 559 | char **result) |
557 | { | 560 | { |
558 | char *code_payload_str; | 561 | char *code_payload_str; |
559 | char *enc_ticket_payload; | 562 | char *enc_ticket_payload; |
@@ -567,7 +570,7 @@ ticket_serialize (struct TokenTicket *ticket, | |||
567 | struct GNUNET_CRYPTO_EccSignaturePurpose *purpose; | 570 | struct GNUNET_CRYPTO_EccSignaturePurpose *purpose; |
568 | 571 | ||
569 | ticket_payload_serialize (ticket->payload, | 572 | ticket_payload_serialize (ticket->payload, |
570 | &code_payload_str); | 573 | &code_payload_str); |
571 | 574 | ||
572 | GNUNET_assert (GNUNET_OK == encrypt_str_ecdhe (code_payload_str, | 575 | GNUNET_assert (GNUNET_OK == encrypt_str_ecdhe (code_payload_str, |
573 | &ticket->aud_key, | 576 | &ticket->aud_key, |
@@ -594,7 +597,7 @@ ticket_serialize (struct TokenTicket *ticket, | |||
594 | memcpy (write_ptr, enc_ticket_payload, strlen (code_payload_str)); | 597 | memcpy (write_ptr, enc_ticket_payload, strlen (code_payload_str)); |
595 | GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_ecdsa_sign (priv_key, | 598 | GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_ecdsa_sign (priv_key, |
596 | purpose, | 599 | purpose, |
597 | &ticket->signature)); | 600 | &ticket->signature)); |
598 | GNUNET_STRINGS_base64_encode (enc_ticket_payload, | 601 | GNUNET_STRINGS_base64_encode (enc_ticket_payload, |
599 | strlen (code_payload_str), | 602 | strlen (code_payload_str), |
600 | &ticket_payload_str); | 603 | &ticket_payload_str); |
@@ -619,10 +622,10 @@ ticket_serialize (struct TokenTicket *ticket, | |||
619 | 622 | ||
620 | int | 623 | int |
621 | ticket_payload_parse(const char *raw_data, | 624 | ticket_payload_parse(const char *raw_data, |
622 | ssize_t data_len, | 625 | ssize_t data_len, |
623 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, | 626 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, |
624 | const struct GNUNET_CRYPTO_EcdhePublicKey *ecdhe_pkey, | 627 | const struct GNUNET_CRYPTO_EcdhePublicKey *ecdhe_pkey, |
625 | struct TokenTicketPayload **result) | 628 | struct TokenTicketPayload **result) |
626 | { | 629 | { |
627 | const char* label_str; | 630 | const char* label_str; |
628 | const char* nonce_str; | 631 | const char* nonce_str; |
@@ -699,8 +702,8 @@ ticket_payload_parse(const char *raw_data, | |||
699 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Found nonce: %s\n", nonce_str); | 702 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Found nonce: %s\n", nonce_str); |
700 | 703 | ||
701 | *result = ticket_payload_create (nonce_str, | 704 | *result = ticket_payload_create (nonce_str, |
702 | (const struct GNUNET_CRYPTO_EcdsaPublicKey*)&id_pkey, | 705 | (const struct GNUNET_CRYPTO_EcdsaPublicKey*)&id_pkey, |
703 | label_str); | 706 | label_str); |
704 | GNUNET_free (meta_str); | 707 | GNUNET_free (meta_str); |
705 | json_decref (root); | 708 | json_decref (root); |
706 | return GNUNET_OK; | 709 | return GNUNET_OK; |
@@ -709,8 +712,8 @@ ticket_payload_parse(const char *raw_data, | |||
709 | 712 | ||
710 | int | 713 | int |
711 | ticket_parse (const char *raw_data, | 714 | ticket_parse (const char *raw_data, |
712 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, | 715 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, |
713 | struct TokenTicket **result) | 716 | struct TokenTicket **result) |
714 | { | 717 | { |
715 | const char* enc_meta_str; | 718 | const char* enc_meta_str; |
716 | const char* ecdh_enc_str; | 719 | const char* ecdh_enc_str; |
@@ -778,11 +781,18 @@ ticket_parse (const char *raw_data, | |||
778 | &enc_meta); | 781 | &enc_meta); |
779 | 782 | ||
780 | 783 | ||
781 | ticket_payload_parse (enc_meta, | 784 | if (GNUNET_OK != ticket_payload_parse (enc_meta, |
782 | enc_meta_len, | 785 | enc_meta_len, |
783 | priv_key, | 786 | priv_key, |
784 | (const struct GNUNET_CRYPTO_EcdhePublicKey*)&ticket->ecdh_pubkey, | 787 | (const struct GNUNET_CRYPTO_EcdhePublicKey*)&ticket->ecdh_pubkey, |
785 | &ticket_payload); | 788 | &ticket_payload)) |
789 | { | ||
790 | json_decref (root); | ||
791 | GNUNET_free (enc_meta); | ||
792 | GNUNET_free (ticket_decoded); | ||
793 | GNUNET_free (ticket); | ||
794 | return GNUNET_SYSERR; | ||
795 | } | ||
786 | 796 | ||
787 | ticket->payload = ticket_payload; | 797 | ticket->payload = ticket_payload; |
788 | //TODO: check signature here | 798 | //TODO: check signature here |