aboutsummaryrefslogtreecommitdiff
path: root/src/identity-provider/identity_token.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/identity-provider/identity_token.h')
-rw-r--r--src/identity-provider/identity_token.h346
1 files changed, 0 insertions, 346 deletions
diff --git a/src/identity-provider/identity_token.h b/src/identity-provider/identity_token.h
deleted file mode 100644
index 7ded6662e..000000000
--- a/src/identity-provider/identity_token.h
+++ /dev/null
@@ -1,346 +0,0 @@
1/*
2 This file is part of GNUnet.
3 Copyright (C) 2012-2015 GNUnet e.V.
4
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
14
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
18 Boston, MA 02110-1301, USA.
19 */
20/**
21 * @author Martin Schanzenbach
22 * @file identity-provider/identity_token.h
23 * @brief GNUnet Identity Provider library
24 *
25 */
26#ifndef IDENTITY_TOKEN_H
27#define IDENTITY_TOKEN_H
28
29#include "gnunet_crypto_lib.h"
30#include <jansson.h>
31
32struct IdentityToken
33{
34 /**
35 * DLL
36 */
37 struct TokenAttr *attr_head;
38
39 /**
40 * DLL
41 */
42 struct TokenAttr *attr_tail;
43
44 /**
45 * Token Signature
46 */
47 struct GNUNET_CRYPTO_EcdsaSignature signature;
48
49 /**
50 * Audience Pubkey
51 */
52 struct GNUNET_CRYPTO_EcdsaPublicKey aud_key;
53};
54
55struct TokenAttr
56{
57 /**
58 * DLL
59 */
60 struct TokenAttr *next;
61
62 /**
63 * DLL
64 */
65 struct TokenAttr *prev;
66
67 /**
68 * Attribute name
69 */
70 char *name;
71
72 /**
73 * Attribute value DLL
74 */
75 struct TokenAttrValue *val_head;
76
77 /**
78 * Attribute value DLL
79 */
80 struct TokenAttrValue *val_tail;
81
82};
83
84struct TokenAttrValue
85{
86 /**
87 * DLL
88 */
89 struct TokenAttrValue *next;
90
91 /**
92 * DLL
93 */
94 struct TokenAttrValue *prev;
95
96 /**
97 * Attribute value
98 */
99 char *value;
100
101 /**
102 * Attribute int value
103 * used if NULL == value
104 */
105 uint64_t int_value;
106};
107
108struct TokenTicketPayload
109{
110 /**
111 * Nonce
112 */
113 uint64_t nonce;
114
115 /**
116 * Label
117 */
118 char *label;
119
120 /**
121 * Issuing Identity
122 */
123 struct GNUNET_CRYPTO_EcdsaPublicKey identity_key;
124};
125
126
127struct TokenTicket
128{
129 /**
130 * Meta info
131 */
132 struct TokenTicketPayload *payload;
133
134 /**
135 * ECDH Pubkey
136 */
137 struct GNUNET_CRYPTO_EcdhePublicKey ecdh_pubkey;
138
139 /**
140 * Signature
141 */
142 struct GNUNET_CRYPTO_EcdsaSignature signature;
143
144 /**
145 * Target identity
146 */
147 struct GNUNET_CRYPTO_EcdsaPublicKey aud_key;
148};
149
150
151
152/**
153 * Create an identity token
154 *
155 * @param iss the issuer string for the token
156 * @param aud the audience of the token
157 *
158 * @return a new token
159 */
160struct IdentityToken*
161token_create (const struct GNUNET_CRYPTO_EcdsaPublicKey *iss,
162 const struct GNUNET_CRYPTO_EcdsaPublicKey* aud);
163
164/**
165 * Destroy an identity token
166 *
167 * @param token the token to destroy
168 */
169void
170token_destroy (struct IdentityToken*token);
171
172/**
173 * Add a new key value pair to the token
174 *
175 * @param token the token to modify
176 * @param key the key
177 * @param value the value
178 */
179void
180token_add_attr (struct IdentityToken *token,
181 const char* key,
182 const char* value);
183
184/**
185 * Add a new key value pair to the token
186 *
187 * @param token the token to modify
188 * @param key the key
189 * @param value the value
190 */
191void
192token_add_attr_int (struct IdentityToken *token,
193 const char* key,
194 uint64_t value);
195
196
197
198/**
199 * Add a value to a TokenAttribute
200 *
201 * @param attr the token attribute
202 * @param value value to add
203 */
204 void
205 token_attr_add_value (const struct TokenAttr *attr,
206 const char *value);
207
208/**
209 * Add a new key value pair to the token with the value as json
210 *
211 * @param the token to modify
212 * @param key the key
213 * @param value the value
214 *
215 */
216 void
217 token_add_json (const struct IdentityToken *token,
218 const char* key,
219 json_t* value);
220
221/**
222 * Serialize a token. The token will be signed and base64 according to the
223 * JWT format. The signature is base32-encoded ECDSA.
224 * The resulting JWT is encrypted using
225 * ECDHE for the audience and Base64
226 * encoded in result. The audience requires the ECDHE public key P
227 * to decrypt the token T. The key P is included in the result and prepended
228 * before the token
229 *
230 * @param token the token to serialize
231 * @param priv_key the private key used to sign the token
232 * @param ecdhe_privkey the ECDHE private key used to encrypt the token
233 * @param result P,Base64(E(T))
234 *
235 * @return GNUNET_OK on success
236 */
237 int
238 token_serialize (const struct IdentityToken*token,
239 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
240 struct GNUNET_CRYPTO_EcdhePrivateKey **ecdhe_privkey,
241 char **result);
242
243/**
244 * Parses the serialized token and returns a token
245 *
246 * @param data the serialized token
247 * @param priv_key the private key of the audience
248 * @param result the token
249 *
250 * @return GNUNET_OK on success
251 */
252 int
253 token_parse (const char* data,
254 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
255 struct IdentityToken **result);
256
257/**
258 * Parses the serialized token and returns a token
259 * This variant is intended for the party that issued the token and also
260 * wants to decrypt the serialized token.
261 *
262 * @param data the serialized token
263 * @param priv_key the private (!) ECDHE key
264 * @param aud_key the identity of the audience
265 * @param result the token
266 *
267 * @return GNUNET_OK on success
268 */
269int
270token_parse2 (const char* data,
271 const struct GNUNET_CRYPTO_EcdhePrivateKey *priv_key,
272 const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
273 struct IdentityToken **result);
274
275
276/**
277 *
278 * Returns a JWT-string representation of the token
279 *
280 * @param token the token
281 * @param priv_key the private key used to sign the JWT
282 * @param result the JWT
283 *
284 * @return GNUNET_OK on success
285 */
286 int
287 token_to_string (const struct IdentityToken *token,
288 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
289 char **result);
290
291/**
292 *
293 * Creates a ticket that can be exchanged by the audience for
294 * the token. The token must be placed under the label
295 *
296 * @param nonce nonce provided by the audience that requested the ticket
297 * @param iss_pkey the issuer pubkey used to sign the ticket
298 * @param label the label encoded in the ticket
299 * @param aud_ley the audience pubkey used to encrypt the ticket payload
300 *
301 * @return the ticket
302 */
303struct TokenTicket*
304ticket_create (uint64_t nonce,
305 const struct GNUNET_CRYPTO_EcdsaPublicKey* iss_pkey,
306 const char* lbl_str,
307 const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key);
308
309/**
310 * Serialize a ticket. Returns the Base64 representation of the ticket.
311 * Format: Base64( { payload: E(Payload), ecdhe: K, signature: signature } )
312 *
313 * @param ticket the ticket to serialize
314 * @param priv_key the issuer private key to sign the ticket payload
315 * @param result the serialized ticket
316 *
317 * @return GNUNET_OK on success
318 */
319 int
320 ticket_serialize (struct TokenTicket *ticket,
321 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
322 char **result);
323
324/**
325 * Destroys a ticket
326 *
327 * @param the ticket to destroy
328 */
329void
330ticket_destroy (struct TokenTicket *ticket);
331
332/**
333 * Parses a serialized ticket
334 *
335 * @param data the serialized ticket
336 * @param priv_key the audience private key
337 * @param ticket the ticket
338 *
339 * @return GNUNET_OK on success
340 */
341int
342ticket_parse (const char* raw_data,
343 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
344 struct TokenTicket **ticket);
345
346#endif