diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/credential/credential_api.c | 3 | ||||
| -rw-r--r-- | src/credential/gnunet-credential.c | 17 | ||||
| -rw-r--r-- | src/credential/gnunet-service-credential.c | 62 | ||||
| -rwxr-xr-x | src/credential/test_credential_bi_and.sh | 4 | ||||
| -rwxr-xr-x | src/credential/test_credential_bi_and2.sh | 4 | ||||
| -rwxr-xr-x | src/credential/test_credential_bi_and3.sh | 6 | ||||
| -rwxr-xr-x | src/credential/test_credential_bi_and4.sh (renamed from src/credential/test_credential_own_and2.sh) | 4 | ||||
| -rwxr-xr-x | src/credential/test_credential_bi_bw.sh | 4 | ||||
| -rwxr-xr-x | src/credential/test_credential_bi_bw_link.sh | 4 | ||||
| -rwxr-xr-x | src/credential/test_credential_bi_bw_link2.sh | 4 | ||||
| -rwxr-xr-x | src/credential/test_credential_bi_fw.sh | 4 | ||||
| -rwxr-xr-x | src/credential/test_credential_issue.sh | 9 | ||||
| -rwxr-xr-x | src/credential/test_credential_own.sh | 27 | ||||
| -rwxr-xr-x | src/credential/test_credential_verify.sh | 41 | ||||
| -rwxr-xr-x | src/credential/test_credential_verify_and.sh | 50 | ||||
| -rwxr-xr-x | src/credential/test_credential_verify_simple.sh | 30 |
16 files changed, 148 insertions, 125 deletions
diff --git a/src/credential/credential_api.c b/src/credential/credential_api.c index a3eecd52d..7acce7d9e 100644 --- a/src/credential/credential_api.c +++ b/src/credential/credential_api.c @@ -249,7 +249,7 @@ handle_result (void *cls, const struct DelegationChainResultMessage *vr_msg) if (GNUNET_NO == ntohl (vr_msg->del_found)) { proc (proc_cls, 0, NULL, 0, - NULL); // TODO + NULL); } else { @@ -297,7 +297,6 @@ handle_intermediate (void *cls, const struct DelegationChainIntermediateMessage dd, 0, NULL)); - sleep(2); proc (proc_cls, dd, is_bw); } diff --git a/src/credential/gnunet-credential.c b/src/credential/gnunet-credential.c index 0d742d1ef..58f7cf50d 100644 --- a/src/credential/gnunet-credential.c +++ b/src/credential/gnunet-credential.c @@ -274,13 +274,12 @@ handle_intermediate_result(void *cls, bool is_bw) { char *prefix = ""; - // TODO change to printf if(is_bw) prefix = "Backward -"; else prefix = "Forward -"; - GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "%s Intermediate result: %s.%s <- %s.%s\n", + printf ("%s Intermediate result: %s.%s <- %s.%s\n", prefix, GNUNET_CRYPTO_ecdsa_public_key_to_string (&dd->issuer_key), dd->issuer_attribute, @@ -416,7 +415,7 @@ identity_cb (void *cls, const struct GNUNET_IDENTITY_Ego *ego) collect_request = GNUNET_CREDENTIAL_collect (credential, &issuer_pkey, - issuer_attr, //TODO argument + issuer_attr, privkey, direction, &handle_collect_result, @@ -487,7 +486,6 @@ error_cb (void *cls) static void add_continuation (void *cls, int32_t success, const char *emsg) { - // TODO what does that do, can I somehow parse an empty callback on success or do I have to set the qe* to NULL? struct GNUNET_NAMESTORE_QueueEntry **qe = cls; *qe = NULL; @@ -510,9 +508,8 @@ get_existing_record (void *cls, rde->data = data; rde->data_size = data_size; rde->record_type = type; - // Flags not required , TODO what have we said we do with that now? Look it up in my writing - /*if (1 == is_shadow) - rde->flags |= GNUNET_GNSRECORD_RF_SHADOW_RECORD;*/ + + // Set flags if (GNUNET_YES == is_private) rde->flags |= GNUNET_GNSRECORD_RF_PRIVATE; rde->expiration_time = etime; @@ -520,6 +517,7 @@ get_existing_record (void *cls, rde->flags |= GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION; else if (GNUNET_NO != etime_is_rel) rde->expiration_time = GNUNET_TIME_UNIT_FOREVER_ABS.abs_value_us; + GNUNET_assert (NULL != rec_name); add_qe = GNUNET_NAMESTORE_records_store (ns, &zone_pkey, @@ -551,7 +549,6 @@ store_cb (void *cls, const struct GNUNET_IDENTITY_Ego *ego) // Key handling zone_pkey = *GNUNET_IDENTITY_ego_get_private_key (ego); - // TODO maybe dont have to set subject, if only used in if/else can use import here instead!! if (GNUNET_GNSRECORD_TYPE_DELEGATE == type) { // Parse import @@ -922,7 +919,7 @@ run (void *cls, verify_request = GNUNET_CREDENTIAL_verify (credential, &issuer_pkey, - issuer_attr, //TODO argument + issuer_attr, &subject_pkey, count, delegates, @@ -1053,7 +1050,7 @@ main (int argc, char *const *argv) return 2; GNUNET_log_setup ("gnunet-credential", "WARNING", NULL); - if (GNUNET_OK == GNUNET_PROGRAM_run (argc, + if (GNUNET_OK != GNUNET_PROGRAM_run (argc, argv, "gnunet-credential", _ ("GNUnet credential resolver tool"), diff --git a/src/credential/gnunet-service-credential.c b/src/credential/gnunet-service-credential.c index 5ce0f70d9..daffc0bb9 100644 --- a/src/credential/gnunet-service-credential.c +++ b/src/credential/gnunet-service-credential.c @@ -429,26 +429,28 @@ cleanup_handle (struct VerifyRequestHandle *vrh) struct DelegateRecordEntry *del_entry; GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Cleaning up...\n"); - if (NULL == vrh->dsq_head) - return; - - for (struct DelegationSetQueueEntry *ds_entry = vrh->dsq_head; NULL != vrh->dsq_head; - ds_entry = vrh->dsq_head) + if (NULL != vrh->dsq_head) { - GNUNET_CONTAINER_DLL_remove (vrh->dsq_head, vrh->dsq_tail, ds_entry); - cleanup_dsq_entry(ds_entry); + for (struct DelegationSetQueueEntry *ds_entry = vrh->dsq_head; NULL != vrh->dsq_head; + ds_entry = vrh->dsq_head) + { + GNUNET_CONTAINER_DLL_remove (vrh->dsq_head, vrh->dsq_tail, ds_entry); + cleanup_dsq_entry(ds_entry); + } } - - GNUNET_free_non_null (vrh->issuer_attribute); - for (del_entry = vrh->del_chain_head; NULL != vrh->del_chain_head; - del_entry = vrh->del_chain_head) + if (NULL != vrh->del_chain_head) { - GNUNET_CONTAINER_DLL_remove (vrh->del_chain_head, - vrh->del_chain_tail, - del_entry); - GNUNET_free_non_null (del_entry->delegate); - GNUNET_free (del_entry); + for (del_entry = vrh->del_chain_head; NULL != vrh->del_chain_head; + del_entry = vrh->del_chain_head) + { + GNUNET_CONTAINER_DLL_remove (vrh->del_chain_head, + vrh->del_chain_tail, + del_entry); + GNUNET_free_non_null (del_entry->delegate); + GNUNET_free (del_entry); + } } + GNUNET_free_non_null (vrh->issuer_attribute); GNUNET_free (vrh); } @@ -622,7 +624,6 @@ send_lookup_response (struct VerifyRequestHandle *vrh) GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq (vrh->client), env); GNUNET_CONTAINER_DLL_remove (vrh_head, vrh_tail, vrh); cleanup_handle (vrh); - GNUNET_STATISTICS_update (statistics, "Completed verifications", 1, @@ -1217,7 +1218,7 @@ backward_resolution (void *cls, GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "%s still to go...\n", ds_entry->attr_trailer); - // TODO remove + vrh->pending_lookups++; ds_entry->handle = vrh; ds_entry->lookup_request = @@ -1247,9 +1248,11 @@ backward_resolution (void *cls, * * @param cls the closure (our client lookup handle) */ -static void +static int delegation_chain_bw_resolution_start (void *cls) { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Start Backward Resolution...\n"); + struct VerifyRequestHandle *vrh = cls; struct DelegationSetQueueEntry *ds_entry; struct DelegateRecordEntry *del_entry; @@ -1258,7 +1261,7 @@ delegation_chain_bw_resolution_start (void *cls) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No delegates found\n"); send_lookup_response (vrh); - return; + return 2; } // Pre-check with vrh->dele_chain_.. if match issuer_key @@ -1281,7 +1284,7 @@ delegation_chain_bw_resolution_start (void *cls) del_entry->refcount++; // Found match prematurely send_lookup_response (vrh); - return; + return 1; } @@ -1321,11 +1324,14 @@ delegation_chain_bw_resolution_start (void *cls) GNUNET_GNS_LO_DEFAULT, &backward_resolution, ds_entry); + return 0; } -static void +static int delegation_chain_fw_resolution_start (void *cls) { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Start Forward Resolution...\n"); + struct VerifyRequestHandle *vrh = cls; struct DelegationSetQueueEntry *ds_entry; struct DelegateRecordEntry *del_entry; @@ -1337,7 +1343,7 @@ delegation_chain_fw_resolution_start (void *cls) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No delegations found\n"); send_lookup_response (vrh); - return; + return 2; } // Pre-check with vrh->dele_chain_.. if match issuer_key @@ -1359,7 +1365,7 @@ delegation_chain_fw_resolution_start (void *cls) del_entry->refcount++; // Found match prematurely send_lookup_response (vrh); - return; + return 1; } // None match, therefore start for every delegation found a lookup chain @@ -1409,6 +1415,7 @@ delegation_chain_fw_resolution_start (void *cls) &forward_resolution, ds_entry); } + return 0; } static int @@ -1528,7 +1535,8 @@ handle_verify (void *cls, const struct VerifyMessage *v_msg) if (GNUNET_CREDENTIAL_FLAG_BACKWARD & vrh->resolution_algo && GNUNET_CREDENTIAL_FLAG_FORWARD & vrh->resolution_algo) { - delegation_chain_fw_resolution_start (vrh); + if(1 == delegation_chain_fw_resolution_start (vrh)) + return; delegation_chain_bw_resolution_start (vrh); } else if (GNUNET_CREDENTIAL_FLAG_BACKWARD & vrh->resolution_algo) @@ -1561,7 +1569,9 @@ delegate_collection_finished (void *cls) if (GNUNET_CREDENTIAL_FLAG_BACKWARD & vrh->resolution_algo && GNUNET_CREDENTIAL_FLAG_FORWARD & vrh->resolution_algo) { - delegation_chain_fw_resolution_start (vrh); + // if premature match found don't start bw resultion + if(1 == delegation_chain_fw_resolution_start (vrh)) + return; delegation_chain_bw_resolution_start (vrh); } else if (GNUNET_CREDENTIAL_FLAG_BACKWARD & vrh->resolution_algo) diff --git a/src/credential/test_credential_bi_and.sh b/src/credential/test_credential_bi_and.sh index 66f0b29f2..a7ed3ce1a 100755 --- a/src/credential/test_credential_bi_and.sh +++ b/src/credential/test_credential_bi_and.sh @@ -75,7 +75,7 @@ echo $DELS echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate=\'$DELS\' --forward --backward -c test_credential_lookup.conf gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate="$DELS" --forward --backward -c test_credential_lookup.conf -RES = $? +RES=$? # Cleanup properly gnunet-namestore -z a -d -n "a" -t ATTR -c test_credential_lookup.conf @@ -87,7 +87,7 @@ gnunet-namestore -z f -d -n "@" -t DEL -c test_credential_lookup.conf gnunet-arm -e -c test_credential_lookup.conf -if [ $RES == 0 ] +if [ "$RES" == 0 ] then exit 0 else diff --git a/src/credential/test_credential_bi_and2.sh b/src/credential/test_credential_bi_and2.sh index 8803dfda0..23b55111c 100755 --- a/src/credential/test_credential_bi_and2.sh +++ b/src/credential/test_credential_bi_and2.sh @@ -72,7 +72,7 @@ echo $DELS echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate=\'$DELS\' -c test_credential_lookup.conf gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate="$DELS" -c test_credential_lookup.conf -RES = $? +RES=$? # Cleanup properly gnunet-namestore -z a -d -n "a" -t ATTR -c test_credential_lookup.conf @@ -83,7 +83,7 @@ gnunet-namestore -z f -d -n "@" -t DEL -c test_credential_lookup.conf gnunet-arm -e -c test_credential_lookup.conf -if [ $RES == 0 ] +if [ "$RES" == 0 ] then exit 0 else diff --git a/src/credential/test_credential_bi_and3.sh b/src/credential/test_credential_bi_and3.sh index f88c23d46..e2f167622 100755 --- a/src/credential/test_credential_bi_and3.sh +++ b/src/credential/test_credential_bi_and3.sh @@ -17,7 +17,6 @@ rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f` - which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 10" gnunet-arm -s -c test_credential_lookup.conf @@ -38,6 +37,7 @@ FKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep f | awk '{print GKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep g | awk '{print $3}') HKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep h | awk '{print $3}') +gnunet-identity -d # (1) (A.a) <- B.b # (2) (B.b) <- C.c AND G.g # (3) C.c <- (D.d) @@ -75,7 +75,7 @@ echo $DELS echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate=\'$DELS\' -c test_credential_lookup.conf gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate="$DELS" -c test_credential_lookup.conf -RES = $? +RES=$? # Cleanup properly gnunet-namestore -z a -d -n "a" -t ATTR -c test_credential_lookup.conf @@ -87,7 +87,7 @@ gnunet-namestore -z h -d -n "@" -t DEL -c test_credential_lookup.conf gnunet-arm -e -c test_credential_lookup.conf -if [ $RES == 0 ] +if [ "$RES" == 0 ] then exit 0 else diff --git a/src/credential/test_credential_own_and2.sh b/src/credential/test_credential_bi_and4.sh index 9abfac899..c4db5c82a 100755 --- a/src/credential/test_credential_own_and2.sh +++ b/src/credential/test_credential_bi_and4.sh @@ -63,7 +63,7 @@ echo $DELS echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate=\'$DELS\' --backward -c test_credential_lookup.conf gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate="$DELS" --backward -c test_credential_lookup.conf -RES = $? +RES=$? # Cleanup properly gnunet-namestore -z a -d -n "a" -t ATTR -c test_credential_lookup.conf @@ -72,7 +72,7 @@ gnunet-namestore -z f -d -n "@" -t DEL -c test_credential_lookup.conf gnunet-arm -e -c test_credential_lookup.conf -if [ $RES == 0 ] +if [ "$RES" == 0 ] then exit 0 else diff --git a/src/credential/test_credential_bi_bw.sh b/src/credential/test_credential_bi_bw.sh index eedcea7eb..3a2043db6 100755 --- a/src/credential/test_credential_bi_bw.sh +++ b/src/credential/test_credential_bi_bw.sh @@ -66,7 +66,7 @@ echo $DELS echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate=\'$DELS\' --forward --backward -c test_credential_lookup.conf gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate="$DELS" --forward --backward -c test_credential_lookup.conf -RES = $? +RES=$? # Cleanup properly gnunet-namestore -z a -d -n "a" -t ATTR -c test_credential_lookup.conf @@ -77,7 +77,7 @@ gnunet-namestore -z f -d -n "@" -t DEL -c test_credential_lookup.conf gnunet-arm -e -c test_credential_lookup.conf -if [ $RES == 0 ] +if [ "$RES" == 0 ] then exit 0 else diff --git a/src/credential/test_credential_bi_bw_link.sh b/src/credential/test_credential_bi_bw_link.sh index a8a420d18..86b0e7418 100755 --- a/src/credential/test_credential_bi_bw_link.sh +++ b/src/credential/test_credential_bi_bw_link.sh @@ -69,7 +69,7 @@ echo $DELS echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate=\'$DELS\' --forward --backward -c test_credential_lookup.conf gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate="$DELS" --forward --backward -c test_credential_lookup.conf -RES = $? +RES=$? # Cleanup properly gnunet-namestore -z a -d -n "a" -t ATTR -c test_credential_lookup.conf @@ -81,7 +81,7 @@ gnunet-namestore -z f -d -n "@" -t DEL -c test_credential_lookup.conf gnunet-arm -e -c test_credential_lookup.conf -if [ $RES == 0 ] +if [ "$RES" == 0 ] then exit 0 else diff --git a/src/credential/test_credential_bi_bw_link2.sh b/src/credential/test_credential_bi_bw_link2.sh index 1c0d370db..ccb71b880 100755 --- a/src/credential/test_credential_bi_bw_link2.sh +++ b/src/credential/test_credential_bi_bw_link2.sh @@ -70,7 +70,7 @@ echo $DELS echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate=\'$DELS\' --forward --backward -c test_credential_lookup.conf gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate="$DELS" --forward --backward -c test_credential_lookup.conf -RES = $? +RES=$? # Cleanup properly gnunet-namestore -z a -d -n "a" -t ATTR -c test_credential_lookup.conf @@ -82,7 +82,7 @@ gnunet-namestore -z f -d -n "@" -t DEL -c test_credential_lookup.conf gnunet-arm -e -c test_credential_lookup.conf -if [ $RES == 0 ] +if [ "$RES" == 0 ] then exit 0 else diff --git a/src/credential/test_credential_bi_fw.sh b/src/credential/test_credential_bi_fw.sh index 2aba82479..9c8f768c5 100755 --- a/src/credential/test_credential_bi_fw.sh +++ b/src/credential/test_credential_bi_fw.sh @@ -70,7 +70,7 @@ echo $DELS echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$GKEY --delegate=\'$DELS\' --forward --backward -c test_credential_lookup.conf gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$GKEY --delegate="$DELS" --forward --backward -c test_credential_lookup.conf -RES = $? +RES=$? # Cleanup properly gnunet-namestore -z a -d -n "a" -t ATTR -c test_credential_lookup.conf @@ -82,7 +82,7 @@ gnunet-namestore -z g -d -n "@" -t DEL -c test_credential_lookup.conf gnunet-arm -e -c test_credential_lookup.conf -if [ $RES == 0 ] +if [ "$RES" == 0 ] then exit 0 else diff --git a/src/credential/test_credential_issue.sh b/src/credential/test_credential_issue.sh index f06de5d42..833a094e6 100755 --- a/src/credential/test_credential_issue.sh +++ b/src/credential/test_credential_issue.sh @@ -28,8 +28,10 @@ gnunet-identity -C testissuer -c test_credential_lookup.conf gnunet-identity -C testsubject -c test_credential_lookup.conf SUBJECT_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep testsubject | awk '{print $3}') ISSUER_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep testissuer | awk '{print $3}') -#TODO1 Get credential and store it with subject (3) -CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=testissuer --subject=$SUBJECT_KEY --attribute=$TEST_ATTR --ttl=5m -c test_credential_lookup.conf` +# Get credential and store it with subject (3) +#CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=testissuer --subject=$SUBJECT_KEY --attribute=$TEST_ATTR --ttl=5m -c test_credential_lookup.conf` +SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=testissuer --attribute=$TEST_ATTR --subject=$SUBJECT_KEY --ttl="2019-12-12 10:00:00" -c test_credential_lookup.conf` + STATUS=$? if test $? != 0 @@ -38,7 +40,8 @@ then exit 1 fi #Try import -$DO_TIMEOUT gnunet-namestore -a -z testsubject -n c1 -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf +$DO_TIMEOUT gnunet-credential --createSubjectSide --ego=testsubject --import "$SIGNED" --private -c test_credential_lookup.conf +#$DO_TIMEOUT gnunet-namestore -a -z testsubject -n c1 -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf RES=$? gnunet-arm -e -c test_credential_lookup.conf exit $RES diff --git a/src/credential/test_credential_own.sh b/src/credential/test_credential_own.sh index fa2580a22..b868cdf67 100755 --- a/src/credential/test_credential_own.sh +++ b/src/credential/test_credential_own.sh @@ -15,10 +15,6 @@ fi rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f` -# (1) EPub.discount <- EOrg.preferred -# (2) EOrg.preferred <- StateU.student -# (3) StateU.student <- RegistrarB.student -# (4) RegistrarB.student <- Alice which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 10" @@ -35,6 +31,12 @@ EKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep e | awk '{print FKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep f | awk '{print $3}') GKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep g | awk '{print $3}') +############################################################################################ +# (1) EPub.discount <- EOrg.preferred +# (2) EOrg.preferred <- StateU.student +# (3) StateU.student <- RegistrarB.student +# (4) RegistrarB.student <- Alice + gnunet-identity -C epub -c test_credential_lookup.conf gnunet-identity -C eorg -c test_credential_lookup.conf gnunet-identity -C stateu -c test_credential_lookup.conf @@ -54,7 +56,7 @@ STATE_STUD_ATTR="student" REG_STUD_ATTR="student" END_ATTR="end" -# FORWARD, subject side stored +# FORWARD, subject side stored (different constallations) SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=a --attribute="a" --subject="$AKEY b.c" --ttl="2019-12-12 10:00:00"` gnunet-credential --createSubjectSide --ego=a --import "$SIGNED" gnunet-namestore -D -z a @@ -99,11 +101,13 @@ gnunet-credential --createSubjectSide --ego=alice --import "$SIGNED" --private # Starting to resolve echo "+++ Starting to Resolve +++" +# FORWARD #DELS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$AKEY --attribute="a" --ego=g --forward -c test_credential_lookup.conf | paste -d, -s` #echo $DELS #echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$GKEY --delegate=\'$DELS\' --forward -c test_credential_lookup.conf #RES_DELS=`gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$GKEY --delegate="$DELS" --forward -c test_credential_lookup.conf` +# BACKWARD DELS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$EPUB_KEY --attribute=$DISC_ATTR --ego=alice --backward -c test_credential_lookup.conf | paste -d, -s` echo $DELS echo gnunet-credential --verify --issuer=$EPUB_KEY --attribute=$DISC_ATTR --subject=$ALICE_KEY --delegate=\'$DELS\' --backward -c test_credential_lookup.conf @@ -115,15 +119,16 @@ RES=$? gnunet-namestore -z epub -d -n $DISC_ATTR -t ATTR -c test_credential_lookup.conf gnunet-namestore -z eorg -d -n $PREF_ATTR -t ATTR -c test_credential_lookup.conf gnunet-namestore -z stateu -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf -#gnunet-namestore -z a -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf -#gnunet-namestore -z d -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf -#gnunet-namestore -z e -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf -#gnunet-namestore -z f -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf -#gnunet-namestore -z g -d -n $STATE_STUD_ATTR -t ATTR -c test_credential_lookup.conf +#gnunet-namestore -z a -d -n "@" -t DEL -c test_credential_lookup.conf +#gnunet-namestore -z d -d -n "@" -t DEL -c test_credential_lookup.conf +#gnunet-namestore -z e -d -n "@" -t DEL -c test_credential_lookup.conf +#gnunet-namestore -z f -d -n "@" -t DEL -c test_credential_lookup.conf +#gnunet-namestore -z g -d -n "@" -t DEL -c test_credential_lookup.conf + gnunet-arm -e -c test_credential_lookup.conf -if [ $RES == 0 ] +if [ "$RES" == 0 ] then exit 0 else diff --git a/src/credential/test_credential_verify.sh b/src/credential/test_credential_verify.sh index 49d4d4afb..08060f60a 100755 --- a/src/credential/test_credential_verify.sh +++ b/src/credential/test_credential_verify.sh @@ -42,41 +42,44 @@ DEV_ATTR="developer" TEST_CREDENTIAL="mygnunetcreds" # (1) A service assigns the attribute "user" to all entities that have been assigned "member" by entities that werde assigned "project" from GNU -gnunet-namestore -p -z service -a -n $USER_ATTR -t ATTR -V "$GNU_KEY $GNU_PROJECT_ATTR.$MEMBER_ATTR" -e 5m -c test_credential_lookup.conf +gnunet-credential --createIssuerSide --ego=service --attribute="$USER_ATTR" --subject="$GNU_KEY $GNU_PROJECT_ATTR.$MEMBER_ATTR" --ttl="2019-12-12 10:00:00" -c test_credential_lookup.conf +gnunet-namestore -D -z service # (2) GNU recognized GNUnet as a GNU project and delegates the "project" attribute -gnunet-namestore -p -z gnu -a -n $GNU_PROJECT_ATTR -t ATTR -V "$GNUNET_KEY" -e 5m -c test_credential_lookup.conf +gnunet-credential --createIssuerSide --ego=gnu --attribute="$GNU_PROJECT_ATTR" --subject="$GNUNET_KEY" --ttl="2019-12-12 10:00:00" -c test_credential_lookup.conf +gnunet-namestore -D -z gnu # (3+4) GNUnet assigns the attribute "member" to all entities gnunet has also assigned "developer" or "user" -gnunet-namestore -p -z gnunet -a -n $MEMBER_ATTR -t ATTR -V "$GNUNET_KEY $DEVELOPER_ATTR" -e 5m -c test_credential_lookup.conf -gnunet-namestore -p -z gnunet -a -n $MEMBER_ATTR -t ATTR -V "$GNUNET_KEY $USER_ATTR" -e 5m -c test_credential_lookup.conf +gnunet-credential --createIssuerSide --ego=gnunet --attribute="$MEMBER_ATTR" --subject="$GNUNET_KEY $DEVELOPER_ATTR" --ttl="2019-12-12 10:00:00" -c test_credential_lookup.conf +gnunet-credential --createIssuerSide --ego=gnunet --attribute="$MEMBER_ATTR" --subject="$GNUNET_KEY $USER_ATTR" --ttl="2019-12-12 10:00:00" -c test_credential_lookup.conf +gnunet-namestore -D -z gnunet -# (5) GNUnet issues Alice the credential "developer" -CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=gnunet --subject=$ALICE_KEY --attribute=$DEV_ATTR --ttl=5m -c test_credential_lookup.conf` +# (5) GNUnet signes the delegate and Alice stores it +SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=gnunet --attribute=$DEV_ATTR --subject=$ALICE_KEY --ttl="2019-12-12 10:00:00"` +gnunet-credential --createSubjectSide --ego=alice --import "$SIGNED" --private +gnunet-namestore -D -z alice -# Alice stores the credential under "mygnunetcreds" -gnunet-namestore -p -z alice -a -n $TEST_CREDENTIAL -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf +# Starting to resolve +echo "+++ Starting to Resolve +++" -CREDS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$SERVICE_KEY --attribute=$USER_ATTR --ego=alice -c test_credential_lookup.conf | paste -d, -s` +DELS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$SERVICE_KEY --attribute=$USER_ATTR --ego=alice --backward -c test_credential_lookup.conf | paste -d, -s` +echo $DELS +echo gnunet-credential --verify --issuer=$SERVICE_KEY --attribute=$USER_ATTR --subject=$ALICE_KEY --delegate=\'$DELS\' --backward -c test_credential_lookup.conf +gnunet-credential --verify --issuer=$SERVICE_KEY --attribute=$USER_ATTR --subject=$ALICE_KEY --delegate="$DELS" --backward -c test_credential_lookup.conf -echo gnunet-credential --verify --issuer=$SERVICE_KEY --attribute=$USER_ATTR --subject=$ALICE_KEY --credential=\'$CREDS\' -c test_credential_lookup.conf -#TODO2 Add -z swich like in gnunet-gns -gnunet-credential --verify --issuer=$SERVICE_KEY --attribute=$USER_ATTR --subject=$ALICE_KEY --credential="$CREDS" -c test_credential_lookup.conf +RES=$? - -#TODO cleanup properly -gnunet-namestore -z alice -d -n $TEST_CREDENTIAL -t CRED -e never -c test_credential_lookup.conf +# Cleanup properly +gnunet-namestore -z alice -d -n "@" -t DEL -c test_credential_lookup.conf gnunet-namestore -z gnu -d -n $GNU_PROJECT_ATTR -t ATTR -c test_credential_lookup.conf gnunet-namestore -z gnunet -d -n $MEMBER_ATTR -t ATTR -c test_credential_lookup.conf gnunet-namestore -z service -d -n $USER_ATTR -t ATTR -c test_credential_lookup.conf gnunet-arm -e -c test_credential_lookup.conf -if [ "$RES_CRED" != "Failed." ] +if [ "$RES" == 0 ] then - # TODO: replace echo -e bashism - echo -e "${RES_CRED}" exit 0 else - echo "FAIL: Failed to verify credential $RES_CRED." + echo "FAIL: Failed to verify credential." exit 1 fi diff --git a/src/credential/test_credential_verify_and.sh b/src/credential/test_credential_verify_and.sh index aaabcd753..03313c692 100755 --- a/src/credential/test_credential_verify_and.sh +++ b/src/credential/test_credential_verify_and.sh @@ -17,8 +17,8 @@ rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f` # (1) Service.user -> GNU.project.member # (2) GNU.project -> GNUnet -# (3) GNUnet.member -> GNUnet.developer and (4)GNUnet.user -# (5) GNUnet.developer -> Alice +# (3) GNUnet.member -> GNUnet.developer AND GNUnet.user +# (4) GNUnet.developer -> Alice which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 30" @@ -39,43 +39,47 @@ MEMBER_ATTR="member" DEVELOPER_ATTR="developer" DEV_ATTR="developer" TEST_CREDENTIAL="mygnunetcreds" -set -x + # (1) A service assigns the attribute "user" to all entities that have been assigned "member" by entities that werde assigned "project" from GNU -gnunet-namestore -p -z service -a -n $USER_ATTR -t ATTR -V "$GNU_KEY $GNU_PROJECT_ATTR.$MEMBER_ATTR" -e 5m -c test_credential_lookup.conf +gnunet-credential --createIssuerSide --ego=service --attribute="$USER_ATTR" --subject="$GNU_KEY $GNU_PROJECT_ATTR.$MEMBER_ATTR" --ttl="2019-12-12 10:00:00" -c test_credential_lookup.conf +gnunet-namestore -D -z service # (2) GNU recognized GNUnet as a GNU project and delegates the "project" attribute -gnunet-namestore -p -z gnu -a -n $GNU_PROJECT_ATTR -t ATTR -V "$GNUNET_KEY" -e 5m -c test_credential_lookup.conf +gnunet-credential --createIssuerSide --ego=gnu --attribute="$GNU_PROJECT_ATTR" --subject="$GNUNET_KEY" --ttl="2019-12-12 10:00:00" -c test_credential_lookup.conf +gnunet-namestore -D -z gnu -# (3+4) GNUnet assigns the attribute "member" to all entities gnunet has also -# assigned "developer" and "user" -gnunet-namestore -p -z gnunet -a -n $MEMBER_ATTR -t ATTR -V "$GNUNET_KEY $DEVELOPER_ATTR,$GNUNET_KEY $USER_ATTR" -e 5m -c test_credential_lookup.conf +# (3+4) GNUnet assigns the attribute "member" to all entities gnunet has also assigned "developer" or "user" +gnunet-credential --createIssuerSide --ego=gnunet --attribute="$MEMBER_ATTR" --subject="$GNUNET_KEY $DEVELOPER_ATTR, $GNUNET_KEY $USER_ATTR" --ttl="2019-12-12 10:00:00" -c test_credential_lookup.conf +gnunet-namestore -D -z gnunet -# (5) GNUnet issues Alice the credential "developer" -CRED1=`$DO_TIMEOUT gnunet-credential --issue --ego=gnunet --subject=$ALICE_KEY --attribute=$DEV_ATTR --ttl=5m -c test_credential_lookup.conf` -# (5) GNUnet issues Alice the credential "user" -CRED2=`$DO_TIMEOUT gnunet-credential --issue --ego=gnunet --subject=$ALICE_KEY --attribute=$USER_ATTR --ttl=5m -c test_credential_lookup.conf` -# Alice stores the credential under "mygnunetcreds" -gnunet-namestore -p -z alice -a -n $TEST_CREDENTIAL -t CRED -V "$CRED1" -e 5m -c test_credential_lookup.conf -gnunet-namestore -p -z alice -a -n $TEST_CREDENTIAL -t CRED -V "$CRED2" -e 5m -c test_credential_lookup.conf +# (5) GNUnet signes the delegates and Alice stores it +SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=gnunet --attribute=$DEV_ATTR --subject=$ALICE_KEY --ttl="2019-12-12 10:00:00"` +gnunet-credential --createSubjectSide --ego=alice --import "$SIGNED" --private +SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=gnunet --attribute=$USER_ATTR --subject=$ALICE_KEY --ttl="2019-12-12 10:00:00"` +gnunet-credential --createSubjectSide --ego=alice --import "$SIGNED" --private +gnunet-namestore -D -z alice -CREDS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$SERVICE_KEY --attribute=$USER_ATTR --ego=alice -c test_credential_lookup.conf | paste -d, -s` +# Starting to resolve +echo "+++ Starting to Resolve +++" -#TODO2 Add -z swich like in gnunet-gns -RES_CRED=`gnunet-credential --verify --issuer=$SERVICE_KEY --attribute=$USER_ATTR --subject=$ALICE_KEY --credential="$CREDS" -c test_credential_lookup.conf` +DELS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$SERVICE_KEY --attribute=$USER_ATTR --ego=alice --backward -c test_credential_lookup.conf | paste -d, -s` +echo $DELS +echo gnunet-credential --verify --issuer=$SERVICE_KEY --attribute=$USER_ATTR --subject=$ALICE_KEY --delegate=\'$DELS\' --backward -c test_credential_lookup.conf +gnunet-credential --verify --issuer=$SERVICE_KEY --attribute=$USER_ATTR --subject=$ALICE_KEY --delegate="$DELS" --backward -c test_credential_lookup.conf +RES=$? -#TODO cleanup properly -gnunet-namestore -z alice -d -n $TEST_CREDENTIAL -t CRED -e never -c test_credential_lookup.conf +# Cleanup properly +gnunet-namestore -z alice -d -n "@" -t DEL -c test_credential_lookup.conf gnunet-namestore -z gnu -d -n $GNU_PROJECT_ATTR -t ATTR -c test_credential_lookup.conf gnunet-namestore -z gnunet -d -n $MEMBER_ATTR -t ATTR -c test_credential_lookup.conf gnunet-namestore -z service -d -n $USER_ATTR -t ATTR -c test_credential_lookup.conf gnunet-arm -e -c test_credential_lookup.conf -if [ "$RES_CRED" != "Failed." ] +if [ "$RES" == 0 ] then - echo -e "${RES_CRED}" exit 0 else echo "FAIL: Failed to verify credential $RES_CRED." exit 1 -fi
\ No newline at end of file +fi diff --git a/src/credential/test_credential_verify_simple.sh b/src/credential/test_credential_verify_simple.sh index 41afb47b0..d7657c55f 100755 --- a/src/credential/test_credential_verify_simple.sh +++ b/src/credential/test_credential_verify_simple.sh @@ -15,7 +15,7 @@ fi rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f` -# (3) Isser.user -> Subject +# (1) Issuer.user -> Subject which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 30" @@ -26,27 +26,29 @@ gnunet-identity -C testsubject -c test_credential_lookup.conf TEST_ATTR="user" SUBJECT_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep testsubject | awk '{print $3}') ISSUER_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep testissuer | awk '{print $3}') -CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=testissuer --subject=$SUBJECT_KEY --attribute=$TEST_ATTR --ttl=5m -c test_credential_lookup.conf` -TEST_CREDENTIAL="t1" -gnunet-namestore -p -z testsubject -a -n $TEST_CREDENTIAL -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf +# Create delegate (1) +SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=testissuer --attribute=$TEST_ATTR --subject=$SUBJECT_KEY --ttl="2019-12-12 10:00:00" -c test_credential_lookup.conf` +gnunet-credential --createSubjectSide --ego=testsubject --import "$SIGNED" --private +gnunet-namestore -D -z testsubject -CREDS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$ISSUER_KEY --attribute=$TEST_ATTR --ego=testsubject -c test_credential_lookup.conf | paste -d, -s` +# Starting to resolve +echo "+++ Starting to Resolve +++" +DELS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$ISSUER_KEY --attribute=$TEST_ATTR --ego=testsubject -c test_credential_lookup.conf | paste -d, -s` +echo $DELS +gnunet-credential --verify --issuer=$ISSUER_KEY --attribute=$TEST_ATTR --subject=$SUBJECT_KEY --delegate="$DELS" -c test_credential_lookup.conf -#TODO2 Add -z swich like in gnunet-gns -#RES_CRED=`$DO_TIMEOUT gnunet-credential --verify --issuer=$ISSUER_KEY --attribute="$TEST_ATTR" --subject=$SUBJECT_KEY --credential=$TEST_CREDENTIAL -c test_credential_lookup.conf` -RES_CRED=`gnunet-credential --verify --issuer=$ISSUER_KEY --attribute=$TEST_ATTR --subject=$SUBJECT_KEY --credential="$CREDS" -c test_credential_lookup.conf` +RES=$? -#TODO cleanup properly -gnunet-namestore -z testsubject -d -n $TEST_CREDENTIAL -t CRED -e never -c test_credential_lookup.conf -gnunet-identity -D testsubject -c test_credential_lookup.conf +# Cleanup properly +gnunet-namestore -z testsubject -d -n "@" -t DEL -c test_credential_lookup.conf gnunet-arm -e -c test_credential_lookup.conf -#TODO3 proper test -if [ "$RES_CRED" != "Failed." ] + +if [ "$RES" == 0 ] then exit 0 else echo "FAIL: Failed to verify credential." exit 1 -fi +fi
\ No newline at end of file |