diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/credential/Makefile.am | 1 | ||||
-rw-r--r-- | src/credential/credential_serialization.c | 129 | ||||
-rw-r--r-- | src/credential/credential_serialization.h | 91 | ||||
-rw-r--r-- | src/credential/gnunet-service-credential.c | 520 | ||||
-rw-r--r-- | src/credential/plugin_gnsrecord_credential.c | 168 | ||||
-rwxr-xr-x | src/credential/test_credential_verify.sh | 4 | ||||
-rw-r--r-- | src/include/gnunet_credential_service.h | 40 |
7 files changed, 685 insertions, 268 deletions
diff --git a/src/credential/Makefile.am b/src/credential/Makefile.am index 51dbb34d7..5852bd0a0 100644 --- a/src/credential/Makefile.am +++ b/src/credential/Makefile.am | |||
@@ -55,6 +55,7 @@ gnunet_credential_LDADD = \ | |||
55 | libgnunet_plugin_gnsrecord_credential_la_SOURCES = \ | 55 | libgnunet_plugin_gnsrecord_credential_la_SOURCES = \ |
56 | plugin_gnsrecord_credential.c | 56 | plugin_gnsrecord_credential.c |
57 | libgnunet_plugin_gnsrecord_credential_la_LIBADD = \ | 57 | libgnunet_plugin_gnsrecord_credential_la_LIBADD = \ |
58 | libgnunetcredential.la \ | ||
58 | $(top_builddir)/src/util/libgnunetutil.la \ | 59 | $(top_builddir)/src/util/libgnunetutil.la \ |
59 | $(LTLIBINTL) | 60 | $(LTLIBINTL) |
60 | libgnunet_plugin_gnsrecord_credential_la_LDFLAGS = \ | 61 | libgnunet_plugin_gnsrecord_credential_la_LDFLAGS = \ |
diff --git a/src/credential/credential_serialization.c b/src/credential/credential_serialization.c index 2fbcebd9f..99138441e 100644 --- a/src/credential/credential_serialization.c +++ b/src/credential/credential_serialization.c | |||
@@ -32,7 +32,21 @@ | |||
32 | 32 | ||
33 | GNUNET_NETWORK_STRUCT_BEGIN | 33 | GNUNET_NETWORK_STRUCT_BEGIN |
34 | 34 | ||
35 | struct NetworkRecord | 35 | struct DelegationRecordData |
36 | { | ||
37 | /** | ||
38 | * Subject key | ||
39 | */ | ||
40 | struct GNUNET_CRYPTO_EcdsaPublicKey subject_key; | ||
41 | |||
42 | /** | ||
43 | * Subject attributes | ||
44 | */ | ||
45 | uint32_t subject_attribute_len GNUNET_PACKED; | ||
46 | }; | ||
47 | |||
48 | |||
49 | struct ChainEntry | ||
36 | { | 50 | { |
37 | /** | 51 | /** |
38 | * Issuer key | 52 | * Issuer key |
@@ -57,6 +71,113 @@ struct NetworkRecord | |||
57 | 71 | ||
58 | GNUNET_NETWORK_STRUCT_END | 72 | GNUNET_NETWORK_STRUCT_END |
59 | 73 | ||
74 | |||
75 | /** | ||
76 | * Calculate how many bytes we will need to serialize | ||
77 | * the given delegation chain and credential | ||
78 | * | ||
79 | * @param d_count number of delegation chain entries | ||
80 | * @param dd array of #GNUNET_CREDENTIAL_Delegation | ||
81 | * @param cd a #GNUNET_CREDENTIAL_Credential | ||
82 | * @return the required size to serialize | ||
83 | */ | ||
84 | size_t | ||
85 | GNUNET_CREDENTIAL_delegation_set_get_size (unsigned int ds_count, | ||
86 | const struct GNUNET_CREDENTIAL_DelegationSetRecord *dsr) | ||
87 | { | ||
88 | unsigned int i; | ||
89 | size_t ret; | ||
90 | |||
91 | ret = sizeof (struct DelegationRecordData) * (ds_count); | ||
92 | |||
93 | for (i=0; i<ds_count;i++) | ||
94 | { | ||
95 | GNUNET_assert ((ret + dsr[i].subject_attribute_len) >= ret); | ||
96 | ret += dsr[i].subject_attribute_len; | ||
97 | } | ||
98 | return ret; | ||
99 | } | ||
100 | |||
101 | /** | ||
102 | * Serizalize the given delegation chain entries and credential | ||
103 | * | ||
104 | * @param d_count number of delegation chain entries | ||
105 | * @param dd array of #GNUNET_CREDENTIAL_Delegation | ||
106 | * @param cd a #GNUNET_CREDENTIAL_Credential | ||
107 | * @param dest_size size of the destination | ||
108 | * @param dest where to store the result | ||
109 | * @return the size of the data, -1 on failure | ||
110 | */ | ||
111 | ssize_t | ||
112 | GNUNET_CREDENTIAL_delegation_set_serialize (unsigned int d_count, | ||
113 | const struct GNUNET_CREDENTIAL_DelegationSetRecord *dsr, | ||
114 | size_t dest_size, | ||
115 | char *dest) | ||
116 | { | ||
117 | struct DelegationRecordData rec; | ||
118 | unsigned int i; | ||
119 | size_t off; | ||
120 | |||
121 | off = 0; | ||
122 | for (i=0;i<d_count;i++) | ||
123 | { | ||
124 | rec.subject_attribute_len = htonl ((uint32_t) dsr[i].subject_attribute_len); | ||
125 | rec.subject_key = dsr[i].subject_key; | ||
126 | if (off + sizeof (rec) > dest_size) | ||
127 | return -1; | ||
128 | GNUNET_memcpy (&dest[off], | ||
129 | &rec, | ||
130 | sizeof (rec)); | ||
131 | off += sizeof (rec); | ||
132 | if (0 == dsr[i].subject_attribute_len) | ||
133 | continue; | ||
134 | if (off + dsr[i].subject_attribute_len > dest_size) | ||
135 | return -1; | ||
136 | GNUNET_memcpy (&dest[off], | ||
137 | dsr[i].subject_attribute, | ||
138 | dsr[i].subject_attribute_len); | ||
139 | off += dsr[i].subject_attribute_len; | ||
140 | } | ||
141 | return off; | ||
142 | } | ||
143 | |||
144 | |||
145 | /** | ||
146 | * Deserialize the given destination | ||
147 | * | ||
148 | * @param len size of the serialized delegation chain and cred | ||
149 | * @param src the serialized data | ||
150 | * @param d_count the number of delegation chain entries | ||
151 | * @param dd where to put the delegation chain entries | ||
152 | * @param cd where to put the credential data | ||
153 | * @return #GNUNET_OK on success, #GNUNET_SYSERR on error | ||
154 | */ | ||
155 | int | ||
156 | GNUNET_CREDENTIAL_delegation_set_deserialize (size_t len, | ||
157 | const char *src, | ||
158 | unsigned int d_count, | ||
159 | struct GNUNET_CREDENTIAL_DelegationSetRecord *dsr) | ||
160 | { | ||
161 | struct DelegationRecordData rec; | ||
162 | unsigned int i; | ||
163 | size_t off; | ||
164 | |||
165 | off = 0; | ||
166 | for (i=0;i<d_count;i++) | ||
167 | { | ||
168 | if (off + sizeof (rec) > len) | ||
169 | return GNUNET_SYSERR; | ||
170 | GNUNET_memcpy (&rec, &src[off], sizeof (rec)); | ||
171 | dsr[i].subject_key = rec.subject_key; | ||
172 | off += sizeof (rec); | ||
173 | dsr[i].subject_attribute_len = ntohl ((uint32_t) rec.subject_attribute_len); | ||
174 | if (off + dsr[i].subject_attribute_len > len) | ||
175 | return GNUNET_SYSERR; | ||
176 | dsr[i].subject_attribute = &src[off]; | ||
177 | off += dsr[i].subject_attribute_len; | ||
178 | } | ||
179 | return GNUNET_OK; | ||
180 | } | ||
60 | /** | 181 | /** |
61 | * Calculate how many bytes we will need to serialize | 182 | * Calculate how many bytes we will need to serialize |
62 | * the given delegation chain and credential | 183 | * the given delegation chain and credential |
@@ -74,7 +195,7 @@ GNUNET_CREDENTIAL_delegation_chain_get_size (unsigned int d_count, | |||
74 | unsigned int i; | 195 | unsigned int i; |
75 | size_t ret; | 196 | size_t ret; |
76 | 197 | ||
77 | ret = sizeof (struct NetworkRecord) * (d_count + 1); | 198 | ret = sizeof (struct ChainEntry) * (d_count + 1); |
78 | 199 | ||
79 | for (i=0; i<d_count;i++) | 200 | for (i=0; i<d_count;i++) |
80 | { | 201 | { |
@@ -105,7 +226,7 @@ GNUNET_CREDENTIAL_delegation_chain_serialize (unsigned int d_count, | |||
105 | size_t dest_size, | 226 | size_t dest_size, |
106 | char *dest) | 227 | char *dest) |
107 | { | 228 | { |
108 | struct NetworkRecord rec; | 229 | struct ChainEntry rec; |
109 | unsigned int i; | 230 | unsigned int i; |
110 | size_t off; | 231 | size_t off; |
111 | 232 | ||
@@ -174,7 +295,7 @@ GNUNET_CREDENTIAL_delegation_chain_deserialize (size_t len, | |||
174 | struct GNUNET_CREDENTIAL_Delegation *dd, | 295 | struct GNUNET_CREDENTIAL_Delegation *dd, |
175 | struct GNUNET_CREDENTIAL_Credential *cd) | 296 | struct GNUNET_CREDENTIAL_Credential *cd) |
176 | { | 297 | { |
177 | struct NetworkRecord rec; | 298 | struct ChainEntry rec; |
178 | unsigned int i; | 299 | unsigned int i; |
179 | size_t off; | 300 | size_t off; |
180 | 301 | ||
diff --git a/src/credential/credential_serialization.h b/src/credential/credential_serialization.h index 7e984ce0a..7f6d0dda9 100644 --- a/src/credential/credential_serialization.h +++ b/src/credential/credential_serialization.h | |||
@@ -32,50 +32,93 @@ | |||
32 | 32 | ||
33 | /** | 33 | /** |
34 | * Calculate how many bytes we will need to serialize | 34 | * Calculate how many bytes we will need to serialize |
35 | * the given delegation chain and credential | 35 | * the given delegation record |
36 | * | 36 | * |
37 | * @param d_count number of delegation chain entries | 37 | * @param ds_count number of delegation chain entries |
38 | * @param dd array of #GNUNET_CREDENTIAL_Delegation | 38 | * @param dsr array of #GNUNET_CREDENTIAL_Delegation |
39 | * @param cd a #GNUNET_CREDENTIAL_Credential | ||
40 | * @return the required size to serialize | 39 | * @return the required size to serialize |
41 | */ | 40 | */ |
42 | size_t | 41 | size_t |
43 | GNUNET_CREDENTIAL_delegation_chain_get_size (unsigned int d_count, | 42 | GNUNET_CREDENTIAL_delegation_set_get_size (unsigned int ds_count, |
44 | const struct GNUNET_CREDENTIAL_Delegation *dd, | 43 | const struct GNUNET_CREDENTIAL_DelegationSetRecord *dsr); |
45 | const struct GNUNET_CREDENTIAL_Credential *cd); | ||
46 | 44 | ||
47 | /** | 45 | /** |
48 | * Serizalize the given delegation chain entries and credential | 46 | * Serizalize the given delegation record entries |
49 | * | 47 | * |
50 | * @param d_count number of delegation chain entries | 48 | * @param d_count number of delegation chain entries |
51 | * @param dd array of #GNUNET_CREDENTIAL_Delegation | 49 | * @param dsr array of #GNUNET_CREDENTIAL_Delegation |
52 | * @param cd a #GNUNET_CREDENTIAL_Credential | ||
53 | * @param dest_size size of the destination | 50 | * @param dest_size size of the destination |
54 | * @param dest where to store the result | 51 | * @param dest where to store the result |
55 | * @return the size of the data, -1 on failure | 52 | * @return the size of the data, -1 on failure |
56 | */ | 53 | */ |
57 | ssize_t | 54 | ssize_t |
58 | GNUNET_CREDENTIAL_delegation_chain_serialize (unsigned int d_count, | 55 | GNUNET_CREDENTIAL_delegation_set_serialize (unsigned int d_count, |
59 | const struct GNUNET_CREDENTIAL_Delegation *dd, | 56 | const struct GNUNET_CREDENTIAL_DelegationSetRecord *dsr, |
60 | const struct GNUNET_CREDENTIAL_Credential *cd, | 57 | size_t dest_size, |
61 | size_t dest_size, | 58 | char *dest); |
62 | char *dest); | ||
63 | 59 | ||
64 | 60 | ||
65 | /** | 61 | /** |
66 | * Deserialize the given destination | 62 | * Deserialize the given destination |
67 | * | 63 | * |
68 | * @param len size of the serialized delegation chain and cred | 64 | * @param len size of the serialized delegation recird |
69 | * @param src the serialized data | 65 | * @param src the serialized data |
70 | * @param d_count the number of delegation chain entries | 66 | * @param d_count the number of delegation chain entries |
71 | * @param dd where to put the delegation chain entries | 67 | * @param dsr where to put the delegation chain entries |
72 | * @param cd where to put the credential data | ||
73 | * @return #GNUNET_OK on success, #GNUNET_SYSERR on error | 68 | * @return #GNUNET_OK on success, #GNUNET_SYSERR on error |
74 | */ | 69 | */ |
75 | int | 70 | int |
76 | GNUNET_CREDENTIAL_delegation_chain_deserialize (size_t len, | 71 | GNUNET_CREDENTIAL_delegation_set_deserialize (size_t len, |
77 | const char *src, | 72 | const char *src, |
78 | unsigned int d_count, | 73 | unsigned int d_count, |
79 | struct GNUNET_CREDENTIAL_Delegation *dd, | 74 | struct GNUNET_CREDENTIAL_DelegationSetRecord *dsr); |
80 | struct GNUNET_CREDENTIAL_Credential *cd); | 75 | |
81 | /* end of credential_serialization.h */ | 76 | /** |
77 | * Calculate how many bytes we will need to serialize | ||
78 | * the given delegation chain and credential | ||
79 | * | ||
80 | * @param d_count number of delegation chain entries | ||
81 | * @param dd array of #GNUNET_CREDENTIAL_Delegation | ||
82 | * @param cd a #GNUNET_CREDENTIAL_Credential | ||
83 | * @return the required size to serialize | ||
84 | */ | ||
85 | size_t | ||
86 | GNUNET_CREDENTIAL_delegation_chain_get_size (unsigned int d_count, | ||
87 | const struct GNUNET_CREDENTIAL_Delegation *dd, | ||
88 | const struct GNUNET_CREDENTIAL_Credential *cd); | ||
89 | |||
90 | /** | ||
91 | * Serizalize the given delegation chain entries and credential | ||
92 | * | ||
93 | * @param d_count number of delegation chain entries | ||
94 | * @param dd array of #GNUNET_CREDENTIAL_Delegation | ||
95 | * @param cd a #GNUNET_CREDENTIAL_Credential | ||
96 | * @param dest_size size of the destination | ||
97 | * @param dest where to store the result | ||
98 | * @return the size of the data, -1 on failure | ||
99 | */ | ||
100 | ssize_t | ||
101 | GNUNET_CREDENTIAL_delegation_chain_serialize (unsigned int d_count, | ||
102 | const struct GNUNET_CREDENTIAL_Delegation *dd, | ||
103 | const struct GNUNET_CREDENTIAL_Credential *cd, | ||
104 | size_t dest_size, | ||
105 | char *dest); | ||
106 | |||
107 | |||
108 | /** | ||
109 | * Deserialize the given destination | ||
110 | * | ||
111 | * @param len size of the serialized delegation chain and cred | ||
112 | * @param src the serialized data | ||
113 | * @param d_count the number of delegation chain entries | ||
114 | * @param dd where to put the delegation chain entries | ||
115 | * @param cd where to put the credential data | ||
116 | * @return #GNUNET_OK on success, #GNUNET_SYSERR on error | ||
117 | */ | ||
118 | int | ||
119 | GNUNET_CREDENTIAL_delegation_chain_deserialize (size_t len, | ||
120 | const char *src, | ||
121 | unsigned int d_count, | ||
122 | struct GNUNET_CREDENTIAL_Delegation *dd, | ||
123 | struct GNUNET_CREDENTIAL_Credential *cd); | ||
124 | /* end of credential_serialization.h */ | ||
diff --git a/src/credential/gnunet-service-credential.c b/src/credential/gnunet-service-credential.c index 8f7d71b28..8843abfd6 100644 --- a/src/credential/gnunet-service-credential.c +++ b/src/credential/gnunet-service-credential.c | |||
@@ -46,9 +46,22 @@ | |||
46 | 46 | ||
47 | struct VerifyRequestHandle; | 47 | struct VerifyRequestHandle; |
48 | 48 | ||
49 | struct GNUNET_CREDENTIAL_DelegationChainEntry | 49 | struct DelegationSetEntry; |
50 | |||
51 | |||
52 | struct DelegationChainEntry | ||
50 | { | 53 | { |
51 | /** | 54 | /** |
55 | * DLL | ||
56 | */ | ||
57 | struct DelegationChainEntry *next; | ||
58 | |||
59 | /** | ||
60 | * DLL | ||
61 | */ | ||
62 | struct DelegationChainEntry *prev; | ||
63 | |||
64 | /** | ||
52 | * The issuer | 65 | * The issuer |
53 | */ | 66 | */ |
54 | struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key; | 67 | struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key; |
@@ -97,8 +110,8 @@ struct CredentialRecordEntry | |||
97 | }; | 110 | }; |
98 | 111 | ||
99 | /** | 112 | /** |
100 | * DLL for delegations - Used as a queue | 113 | * DLL used for delegations |
101 | * Insert tail - Pop head | 114 | * Used for OR delegations |
102 | */ | 115 | */ |
103 | struct DelegationQueueEntry | 116 | struct DelegationQueueEntry |
104 | { | 117 | { |
@@ -113,16 +126,43 @@ struct DelegationQueueEntry | |||
113 | struct DelegationQueueEntry *prev; | 126 | struct DelegationQueueEntry *prev; |
114 | 127 | ||
115 | /** | 128 | /** |
116 | * Children of this attribute | 129 | * Sets under this Queue |
117 | */ | 130 | */ |
118 | struct DelegationQueueEntry *children_head; | 131 | struct DelegationSetEntry *set_entries_head; |
119 | 132 | ||
120 | /** | 133 | /** |
121 | * Children of this attribute | 134 | * Sets under this Queue |
122 | */ | 135 | */ |
123 | struct DelegationQueueEntry *children_tail; | 136 | struct DelegationSetEntry *set_entries_tail; |
124 | 137 | ||
125 | /** | 138 | /** |
139 | * Parent set | ||
140 | */ | ||
141 | struct DelegationSetEntry *parent_set; | ||
142 | |||
143 | /** | ||
144 | * Required solutions | ||
145 | */ | ||
146 | uint32_t required_solutions; | ||
147 | }; | ||
148 | |||
149 | /** | ||
150 | * DLL for delegation sets | ||
151 | * Used for AND delegation set | ||
152 | */ | ||
153 | struct DelegationSetEntry | ||
154 | { | ||
155 | /** | ||
156 | * DLL | ||
157 | */ | ||
158 | struct DelegationSetEntry *next; | ||
159 | |||
160 | /** | ||
161 | * DLL | ||
162 | */ | ||
163 | struct DelegationSetEntry *prev; | ||
164 | |||
165 | /** | ||
126 | * GNS handle | 166 | * GNS handle |
127 | */ | 167 | */ |
128 | struct GNUNET_GNS_LookupRequest *lookup_request; | 168 | struct GNUNET_GNS_LookupRequest *lookup_request; |
@@ -143,6 +183,21 @@ struct DelegationQueueEntry | |||
143 | struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key; | 183 | struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key; |
144 | 184 | ||
145 | /** | 185 | /** |
186 | * Queue entries of this set | ||
187 | */ | ||
188 | struct DelegationQueueEntry *queue_entries_head; | ||
189 | |||
190 | /** | ||
191 | * Queue entries of this set | ||
192 | */ | ||
193 | struct DelegationQueueEntry *queue_entries_tail; | ||
194 | |||
195 | /** | ||
196 | * Parent QueueEntry | ||
197 | */ | ||
198 | struct DelegationQueueEntry *parent_queue_entry; | ||
199 | |||
200 | /** | ||
146 | * Issuer attribute delegated to | 201 | * Issuer attribute delegated to |
147 | */ | 202 | */ |
148 | char *issuer_attribute; | 203 | char *issuer_attribute; |
@@ -161,16 +216,12 @@ struct DelegationQueueEntry | |||
161 | * Still to resolve delegation as string | 216 | * Still to resolve delegation as string |
162 | */ | 217 | */ |
163 | char *unresolved_attribute_delegation; | 218 | char *unresolved_attribute_delegation; |
164 | 219 | ||
165 | /** | 220 | /** |
166 | * The delegation chain entry | 221 | * The delegation chain entry |
167 | */ | 222 | */ |
168 | struct GNUNET_CREDENTIAL_DelegationChainEntry *delegation_chain_entry; | 223 | struct DelegationChainEntry *delegation_chain_entry; |
169 | 224 | ||
170 | /** | ||
171 | * Delegation chain length until now | ||
172 | */ | ||
173 | uint32_t d_count; | ||
174 | }; | 225 | }; |
175 | 226 | ||
176 | 227 | ||
@@ -194,18 +245,32 @@ struct VerifyRequestHandle | |||
194 | * Handle to the requesting client | 245 | * Handle to the requesting client |
195 | */ | 246 | */ |
196 | struct GNUNET_SERVICE_Client *client; | 247 | struct GNUNET_SERVICE_Client *client; |
197 | 248 | ||
198 | /** | 249 | /** |
199 | * GNS handle | 250 | * GNS handle |
200 | */ | 251 | */ |
201 | struct GNUNET_GNS_LookupRequest *lookup_request; | 252 | struct GNUNET_GNS_LookupRequest *lookup_request; |
202 | 253 | ||
254 | /** | ||
255 | * Size of delegation tree | ||
256 | */ | ||
257 | uint32_t delegation_chain_size; | ||
258 | |||
259 | /** | ||
260 | * Children of this attribute | ||
261 | */ | ||
262 | struct DelegationChainEntry *delegation_chain_head; | ||
263 | |||
264 | /** | ||
265 | * Children of this attribute | ||
266 | */ | ||
267 | struct DelegationChainEntry *delegation_chain_tail; | ||
203 | 268 | ||
204 | /** | 269 | /** |
205 | * Issuer public key | 270 | * Issuer public key |
206 | */ | 271 | */ |
207 | struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key; | 272 | struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key; |
208 | 273 | ||
209 | /** | 274 | /** |
210 | * Issuer attribute | 275 | * Issuer attribute |
211 | */ | 276 | */ |
@@ -227,15 +292,10 @@ struct VerifyRequestHandle | |||
227 | struct CredentialRecordEntry *cred_chain_tail; | 292 | struct CredentialRecordEntry *cred_chain_tail; |
228 | 293 | ||
229 | /** | 294 | /** |
230 | * Delegation Queue | 295 | * Root Delegation Set |
231 | */ | 296 | */ |
232 | struct DelegationQueueEntry *chain_start; | 297 | struct DelegationSetEntry *root_set; |
233 | 298 | ||
234 | /** | ||
235 | * Delegation Queue | ||
236 | */ | ||
237 | struct DelegationQueueEntry *chain_end; | ||
238 | |||
239 | /** | 299 | /** |
240 | * Current Delegation Pointer | 300 | * Current Delegation Pointer |
241 | */ | 301 | */ |
@@ -252,11 +312,6 @@ struct VerifyRequestHandle | |||
252 | uint32_t credential_size; | 312 | uint32_t credential_size; |
253 | 313 | ||
254 | /** | 314 | /** |
255 | * Length of found delegation chain | ||
256 | */ | ||
257 | uint32_t d_count; | ||
258 | |||
259 | /** | ||
260 | * request id | 315 | * request id |
261 | */ | 316 | */ |
262 | uint32_t request_id; | 317 | uint32_t request_id; |
@@ -291,43 +346,56 @@ static struct GNUNET_GNS_Handle *gns; | |||
291 | 346 | ||
292 | 347 | ||
293 | static void | 348 | static void |
294 | cleanup_delegation_queue (struct DelegationQueueEntry *dq_entry) | 349 | cleanup_delegation_set (struct DelegationSetEntry *ds_entry) |
295 | { | 350 | { |
296 | struct DelegationQueueEntry *child; | 351 | struct DelegationQueueEntry *dq_entry; |
297 | if (NULL == dq_entry) | 352 | struct DelegationSetEntry *child; |
353 | |||
354 | if (NULL == ds_entry) | ||
298 | return; | 355 | return; |
299 | 356 | ||
300 | for (child = dq_entry->children_head; NULL != child; child = dq_entry->children_head) | 357 | for (dq_entry = ds_entry->queue_entries_head; |
358 | NULL != dq_entry; | ||
359 | dq_entry = ds_entry->queue_entries_head) | ||
301 | { | 360 | { |
302 | GNUNET_CONTAINER_DLL_remove (dq_entry->children_head, | 361 | GNUNET_CONTAINER_DLL_remove (ds_entry->queue_entries_head, |
303 | dq_entry->children_tail, | 362 | ds_entry->queue_entries_tail, |
304 | child); | 363 | dq_entry); |
305 | cleanup_delegation_queue (child); | 364 | for (child = dq_entry->set_entries_head; |
365 | NULL != child; | ||
366 | child = dq_entry->set_entries_head) | ||
367 | { | ||
368 | GNUNET_CONTAINER_DLL_remove (dq_entry->set_entries_head, | ||
369 | dq_entry->set_entries_tail, | ||
370 | child); | ||
371 | cleanup_delegation_set (child); | ||
372 | } | ||
373 | GNUNET_free (dq_entry); | ||
306 | } | 374 | } |
307 | if (NULL != dq_entry->issuer_key) | 375 | if (NULL != ds_entry->issuer_key) |
308 | GNUNET_free (dq_entry->issuer_key); | 376 | GNUNET_free (ds_entry->issuer_key); |
309 | if (NULL != dq_entry->lookup_attribute) | 377 | if (NULL != ds_entry->lookup_attribute) |
310 | GNUNET_free (dq_entry->lookup_attribute); | 378 | GNUNET_free (ds_entry->lookup_attribute); |
311 | if (NULL != dq_entry->issuer_attribute) | 379 | if (NULL != ds_entry->issuer_attribute) |
312 | GNUNET_free (dq_entry->issuer_attribute); | 380 | GNUNET_free (ds_entry->issuer_attribute); |
313 | if (NULL != dq_entry->unresolved_attribute_delegation) | 381 | if (NULL != ds_entry->unresolved_attribute_delegation) |
314 | GNUNET_free (dq_entry->unresolved_attribute_delegation); | 382 | GNUNET_free (ds_entry->unresolved_attribute_delegation); |
315 | if (NULL != dq_entry->attr_trailer) | 383 | if (NULL != ds_entry->attr_trailer) |
316 | GNUNET_free (dq_entry->attr_trailer); | 384 | GNUNET_free (ds_entry->attr_trailer); |
317 | if (NULL != dq_entry->lookup_request) | 385 | if (NULL != ds_entry->lookup_request) |
318 | { | 386 | { |
319 | GNUNET_GNS_lookup_cancel (dq_entry->lookup_request); | 387 | GNUNET_GNS_lookup_cancel (ds_entry->lookup_request); |
320 | dq_entry->lookup_request = NULL; | 388 | ds_entry->lookup_request = NULL; |
321 | } | 389 | } |
322 | if (NULL != dq_entry->delegation_chain_entry) | 390 | if (NULL != ds_entry->delegation_chain_entry) |
323 | { | 391 | { |
324 | if (NULL != dq_entry->delegation_chain_entry->subject_attribute) | 392 | if (NULL != ds_entry->delegation_chain_entry->subject_attribute) |
325 | GNUNET_free (dq_entry->delegation_chain_entry->subject_attribute); | 393 | GNUNET_free (ds_entry->delegation_chain_entry->subject_attribute); |
326 | if (NULL != dq_entry->delegation_chain_entry->issuer_attribute) | 394 | if (NULL != ds_entry->delegation_chain_entry->issuer_attribute) |
327 | GNUNET_free (dq_entry->delegation_chain_entry->issuer_attribute); | 395 | GNUNET_free (ds_entry->delegation_chain_entry->issuer_attribute); |
328 | GNUNET_free (dq_entry->delegation_chain_entry); | 396 | GNUNET_free (ds_entry->delegation_chain_entry); |
329 | } | 397 | } |
330 | GNUNET_free (dq_entry); | 398 | GNUNET_free (ds_entry); |
331 | } | 399 | } |
332 | 400 | ||
333 | static void | 401 | static void |
@@ -343,7 +411,7 @@ cleanup_handle (struct VerifyRequestHandle *vrh) | |||
343 | } | 411 | } |
344 | if (NULL != vrh->credential) | 412 | if (NULL != vrh->credential) |
345 | GNUNET_free (vrh->credential); | 413 | GNUNET_free (vrh->credential); |
346 | cleanup_delegation_queue (vrh->chain_start); | 414 | cleanup_delegation_set (vrh->root_set); |
347 | if (NULL != vrh->issuer_attribute) | 415 | if (NULL != vrh->issuer_attribute) |
348 | GNUNET_free (vrh->issuer_attribute); | 416 | GNUNET_free (vrh->issuer_attribute); |
349 | for (cr_entry = vrh->cred_chain_head; | 417 | for (cr_entry = vrh->cred_chain_head; |
@@ -444,57 +512,63 @@ send_lookup_response (struct VerifyRequestHandle *vrh) | |||
444 | { | 512 | { |
445 | struct GNUNET_MQ_Envelope *env; | 513 | struct GNUNET_MQ_Envelope *env; |
446 | struct VerifyResultMessage *rmsg; | 514 | struct VerifyResultMessage *rmsg; |
447 | struct DelegationQueueEntry *dq_entry; | 515 | struct DelegationChainEntry *dce; |
448 | size_t size = vrh->credential_size; | 516 | size_t size = vrh->credential_size; |
449 | struct GNUNET_CREDENTIAL_Delegation dd[vrh->d_count]; | 517 | struct GNUNET_CREDENTIAL_Delegation dd[vrh->delegation_chain_size]; |
450 | struct GNUNET_CREDENTIAL_Credential cred; | 518 | struct GNUNET_CREDENTIAL_Credential cred; |
519 | int i; | ||
451 | 520 | ||
452 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 521 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
453 | "Sending response\n"); | 522 | "Sending response\n"); |
454 | dq_entry = vrh->chain_end; | 523 | i = 0; |
455 | for (int i=0; i<vrh->d_count; i++) | 524 | for (dce = vrh->delegation_chain_head; |
525 | NULL != dce; | ||
526 | dce = dce->next) | ||
456 | { | 527 | { |
457 | dd[i].issuer_key = dq_entry->delegation_chain_entry->issuer_key; | 528 | dd[i].issuer_key = dce->issuer_key; |
458 | dd[i].subject_key = dq_entry->delegation_chain_entry->subject_key; | 529 | dd[i].subject_key = dce->subject_key; |
459 | dd[i].issuer_attribute = dq_entry->delegation_chain_entry->issuer_attribute; | 530 | dd[i].issuer_attribute = dce->issuer_attribute; |
460 | dd[i].issuer_attribute_len = strlen (dq_entry->delegation_chain_entry->issuer_attribute)+1; | 531 | dd[i].issuer_attribute_len = strlen (dce->issuer_attribute)+1; |
461 | dd[i].subject_attribute_len = 0; | 532 | dd[i].subject_attribute_len = 0; |
462 | if (NULL != dq_entry->delegation_chain_entry->subject_attribute) | 533 | if (NULL != dce->subject_attribute) |
463 | { | 534 | { |
464 | dd[i].subject_attribute = dq_entry->delegation_chain_entry->subject_attribute; | 535 | dd[i].subject_attribute = dce->subject_attribute; |
465 | dd[i].subject_attribute_len = strlen(dq_entry->delegation_chain_entry->subject_attribute)+1; | 536 | dd[i].subject_attribute_len = strlen(dce->subject_attribute)+1; |
466 | } | 537 | } |
467 | dq_entry = dq_entry->parent; | 538 | i++; |
468 | } | 539 | } |
469 | 540 | ||
470 | /** | 541 | /** |
471 | * Get serialized record data | 542 | * Get serialized record data |
472 | * Append at the end of rmsg | 543 | * Append at the end of rmsg |
473 | */ | 544 | */ |
474 | cred.issuer_key = vrh->credential->issuer_key; | 545 | cred.issuer_key = vrh->credential->issuer_key; |
475 | cred.subject_key = vrh->credential->subject_key; | 546 | cred.subject_key = vrh->credential->subject_key; |
476 | cred.issuer_attribute_len = strlen((char*)&vrh->credential[1]); | 547 | cred.issuer_attribute_len = strlen((char*)&vrh->credential[1])+1; |
477 | cred.issuer_attribute = (char*)&vrh->credential[1]; | 548 | cred.issuer_attribute = (char*)&vrh->credential[1]; |
478 | size = GNUNET_CREDENTIAL_delegation_chain_get_size (vrh->d_count, | 549 | size = GNUNET_CREDENTIAL_delegation_chain_get_size (vrh->delegation_chain_size, |
479 | dd, | 550 | dd, |
480 | &cred); | 551 | &cred); |
552 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
553 | "SIZE; %llu count: %d\n",size,vrh->delegation_chain_size); | ||
481 | env = GNUNET_MQ_msg_extra (rmsg, | 554 | env = GNUNET_MQ_msg_extra (rmsg, |
482 | size, | 555 | size, |
483 | GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT); | 556 | GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT); |
484 | //Assign id so that client can find associated request | 557 | //Assign id so that client can find associated request |
485 | rmsg->id = vrh->request_id; | 558 | rmsg->id = vrh->request_id; |
486 | rmsg->d_count = htonl (vrh->d_count); | 559 | rmsg->d_count = htonl (vrh->delegation_chain_size); |
487 | 560 | ||
488 | if (NULL != vrh->credential) | 561 | if (NULL != vrh->credential) |
489 | rmsg->cred_found = htonl (GNUNET_YES); | 562 | rmsg->cred_found = htonl (GNUNET_YES); |
490 | else | 563 | else |
491 | rmsg->cred_found = htonl (GNUNET_NO); | 564 | rmsg->cred_found = htonl (GNUNET_NO); |
492 | 565 | ||
493 | GNUNET_assert (-1 != GNUNET_CREDENTIAL_delegation_chain_serialize (vrh->d_count, | 566 | GNUNET_assert (-1 != |
494 | dd, | 567 | GNUNET_CREDENTIAL_delegation_chain_serialize (vrh->delegation_chain_size, |
495 | &cred, | 568 | dd, |
496 | size, | 569 | &cred, |
497 | (char*)&rmsg[1])); | 570 | size, |
571 | (char*)&rmsg[1])); | ||
498 | 572 | ||
499 | GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq(vrh->client), | 573 | GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq(vrh->client), |
500 | env); | 574 | env); |
@@ -515,146 +589,194 @@ backward_resolution (void* cls, | |||
515 | 589 | ||
516 | struct VerifyRequestHandle *vrh; | 590 | struct VerifyRequestHandle *vrh; |
517 | struct GNUNET_CREDENTIAL_CredentialRecordData *cred; | 591 | struct GNUNET_CREDENTIAL_CredentialRecordData *cred; |
518 | const struct GNUNET_CREDENTIAL_AttributeRecordData *attr; | 592 | const struct GNUNET_CREDENTIAL_DelegationRecordData *sets; |
519 | struct CredentialRecordEntry *cred_pointer; | 593 | struct CredentialRecordEntry *cred_pointer; |
520 | struct DelegationQueueEntry *current_delegation; | 594 | struct DelegationSetEntry *current_set; |
595 | struct DelegationSetEntry *ds_entry; | ||
596 | struct DelegationSetEntry *tmp_set; | ||
521 | struct DelegationQueueEntry *dq_entry; | 597 | struct DelegationQueueEntry *dq_entry; |
522 | char *expanded_attr; | 598 | char *expanded_attr; |
523 | char *lookup_attribute; | 599 | char *lookup_attribute; |
524 | int i; | 600 | int i; |
601 | int j; | ||
525 | 602 | ||
526 | 603 | ||
527 | current_delegation = cls; | 604 | current_set = cls; |
528 | current_delegation->lookup_request = NULL; | 605 | current_set->lookup_request = NULL; |
529 | vrh = current_delegation->handle; | 606 | vrh = current_set->handle; |
530 | vrh->pending_lookups--; | 607 | vrh->pending_lookups--; |
531 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 608 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
532 | "Got %d attrs\n", rd_count); | 609 | "Got %d attrs\n", rd_count); |
533 | 610 | ||
611 | // Each OR | ||
534 | for (i=0; i < rd_count; i++) | 612 | for (i=0; i < rd_count; i++) |
535 | { | 613 | { |
536 | if (GNUNET_GNSRECORD_TYPE_ATTRIBUTE != rd[i].record_type) | 614 | if (GNUNET_GNSRECORD_TYPE_ATTRIBUTE != rd[i].record_type) |
537 | continue; | 615 | continue; |
538 | 616 | ||
617 | sets = rd[i].data; | ||
618 | struct GNUNET_CREDENTIAL_DelegationSetRecord set[ntohl(sets->set_count)]; | ||
539 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 619 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
540 | "Found new attribute delegation. Creating new Job...\n"); | 620 | "Found new attribute delegation with %d sets. Creating new Job...\n", |
541 | attr = rd[i].data; | 621 | ntohl (sets->set_count)); |
622 | |||
623 | if (GNUNET_OK !=GNUNET_CREDENTIAL_delegation_set_deserialize (GNUNET_ntohll(sets->data_size), | ||
624 | (const char*)&sets[1], | ||
625 | ntohl(sets->set_count), | ||
626 | set)) | ||
627 | { | ||
628 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
629 | "Failed to deserialize!\n"); | ||
630 | continue; | ||
631 | } | ||
542 | dq_entry = GNUNET_new (struct DelegationQueueEntry); | 632 | dq_entry = GNUNET_new (struct DelegationQueueEntry); |
543 | if (NULL != current_delegation->attr_trailer) | 633 | dq_entry->required_solutions = ntohl(sets->set_count); |
634 | dq_entry->parent_set = current_set; | ||
635 | GNUNET_CONTAINER_DLL_insert (current_set->queue_entries_head, | ||
636 | current_set->queue_entries_tail, | ||
637 | dq_entry); | ||
638 | // Each AND | ||
639 | for (j=0; j<ntohl(sets->set_count); j++) | ||
544 | { | 640 | { |
545 | if (rd[i].data_size == sizeof (struct GNUNET_CREDENTIAL_AttributeRecordData)) | 641 | ds_entry = GNUNET_new (struct DelegationSetEntry); |
642 | if (NULL != current_set->attr_trailer) | ||
546 | { | 643 | { |
547 | GNUNET_asprintf (&expanded_attr, | 644 | if (0 == set[j].subject_attribute_len) |
548 | "%s", | 645 | { |
549 | current_delegation->attr_trailer); | 646 | GNUNET_asprintf (&expanded_attr, |
550 | 647 | "%s", | |
648 | current_set->attr_trailer); | ||
649 | |||
650 | } else { | ||
651 | GNUNET_asprintf (&expanded_attr, | ||
652 | "%s.%s", | ||
653 | set[j].subject_attribute, | ||
654 | current_set->attr_trailer); | ||
655 | } | ||
656 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
657 | "Expanded to %s\n", expanded_attr); | ||
658 | ds_entry->unresolved_attribute_delegation = expanded_attr; | ||
551 | } else { | 659 | } else { |
552 | GNUNET_asprintf (&expanded_attr, | 660 | if (0 != set[j].subject_attribute_len) |
553 | "%s.%s", | 661 | { |
554 | (char*)&attr[1], | 662 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
555 | current_delegation->attr_trailer); | 663 | "Not Expanding %s\n", set[j].subject_attribute); |
664 | ds_entry->unresolved_attribute_delegation = GNUNET_strdup (set[j].subject_attribute); | ||
665 | } | ||
556 | } | 666 | } |
667 | |||
668 | //Add a credential chain entry | ||
669 | ds_entry->delegation_chain_entry = GNUNET_new (struct DelegationChainEntry); | ||
670 | ds_entry->delegation_chain_entry->subject_key = set[j].subject_key; | ||
671 | ds_entry->issuer_key = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPublicKey); | ||
672 | GNUNET_memcpy (ds_entry->issuer_key, | ||
673 | &set[j].subject_key, | ||
674 | sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)); | ||
675 | if (0 < set[j].subject_attribute_len) | ||
676 | ds_entry->delegation_chain_entry->subject_attribute = GNUNET_strdup (set[j].subject_attribute); | ||
677 | ds_entry->delegation_chain_entry->issuer_key = *current_set->issuer_key; | ||
678 | ds_entry->delegation_chain_entry->issuer_attribute = GNUNET_strdup (current_set->lookup_attribute); | ||
679 | |||
680 | ds_entry->parent_queue_entry = dq_entry; //current_delegation; | ||
681 | GNUNET_CONTAINER_DLL_insert (dq_entry->set_entries_head, | ||
682 | dq_entry->set_entries_tail, | ||
683 | ds_entry); | ||
684 | |||
557 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 685 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
558 | "Expanded to %s\n", expanded_attr); | 686 | "Checking for cred match\n"); |
559 | dq_entry->unresolved_attribute_delegation = expanded_attr; | 687 | /** |
560 | } else { | 688 | * Check if this delegation already matches one of our credentials |
561 | if (rd[i].data_size > sizeof (struct GNUNET_CREDENTIAL_AttributeRecordData)) | 689 | */ |
690 | for(cred_pointer = vrh->cred_chain_head; cred_pointer != NULL; | ||
691 | cred_pointer = cred_pointer->next) | ||
562 | { | 692 | { |
693 | cred = cred_pointer->data; | ||
694 | if(0 != memcmp (&set->subject_key, | ||
695 | &cred_pointer->data->issuer_key, | ||
696 | sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey))) | ||
697 | continue; | ||
563 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 698 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
564 | "Not Expanding %s\n", (char*)&attr[1]); | 699 | "Checking if %s matches %s\n", |
565 | dq_entry->unresolved_attribute_delegation = GNUNET_strdup ((char*)&attr[1]); | 700 | ds_entry->unresolved_attribute_delegation, (char*)&cred[1]); |
566 | } | ||
567 | } | ||
568 | 701 | ||
569 | //Add a credential chain entry | 702 | if (0 != strcmp (ds_entry->unresolved_attribute_delegation, (char*)&cred[1])) |
570 | dq_entry->delegation_chain_entry = GNUNET_new (struct GNUNET_CREDENTIAL_DelegationChainEntry); | 703 | continue; |
571 | dq_entry->delegation_chain_entry->subject_key = attr->subject_key; | ||
572 | dq_entry->issuer_key = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPublicKey); | ||
573 | GNUNET_memcpy (dq_entry->issuer_key, | ||
574 | &attr->subject_key, | ||
575 | sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)); | ||
576 | if (rd[i].data_size > sizeof (struct GNUNET_CREDENTIAL_AttributeRecordData)) | ||
577 | dq_entry->delegation_chain_entry->subject_attribute = GNUNET_strdup ((char*)&attr[1]); | ||
578 | dq_entry->delegation_chain_entry->issuer_key = *current_delegation->issuer_key; | ||
579 | dq_entry->delegation_chain_entry->issuer_attribute = GNUNET_strdup (current_delegation->lookup_attribute); | ||
580 | |||
581 | dq_entry->parent = current_delegation; | ||
582 | dq_entry->d_count = current_delegation->d_count + 1; | ||
583 | GNUNET_CONTAINER_DLL_insert (current_delegation->children_head, | ||
584 | current_delegation->children_tail, | ||
585 | dq_entry); | ||
586 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
587 | "Checking for cred match\n"); | ||
588 | /** | ||
589 | * Check if this delegation already matches one of our credentials | ||
590 | */ | ||
591 | for(cred_pointer = vrh->cred_chain_head; cred_pointer != NULL; | ||
592 | cred_pointer = cred_pointer->next) | ||
593 | { | ||
594 | cred = cred_pointer->data; | ||
595 | if(0 != memcmp (&attr->subject_key, | ||
596 | &cred_pointer->data->issuer_key, | ||
597 | sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey))) | ||
598 | continue; | ||
599 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
600 | "Checking if %s matches %s\n", | ||
601 | dq_entry->unresolved_attribute_delegation, (char*)&cred[1]); | ||
602 | 704 | ||
603 | if (0 != strcmp (dq_entry->unresolved_attribute_delegation, (char*)&cred[1])) | 705 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
604 | continue; | 706 | "Found issuer\n"); |
707 | |||
708 | //Backtrack | ||
709 | for (tmp_set = ds_entry; | ||
710 | NULL != tmp_set->parent_queue_entry; | ||
711 | tmp_set = tmp_set->parent_queue_entry->parent_set) | ||
712 | { | ||
713 | tmp_set->parent_queue_entry->required_solutions--; | ||
714 | if (NULL != tmp_set->delegation_chain_entry) | ||
715 | { | ||
716 | vrh->delegation_chain_size++; | ||
717 | GNUNET_CONTAINER_DLL_insert (vrh->delegation_chain_head, | ||
718 | vrh->delegation_chain_tail, | ||
719 | tmp_set->delegation_chain_entry); | ||
720 | } | ||
721 | if (0 < tmp_set->parent_queue_entry->required_solutions) | ||
722 | break; | ||
723 | } | ||
724 | |||
725 | if (NULL == tmp_set->parent_queue_entry) | ||
726 | { | ||
727 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
728 | "All solutions found\n"); | ||
729 | vrh->credential = GNUNET_malloc (cred_pointer->data_size); | ||
730 | memcpy (vrh->credential, | ||
731 | cred, | ||
732 | cred_pointer->data_size); | ||
733 | vrh->credential_size = cred_pointer->data_size; | ||
734 | //Found match | ||
735 | send_lookup_response (vrh); | ||
736 | return; | ||
737 | } | ||
605 | 738 | ||
739 | } | ||
606 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 740 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
607 | "Found issuer\n"); | 741 | "Building new lookup request from %s\n", |
608 | vrh->credential = GNUNET_malloc (cred_pointer->data_size); | 742 | ds_entry->unresolved_attribute_delegation); |
609 | memcpy (vrh->credential, | 743 | //Continue with backward resolution |
610 | cred, | 744 | char issuer_attribute_name[strlen (ds_entry->unresolved_attribute_delegation)+1]; |
611 | cred_pointer->data_size); | 745 | strcpy (issuer_attribute_name, |
612 | vrh->credential_size = cred_pointer->data_size; | 746 | ds_entry->unresolved_attribute_delegation); |
613 | vrh->chain_end = dq_entry; | 747 | char *next_attr = strtok (issuer_attribute_name, "."); |
614 | vrh->d_count = dq_entry->d_count; | 748 | GNUNET_asprintf (&lookup_attribute, |
615 | //Found match | 749 | "%s.gnu", |
616 | send_lookup_response (vrh); | 750 | next_attr); |
617 | return; | 751 | GNUNET_asprintf (&ds_entry->lookup_attribute, |
618 | 752 | "%s", | |
619 | } | 753 | next_attr); |
620 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 754 | if (strlen (next_attr) == strlen (ds_entry->unresolved_attribute_delegation)) |
621 | "Building new lookup request\n"); | 755 | { |
622 | //Continue with backward resolution | 756 | ds_entry->attr_trailer = NULL; |
623 | char issuer_attribute_name[strlen (dq_entry->unresolved_attribute_delegation)+1]; | 757 | } else { |
624 | strcpy (issuer_attribute_name, | 758 | next_attr += strlen (next_attr) + 1; |
625 | dq_entry->unresolved_attribute_delegation); | 759 | ds_entry->attr_trailer = GNUNET_strdup (next_attr); |
626 | char *next_attr = strtok (issuer_attribute_name, "."); | 760 | } |
627 | GNUNET_asprintf (&lookup_attribute, | ||
628 | "%s.gnu", | ||
629 | next_attr); | ||
630 | GNUNET_asprintf (&dq_entry->lookup_attribute, | ||
631 | "%s", | ||
632 | next_attr); | ||
633 | if (strlen (next_attr) == strlen (dq_entry->unresolved_attribute_delegation)) | ||
634 | { | ||
635 | dq_entry->attr_trailer = NULL; | ||
636 | } else { | ||
637 | next_attr += strlen (next_attr) + 1; | ||
638 | dq_entry->attr_trailer = GNUNET_strdup (next_attr); | ||
639 | } | ||
640 | 761 | ||
641 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
642 | "Looking up %s\n", dq_entry->lookup_attribute); | ||
643 | if (NULL != dq_entry->attr_trailer) | ||
644 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 762 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
645 | "%s still to go...\n", dq_entry->attr_trailer); | 763 | "Looking up %s\n", ds_entry->lookup_attribute); |
646 | 764 | if (NULL != ds_entry->attr_trailer) | |
647 | vrh->pending_lookups++; | 765 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
648 | dq_entry->handle = vrh; | 766 | "%s still to go...\n", ds_entry->attr_trailer); |
649 | dq_entry->lookup_request = GNUNET_GNS_lookup (gns, | 767 | |
650 | lookup_attribute, | 768 | vrh->pending_lookups++; |
651 | dq_entry->issuer_key, //issuer_key, | 769 | ds_entry->handle = vrh; |
652 | GNUNET_GNSRECORD_TYPE_ATTRIBUTE, | 770 | ds_entry->lookup_request = GNUNET_GNS_lookup (gns, |
653 | GNUNET_GNS_LO_DEFAULT, | 771 | lookup_attribute, |
654 | NULL, //shorten_key, always NULL | 772 | ds_entry->issuer_key, //issuer_key, |
655 | &backward_resolution, | 773 | GNUNET_GNSRECORD_TYPE_ATTRIBUTE, |
656 | dq_entry); | 774 | GNUNET_GNS_LO_DEFAULT, |
657 | GNUNET_free (lookup_attribute); | 775 | NULL, //shorten_key, always NULL |
776 | &backward_resolution, | ||
777 | ds_entry); | ||
778 | GNUNET_free (lookup_attribute); | ||
779 | } | ||
658 | } | 780 | } |
659 | 781 | ||
660 | if(0 == vrh->pending_lookups) | 782 | if(0 == vrh->pending_lookups) |
@@ -681,7 +803,7 @@ handle_credential_query (void* cls, | |||
681 | const struct GNUNET_GNSRECORD_Data *rd) | 803 | const struct GNUNET_GNSRECORD_Data *rd) |
682 | { | 804 | { |
683 | struct VerifyRequestHandle *vrh = cls; | 805 | struct VerifyRequestHandle *vrh = cls; |
684 | struct DelegationQueueEntry *dq_entry; | 806 | struct DelegationSetEntry *ds_entry; |
685 | const struct GNUNET_CREDENTIAL_CredentialRecordData *crd; | 807 | const struct GNUNET_CREDENTIAL_CredentialRecordData *crd; |
686 | struct CredentialRecordEntry *cr_entry; | 808 | struct CredentialRecordEntry *cr_entry; |
687 | int cred_record_count; | 809 | int cred_record_count; |
@@ -725,7 +847,6 @@ handle_credential_query (void* cls, | |||
725 | rd[i].data, | 847 | rd[i].data, |
726 | rd[i].data_size); | 848 | rd[i].data_size); |
727 | vrh->credential_size = rd[i].data_size; | 849 | vrh->credential_size = rd[i].data_size; |
728 | vrh->chain_end = NULL; | ||
729 | //Found match prematurely | 850 | //Found match prematurely |
730 | send_lookup_response (vrh); | 851 | send_lookup_response (vrh); |
731 | return; | 852 | return; |
@@ -743,26 +864,25 @@ handle_credential_query (void* cls, | |||
743 | ".gnu"); | 864 | ".gnu"); |
744 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 865 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
745 | "Looking up %s\n", issuer_attribute_name); | 866 | "Looking up %s\n", issuer_attribute_name); |
746 | dq_entry = GNUNET_new (struct DelegationQueueEntry); | 867 | ds_entry = GNUNET_new (struct DelegationSetEntry); |
747 | dq_entry->issuer_key = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPublicKey); | 868 | ds_entry->issuer_key = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPublicKey); |
748 | memcpy (dq_entry->issuer_key, | 869 | memcpy (ds_entry->issuer_key, |
749 | &vrh->issuer_key, | 870 | &vrh->issuer_key, |
750 | sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)); | 871 | sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)); |
751 | dq_entry->issuer_attribute = GNUNET_strdup (vrh->issuer_attribute); | 872 | ds_entry->issuer_attribute = GNUNET_strdup (vrh->issuer_attribute); |
752 | dq_entry->handle = vrh; | 873 | ds_entry->handle = vrh; |
753 | dq_entry->lookup_attribute = GNUNET_strdup (vrh->issuer_attribute); | 874 | ds_entry->lookup_attribute = GNUNET_strdup (vrh->issuer_attribute); |
754 | dq_entry->d_count = 0; | 875 | vrh->root_set = ds_entry; |
755 | vrh->chain_start = dq_entry; | ||
756 | vrh->pending_lookups = 1; | 876 | vrh->pending_lookups = 1; |
757 | //Start with backward resolution | 877 | //Start with backward resolution |
758 | dq_entry->lookup_request = GNUNET_GNS_lookup (gns, | 878 | ds_entry->lookup_request = GNUNET_GNS_lookup (gns, |
759 | issuer_attribute_name, | 879 | issuer_attribute_name, |
760 | &vrh->issuer_key, //issuer_key, | 880 | &vrh->issuer_key, //issuer_key, |
761 | GNUNET_GNSRECORD_TYPE_ATTRIBUTE, | 881 | GNUNET_GNSRECORD_TYPE_ATTRIBUTE, |
762 | GNUNET_GNS_LO_DEFAULT, | 882 | GNUNET_GNS_LO_DEFAULT, |
763 | NULL, //shorten_key, always NULL | 883 | NULL, //shorten_key, always NULL |
764 | &backward_resolution, | 884 | &backward_resolution, |
765 | dq_entry); | 885 | ds_entry); |
766 | } | 886 | } |
767 | 887 | ||
768 | 888 | ||
@@ -819,7 +939,7 @@ handle_verify (void *cls, | |||
819 | send_lookup_response (vrh); | 939 | send_lookup_response (vrh); |
820 | return; | 940 | return; |
821 | } | 941 | } |
822 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 942 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
823 | "Looking up %s\n", | 943 | "Looking up %s\n", |
824 | subject_attribute); | 944 | subject_attribute); |
825 | /** | 945 | /** |
diff --git a/src/credential/plugin_gnsrecord_credential.c b/src/credential/plugin_gnsrecord_credential.c index 281113a34..d21185981 100644 --- a/src/credential/plugin_gnsrecord_credential.c +++ b/src/credential/plugin_gnsrecord_credential.c | |||
@@ -30,6 +30,7 @@ | |||
30 | #include "gnunet_credential_service.h" | 30 | #include "gnunet_credential_service.h" |
31 | #include "gnunet_gnsrecord_plugin.h" | 31 | #include "gnunet_gnsrecord_plugin.h" |
32 | #include "gnunet_signatures.h" | 32 | #include "gnunet_signatures.h" |
33 | #include "credential_serialization.h" | ||
33 | 34 | ||
34 | 35 | ||
35 | /** | 36 | /** |
@@ -54,27 +55,69 @@ credential_value_to_string (void *cls, | |||
54 | { | 55 | { |
55 | case GNUNET_GNSRECORD_TYPE_ATTRIBUTE: | 56 | case GNUNET_GNSRECORD_TYPE_ATTRIBUTE: |
56 | { | 57 | { |
57 | struct GNUNET_CREDENTIAL_AttributeRecordData attr; | 58 | struct GNUNET_CREDENTIAL_DelegationRecordData sets; |
58 | char *attr_str; | 59 | char *attr_str; |
59 | char *subject_pkey; | 60 | char *subject_pkey; |
60 | 61 | char *tmp_str; | |
61 | if (data_size < sizeof (struct GNUNET_CREDENTIAL_AttributeRecordData)) | 62 | int i; |
63 | if (data_size < sizeof (struct GNUNET_CREDENTIAL_DelegationRecordData)) | ||
62 | return NULL; /* malformed */ | 64 | return NULL; /* malformed */ |
63 | memcpy (&attr, | 65 | memcpy (&sets, |
64 | data, | 66 | data, |
65 | sizeof (attr)); | 67 | sizeof (sets)); |
68 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
69 | "SIZE %llu needed: %llu + %llu\n", | ||
70 | data_size, | ||
71 | GNUNET_ntohll (sets.data_size), | ||
72 | sizeof (sets)); | ||
73 | |||
66 | cdata = data; | 74 | cdata = data; |
67 | subject_pkey = GNUNET_CRYPTO_ecdsa_public_key_to_string (&attr.subject_key); | 75 | struct GNUNET_CREDENTIAL_DelegationSetRecord set[ntohl(sets.set_count)]; |
68 | if (data_size == sizeof (struct GNUNET_CREDENTIAL_AttributeRecordData)) | 76 | if (GNUNET_OK != GNUNET_CREDENTIAL_delegation_set_deserialize (GNUNET_ntohll (sets.data_size), |
77 | &cdata[sizeof (sets)], | ||
78 | ntohl (sets.set_count), | ||
79 | set)) | ||
80 | return NULL; | ||
81 | |||
82 | for (i=0;i<ntohl(sets.set_count);i++) | ||
69 | { | 83 | { |
70 | return subject_pkey; | 84 | subject_pkey = GNUNET_CRYPTO_ecdsa_public_key_to_string (&set[i].subject_key); |
71 | } else { | 85 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
72 | GNUNET_asprintf (&attr_str, | 86 | "%d len attr\n", set[i].subject_attribute_len); |
73 | "%s %s", | 87 | if (0 == set[i].subject_attribute_len) |
74 | subject_pkey, | 88 | { |
75 | &cdata[sizeof (attr)]); | 89 | if (0 == i) |
90 | { | ||
91 | GNUNET_asprintf (&attr_str, | ||
92 | "%s", | ||
93 | subject_pkey); | ||
94 | } else { | ||
95 | GNUNET_asprintf (&tmp_str, | ||
96 | "%s,%s", | ||
97 | attr_str, | ||
98 | subject_pkey); | ||
99 | GNUNET_free (attr_str); | ||
100 | attr_str = tmp_str; | ||
101 | } | ||
102 | } else { | ||
103 | if (0 == i) | ||
104 | { | ||
105 | GNUNET_asprintf (&attr_str, | ||
106 | "%s %s", | ||
107 | subject_pkey, | ||
108 | set[i].subject_attribute); | ||
109 | } else { | ||
110 | GNUNET_asprintf (&tmp_str, | ||
111 | "%s,%s %s", | ||
112 | attr_str, | ||
113 | subject_pkey, | ||
114 | set[i].subject_attribute); | ||
115 | GNUNET_free (attr_str); | ||
116 | attr_str = tmp_str; | ||
117 | } | ||
118 | } | ||
119 | GNUNET_free (subject_pkey); | ||
76 | } | 120 | } |
77 | GNUNET_free (subject_pkey); | ||
78 | return attr_str; | 121 | return attr_str; |
79 | } | 122 | } |
80 | case GNUNET_GNSRECORD_TYPE_CREDENTIAL: | 123 | case GNUNET_GNSRECORD_TYPE_CREDENTIAL: |
@@ -143,37 +186,84 @@ credential_string_to_value (void *cls, | |||
143 | { | 186 | { |
144 | case GNUNET_GNSRECORD_TYPE_ATTRIBUTE: | 187 | case GNUNET_GNSRECORD_TYPE_ATTRIBUTE: |
145 | { | 188 | { |
146 | struct GNUNET_CREDENTIAL_AttributeRecordData *attr; | 189 | struct GNUNET_CREDENTIAL_DelegationRecordData *sets; |
147 | char attr_str[253 + 1]; | 190 | char attr_str[253 + 1]; |
148 | char subject_pkey[52 + 1]; | 191 | char subject_pkey[52 + 1]; |
192 | char *token; | ||
193 | char *tmp_str; | ||
149 | int matches = 0; | 194 | int matches = 0; |
150 | matches = SSCANF (s, | 195 | int entries; |
151 | "%s %s", | 196 | size_t tmp_data_size; |
152 | subject_pkey, | 197 | int i; |
153 | attr_str); | 198 | |
154 | if (0 == matches) | 199 | tmp_str = GNUNET_strdup (s); |
200 | token = strtok (tmp_str, ","); | ||
201 | entries = 0; | ||
202 | tmp_data_size = 0; | ||
203 | *data_size = sizeof (struct GNUNET_CREDENTIAL_DelegationRecordData); | ||
204 | while (NULL != token) | ||
155 | { | 205 | { |
156 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 206 | matches = SSCANF (token, |
157 | _("Unable to parse ATTR record string `%s'\n"), | 207 | "%s %s", |
158 | s); | 208 | subject_pkey, |
159 | return GNUNET_SYSERR; | 209 | attr_str); |
160 | 210 | if (0 == matches) | |
211 | { | ||
212 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
213 | _("Unable to parse ATTR record string `%s'\n"), | ||
214 | s); | ||
215 | GNUNET_free (tmp_str); | ||
216 | return GNUNET_SYSERR; | ||
217 | } | ||
218 | if (1 == matches) { | ||
219 | tmp_data_size += sizeof (struct GNUNET_CREDENTIAL_DelegationSetRecord); | ||
220 | } else if (2 == matches) { | ||
221 | tmp_data_size += sizeof (struct GNUNET_CREDENTIAL_DelegationSetRecord) + strlen (attr_str) + 1; | ||
222 | } | ||
223 | entries++; | ||
224 | token = strtok (NULL, ","); | ||
161 | } | 225 | } |
162 | if (1 == matches) { | 226 | GNUNET_free (tmp_str); |
163 | *data_size = sizeof (struct GNUNET_CREDENTIAL_AttributeRecordData); | 227 | tmp_str = GNUNET_strdup (s); |
164 | } else if (2 == matches) { | 228 | token = strtok (tmp_str, ","); |
165 | *data_size = sizeof (struct GNUNET_CREDENTIAL_AttributeRecordData) + strlen (attr_str) + 1; | 229 | struct GNUNET_CREDENTIAL_DelegationSetRecord *set; |
230 | set = GNUNET_malloc (entries * sizeof (struct GNUNET_CREDENTIAL_DelegationSetRecord)); | ||
231 | for (i=0;i<entries;i++) | ||
232 | { | ||
233 | matches = SSCANF (token, | ||
234 | "%s %s", | ||
235 | subject_pkey, | ||
236 | attr_str); | ||
237 | GNUNET_CRYPTO_ecdsa_public_key_from_string (subject_pkey, | ||
238 | strlen (subject_pkey), | ||
239 | &set[i].subject_key); | ||
240 | if (2 == matches) { | ||
241 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
242 | "Adding %s (data size %llu)\n", | ||
243 | attr_str, | ||
244 | tmp_data_size); | ||
245 | /*GNUNET_memcpy (&set[1], | ||
246 | attr_str, | ||
247 | strlen (attr_str)+1);*/ | ||
248 | set[i].subject_attribute_len = strlen (attr_str) + 1; | ||
249 | set[i].subject_attribute = GNUNET_strdup (attr_str);//(const char*)&set[1]; | ||
250 | } | ||
251 | token = strtok (NULL , ","); | ||
166 | } | 252 | } |
167 | *data = attr = GNUNET_malloc (*data_size); | 253 | tmp_data_size = GNUNET_CREDENTIAL_delegation_set_get_size (entries, |
168 | GNUNET_CRYPTO_ecdsa_public_key_from_string (subject_pkey, | 254 | set); |
169 | strlen (subject_pkey), | 255 | if (-1 == tmp_data_size) |
170 | &attr->subject_key); | 256 | return GNUNET_SYSERR; |
171 | if (NULL != attr_str) | 257 | *data_size += tmp_data_size; |
172 | GNUNET_memcpy (&attr[1], | 258 | *data = sets = GNUNET_malloc (*data_size); |
173 | attr_str, | 259 | GNUNET_CREDENTIAL_delegation_set_serialize (entries, |
174 | strlen (attr_str)); | 260 | set, |
175 | 261 | tmp_data_size, | |
176 | 262 | (char*)&sets[1]); | |
263 | sets->set_count = htonl (entries); | ||
264 | sets->data_size = GNUNET_htonll (tmp_data_size); | ||
265 | |||
266 | GNUNET_free (tmp_str); | ||
177 | return GNUNET_OK; | 267 | return GNUNET_OK; |
178 | } | 268 | } |
179 | case GNUNET_GNSRECORD_TYPE_CREDENTIAL: | 269 | case GNUNET_GNSRECORD_TYPE_CREDENTIAL: |
diff --git a/src/credential/test_credential_verify.sh b/src/credential/test_credential_verify.sh index 6d69e337b..52a4fd2fc 100755 --- a/src/credential/test_credential_verify.sh +++ b/src/credential/test_credential_verify.sh | |||
@@ -23,7 +23,7 @@ rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f` | |||
23 | 23 | ||
24 | 24 | ||
25 | which timeout &> /dev/null && DO_TIMEOUT="timeout 30" | 25 | which timeout &> /dev/null && DO_TIMEOUT="timeout 30" |
26 | gnunet-arm -s -c test_credential_lookup.conf | 26 | #gnunet-arm -s -c test_credential_lookup.conf |
27 | gnunet-identity -C service -c test_credential_lookup.conf | 27 | gnunet-identity -C service -c test_credential_lookup.conf |
28 | gnunet-identity -C alice -c test_credential_lookup.conf | 28 | gnunet-identity -C alice -c test_credential_lookup.conf |
29 | gnunet-identity -C gnu -c test_credential_lookup.conf | 29 | gnunet-identity -C gnu -c test_credential_lookup.conf |
@@ -44,6 +44,8 @@ TEST_CREDENTIAL="mygnunetcreds" | |||
44 | # (1) A service assigns the attribute "user" to all entities that have been assigned "member" by entities that werde assigned "project" from GNU | 44 | # (1) A service assigns the attribute "user" to all entities that have been assigned "member" by entities that werde assigned "project" from GNU |
45 | gnunet-namestore -p -z service -a -n $USER_ATTR -t ATTR -V "$GNU_KEY $GNU_PROJECT_ATTR.$MEMBER_ATTR" -e 5m -c test_credential_lookup.conf | 45 | gnunet-namestore -p -z service -a -n $USER_ATTR -t ATTR -V "$GNU_KEY $GNU_PROJECT_ATTR.$MEMBER_ATTR" -e 5m -c test_credential_lookup.conf |
46 | 46 | ||
47 | valgrind gnunet-namestore -D -z service -c test_credential_lookup.conf | ||
48 | |||
47 | # (2) GNU recognized GNUnet as a GNU project and delegates the "project" attribute | 49 | # (2) GNU recognized GNUnet as a GNU project and delegates the "project" attribute |
48 | gnunet-namestore -p -z gnu -a -n $GNU_PROJECT_ATTR -t ATTR -V "$GNUNET_KEY" -e 5m -c test_credential_lookup.conf | 50 | gnunet-namestore -p -z gnu -a -n $GNU_PROJECT_ATTR -t ATTR -V "$GNUNET_KEY" -e 5m -c test_credential_lookup.conf |
49 | 51 | ||
diff --git a/src/include/gnunet_credential_service.h b/src/include/gnunet_credential_service.h index ba72b752b..b28d90140 100644 --- a/src/include/gnunet_credential_service.h +++ b/src/include/gnunet_credential_service.h | |||
@@ -126,6 +126,46 @@ struct GNUNET_CREDENTIAL_AttributeRecordData { | |||
126 | }; | 126 | }; |
127 | 127 | ||
128 | /** | 128 | /** |
129 | * The attribute delegation record | ||
130 | */ | ||
131 | struct GNUNET_CREDENTIAL_DelegationRecordData { | ||
132 | |||
133 | uint32_t set_count; | ||
134 | |||
135 | uint64_t data_size; | ||
136 | |||
137 | char *data; | ||
138 | |||
139 | /** | ||
140 | * Followed by the attribute that was delegated to as string | ||
141 | * May be empty | ||
142 | */ | ||
143 | }; | ||
144 | |||
145 | |||
146 | |||
147 | /** | ||
148 | * The attribute delegation record | ||
149 | */ | ||
150 | struct GNUNET_CREDENTIAL_DelegationSetRecord { | ||
151 | |||
152 | /** | ||
153 | * Public key of the subject this attribute was delegated to | ||
154 | */ | ||
155 | struct GNUNET_CRYPTO_EcdsaPublicKey subject_key; | ||
156 | |||
157 | uint32_t subject_attribute_len; | ||
158 | |||
159 | const char *subject_attribute; | ||
160 | |||
161 | /** | ||
162 | * Followed by the attribute that was delegated to as string | ||
163 | * May be empty | ||
164 | */ | ||
165 | }; | ||
166 | |||
167 | |||
168 | /** | ||
129 | * A delegation | 169 | * A delegation |
130 | */ | 170 | */ |
131 | struct GNUNET_CREDENTIAL_Delegation { | 171 | struct GNUNET_CREDENTIAL_Delegation { |