From 8db3019c49933a8d5c7c82095974f6fe30bdad4b Mon Sep 17 00:00:00 2001 From: Andreas Ebner Date: Mon, 7 Oct 2019 11:51:48 +0200 Subject: Removed rest files, updated makefile --- src/abd/Makefile.am | 11 - src/abd/plugin_rest_credential.c | 1174 ------------------------------- src/abd/test_credential_collect.sh | 47 -- src/abd/test_credential_collect_rest.sh | 91 --- src/abd/test_credential_issue_rest.sh | 53 -- src/abd/test_credential_verify_rest.sh | 88 --- 6 files changed, 1464 deletions(-) delete mode 100644 src/abd/plugin_rest_credential.c delete mode 100755 src/abd/test_credential_collect.sh delete mode 100755 src/abd/test_credential_collect_rest.sh delete mode 100755 src/abd/test_credential_issue_rest.sh delete mode 100755 src/abd/test_credential_verify_rest.sh diff --git a/src/abd/Makefile.am b/src/abd/Makefile.am index 321fb0350..34a0438f5 100644 --- a/src/abd/Makefile.am +++ b/src/abd/Makefile.am @@ -94,17 +94,6 @@ if HAVE_SQLITE endif endif -#libgnunet_plugin_rest_abd_la_SOURCES = \ -# plugin_rest_abd.c -#libgnunet_plugin_rest_abd_la_LIBADD = \ -# $(top_builddir)/src/abd/libgnunetabd.la \ -# $(top_builddir)/src/rest/libgnunetrest.la \ -# $(top_builddir)/src/identity/libgnunetidentity.la \ -# $(top_builddir)/src/util/libgnunetutil.la $(XLIBS) \ -# $(LTLIBINTL) -ljansson -lmicrohttpd -#libgnunet_plugin_rest_abd_la_LDFLAGS = \ -# $(GN_PLUGIN_LDFLAGS) - diff --git a/src/abd/plugin_rest_credential.c b/src/abd/plugin_rest_credential.c deleted file mode 100644 index 513ddfff9..000000000 --- a/src/abd/plugin_rest_credential.c +++ /dev/null @@ -1,1174 +0,0 @@ -/* - This file is part of GNUnet. - Copyright (C) 2012-2016 GNUnet e.V. - - GNUnet is free software: you can redistribute it and/or modify it - under the terms of the GNU Affero General Public License as published - by the Free Software Foundation, either version 3 of the License, - or (at your option) any later version. - - GNUnet is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Affero General Public License for more details. - - You should have received a copy of the GNU Affero General Public License - along with this program. If not, see . - - SPDX-License-Identifier: AGPL3.0-or-later - */ -/** - * @author Martin Schanzenbach - * @file credential/plugin_rest_credential.c - * @brief GNUnet CREDENTIAL REST plugin - * - */ - -#include "platform.h" -#include "gnunet_rest_plugin.h" -#include -#include -#include -#include -#include -#include -#include -#include - -#define GNUNET_REST_API_NS_CREDENTIAL "/credential" - -#define GNUNET_REST_API_NS_CREDENTIAL_ISSUE "/credential/issue" - -#define GNUNET_REST_API_NS_CREDENTIAL_VERIFY "/credential/verify" - -#define GNUNET_REST_API_NS_CREDENTIAL_COLLECT "/credential/collect" - -#define GNUNET_REST_JSONAPI_CREDENTIAL_EXPIRATION "expiration" - -#define GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_KEY "subject_key" - -#define GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_EGO "subject" - -#define GNUNET_REST_JSONAPI_CREDENTIAL "credential" - -#define GNUNET_REST_JSONAPI_CREDENTIAL_TYPEINFO "credential" - -#define GNUNET_REST_JSONAPI_DELEGATIONS "delegations" - -#define GNUNET_REST_JSONAPI_CREDENTIAL_ISSUER_ATTR "attribute" - -#define GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_ATTR "credential" - -/** - * @brief struct returned by the initialization function of the plugin - */ -struct Plugin -{ - const struct GNUNET_CONFIGURATION_Handle *cfg; -}; - -const struct GNUNET_CONFIGURATION_Handle *cfg; - -struct RequestHandle -{ - /** - * Handle to Credential service. - */ - struct GNUNET_CREDENTIAL_Handle *credential; - - /** - * Handle to lookup request - */ - struct GNUNET_CREDENTIAL_Request *verify_request; - - /** - * Handle to issue request - */ - struct GNUNET_CREDENTIAL_Request *issue_request; - - /** - * Handle to identity - */ - struct GNUNET_IDENTITY_Handle *identity; - - /** - * Handle to identity operation - */ - struct GNUNET_IDENTITY_Operation *id_op; - - /** - * Handle to ego lookup - */ - struct GNUNET_IDENTITY_EgoLookup *ego_lookup; - - /** - * Handle to rest request - */ - struct GNUNET_REST_RequestHandle *rest_handle; - - /** - * ID of a task associated with the resolution process. - */ - struct GNUNET_SCHEDULER_Task *timeout_task; - - /** - * The root of the received JSON or NULL - */ - json_t *json_root; - - /** - * The plugin result processor - */ - GNUNET_REST_ResultProcessor proc; - - /** - * The closure of the result processor - */ - void *proc_cls; - - /** - * The issuer attribute to verify - */ - char *issuer_attr; - - /** - * The subject attribute - */ - char *subject_attr; - - /** - * The public key of the issuer - */ - struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key; - - /** - * The public key of the subject - */ - struct GNUNET_CRYPTO_EcdsaPublicKey subject_key; - - /** - * HTTP response code - */ - int response_code; - - /** - * Timeout - */ - struct GNUNET_TIME_Relative timeout; -}; - - -/** - * Cleanup lookup handle. - * - * @param handle Handle to clean up - */ -static void -cleanup_handle (struct RequestHandle *handle) -{ - GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, - "Cleaning up\n"); - if (NULL != handle->json_root) - json_decref (handle->json_root); - - if (NULL != handle->issuer_attr) - GNUNET_free (handle->issuer_attr); - if (NULL != handle->subject_attr) - GNUNET_free (handle->subject_attr); - if (NULL != handle->verify_request) - GNUNET_CREDENTIAL_request_cancel (handle->verify_request); - if (NULL != handle->credential) - GNUNET_CREDENTIAL_disconnect (handle->credential); - if (NULL != handle->id_op) - GNUNET_IDENTITY_cancel (handle->id_op); - if (NULL != handle->ego_lookup) - GNUNET_IDENTITY_ego_lookup_cancel (handle->ego_lookup); - if (NULL != handle->identity) - GNUNET_IDENTITY_disconnect (handle->identity); - if (NULL != handle->timeout_task) - { - GNUNET_SCHEDULER_cancel (handle->timeout_task); - } - GNUNET_free (handle); -} - - -static void -do_error (void *cls) -{ - struct RequestHandle *handle = cls; - struct MHD_Response *resp; - - resp = GNUNET_REST_create_response (NULL); - handle->proc (handle->proc_cls, resp, handle->response_code); - cleanup_handle (handle); -} - -/** - * Attribute delegation to JSON - * - * @param delegation_chain_entry the DSE - * @return JSON, NULL if failed - */ -static json_t* -attribute_delegation_to_json (struct - GNUNET_CREDENTIAL_Delegation * - delegation_chain_entry) -{ - char *subject; - char *issuer; - json_t *attr_obj; - - issuer = GNUNET_CRYPTO_ecdsa_public_key_to_string ( - &delegation_chain_entry->issuer_key); - if (NULL == issuer) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Issuer in delegation malformed\n"); - return NULL; - } - subject = GNUNET_CRYPTO_ecdsa_public_key_to_string ( - &delegation_chain_entry->subject_key); - if (NULL == subject) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Subject in credential malformed\n"); - GNUNET_free (issuer); - return NULL; - } - attr_obj = json_object (); - - json_object_set_new (attr_obj, "issuer", json_string (issuer)); - json_object_set_new (attr_obj, "issuer_attribute", - json_string (delegation_chain_entry->issuer_attribute)); - - json_object_set_new (attr_obj, "subject", json_string (subject)); - if (0 < delegation_chain_entry->subject_attribute_len) - { - json_object_set_new (attr_obj, "subject_attribute", - json_string ( - delegation_chain_entry->subject_attribute)); - } - GNUNET_free (issuer); - GNUNET_free (subject); - return attr_obj; -} - -/** - * JSONAPI resource to Credential - * - * @param res the JSONAPI resource - * @return the resulting credential, NULL if failed - */ -static struct GNUNET_CREDENTIAL_Credential* -json_to_credential (json_t *res) -{ - struct GNUNET_CREDENTIAL_Credential *cred; - json_t *tmp; - const char *attribute; - const char *signature; - char *sig; - - tmp = json_object_get (res, "attribute"); - if (0 == json_is_string (tmp)) - { - return NULL; - } - attribute = json_string_value (tmp); - cred = GNUNET_malloc (sizeof(struct GNUNET_CREDENTIAL_Credential) - + strlen (attribute)); - cred->issuer_attribute = attribute; - cred->issuer_attribute_len = strlen (attribute); - tmp = json_object_get (res, "issuer"); - if (0 == json_is_string (tmp)) - { - GNUNET_free (cred); - return NULL; - } - - GNUNET_CRYPTO_ecdsa_public_key_from_string (json_string_value (tmp), - strlen (json_string_value (tmp)), - &cred->issuer_key); - tmp = json_object_get (res, "subject"); - if (0 == json_is_string (tmp)) - { - GNUNET_free (cred); - return NULL; - } - GNUNET_CRYPTO_ecdsa_public_key_from_string (json_string_value (tmp), - strlen (json_string_value (tmp)), - &cred->subject_key); - - tmp = json_object_get (res, "signature"); - if (0 == json_is_string (tmp)) - { - GNUNET_free (cred); - return NULL; - } - signature = json_string_value (tmp); - GNUNET_STRINGS_base64_decode (signature, - strlen (signature), - (char**) &sig); - GNUNET_memcpy (&cred->signature, - sig, - sizeof(struct GNUNET_CRYPTO_EcdsaSignature)); - GNUNET_free (sig); - - tmp = json_object_get (res, "expiration"); - if (0 == json_is_integer (tmp)) - { - GNUNET_free (cred); - return NULL; - } - cred->expiration.abs_value_us = json_integer_value (tmp); - return cred; -} - - -/** - * Credential to JSON - * - * @param cred the credential - * @return the resulting json, NULL if failed - */ -static json_t* -credential_to_json (struct GNUNET_CREDENTIAL_Credential *cred) -{ - char *issuer; - char *subject; - char *signature; - char attribute[cred->issuer_attribute_len + 1]; - json_t *cred_obj; - - issuer = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->issuer_key); - if (NULL == issuer) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Issuer in credential malformed\n"); - return NULL; - } - subject = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->subject_key); - if (NULL == subject) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Subject in credential malformed\n"); - GNUNET_free (issuer); - return NULL; - } - GNUNET_STRINGS_base64_encode ((char*) &cred->signature, - sizeof(struct GNUNET_CRYPTO_EcdsaSignature), - &signature); - GNUNET_memcpy (attribute, - cred->issuer_attribute, - cred->issuer_attribute_len); - attribute[cred->issuer_attribute_len] = '\0'; - cred_obj = json_object (); - json_object_set_new (cred_obj, "issuer", json_string (issuer)); - json_object_set_new (cred_obj, "subject", json_string (subject)); - json_object_set_new (cred_obj, "attribute", json_string (attribute)); - json_object_set_new (cred_obj, "signature", json_string (signature)); - json_object_set_new (cred_obj, "expiration", json_integer ( - cred->expiration.abs_value_us)); - GNUNET_free (issuer); - GNUNET_free (subject); - GNUNET_free (signature); - return cred_obj; -} - -static void -handle_collect_response (void *cls, - unsigned int d_count, - struct GNUNET_CREDENTIAL_Delegation *delegation_chain, - unsigned int c_count, - struct GNUNET_CREDENTIAL_Credential *cred) -{ - struct RequestHandle *handle = cls; - struct MHD_Response *resp; - struct GNUNET_JSONAPI_Document *json_document; - struct GNUNET_JSONAPI_Resource *json_resource; - json_t *cred_obj; - json_t *cred_array; - char *result; - char *issuer; - char *id; - uint32_t i; - - handle->verify_request = NULL; - if (NULL == cred) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Verify failed.\n"); - handle->response_code = MHD_HTTP_NOT_FOUND; - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - issuer = GNUNET_CRYPTO_ecdsa_public_key_to_string (&handle->issuer_key); - if (NULL == issuer) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Issuer in delegation malformed\n"); - return; - } - GNUNET_asprintf (&id, - "%s.%s", - issuer, - handle->issuer_attr); - GNUNET_free (issuer); - json_document = GNUNET_JSONAPI_document_new (); - json_resource = GNUNET_JSONAPI_resource_new ( - GNUNET_REST_JSONAPI_CREDENTIAL_TYPEINFO, - id); - GNUNET_free (id); - cred_array = json_array (); - for (i = 0; i < c_count; i++) - { - cred_obj = credential_to_json (&cred[i]); - json_array_append_new (cred_array, cred_obj); - } - GNUNET_JSONAPI_resource_add_attr (json_resource, - GNUNET_REST_JSONAPI_CREDENTIAL, - cred_array); - GNUNET_JSONAPI_document_resource_add (json_document, json_resource); - GNUNET_JSONAPI_document_serialize (json_document, &result); - GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, - "Result %s\n", - result); - json_decref (cred_array); - GNUNET_JSONAPI_document_delete (json_document); - resp = GNUNET_REST_create_response (result); - GNUNET_free (result); - handle->proc (handle->proc_cls, resp, MHD_HTTP_OK); - cleanup_handle (handle); -} - -static void -subject_ego_lookup (void *cls, - const struct GNUNET_IDENTITY_Ego *ego) -{ - struct RequestHandle *handle = cls; - const struct GNUNET_CRYPTO_EcdsaPrivateKey *sub_key; - - handle->ego_lookup = NULL; - - if (NULL == ego) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Subject not found\n"); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - sub_key = GNUNET_IDENTITY_ego_get_private_key (ego); - handle->verify_request = GNUNET_CREDENTIAL_collect (handle->credential, - &handle->issuer_key, - handle->issuer_attr, - sub_key, - &handle_collect_response, - handle); -} - - - -static void -handle_verify_response (void *cls, - unsigned int d_count, - struct GNUNET_CREDENTIAL_Delegation *delegation_chain, - unsigned int c_count, - struct GNUNET_CREDENTIAL_Credential *cred) -{ - struct RequestHandle *handle = cls; - struct MHD_Response *resp; - struct GNUNET_JSONAPI_Document *json_document; - struct GNUNET_JSONAPI_Resource *json_resource; - json_t *cred_obj; - json_t *attr_obj; - json_t *cred_array; - json_t *attr_array; - char *result; - char *issuer; - char *id; - uint32_t i; - - handle->verify_request = NULL; - if (NULL == cred) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Verify failed.\n"); - handle->response_code = MHD_HTTP_NOT_FOUND; - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - issuer = GNUNET_CRYPTO_ecdsa_public_key_to_string (&handle->issuer_key); - if (NULL == issuer) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Issuer in delegation malformed\n"); - return; - } - GNUNET_asprintf (&id, - "%s.%s", - issuer, - handle->issuer_attr); - GNUNET_free (issuer); - json_document = GNUNET_JSONAPI_document_new (); - json_resource = GNUNET_JSONAPI_resource_new ( - GNUNET_REST_JSONAPI_CREDENTIAL_TYPEINFO, - id); - GNUNET_free (id); - attr_array = json_array (); - for (i = 0; i < d_count; i++) - { - attr_obj = attribute_delegation_to_json (&delegation_chain[i]); - json_array_append_new (attr_array, attr_obj); - } - cred_array = json_array (); - for (i = 0; i < c_count; i++) - { - cred_obj = credential_to_json (&cred[i]); - json_array_append_new (cred_array, cred_obj); - } - GNUNET_JSONAPI_resource_add_attr (json_resource, - GNUNET_REST_JSONAPI_CREDENTIAL, - cred_array); - GNUNET_JSONAPI_resource_add_attr (json_resource, - GNUNET_REST_JSONAPI_DELEGATIONS, - attr_array); - GNUNET_JSONAPI_document_resource_add (json_document, json_resource); - GNUNET_JSONAPI_document_serialize (json_document, &result); - GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, - "Result %s\n", - result); - json_decref (attr_array); - json_decref (cred_array); - GNUNET_JSONAPI_document_delete (json_document); - resp = GNUNET_REST_create_response (result); - handle->proc (handle->proc_cls, resp, MHD_HTTP_OK); - GNUNET_free (result); - cleanup_handle (handle); -} - -static void -collect_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle, - const char*url, - void *cls) -{ - struct RequestHandle *handle = cls; - struct GNUNET_HashCode key; - char *tmp; - char *entity_attr; - - GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, - "Connecting...\n"); - handle->credential = GNUNET_CREDENTIAL_connect (cfg); - handle->timeout_task = GNUNET_SCHEDULER_add_delayed (handle->timeout, - &do_error, handle); - GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, - "Connected\n"); - if (NULL == handle->credential) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Connecting to CREDENTIAL failed\n"); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_CREDENTIAL_ISSUER_ATTR, - strlen (GNUNET_REST_JSONAPI_CREDENTIAL_ISSUER_ATTR), - &key); - if (GNUNET_NO == - GNUNET_CONTAINER_multihashmap_contains (conndata_handle->url_param_map, - &key)) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Missing issuer attribute\n"); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - tmp = GNUNET_CONTAINER_multihashmap_get (conndata_handle->url_param_map, - &key); - entity_attr = GNUNET_strdup (tmp); - tmp = strtok (entity_attr, "."); - if (NULL == tmp) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Malformed issuer or attribute\n"); - GNUNET_free (entity_attr); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - if (GNUNET_OK != - GNUNET_CRYPTO_ecdsa_public_key_from_string (tmp, - strlen (tmp), - &handle->issuer_key)) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Malformed issuer key\n"); - GNUNET_free (entity_attr); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - tmp = strtok (NULL, "."); // Issuer attribute - if (NULL == tmp) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Malformed attribute\n"); - GNUNET_free (entity_attr); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - handle->issuer_attr = GNUNET_strdup (tmp); - GNUNET_free (entity_attr); - - GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_EGO, - strlen (GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_EGO), - &key); - if (GNUNET_NO == - GNUNET_CONTAINER_multihashmap_contains (conndata_handle->url_param_map, - &key)) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Missing subject\n"); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - tmp = GNUNET_CONTAINER_multihashmap_get (conndata_handle->url_param_map, - &key); - if (NULL == tmp) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Malformed subject\n"); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - handle->ego_lookup = GNUNET_IDENTITY_ego_lookup (cfg, - tmp, - &subject_ego_lookup, - handle); -} - - - -static void -verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle, - const char*url, - void *cls) -{ - struct RequestHandle *handle = cls; - struct GNUNET_HashCode key; - struct GNUNET_JSONAPI_Document *json_obj; - struct GNUNET_JSONAPI_Resource *res; - struct GNUNET_CREDENTIAL_Credential *cred; - char *tmp; - char *entity_attr; - int i; - uint32_t credential_count; - uint32_t resource_count; - json_t *cred_json; - json_t *data_js; - json_error_t err; - - GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, - "Connecting...\n"); - handle->credential = GNUNET_CREDENTIAL_connect (cfg); - handle->timeout_task = GNUNET_SCHEDULER_add_delayed (handle->timeout, - &do_error, handle); - GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, - "Connected\n"); - if (NULL == handle->credential) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Connecting to CREDENTIAL failed\n"); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_CREDENTIAL_ISSUER_ATTR, - strlen (GNUNET_REST_JSONAPI_CREDENTIAL_ISSUER_ATTR), - &key); - if (GNUNET_NO == - GNUNET_CONTAINER_multihashmap_contains (conndata_handle->url_param_map, - &key)) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Missing issuer attribute\n"); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - tmp = GNUNET_CONTAINER_multihashmap_get (conndata_handle->url_param_map, - &key); - entity_attr = GNUNET_strdup (tmp); - tmp = strtok (entity_attr, "."); - if (NULL == tmp) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Malformed issuer or attribute\n"); - GNUNET_free (entity_attr); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - if (GNUNET_OK != - GNUNET_CRYPTO_ecdsa_public_key_from_string (tmp, - strlen (tmp), - &handle->issuer_key)) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Malformed issuer key\n"); - GNUNET_free (entity_attr); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - tmp = strtok (NULL, "."); // Issuer attribute - if (NULL == tmp) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Malformed attribute\n"); - GNUNET_free (entity_attr); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - handle->issuer_attr = GNUNET_strdup (tmp); - GNUNET_free (entity_attr); - - GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_KEY, - strlen (GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_KEY), - &key); - if (GNUNET_NO == - GNUNET_CONTAINER_multihashmap_contains (conndata_handle->url_param_map, - &key)) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Missing subject key\n"); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - tmp = GNUNET_CONTAINER_multihashmap_get (conndata_handle->url_param_map, - &key); - if (NULL == tmp) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Malformed subject\n"); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - if (GNUNET_OK != - GNUNET_CRYPTO_ecdsa_public_key_from_string (tmp, - strlen (tmp), - &handle->subject_key)) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Malformed subject key\n"); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - - if (0 >= handle->rest_handle->data_size) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Missing credentials\n"); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - - struct GNUNET_JSON_Specification docspec[] = { - GNUNET_JSON_spec_jsonapi_document (&json_obj), - GNUNET_JSON_spec_end () - }; - char term_data[handle->rest_handle->data_size + 1]; - term_data[handle->rest_handle->data_size] = '\0'; - credential_count = 0; - GNUNET_memcpy (term_data, - handle->rest_handle->data, - handle->rest_handle->data_size); - data_js = json_loads (term_data, - JSON_DECODE_ANY, - &err); - GNUNET_assert (GNUNET_OK == GNUNET_JSON_parse (data_js, docspec, - NULL, NULL)); - json_decref (data_js); - if (NULL == json_obj) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Unable to parse JSONAPI Object from %s\n", - term_data); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - - resource_count = GNUNET_JSONAPI_document_resource_count (json_obj); - GNUNET_assert (1 == resource_count); - res = (GNUNET_JSONAPI_document_get_resource (json_obj, 0)); - if (GNUNET_NO == GNUNET_JSONAPI_resource_check_type (res, - GNUNET_REST_JSONAPI_CREDENTIAL_TYPEINFO)) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Resource not a credential!\n"); - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Unable to parse JSONAPI Object from %s\n", - term_data); - GNUNET_JSONAPI_document_delete (json_obj); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - cred_json = GNUNET_JSONAPI_resource_read_attr (res, - GNUNET_REST_JSONAPI_CREDENTIAL); - - GNUNET_assert (json_is_array (cred_json)); - - credential_count = json_array_size (cred_json); - - struct GNUNET_CREDENTIAL_Credential credentials[credential_count]; - for (i = 0; i < credential_count; i++) - { - cred = json_to_credential (json_array_get (cred_json, i)); - if (NULL == cred) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Unable to parse credential!\n"); - continue; - } - GNUNET_memcpy (&credentials[i], - cred, - sizeof(struct GNUNET_CREDENTIAL_Credential)); - credentials[i].issuer_attribute = GNUNET_strdup (cred->issuer_attribute); - GNUNET_free (cred); - } - GNUNET_JSONAPI_document_delete (json_obj); - handle->verify_request = GNUNET_CREDENTIAL_verify (handle->credential, - &handle->issuer_key, - handle->issuer_attr, - &handle->subject_key, - credential_count, - credentials, - &handle_verify_response, - handle); - for (i = 0; i < credential_count; i++) - GNUNET_free ((char*) credentials[i].issuer_attribute); -} - -void -send_cred_response (struct RequestHandle *handle, - struct GNUNET_CREDENTIAL_Credential *cred) -{ - struct MHD_Response *resp; - struct GNUNET_JSONAPI_Document *json_document; - struct GNUNET_JSONAPI_Resource *json_resource; - json_t *cred_obj; - char *result; - char *issuer; - char *subject; - char *signature; - char *id; - - GNUNET_assert (NULL != cred); - issuer = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->issuer_key); - if (NULL == issuer) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Subject malformed\n"); - GNUNET_free (issuer); - return; - } - GNUNET_asprintf (&id, - "%s.%s", - issuer, - (char*) &cred[1]); - subject = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->subject_key); - if (NULL == subject) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Subject malformed\n"); - GNUNET_free (id); - GNUNET_free (issuer); - return; - } - GNUNET_STRINGS_base64_encode ((char*) &cred->signature, - sizeof(struct GNUNET_CRYPTO_EcdsaSignature), - &signature); - json_document = GNUNET_JSONAPI_document_new (); - json_resource = GNUNET_JSONAPI_resource_new ( - GNUNET_REST_JSONAPI_CREDENTIAL_TYPEINFO, - id); - GNUNET_free (id); - cred_obj = json_object (); - json_object_set_new (cred_obj, "issuer", json_string (issuer)); - json_object_set_new (cred_obj, "subject", json_string (subject)); - json_object_set_new (cred_obj, "expiration", json_integer ( - cred->expiration.abs_value_us)); - json_object_set_new (cred_obj, "signature", json_string (signature)); - GNUNET_JSONAPI_resource_add_attr (json_resource, - GNUNET_REST_JSONAPI_CREDENTIAL, - cred_obj); - GNUNET_JSONAPI_document_resource_add (json_document, json_resource); - GNUNET_JSONAPI_document_serialize (json_document, &result); - GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, - "Result %s\n", - result); - json_decref (cred_obj); - GNUNET_JSONAPI_document_delete (json_document); - resp = GNUNET_REST_create_response (result); - handle->proc (handle->proc_cls, resp, MHD_HTTP_OK); - GNUNET_free (result); - GNUNET_free (signature); - GNUNET_free (issuer); - GNUNET_free (subject); - cleanup_handle (handle); -} - -void -get_cred_issuer_cb (void *cls, - struct GNUNET_IDENTITY_Ego *ego, - void **ctx, - const char *name) -{ - struct RequestHandle *handle = cls; - struct GNUNET_TIME_Absolute etime_abs; - struct GNUNET_TIME_Relative etime_rel; - const struct GNUNET_CRYPTO_EcdsaPrivateKey *issuer_key; - struct GNUNET_HashCode key; - struct GNUNET_CREDENTIAL_Credential *cred; - char*expiration_str; - char*tmp; - - handle->id_op = NULL; - - if (NULL == name) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Issuer not configured!\n"); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - - GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, - "Connecting to credential service...\n"); - handle->credential = GNUNET_CREDENTIAL_connect (cfg); - GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, - "Connected\n"); - if (NULL == handle->credential) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Connecting to CREDENTIAL failed\n"); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_CREDENTIAL_EXPIRATION, - strlen (GNUNET_REST_JSONAPI_CREDENTIAL_EXPIRATION), - &key); - if (GNUNET_NO == - GNUNET_CONTAINER_multihashmap_contains ( - handle->rest_handle->url_param_map, - &key)) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Missing expiration\n"); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - expiration_str = GNUNET_CONTAINER_multihashmap_get ( - handle->rest_handle->url_param_map, - &key); - if (NULL == expiration_str) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Expiration malformed\n"); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - - if (GNUNET_OK == GNUNET_STRINGS_fancy_time_to_relative (expiration_str, - &etime_rel)) - { - etime_abs = GNUNET_TIME_relative_to_absolute (etime_rel); - } - else if (GNUNET_OK != GNUNET_STRINGS_fancy_time_to_absolute (expiration_str, - &etime_abs)) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Malformed expiration: %s\n", expiration_str); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_CREDENTIAL_ISSUER_ATTR, - strlen (GNUNET_REST_JSONAPI_CREDENTIAL_ISSUER_ATTR), - &key); - if (GNUNET_NO == - GNUNET_CONTAINER_multihashmap_contains ( - handle->rest_handle->url_param_map, - &key)) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Missing issuer attribute\n"); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - handle->issuer_attr = GNUNET_strdup (GNUNET_CONTAINER_multihashmap_get - (handle->rest_handle->url_param_map, - &key)); - GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_KEY, - strlen (GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_KEY), - &key); - if (GNUNET_NO == - GNUNET_CONTAINER_multihashmap_contains ( - handle->rest_handle->url_param_map, - &key)) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Missing subject\n"); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - tmp = GNUNET_CONTAINER_multihashmap_get (handle->rest_handle->url_param_map, - &key); - if (NULL == tmp) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Malformed subject\n"); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - if (GNUNET_OK != - GNUNET_CRYPTO_ecdsa_public_key_from_string (tmp, - strlen (tmp), - &handle->subject_key)) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Malformed subject key\n"); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - issuer_key = GNUNET_IDENTITY_ego_get_private_key (ego); - cred = GNUNET_CREDENTIAL_credential_issue (issuer_key, - &handle->subject_key, - handle->issuer_attr, - &etime_abs); - if (NULL == cred) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Failed to create credential\n"); - GNUNET_SCHEDULER_add_now (&do_error, handle); - return; - } - send_cred_response (handle, cred); -} - - -static void -issue_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle, - const char*url, - void *cls) -{ - struct RequestHandle *handle = cls; - - handle->identity = GNUNET_IDENTITY_connect (cfg, - NULL, - NULL); - handle->id_op = GNUNET_IDENTITY_get (handle->identity, - "credential-issuer", - &get_cred_issuer_cb, - handle); - handle->timeout_task = GNUNET_SCHEDULER_add_delayed (handle->timeout, - &do_error, - handle); -} - -static void -options_cont (struct GNUNET_REST_RequestHandle *con_handle, - const char*url, - void *cls) -{ - struct MHD_Response *resp; - struct RequestHandle *handle = cls; - - // For GNS, independent of path return all options - resp = GNUNET_REST_create_response (NULL); - MHD_add_response_header (resp, - "Access-Control-Allow-Methods", - MHD_HTTP_METHOD_GET); - handle->proc (handle->proc_cls, - resp, - MHD_HTTP_OK); - cleanup_handle (handle); -} - - -static void -rest_credential_process_request (struct - GNUNET_REST_RequestHandle *conndata_handle, - GNUNET_REST_ResultProcessor proc, - void *proc_cls) -{ - struct RequestHandle *handle = GNUNET_new (struct RequestHandle); - struct GNUNET_REST_RequestHandlerError err; - - handle->timeout = GNUNET_TIME_UNIT_FOREVER_REL; - handle->proc_cls = proc_cls; - handle->proc = proc; - handle->rest_handle = conndata_handle; - - static const struct GNUNET_REST_RequestHandler handlers[] = { - { MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_CREDENTIAL_VERIFY, - &verify_cred_cont }, - { MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_CREDENTIAL_COLLECT, - &collect_cred_cont }, - { MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_CREDENTIAL_ISSUE, - &issue_cred_cont }, - { MHD_HTTP_METHOD_OPTIONS, GNUNET_REST_API_NS_CREDENTIAL, &options_cont }, - GNUNET_REST_HANDLER_END - }; - - if (GNUNET_NO == GNUNET_JSONAPI_handle_request (conndata_handle, - handlers, - &err, - handle)) - { - handle->response_code = err.error_code; - GNUNET_SCHEDULER_add_now (&do_error, handle); - } -} - - -/** - * Entry point for the plugin. - * - * @param cls the "struct GNUNET_NAMESTORE_PluginEnvironment*" - * @return NULL on error, otherwise the plugin context - */ -void * -libgnunet_plugin_rest_credential_init (void *cls) -{ - static struct Plugin plugin; - - cfg = cls; - struct GNUNET_REST_Plugin *api; - - if (NULL != plugin.cfg) - return NULL; /* can only initialize once! */ - memset (&plugin, 0, sizeof(struct Plugin)); - plugin.cfg = cfg; - api = GNUNET_new (struct GNUNET_REST_Plugin); - api->cls = &plugin; - api->name = GNUNET_REST_API_NS_CREDENTIAL; - api->process_request = &rest_credential_process_request; - GNUNET_log (GNUNET_ERROR_TYPE_INFO, - _ ("GNS REST API initialized\n")); - return api; -} - - -/** - * Exit point from the plugin. - * - * @param cls the plugin context (as returned by "init") - * @return always NULL - */ -void * -libgnunet_plugin_rest_credential_done (void *cls) -{ - struct GNUNET_REST_Plugin *api = cls; - struct Plugin *plugin = api->cls; - - plugin->cfg = NULL; - GNUNET_free (api); - GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, - "GNS REST plugin is finished\n"); - return NULL; -} - -/* end of plugin_rest_gns.c */ diff --git a/src/abd/test_credential_collect.sh b/src/abd/test_credential_collect.sh deleted file mode 100755 index 0ae063eda..000000000 --- a/src/abd/test_credential_collect.sh +++ /dev/null @@ -1,47 +0,0 @@ -#!/bin/sh -trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT - -LOCATION=$(which gnunet-config) -if [ -z $LOCATION ] -then - LOCATION="gnunet-config" -fi -$LOCATION --version 1> /dev/null -if test $? != 0 -then - echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX" - exit 77 -fi - -rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f` - -# (1) PKEY1.user -> PKEY2.resu.user -# (2) PKEY2.resu -> PKEY3 -# (3) PKEY3.user -> PKEY4 - - -which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 30" - -TEST_ATTR="test" -TEST_ATTR2="test2" -gnunet-arm -s -c test_credential_lookup.conf -gnunet-identity -C testissuer -c test_credential_lookup.conf -gnunet-identity -C testsubject -c test_credential_lookup.conf -SUBJECT_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep testsubject | awk '{print $3}') -ISSUER_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep testissuer | awk '{print $3}') -#TODO1 Get credential and store it with subject (3) -CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=testissuer --subject=$SUBJECT_KEY --attribute=$TEST_ATTR --ttl=5m -c test_credential_lookup.conf` -$DO_TIMEOUT gnunet-namestore -a -z testsubject -n c1 -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf -CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=testissuer --subject=$SUBJECT_KEY --attribute=$TEST_ATTR2 --ttl=5m -c test_credential_lookup.conf` -$DO_TIMEOUT gnunet-namestore -a -z testsubject -n c2 -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf -CREDS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$ISSUER_KEY --attribute=$TEST_ATTR --ego=testsubject -c test_credential_lookup.conf | paste -d, -s` -echo $CREDS -RES=$? -gnunet-arm -e -c test_credential_lookup.conf - -if test $? != 0 -then - echo "Error collecting..." - exit 1 -fi - diff --git a/src/abd/test_credential_collect_rest.sh b/src/abd/test_credential_collect_rest.sh deleted file mode 100755 index fe59d9399..000000000 --- a/src/abd/test_credential_collect_rest.sh +++ /dev/null @@ -1,91 +0,0 @@ -#!/bin/sh -trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT - -LOCATION=$(which gnunet-config) -if [ -z $LOCATION ] -then - LOCATION="gnunet-config" -fi -$LOCATION --version 1> /dev/null -if test $? != 0 -then - echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX" - exit 77 -fi - -rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f` - -# (1) Service.user -> GNU.project.member -# (2) GNU.project -> GNUnet -# (3) GNUnet.member -> GNUnet.developer -# (4) GNUnet.member -> GNUnet.user -# (5) GNUnet.developer -> Alice - - -which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 30" -gnunet-arm -s -c test_credential_lookup.conf -gnunet-identity -C service -c test_credential_lookup.conf -gnunet-identity -C alice -c test_credential_lookup.conf -gnunet-identity -C gnu -c test_credential_lookup.conf -gnunet-identity -C gnunet -c test_credential_lookup.conf - -GNU_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep gnu | grep -v gnunet | awk '{print $3}') -ALICE_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep alice | awk '{print $3}') -GNUNET_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep gnunet | awk '{print $3}') -SERVICE_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep service | awk '{print $3}') - -USER_ATTR="user" -GNU_PROJECT_ATTR="project" -MEMBER_ATTR="member" -DEVELOPER_ATTR="developer" -DEV_ATTR="developer" -TEST_CREDENTIAL="mygnunetcreds" - -# (1) A service assigns the attribute "user" to all entities that have been assigned "member" by entities that werde assigned "project" from GNU -gnunet-namestore -p -z service -a -n $USER_ATTR -t ATTR -V "$GNU_KEY $GNU_PROJECT_ATTR.$MEMBER_ATTR" -e 5m -c test_credential_lookup.conf - -# (2) GNU recognized GNUnet as a GNU project and delegates the "project" attribute -gnunet-namestore -p -z gnu -a -n $GNU_PROJECT_ATTR -t ATTR -V "$GNUNET_KEY" -e 5m -c test_credential_lookup.conf - -# (3+4) GNUnet assigns the attribute "member" to all entities gnunet has also assigned "developer" or "user" -gnunet-namestore -p -z gnunet -a -n $MEMBER_ATTR -t ATTR -V "$GNUNET_KEY $DEVELOPER_ATTR" -e 5m -c test_credential_lookup.conf -gnunet-namestore -p -z gnunet -a -n $MEMBER_ATTR -t ATTR -V "$GNUNET_KEY $USER_ATTR" -e 5m -c test_credential_lookup.conf - -# (5) GNUnet issues Alice the credential "developer" -CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=gnunet --subject=$ALICE_KEY --attribute=$DEV_ATTR --ttl=5m -c test_credential_lookup.conf` - -# Alice stores the credential under "mygnunetcreds" -gnunet-namestore -p -z alice -a -n $TEST_CREDENTIAL -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf - -# (5) GNUnet issues Alice the credential "developer" -CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=gnunet --subject=$ALICE_KEY --attribute=$USER_ATTR --ttl=5m -c test_credential_lookup.conf` - -# Alice stores the credential under "mygnunetcreds" -gnunet-namestore -p -z alice -a -n $TEST_CREDENTIAL -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf - -#TODO2 Add -z swich like in gnunet-gns -#RES_CRED=`gnunet-credential --collect --issuer=$SERVICE_KEY --attribute=$USER_ATTR --subject=$ALICE_KEY -c test_credential_lookup.conf` - -gnunet-arm -i rest -c test_credential_lookup.conf - -sleep 5 - -curl -v "localhost:7776/credential/collect?attribute=$SERVICE_KEY.$USER_ATTR&subject=alice" - -#TODO cleanup properly -gnunet-namestore -z alice -d -n $TEST_CREDENTIAL -t CRED -e never -c test_credential_lookup.conf -gnunet-namestore -z gnu -d -n $GNU_PROJECT_ATTR -t ATTR -c test_credential_lookup.conf -gnunet-namestore -z gnunet -d -n $MEMBER_ATTR -t ATTR -c test_credential_lookup.conf -gnunet-namestore -z service -d -n $USER_ATTR -t ATTR -c test_credential_lookup.conf -echo "Stopping arm..." -gnunet-arm -e -c test_credential_lookup.conf -echo "Done" -if [ "$RES_CRED" != "Failed." ] -then - # TODO: replace echo -e bashism. - echo -e "${RES_CRED}" - exit 0 -else - echo "FAIL: Failed to verify credential $RES_CRED." - exit 1 -fi diff --git a/src/abd/test_credential_issue_rest.sh b/src/abd/test_credential_issue_rest.sh deleted file mode 100755 index c518c08ec..000000000 --- a/src/abd/test_credential_issue_rest.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/sh -trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT - -LOCATION=$(which gnunet-config) -if [ -z $LOCATION ] -then - LOCATION="gnunet-config" -fi -$LOCATION --version 1> /dev/null -if test $? != 0 -then - echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX" - exit 77 -fi - -rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f` - -# (1) PKEY1.user -> PKEY2.resu.user -# (2) PKEY2.resu -> PKEY3 -# (3) PKEY3.user -> PKEY4 - - -which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 30" - -TEST_ATTR="test" -gnunet-arm -s -c test_credential_lookup.conf -gnunet-arm -i gns -gnunet-arm -i credential -gnunet-arm -i identity -gnunet-arm -i rest -c test_credential_lookup.conf - -gnunet-arm -I -c test_credential_lookup.conf -gnunet-identity -C testissuer -c test_credential_lookup.conf -gnunet-identity -C testsubject -c test_credential_lookup.conf -gnunet-identity -s credential-issuer -e testissuer -SUBJECT_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep testsubject | awk '{print $3}') -ISSUER_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep testissuer | awk '{print $3}') -#TODO1 Get credential and store it with subject (3) -sleep 5 -curl "localhost:7776/credential/issue?subject_key=$SUBJECT_KEY&attribute=$TEST_ATTR&expiration=1d" -#CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=testissuer --subject=$SUBJECT_KEY --attribute=$TEST_ATTR --ttl=5m -c test_credential_lookup.conf` -STATUS=$? - -if test $? != 0 -then - echo "Error issuing..." - exit 1 -fi -#Try import -#$DO_TIMEOUT gnunet-namestore -a -z testsubject -n c1 -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf -RES=$? -gnunet-arm -e -c test_credential_lookup.conf -exit $RES diff --git a/src/abd/test_credential_verify_rest.sh b/src/abd/test_credential_verify_rest.sh deleted file mode 100755 index 99db5da8a..000000000 --- a/src/abd/test_credential_verify_rest.sh +++ /dev/null @@ -1,88 +0,0 @@ -#!/usr/bin/env bash -trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT - -LOCATION=$(which gnunet-config) -if [ -z $LOCATION ] -then - LOCATION="gnunet-config" -fi -$LOCATION --version 1> /dev/null -if test $? != 0 -then - echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX" - exit 77 -fi - -rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f` - -# (1) Service.user -> GNU.project.member -# (2) GNU.project -> GNUnet -# (3) GNUnet.member -> GNUnet.developer -# (4) GNUnet.member -> GNUnet.user -# (5) GNUnet.developer -> Alice - - -which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 30" -gnunet-arm -s -c test_credential_lookup.conf -gnunet-identity -C service -c test_credential_lookup.conf -gnunet-identity -C alice -c test_credential_lookup.conf -gnunet-identity -C gnu -c test_credential_lookup.conf -gnunet-identity -C gnunet -c test_credential_lookup.conf - -GNU_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep gnu | grep -v gnunet | awk '{print $3}') -ALICE_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep alice | awk '{print $3}') -GNUNET_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep gnunet | awk '{print $3}') -SERVICE_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep service | awk '{print $3}') - -USER_ATTR="user" -GNU_PROJECT_ATTR="project" -MEMBER_ATTR="member" -DEVELOPER_ATTR="developer" -DEV_ATTR="developer" -TEST_CREDENTIAL="mygnunetcreds" - -# (1) A service assigns the attribute "user" to all entities that have been assigned "member" by entities that werde assigned "project" from GNU -gnunet-namestore -p -z service -a -n $USER_ATTR -t ATTR -V "$GNU_KEY $GNU_PROJECT_ATTR.$MEMBER_ATTR" -e 5m -c test_credential_lookup.conf - -# (2) GNU recognized GNUnet as a GNU project and delegates the "project" attribute -gnunet-namestore -p -z gnu -a -n $GNU_PROJECT_ATTR -t ATTR -V "$GNUNET_KEY" -e 5m -c test_credential_lookup.conf - -# (3+4) GNUnet assigns the attribute "member" to all entities gnunet has also assigned "developer" or "user" -gnunet-namestore -p -z gnunet -a -n $MEMBER_ATTR -t ATTR -V "$GNUNET_KEY $DEVELOPER_ATTR" -e 5m -c test_credential_lookup.conf -gnunet-namestore -p -z gnunet -a -n $MEMBER_ATTR -t ATTR -V "$GNUNET_KEY $USER_ATTR" -e 5m -c test_credential_lookup.conf - -# (5) GNUnet issues Alice the credential "developer" -CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=gnunet --subject=$ALICE_KEY --attribute=$DEV_ATTR --ttl=5m -c test_credential_lookup.conf` - -# Alice stores the credential under "mygnunetcreds" -gnunet-namestore -p -z alice -a -n $TEST_CREDENTIAL -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf - -#TODO2 Add -z swich like in gnunet-gns -#RES_CRED=`gnunet-credential --verify --issuer=$SERVICE_KEY --attribute=$USER_ATTR --subject=$ALICE_KEY --credential=$TEST_CREDENTIAL -c test_credential_lookup.conf` - -gnunet-arm -i rest -c test_credential_lookup.conf - -sleep 5 - -CREDS=`curl "localhost:7776/credential/collect?attribute=$SERVICE_KEY.$USER_ATTR&subject=alice"` - -echo $CREDS - -curl -v "localhost:7776/credential/verify?attribute=$SERVICE_KEY.$USER_ATTR&subject_key=$ALICE_KEY" --data "$CREDS" - -#TODO cleanup properly -gnunet-namestore -z alice -d -n $TEST_CREDENTIAL -t CRED -e never -c test_credential_lookup.conf -gnunet-namestore -z gnu -d -n $GNU_PROJECT_ATTR -t ATTR -c test_credential_lookup.conf -gnunet-namestore -z gnunet -d -n $MEMBER_ATTR -t ATTR -c test_credential_lookup.conf -gnunet-namestore -z service -d -n $USER_ATTR -t ATTR -c test_credential_lookup.conf -gnunet-arm -e -c test_credential_lookup.conf - -if [ "$RES_CRED" != "Failed." ] -then - # TODO: replace echo -e bashism - echo -e "${RES_CRED}" - exit 0 -else - echo "FAIL: Failed to verify credential $RES_CRED." - exit 1 -fi -- cgit v1.2.3