first batch of license fixes (boring)
[oweals/gnunet.git] / src / credential / credential_api.c
index 1efe2d0892dcc76f3588ca06553cf655269f6ea2..122d6a5036c125f5bb7da552d6874c2ecee22364 100644 (file)
@@ -2,25 +2,20 @@
      This file is part of GNUnet.
      Copyright (C) 2009-2013, 2016 GNUnet e.V.
 
-     GNUnet is free software; you can redistribute it and/or modify
-     it under the terms of the GNU General Public License as published
-     by the Free Software Foundation; either version 3, or (at your
-     option) any later version.
+     GNUnet is free software: you can redistribute it and/or modify it
+     under the terms of the GNU General Public License as published
+     by the Free Software Foundation, either version 3 of the License,
+     or (at your option) any later version.
 
      GNUnet is distributed in the hope that it will be useful, but
      WITHOUT ANY WARRANTY; without even the implied warranty of
      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-     General Public License for more details.
-
-     You should have received a copy of the GNU General Public License
-     along with GNUnet; see the file COPYING.  If not, write to the
-     Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
-     Boston, MA 02110-1301, USA.
+     Affero General Public License for more details.
 */
 /**
  * @file credential/credential_api.c
  * @brief library to access the CREDENTIAL service
- * @author Adnan Husain
+ * @author Martin Schanzenbach
  */
 #include "platform.h"
 #include "gnunet_util_lib.h"
@@ -28,7 +23,9 @@
 #include "gnunet_arm_service.h"
 #include "gnunet_hello_lib.h"
 #include "gnunet_protocols.h"
+#include "gnunet_signatures.h"
 #include "credential.h"
+#include "credential_serialization.h"
 #include "gnunet_credential_service.h"
 #include "gnunet_identity_service.h"
 
 #define LOG(kind,...) GNUNET_log_from (kind, "credential-api",__VA_ARGS__)
 
 /**
- * Handle to a lookup request
+ * Handle to a verify request
  */
-struct GNUNET_CREDENTIAL_LookupRequest
+struct GNUNET_CREDENTIAL_Request
 {
 
   /**
    * DLL
    */
-  struct GNUNET_CREDENTIAL_LookupRequest *next;
+  struct GNUNET_CREDENTIAL_Request *next;
 
   /**
    * DLL
    */
-  struct GNUNET_CREDENTIAL_LookupRequest *prev;
+  struct GNUNET_CREDENTIAL_Request *prev;
 
   /**
    * handle to credential service
@@ -57,12 +54,12 @@ struct GNUNET_CREDENTIAL_LookupRequest
   struct GNUNET_CREDENTIAL_Handle *credential_handle;
 
   /**
-   * processor to call on lookup result
+   * processor to call on verify result
    */
-  GNUNET_CREDENTIAL_LookupResultProcessor lookup_proc;
+  GNUNET_CREDENTIAL_CredentialResultProcessor verify_proc;
 
   /**
-   * @e lookup_proc closure
+   * @e verify_proc closure
    */
   void *proc_cls;
 
@@ -96,14 +93,14 @@ struct GNUNET_CREDENTIAL_Handle
   struct GNUNET_MQ_Handle *mq;
 
   /**
-   * Head of linked list of active lookup requests.
+   * Head of linked list of active verify requests.
    */
-  struct GNUNET_CREDENTIAL_LookupRequest *lookup_head;
+  struct GNUNET_CREDENTIAL_Request *request_head;
 
   /**
-   * Tail of linked list of active lookup requests.
+   * Tail of linked list of active verify requests.
    */
-  struct GNUNET_CREDENTIAL_LookupRequest *lookup_tail;
+  struct GNUNET_CREDENTIAL_Request *request_tail;
 
   /**
    * Reconnect task
@@ -183,16 +180,15 @@ mq_error_handler (void *cls,
   force_reconnect (handle);
 }
 
-
 /**
  * Check validity of message received from the CREDENTIAL service
  *
  * @param cls the `struct GNUNET_CREDENTIAL_Handle *`
- * @param loookup_msg the incoming message
+ * @param vr_msg the incoming message
  */
 static int
 check_result (void *cls,
-              const struct LookupResultMessage *lookup_msg)
+              const struct DelegationChainResultMessage *vr_msg)
 {
   //TODO
   return GNUNET_OK;
@@ -203,45 +199,58 @@ check_result (void *cls,
  * Handler for messages received from the CREDENTIAL service
  *
  * @param cls the `struct GNUNET_CREDENTIAL_Handle *`
- * @param loookup_msg the incoming message
+ * @param vr_msg the incoming message
  */
 static void
 handle_result (void *cls,
-               const struct LookupResultMessage *lookup_msg)
+               const struct DelegationChainResultMessage *vr_msg)
 {
   struct GNUNET_CREDENTIAL_Handle *handle = cls;
-  uint32_t cd_count = ntohl (lookup_msg->cd_count);
-  struct GNUNET_CREDENTIAL_RecordData cd[cd_count];
-  uint32_t r_id = ntohl (lookup_msg->id);
-  struct GNUNET_CREDENTIAL_LookupRequest *lr;
-  GNUNET_CREDENTIAL_LookupResultProcessor proc;
+  uint32_t r_id = ntohl (vr_msg->id);
+  struct GNUNET_CREDENTIAL_Request *vr;
+  size_t mlen = ntohs (vr_msg->header.size) - sizeof (*vr_msg);
+  uint32_t d_count = ntohl (vr_msg->d_count);
+  uint32_t c_count = ntohl (vr_msg->c_count);
+  struct GNUNET_CREDENTIAL_Delegation d_chain[d_count];
+  struct GNUNET_CREDENTIAL_Credential creds[c_count];
+  GNUNET_CREDENTIAL_CredentialResultProcessor proc;
   void *proc_cls;
 
   LOG (GNUNET_ERROR_TYPE_DEBUG,
-       "Received lookup reply from CREDENTIAL service (%u credentials)\n",
-       (unsigned int) cd_count);
-  for (lr = handle->lookup_head; NULL != lr; lr = lr->next)
-    if (lr->r_id == r_id)
+       "Received verify reply from CREDENTIAL service\n");
+  for (vr = handle->request_head; NULL != vr; vr = vr->next)
+    if (vr->r_id == r_id)
       break;
-  if (NULL == lr)
+  if (NULL == vr)
     return;
-  proc = lr->lookup_proc;
-  proc_cls = lr->proc_cls;
-  GNUNET_CONTAINER_DLL_remove (handle->lookup_head,
-                               handle->lookup_tail,
-                               lr);
-  GNUNET_free (lr);
-  /**
+  proc = vr->verify_proc;
+  proc_cls = vr->proc_cls;
+  GNUNET_CONTAINER_DLL_remove (handle->request_head,
+                               handle->request_tail,
+                               vr);
+  GNUNET_MQ_discard (vr->env);
+  GNUNET_free (vr);
   GNUNET_assert (GNUNET_OK ==
-                 GNUNET_CREDENTIAL_records_deserialize (mlen,
-                                                       (const char*) &lookup_msg[1],
-                                                       rd_count,
-                                                         rd));
-                                                         */
-  proc (proc_cls,
-        NULL,
-        cd_count,
-        cd); // TODO
+                 GNUNET_CREDENTIAL_delegation_chain_deserialize (mlen,
+                                                                 (const char*) &vr_msg[1],
+                                                                 d_count,
+                                                                 d_chain,
+                                                                 c_count,
+                                                                 creds));
+  if (GNUNET_NO == ntohl (vr_msg->cred_found))
+  {
+    proc (proc_cls,
+          0,
+          NULL,
+          0,
+          NULL); // TODO
+  } else {
+    proc (proc_cls,
+          d_count,
+          d_chain,
+          c_count,
+          creds);
+  }
 }
 
 
@@ -255,26 +264,30 @@ reconnect (struct GNUNET_CREDENTIAL_Handle *handle)
 {
   struct GNUNET_MQ_MessageHandler handlers[] = {
     GNUNET_MQ_hd_var_size (result,
-                           GNUNET_MESSAGE_TYPE_CREDENTIAL_LOOKUP_RESULT,
-                           struct LookupResultMessage,
-                           NULL),
+                           GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT,
+                           struct DelegationChainResultMessage,
+                           handle),
+    GNUNET_MQ_hd_var_size (result,
+                           GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT_RESULT,
+                           struct DelegationChainResultMessage,
+                           handle),
     GNUNET_MQ_handler_end ()
   };
-  struct GNUNET_CREDENTIAL_LookupRequest *lh;
+  struct GNUNET_CREDENTIAL_Request *vr;
 
   GNUNET_assert (NULL == handle->mq);
   LOG (GNUNET_ERROR_TYPE_DEBUG,
        "Trying to connect to CREDENTIAL\n");
-  handle->mq = GNUNET_CLIENT_connecT (handle->cfg,
+  handle->mq = GNUNET_CLIENT_connect (handle->cfg,
                                       "credential",
                                       handlers,
                                       &mq_error_handler,
                                       handle);
   if (NULL == handle->mq)
     return;
-  for (lh = handle->lookup_head; NULL != lh; lh = lh->next)
+  for (vr = handle->request_head; NULL != vr; vr = vr->next)
     GNUNET_MQ_send_copy (handle->mq,
-                         lh->env);
+                         vr->env);
 }
 
 
@@ -319,23 +332,23 @@ GNUNET_CREDENTIAL_disconnect (struct GNUNET_CREDENTIAL_Handle *handle)
     GNUNET_SCHEDULER_cancel (handle->reconnect_task);
     handle->reconnect_task = NULL;
   }
-  GNUNET_assert (NULL == handle->lookup_head);
+  GNUNET_assert (NULL == handle->request_head);
   GNUNET_free (handle);
 }
 
 
 /**
- * Cancel pending lookup request
+ * Cancel pending verify request
  *
- * @param lr the lookup request to cancel
+ * @param lr the verify request to cancel
  */
 void
-GNUNET_CREDENTIAL_lookup_cancel (struct GNUNET_CREDENTIAL_LookupRequest *lr)
+GNUNET_CREDENTIAL_request_cancel (struct GNUNET_CREDENTIAL_Request *lr)
 {
   struct GNUNET_CREDENTIAL_Handle *handle = lr->credential_handle;
 
-  GNUNET_CONTAINER_DLL_remove (handle->lookup_head,
-                               handle->lookup_tail,
+  GNUNET_CONTAINER_DLL_remove (handle->request_head,
+                               handle->request_tail,
                                lr);
   GNUNET_MQ_discard (lr->env);
   GNUNET_free (lr);
@@ -343,68 +356,151 @@ GNUNET_CREDENTIAL_lookup_cancel (struct GNUNET_CREDENTIAL_LookupRequest *lr)
 
 
 /**
- * Perform an asynchronous lookup operation for a credential.
+ * Performs attribute collection.
+ * Collects all credentials of subject to fulfill the 
+ * attribute, if possible
  *
  * @param handle handle to the Credential service
- * @param credential the credential to look up
- * @param subject Ego to check the credential for
+ * @param issuer_key the issuer public key
+ * @param issuer_attribute the issuer attribute
+ * @param subject_key the subject public key
  * @param proc function to call on result
  * @param proc_cls closure for processor
  * @return handle to the queued request
  */
-struct GNUNET_CREDENTIAL_LookupRequest*
-GNUNET_CREDENTIAL_lookup (struct GNUNET_CREDENTIAL_Handle *handle,
-                          const char *credential,
-                          const struct GNUNET_IDENTITY_Ego *subject,
-                          const struct GNUNET_CRYPTO_EcdsaPublicKey *subject_key,
+struct GNUNET_CREDENTIAL_Request*
+GNUNET_CREDENTIAL_collect (struct GNUNET_CREDENTIAL_Handle *handle,
+                           const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
+                           const char *issuer_attribute,
+                           const struct GNUNET_CRYPTO_EcdsaPrivateKey *subject_key,
+                           GNUNET_CREDENTIAL_CredentialResultProcessor proc,
+                           void *proc_cls)
+{
+  /* IPC to shorten credential names, return shorten_handle */
+  struct CollectMessage *c_msg;
+  struct GNUNET_CREDENTIAL_Request *vr;
+  size_t nlen;
+
+  if (NULL == issuer_attribute)
+  {
+    GNUNET_break (0);
+    return NULL;
+  }
+
+  //DEBUG LOG
+  LOG (GNUNET_ERROR_TYPE_DEBUG,
+       "Trying to collect `%s' in CREDENTIAL\n",
+       issuer_attribute);
+  nlen = strlen (issuer_attribute) + 1;
+  if (nlen >= GNUNET_MAX_MESSAGE_SIZE - sizeof (*vr))
+  {
+    GNUNET_break (0);
+    return NULL;
+  }
+  vr = GNUNET_new (struct GNUNET_CREDENTIAL_Request);
+  vr->credential_handle = handle;
+  vr->verify_proc = proc;
+  vr->proc_cls = proc_cls;
+  vr->r_id = handle->r_id_gen++;
+  vr->env = GNUNET_MQ_msg_extra (c_msg,
+                                 nlen,
+                                 GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT);
+  c_msg->id = htonl (vr->r_id);
+  c_msg->subject_key = *subject_key;
+  c_msg->issuer_key =  *issuer_key;
+  c_msg->issuer_attribute_len = htons(strlen(issuer_attribute));
+  GNUNET_memcpy (&c_msg[1],
+                 issuer_attribute,
+                 strlen (issuer_attribute));
+  GNUNET_CONTAINER_DLL_insert (handle->request_head,
+                               handle->request_tail,
+                               vr);
+  if (NULL != handle->mq)
+    GNUNET_MQ_send_copy (handle->mq,
+                         vr->env);
+  return vr;
+}
+/**
+ * Performs attribute verification.
+ * Checks if there is a delegation chain from
+ * attribute ``issuer_attribute'' issued by the issuer
+ * with public key ``issuer_key'' maps to the attribute
+ * ``subject_attribute'' claimed by the subject with key
+ * ``subject_key''
+ *
+ * @param handle handle to the Credential service
+ * @param issuer_key the issuer public key
+ * @param issuer_attribute the issuer attribute
+ * @param subject_key the subject public key
+ * @param credential_count number of credentials provided
+ * @param credentials subject credentials
+ * @param proc function to call on result
+ * @param proc_cls closure for processor
+ * @return handle to the queued request
+ */
+struct GNUNET_CREDENTIAL_Request*
+GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle,
                           const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
-                          uint32_t credential_flags,
-                          uint32_t max_delegation_depth,
-                          GNUNET_CREDENTIAL_LookupResultProcessor proc,
+                          const char *issuer_attribute,
+                          const struct GNUNET_CRYPTO_EcdsaPublicKey *subject_key,
+                          uint32_t credential_count,
+                          const struct GNUNET_CREDENTIAL_Credential *credentials,
+                          GNUNET_CREDENTIAL_CredentialResultProcessor proc,
                           void *proc_cls)
 {
   /* IPC to shorten credential names, return shorten_handle */
-  struct LookupMessage *lookup_msg;
-  struct GNUNET_CREDENTIAL_LookupRequest *lr;
+  struct VerifyMessage *v_msg;
+  struct GNUNET_CREDENTIAL_Request *vr;
   size_t nlen;
+  size_t clen;
 
-  if (NULL == credential)
+  if (NULL == issuer_attribute || NULL == credentials)
   {
     GNUNET_break (0);
     return NULL;
   }
+
+  clen = GNUNET_CREDENTIAL_credentials_get_size (credential_count,
+                                                 credentials);
+
   //DEBUG LOG
   LOG (GNUNET_ERROR_TYPE_DEBUG,
-       "Trying to lookup `%s' in CREDENTIAL\n",
-       credential);
-  nlen = strlen (credential) + 1;
-  if (nlen >= GNUNET_SERVER_MAX_MESSAGE_SIZE - sizeof (*lr))
+       "Trying to verify `%s' in CREDENTIAL\n",
+       issuer_attribute);
+  nlen = strlen (issuer_attribute) + 1 + clen;
+  if (nlen >= GNUNET_MAX_MESSAGE_SIZE - sizeof (*vr))
   {
     GNUNET_break (0);
     return NULL;
   }
-  lr = GNUNET_new (struct GNUNET_CREDENTIAL_LookupRequest);
-  lr->credential_handle = handle;
-  lr->lookup_proc = proc;
-  lr->proc_cls = proc_cls;
-  lr->r_id = handle->r_id_gen++;
-  lr->env = GNUNET_MQ_msg_extra (lookup_msg,
+  vr = GNUNET_new (struct GNUNET_CREDENTIAL_Request);
+  vr->credential_handle = handle;
+  vr->verify_proc = proc;
+  vr->proc_cls = proc_cls;
+  vr->r_id = handle->r_id_gen++;
+  vr->env = GNUNET_MQ_msg_extra (v_msg,
                                  nlen,
-                                 GNUNET_MESSAGE_TYPE_CREDENTIAL_LOOKUP);
-  lookup_msg->id = htonl (lr->r_id);
-  lookup_msg->subject_key = *subject_key;
-  lookup_msg->issuer_key =  *issuer_key;
-  GNUNET_memcpy (&lookup_msg[1],
-                 credential,
-                 nlen);
-  GNUNET_CONTAINER_DLL_insert (handle->lookup_head,
-                               handle->lookup_tail,
-                               lr);
+                                 GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY);
+  v_msg->id = htonl (vr->r_id);
+  v_msg->subject_key = *subject_key;
+  v_msg->c_count = htonl(credential_count);
+  v_msg->issuer_key =  *issuer_key;
+  v_msg->issuer_attribute_len = htons(strlen(issuer_attribute));
+  GNUNET_memcpy (&v_msg[1],
+                 issuer_attribute,
+                 strlen (issuer_attribute));
+  GNUNET_CREDENTIAL_credentials_serialize (credential_count,
+                                           credentials,
+                                           clen,
+                                           ((char*)&v_msg[1])
+                                           + strlen (issuer_attribute) + 1);
+  GNUNET_CONTAINER_DLL_insert (handle->request_head,
+                               handle->request_tail,
+                               vr);
   if (NULL != handle->mq)
     GNUNET_MQ_send_copy (handle->mq,
-                         lr->env);
-  return lr;
+                         vr->env);
+  return vr;
 }
 
-
 /* end of credential_api.c */