#include "gnunet_signatures.h"
/**
- * Init flag
+ * return value
*/
-static int init;
+static int ret;
/**
* List attribute flag
*/
static int list;
+/**
+ * Relying party
+ */
+static char* rp;
+
/**
* The attribute
*/
*/
static char* attr_value;
+/**
+ * Attributes to issue
+ */
+static char* issue_attrs;
+
+/**
+ * Ticket to consume
+ */
+static char* consume_ticket;
+
+/**
+ * Attribute type
+ */
+static char* type_str;
+
+/**
+ * Ticket to revoke
+ */
+static char* revoke_ticket;
+
/**
* Ego name
*/
static struct GNUNET_IDENTITY_PROVIDER_Operation *idp_op;
/**
- * Namestore handle
+ * Attribute iterator
*/
-static struct GNUNET_NAMESTORE_Handle *namestore_handle;
+static struct GNUNET_IDENTITY_PROVIDER_AttributeIterator *attr_iterator;
/**
- * Namestore iterator
+ * Master ABE key
*/
-static struct GNUNET_NAMESTORE_ZoneIterator *ns_iterator;
+static struct GNUNET_CRYPTO_AbeMasterKey *abe_key;
/**
- * Namestore queue
+ * ego private key
*/
-static struct GNUNET_NAMESTORE_QueueEntry *ns_qe;
+static const struct GNUNET_CRYPTO_EcdsaPrivateKey *pkey;
/**
- * Master ABE key
+ * rp public key
*/
-static struct GNUNET_CRYPTO_AbeMasterKey *abe_key;
+static struct GNUNET_CRYPTO_EcdsaPublicKey rp_key;
+
+/**
+ * Ticket to consume
+ */
+static struct GNUNET_IDENTITY_PROVIDER_Ticket ticket;
+
+/**
+ * Attribute list
+ */
+static struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attr_list;
+
+/**
+ * Attribute expiration interval
+ */
+static struct GNUNET_TIME_Relative exp_interval;
+
+/**
+ * Timeout task
+ */
+static struct GNUNET_SCHEDULER_Task *timeout;
static void
do_cleanup(void *cls)
{
- if (NULL != ns_qe)
- GNUNET_NAMESTORE_cancel (ns_qe);
- if (NULL != ns_iterator)
- GNUNET_NAMESTORE_zone_iteration_stop (ns_iterator);
- if (NULL != namestore_handle)
- GNUNET_NAMESTORE_disconnect (namestore_handle);
+ if (NULL != timeout)
+ GNUNET_SCHEDULER_cancel (timeout);
+ if (NULL != idp_op)
+ GNUNET_IDENTITY_PROVIDER_cancel (idp_op);
+ if (NULL != attr_iterator)
+ GNUNET_IDENTITY_PROVIDER_get_attributes_stop (attr_iterator);
+ if (NULL != idp_handle)
+ GNUNET_IDENTITY_PROVIDER_disconnect (idp_handle);
if (NULL != identity_handle)
GNUNET_IDENTITY_disconnect (identity_handle);
if (NULL != abe_key)
GNUNET_free (abe_key);
+ if (NULL != attr_list)
+ GNUNET_free (attr_list);
}
static void
-ns_error_cb (void *cls)
+ticket_issue_cb (void* cls,
+ const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket)
{
- ns_qe = NULL;
- GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
- "Failed.");
- do_cleanup(NULL);
- return;
+ char* ticket_str;
+ idp_op = NULL;
+ if (NULL != ticket) {
+ ticket_str = GNUNET_STRINGS_data_to_string_alloc (ticket,
+ sizeof (struct GNUNET_IDENTITY_PROVIDER_Ticket));
+ printf("%s\n",
+ ticket_str);
+ GNUNET_free (ticket_str);
+ }
+ GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
}
static void
int32_t success,
const char*emsg)
{
- ns_qe = NULL;
+ idp_op = NULL;
if (GNUNET_SYSERR == success) {
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"%s\n", emsg);
- } else {
- GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
- "Sucessfully added identity attribute %s=%s\n",
- attr_name, attr_value);
}
GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
}
static void
-store_abe_cont (void *cls,
- int32_t success,
- const char*emsg)
+process_attrs (void *cls,
+ const struct GNUNET_CRYPTO_EcdsaPublicKey *identity,
+ const struct GNUNET_IDENTITY_ATTRIBUTE_Claim *attr)
{
- ns_qe = NULL;
- if (GNUNET_SYSERR == success) {
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- "%s\n", emsg);
- } else {
- GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
- "Bootstrapped ABE master key. Please run command again.\n");
+ char *value_str;
+ if (NULL == identity)
+ {
+ idp_op = NULL;
+ GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
+ return;
}
- GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
+ if (NULL == attr)
+ {
+ ret = 1;
+ return;
+ }
+ value_str = GNUNET_IDENTITY_ATTRIBUTE_value_to_string (attr->type,
+ attr->data,
+ attr->data_size);
+ GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
+ "%s: %s\n", attr->name, value_str);
}
+
static void
iter_error (void *cls)
{
- ns_iterator = NULL;
+ attr_iterator = NULL;
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Failed to iterate over attributes\n");
GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
}
static void
-iter_finished (void *cls)
+timeout_task (void *cls)
{
- ns_iterator = NULL;
+ timeout = NULL;
+ ret = 1;
+ GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
+ "Timeout\n");
GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
}
static void
-iter_cb (void *cls,
- const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone,
- const char *label,
- unsigned int rd_count,
- const struct GNUNET_GNSRECORD_Data *rd)
+process_rvk (void *cls, int success, const char* msg)
{
- struct GNUNET_CRYPTO_AbeKey *key;
- int i;
- char *attr_value;
- char* attrs[2];
- for (i=0;i<rd_count;i++) {
- if (GNUNET_GNSRECORD_TYPE_ID_ATTR != rd[i].record_type)
- continue;
- attrs[0] = (char*)label;
- attrs[1] = 0;
- key = GNUNET_CRYPTO_cpabe_create_key (abe_key,
- attrs);
- GNUNET_CRYPTO_cpabe_decrypt (rd[i].data,
- rd[i].data_size,
- key,
- (void**)&attr_value);
- GNUNET_CRYPTO_cpabe_delete_key (key);
+ idp_op = NULL;
+ if (GNUNET_OK != success)
+ {
GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
- "%s: %s\n", label, attr_value);
+ "Revocation failed.\n");
+ ret = 1;
}
- GNUNET_NAMESTORE_zone_iterator_next (ns_iterator);
+ GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
}
static void
-abe_lookup_cb (void *cls,
- const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone,
- const char *label,
- unsigned int rd_count,
- const struct GNUNET_GNSRECORD_Data *rd)
+iter_finished (void *cls)
{
- struct GNUNET_GNSRECORD_Data new_record;
- struct GNUNET_CRYPTO_AbeMasterKey *new_key;
- int i;
- ssize_t size;
- ns_qe = NULL;
- for (i=0;i<rd_count;i++) {
- if (GNUNET_GNSRECORD_TYPE_ABE_MASTER != rd[i].record_type)
- continue;
- abe_key = GNUNET_CRYPTO_cpabe_deserialize_master_key (rd[i].data,
- rd[i].data_size);
+ struct GNUNET_IDENTITY_ATTRIBUTE_Claim *claim;
+ char *data;
+ size_t data_size;
+ int type;
+
+ attr_iterator = NULL;
+ if (list)
+ {
+ GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
+ return;
}
- if (NULL == abe_key) {
- new_key = GNUNET_CRYPTO_cpabe_create_master_key ();
- size = GNUNET_CRYPTO_cpabe_serialize_master_key (new_key,
- (void**)&new_record.data);
- new_record.data_size = size;
- new_record.record_type = GNUNET_GNSRECORD_TYPE_ABE_MASTER;
- new_record.expiration_time = GNUNET_TIME_UNIT_DAYS.rel_value_us;
- new_record.flags = GNUNET_GNSRECORD_RF_PRIVATE | GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION;
- ns_qe = GNUNET_NAMESTORE_records_store (namestore_handle,
- zone,
- "+",
- 1,
- &new_record,
- &store_abe_cont,
- NULL);
+
+ if (issue_attrs)
+ {
+ idp_op = GNUNET_IDENTITY_PROVIDER_ticket_issue (idp_handle,
+ pkey,
+ &rp_key,
+ attr_list,
+ &ticket_issue_cb,
+ NULL);
return;
}
- if (init) {
- GNUNET_SCHEDULER_add_now (&do_cleanup, NULL);
+ if (consume_ticket)
+ {
+ idp_op = GNUNET_IDENTITY_PROVIDER_ticket_consume (idp_handle,
+ pkey,
+ &ticket,
+ &process_attrs,
+ NULL);
+ timeout = GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_relative_multiply(GNUNET_TIME_UNIT_SECONDS, 10),
+ &timeout_task,
+ NULL);
return;
}
-
- if (list) {
- ns_iterator = GNUNET_NAMESTORE_zone_iteration_start (namestore_handle,
- zone,
- &iter_error,
- NULL,
- &iter_cb,
- NULL,
- &iter_finished,
- NULL);
+ if (revoke_ticket)
+ {
+ idp_op = GNUNET_IDENTITY_PROVIDER_ticket_revoke (idp_handle,
+ pkey,
+ &ticket,
+ &process_rvk,
+ NULL);
return;
}
-
- struct GNUNET_IDENTITY_PROVIDER_Attribute *attr;
- attr = GNUNET_malloc (sizeof (struct GNUNET_IDENTITY_PROVIDER_Attribute) + strlen (attr_value) + 1);
- attr->attribute_type = GNUNET_IDENTITY_PROVIDER_AT_STRING;
- attr->data = &attr[1];
- attr->data_size = strlen (attr_value) + 1;
+ if (NULL == type_str)
+ type = GNUNET_IDENTITY_ATTRIBUTE_TYPE_STRING;
+ else
+ type = GNUNET_IDENTITY_ATTRIBUTE_typename_to_number (type_str);
+
+ GNUNET_assert (GNUNET_SYSERR != GNUNET_IDENTITY_ATTRIBUTE_string_to_value (type,
+ attr_value,
+ (void**)&data,
+ &data_size));
+ claim = GNUNET_IDENTITY_ATTRIBUTE_claim_new (attr_name,
+ type,
+ data,
+ data_size);
idp_op = GNUNET_IDENTITY_PROVIDER_attribute_store (idp_handle,
- zone,
- attr_name,
- attr,
- &store_attr_cont,
- NULL);
+ pkey,
+ claim,
+ &exp_interval,
+ &store_attr_cont,
+ NULL);
+
- /*size = GNUNET_CRYPTO_cpabe_encrypt (attr_value,
- strlen (attr_value) + 1,
- attr_name,
- abe_key,
- (void**)&new_record.data);
- new_record.data_size = size;
- new_record.record_type = GNUNET_GNSRECORD_TYPE_ID_ATTR;
- new_record.expiration_time = GNUNET_TIME_UNIT_HOURS.rel_value_us;
- new_record.flags = GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION;
-
- ns_qe = GNUNET_NAMESTORE_records_store (namestore_handle,
- zone,
- attr_name,
- 1,
- &new_record,
- &store_attr_cont,
- NULL);*/
+}
+
+static void
+iter_cb (void *cls,
+ const struct GNUNET_CRYPTO_EcdsaPublicKey *identity,
+ const struct GNUNET_IDENTITY_ATTRIBUTE_Claim *attr)
+{
+ struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry *le;
+ char *attrs_tmp;
+ char *attr_str;
+
+ if (issue_attrs)
+ {
+ attrs_tmp = GNUNET_strdup (issue_attrs);
+ attr_str = strtok (attrs_tmp, ",");
+ while (NULL != attr_str) {
+ if (0 != strcmp (attr_str, attr->name)) {
+ attr_str = strtok (NULL, ",");
+ continue;
+ }
+ le = GNUNET_new (struct GNUNET_IDENTITY_ATTRIBUTE_ClaimListEntry);
+ le->claim = GNUNET_IDENTITY_ATTRIBUTE_claim_new (attr->name,
+ attr->type,
+ attr->data,
+ attr->data_size);
+ GNUNET_CONTAINER_DLL_insert (attr_list->list_head,
+ attr_list->list_tail,
+ le);
+ break;
+ }
+ GNUNET_free (attrs_tmp);
+ } else if (list) {
+ GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
+ "%s: %s\n", attr->name, (char*)attr->data);
+ }
+ GNUNET_IDENTITY_PROVIDER_get_attributes_next (attr_iterator);
}
static void
void **ctx,
const char *name)
{
- const struct GNUNET_CRYPTO_EcdsaPrivateKey *pkey;
if (NULL == name)
return;
if (0 != strcmp (name, ego_name))
return;
pkey = GNUNET_IDENTITY_ego_get_private_key (ego);
- ns_qe = GNUNET_NAMESTORE_records_lookup (namestore_handle,
- pkey,
- "+",
- &ns_error_cb,
- NULL,
- &abe_lookup_cb,
- NULL);
+
+ if (NULL != rp)
+ GNUNET_CRYPTO_ecdsa_public_key_from_string (rp,
+ strlen (rp),
+ &rp_key);
+ if (NULL != consume_ticket)
+ GNUNET_STRINGS_string_to_data (consume_ticket,
+ strlen (consume_ticket),
+ &ticket,
+ sizeof (struct GNUNET_IDENTITY_PROVIDER_Ticket));
+ if (NULL != revoke_ticket)
+ GNUNET_STRINGS_string_to_data (revoke_ticket,
+ strlen (revoke_ticket),
+ &ticket,
+ sizeof (struct GNUNET_IDENTITY_PROVIDER_Ticket));
+
+
+ attr_list = GNUNET_new (struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList);
+
+ attr_iterator = GNUNET_IDENTITY_PROVIDER_get_attributes_start (idp_handle,
+ pkey,
+ &iter_error,
+ NULL,
+ &iter_cb,
+ NULL,
+ &iter_finished,
+ NULL);
+
+
}
static void
const char *cfgfile,
const struct GNUNET_CONFIGURATION_Handle *c)
{
-
+ ret = 0;
if (NULL == ego_name)
{
GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
return;
}
- if ((NULL == attr_name) && !list && !init)
- {
- return;
- }
- if ((NULL == attr_value) && !list && !init)
- {
- GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
- _("Value is required\n"));
- return;
- }
-
- namestore_handle = GNUNET_NAMESTORE_connect (c);
idp_handle = GNUNET_IDENTITY_PROVIDER_connect (c);
//Get Ego
identity_handle = GNUNET_IDENTITY_connect (c,
int
main(int argc, char *const argv[])
{
+ exp_interval = GNUNET_TIME_UNIT_HOURS;
struct GNUNET_GETOPT_CommandLineOption options[] = {
GNUNET_GETOPT_option_string ('a',
NULL,
gettext_noop ("Ego"),
&ego_name),
+ GNUNET_GETOPT_option_string ('r',
+ "rp",
+ NULL,
+ gettext_noop ("Audience (relying party)"),
+ &rp),
GNUNET_GETOPT_option_flag ('D',
"dump",
gettext_noop ("List attributes for Ego"),
&list),
- GNUNET_GETOPT_option_flag ('i',
- "init",
- gettext_noop ("Initialize attribute store"),
- &init),
+ GNUNET_GETOPT_option_string ('i',
+ "issue",
+ NULL,
+ gettext_noop ("Issue a ticket"),
+ &issue_attrs),
+ GNUNET_GETOPT_option_string ('C',
+ "consume",
+ NULL,
+ gettext_noop ("Consume a ticket"),
+ &consume_ticket),
+ GNUNET_GETOPT_option_string ('R',
+ "revoke",
+ NULL,
+ gettext_noop ("Revoke a ticket"),
+ &revoke_ticket),
+ GNUNET_GETOPT_option_string ('t',
+ "type",
+ NULL,
+ gettext_noop ("Type of attribute"),
+ &type_str),
+ GNUNET_GETOPT_option_relative_time ('E',
+ "expiration",
+ NULL,
+ gettext_noop ("Expiration interval of the attribute"),
+ &exp_interval),
+
GNUNET_GETOPT_OPTION_END
};
- return GNUNET_PROGRAM_run (argc, argv, "ct",
- "ct", options,
- &run, NULL);
+ if (GNUNET_OK != GNUNET_PROGRAM_run (argc, argv, "ct",
+ "ct", options,
+ &run, NULL))
+ return 1;
+ else
+ return ret;
}