This file is part of GNUnet
Copyright (C) 2012-2014 GNUnet e.V.
- GNUnet is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published
- by the Free Software Foundation; either version 3, or (at your
- option) any later version.
+ GNUnet is free software: you can redistribute it and/or modify it
+ under the terms of the GNU Affero General Public License as published
+ by the Free Software Foundation, either version 3 of the License,
+ or (at your option) any later version.
GNUnet is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- General Public License for more details.
+ Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
- You should have received a copy of the GNU General Public License
- along with GNUnet; see the file COPYING. If not, write to the
- Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
- Boston, MA 02110-1301, USA.
+ SPDX-License-Identifier: AGPL3.0-or-later
*/
/**
* @author Martin Schanzenbach
- * @author Adnan Husain
*
* @file
* API to the Credential service
GNUNET_NETWORK_STRUCT_BEGIN
/**
- * The credential record
+ * The attribute delegation record
*/
-struct GNUNET_CREDENTIAL_CredentialRecordData {
-
+struct GNUNET_CREDENTIAL_DelegationRecord {
+
/**
- * Public key of the subject this credential was issued to
+ * Number of delegation sets in this record
*/
- struct GNUNET_CRYPTO_EcdsaPublicKey subject_key;
-
+ uint32_t set_count;
+
/**
- * Public key of the issuer
+ * Length of delegation sets
*/
- struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key;
+ uint64_t data_size;
+ /**
+ * Followed by set_count DelegationSetRecords
+ *
+ */
+};
+
+/**
+ * The attribute delegation record
+ */
+struct GNUNET_CREDENTIAL_DelegationRecordSet {
/**
- * Flags for this credential
+ * Public key of the subject this attribute was delegated to
*/
- uint32_t credential_flags GNUNET_PACKED;
+ struct GNUNET_CRYPTO_EcdsaPublicKey subject_key;
/**
- * Expiration time of this credential
+ * Length of attribute, may be 0
*/
- uint64_t expiration GNUNET_PACKED;
-
+ uint32_t subject_attribute_len;
+};
+
+
+GNUNET_NETWORK_STRUCT_END
+
+/**
+ * The attribute delegation record
+ */
+struct GNUNET_CREDENTIAL_DelegationSet {
+
/**
- * The signature for this credential by the issuer
+ * Public key of the subject this attribute was delegated to
*/
- struct GNUNET_CRYPTO_EcdsaSignature sig;
-
+ struct GNUNET_CRYPTO_EcdsaPublicKey subject_key;
+
+ uint32_t subject_attribute_len;
+
/**
- * Followed by the attribute string
+ * The subject attribute
*/
+ const char *subject_attribute;
};
/**
- * The attribute delegation record
-*/
-struct GNUNET_CREDENTIAL_AttributeRecordData {
-
+ * A delegation
+ */
+struct GNUNET_CREDENTIAL_Delegation {
+
+ /**
+ * The issuer of the delegation
+ */
+ struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key;
+
/**
* Public key of the subject this attribute was delegated to
*/
struct GNUNET_CRYPTO_EcdsaPublicKey subject_key;
-
+
+ /**
+ * Length of the attribute
+ */
+ uint32_t issuer_attribute_len;
+
/**
- * Followed by the attribute that was delegated to as string
- * May be empty
+ * The attribute
*/
+ const char *issuer_attribute;
+
+ /**
+ * Length of the attribute
+ */
+ uint32_t subject_attribute_len;
+
+ /**
+ * The attribute
+ */
+ const char *subject_attribute;
};
+/**
+ * A credential
+ */
+struct GNUNET_CREDENTIAL_Credential {
-GNUNET_NETWORK_STRUCT_END
+ /**
+ * The issuer of the credential
+ */
+ struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key;
+
+ /**
+ * Public key of the subject this credential was issued to
+ */
+ struct GNUNET_CRYPTO_EcdsaPublicKey subject_key;
+
+ /**
+ * Signature of this credential
+ */
+ struct GNUNET_CRYPTO_EcdsaSignature signature;
+
+ /**
+ * Expiration of this credential
+ */
+ struct GNUNET_TIME_Absolute expiration;
+
+ /**
+ * Length of the attribute
+ */
+ uint32_t issuer_attribute_len;
+
+ /**
+ * The attribute
+ */
+ const char *issuer_attribute;
+
+};
* Iterator called on obtained result for an attribute verification.
*
* @param cls closure
- * @param issuer the issuer of the attribute NULL if verification failed
- * @param result the result of the verification
- * @param rd the records in reply
- */
-typedef void (*GNUNET_CREDENTIAL_VerifyResultProcessor) (void *cls,
- struct GNUNET_CRYPTO_EcdsaPublicKey *issuer,
- uint32_t result);
-
-/**
- * Iterator called on obtained result for an attribute issuance.
- *
- * @param cls closure
- * @param result the record data that can be handed to the subject
+ * @param d_count the number of delegations processed
+ * @param delegation_chain the delegations processed
+ * @param c_count the number of credentials found
+ * @param credential the credentials
*/
-typedef void (*GNUNET_CREDENTIAL_IssueResultProcessor) (void *cls,
- struct GNUNET_CREDENTIAL_AttributeRecordData *data);
+typedef void (*GNUNET_CREDENTIAL_CredentialResultProcessor) (void *cls,
+ unsigned int d_count,
+ struct GNUNET_CREDENTIAL_Delegation *delegation_chain,
+ unsigned int c_count,
+ struct GNUNET_CREDENTIAL_Credential *credential);
/**
* Iterator called on obtained result for an attribute delegation.
* @param result the record data that can be handed to the subject
*/
typedef void (*GNUNET_CREDENTIAL_DelegateResultProcessor) (void *cls,
- uint32_t success);
+ uint32_t success);
/**
* Iterator called on obtained result for an attribute delegation removal.
* @param result the record data that can be handed to the subject
*/
typedef void (*GNUNET_CREDENTIAL_RemoveDelegateResultProcessor) (void *cls,
- uint32_t success);
-
-
+ uint32_t success);
/**
* @param issuer_key the issuer public key
* @param issuer_attribute the issuer attribute
* @param subject_key the subject public key
- * @param subject_attribute the attribute claimed by the subject
+ * @param credential_count number of credentials
+ * @param credentials the subject credentials
* @param proc function to call on result
* @param proc_cls closure for processor
* @return handle to the queued request
const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
const char *issuer_attribute,
const struct GNUNET_CRYPTO_EcdsaPublicKey *subject_key,
- const char *subject_attribute,
- GNUNET_CREDENTIAL_VerifyResultProcessor proc,
+ uint32_t credential_count,
+ const struct GNUNET_CREDENTIAL_Credential *credentials,
+ GNUNET_CREDENTIAL_CredentialResultProcessor proc,
void *proc_cls);
+struct GNUNET_CREDENTIAL_Request*
+GNUNET_CREDENTIAL_collect (struct GNUNET_CREDENTIAL_Handle *handle,
+ const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key,
+ const char *issuer_attribute,
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *subject_key,
+ GNUNET_CREDENTIAL_CredentialResultProcessor proc,
+ void *proc_cls);
+
/**
* Delegate an attribute
*
* @param attribute the name of the attribute to delegate
* @param subject the subject of the delegation
* @param delegated_attribute the name of the attribute that is delegated to
+ * @param proc the result callback
+ * @param proc_cls the result closure context
* @return handle to the queued request
*/
struct GNUNET_CREDENTIAL_Request *
* @param handle handle to the Credential service
* @param issuer the ego that was used to delegate the attribute
* @param attribute the name of the attribute that is delegated
+ * @param proc the callback
+ * @param proc_cls callback closure
* @return handle to the queued request
*/
struct GNUNET_CREDENTIAL_Request *
GNUNET_CREDENTIAL_remove_delegation (struct GNUNET_CREDENTIAL_Handle *handle,
- struct GNUNET_IDENTITY_Ego *issuer,
- const char *attribute,
- GNUNET_CREDENTIAL_RemoveDelegateResultProcessor proc,
- void *proc_cls);
+ struct GNUNET_IDENTITY_Ego *issuer,
+ const char *attribute,
+ GNUNET_CREDENTIAL_RemoveDelegateResultProcessor proc,
+ void *proc_cls);
/**
* Issue an attribute to a subject
*
- * @param handle handle to the Credential service
* @param issuer the ego that should be used to issue the attribute
* @param subject the subject of the attribute
* @param attribute the name of the attribute
+ * @param expiration the TTL of the credential
* @return handle to the queued request
*/
-struct GNUNET_CREDENTIAL_Request *
-GNUNET_CREDENTIAL_issue (struct GNUNET_CREDENTIAL_Handle *handle,
- struct GNUNET_IDENTITY_Ego *issuer,
- struct GNUNET_CRYPTO_EcdsaPublicKey *subject,
- const char *attribute,
- GNUNET_CREDENTIAL_IssueResultProcessor proc,
- void *proc_cls);
-
+struct GNUNET_CREDENTIAL_Credential*
+GNUNET_CREDENTIAL_credential_issue (const struct GNUNET_CRYPTO_EcdsaPrivateKey *issuer,
+ struct GNUNET_CRYPTO_EcdsaPublicKey *subject,
+ const char *attribute,
+ struct GNUNET_TIME_Absolute *expiration);
-/**
- * Remove a credential
- *
- * @param handle handle to the Credential service
- * @param issuer the identity that issued the credential
- * @param subject the subject of the credential
- * @param credential the name of the credential
- * @return handle to the queued request
- */
-/**
- struct GNUNET_CREDENTIAL_IssueRequest *
- GNUNET_CREDENTIAL_remove (struct GNUNET_CREDENTIAL_Handle *handle,
- struct GNUNET_IDENTITY_Ego *issuer,
- struct GNUNET_IDENTITY_Ego *subject,
- const char *credential,
- GNUNET_CREDENTIAL_IssueResultProcessor proc,
- void *proc_cls);
- */
/**
* @param lr the lookup request to cancel
*/
void
-GNUNET_CREDENTIAL_verify_cancel (struct GNUNET_CREDENTIAL_Request *vr);
+GNUNET_CREDENTIAL_request_cancel (struct GNUNET_CREDENTIAL_Request *lr);
#if 0 /* keep Emacsens' auto-indent happy */