X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=src%2Fcredential%2Fcredential_api.c;h=ca54137add34139cc5fcc99ea8e6bc27666f76f0;hb=1eb75229e02e5bd678f1a99eae9a6062330ecb46;hp=eb7af5b531268bac4360223b8dc7b82c57d63676;hpb=10b2bbf99b0dc611a735ad0a04d3ab5109a090f0;p=oweals%2Fgnunet.git diff --git a/src/credential/credential_api.c b/src/credential/credential_api.c index eb7af5b53..ca54137ad 100644 --- a/src/credential/credential_api.c +++ b/src/credential/credential_api.c @@ -30,6 +30,7 @@ #include "gnunet_protocols.h" #include "gnunet_signatures.h" #include "credential.h" +#include "credential_serialization.h" #include "gnunet_credential_service.h" #include "gnunet_identity_service.h" @@ -60,7 +61,7 @@ struct GNUNET_CREDENTIAL_Request /** * processor to call on verify result */ - GNUNET_CREDENTIAL_VerifyResultProcessor verify_proc; + GNUNET_CREDENTIAL_CredentialResultProcessor verify_proc; /** * @e verify_proc closure @@ -99,12 +100,12 @@ struct GNUNET_CREDENTIAL_Handle /** * Head of linked list of active verify requests. */ - struct GNUNET_CREDENTIAL_Request *verify_head; + struct GNUNET_CREDENTIAL_Request *request_head; /** * Tail of linked list of active verify requests. */ - struct GNUNET_CREDENTIAL_Request *verify_tail; + struct GNUNET_CREDENTIAL_Request *request_tail; /** * Reconnect task @@ -184,7 +185,6 @@ mq_error_handler (void *cls, force_reconnect (handle); } - /** * Check validity of message received from the CREDENTIAL service * @@ -193,7 +193,7 @@ mq_error_handler (void *cls, */ static int check_result (void *cls, - const struct VerifyResultMessage *vr_msg) + const struct DelegationChainResultMessage *vr_msg) { //TODO return GNUNET_OK; @@ -208,37 +208,54 @@ check_result (void *cls, */ static void handle_result (void *cls, - const struct VerifyResultMessage *vr_msg) + const struct DelegationChainResultMessage *vr_msg) { struct GNUNET_CREDENTIAL_Handle *handle = cls; uint32_t r_id = ntohl (vr_msg->id); struct GNUNET_CREDENTIAL_Request *vr; - GNUNET_CREDENTIAL_VerifyResultProcessor proc; + size_t mlen = ntohs (vr_msg->header.size) - sizeof (*vr_msg); + uint32_t d_count = ntohl (vr_msg->d_count); + uint32_t c_count = ntohl (vr_msg->c_count); + struct GNUNET_CREDENTIAL_Delegation d_chain[d_count]; + struct GNUNET_CREDENTIAL_Credential creds[c_count]; + GNUNET_CREDENTIAL_CredentialResultProcessor proc; void *proc_cls; LOG (GNUNET_ERROR_TYPE_DEBUG, "Received verify reply from CREDENTIAL service\n"); - for (vr = handle->verify_head; NULL != vr; vr = vr->next) + for (vr = handle->request_head; NULL != vr; vr = vr->next) if (vr->r_id == r_id) break; if (NULL == vr) return; proc = vr->verify_proc; proc_cls = vr->proc_cls; - GNUNET_CONTAINER_DLL_remove (handle->verify_head, - handle->verify_tail, + GNUNET_CONTAINER_DLL_remove (handle->request_head, + handle->request_tail, vr); + GNUNET_MQ_discard (vr->env); GNUNET_free (vr); - /** GNUNET_assert (GNUNET_OK == - GNUNET_CREDENTIAL_records_deserialize (mlen, - (const char*) &lookup_msg[1], - rd_count, - rd)); - */ - proc (proc_cls, - NULL, - GNUNET_NO); // TODO + GNUNET_CREDENTIAL_delegation_chain_deserialize (mlen, + (const char*) &vr_msg[1], + d_count, + d_chain, + c_count, + creds)); + if (GNUNET_NO == ntohl (vr_msg->cred_found)) + { + proc (proc_cls, + 0, + NULL, + 0, + NULL); // TODO + } else { + proc (proc_cls, + d_count, + d_chain, + c_count, + creds); + } } @@ -253,8 +270,12 @@ reconnect (struct GNUNET_CREDENTIAL_Handle *handle) struct GNUNET_MQ_MessageHandler handlers[] = { GNUNET_MQ_hd_var_size (result, GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT, - struct VerifyResultMessage, - NULL), + struct DelegationChainResultMessage, + handle), + GNUNET_MQ_hd_var_size (result, + GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT_RESULT, + struct DelegationChainResultMessage, + handle), GNUNET_MQ_handler_end () }; struct GNUNET_CREDENTIAL_Request *vr; @@ -262,14 +283,14 @@ reconnect (struct GNUNET_CREDENTIAL_Handle *handle) GNUNET_assert (NULL == handle->mq); LOG (GNUNET_ERROR_TYPE_DEBUG, "Trying to connect to CREDENTIAL\n"); - handle->mq = GNUNET_CLIENT_connecT (handle->cfg, + handle->mq = GNUNET_CLIENT_connect (handle->cfg, "credential", handlers, &mq_error_handler, handle); if (NULL == handle->mq) return; - for (vr = handle->verify_head; NULL != vr; vr = vr->next) + for (vr = handle->request_head; NULL != vr; vr = vr->next) GNUNET_MQ_send_copy (handle->mq, vr->env); } @@ -316,7 +337,7 @@ GNUNET_CREDENTIAL_disconnect (struct GNUNET_CREDENTIAL_Handle *handle) GNUNET_SCHEDULER_cancel (handle->reconnect_task); handle->reconnect_task = NULL; } - GNUNET_assert (NULL == handle->verify_head); + GNUNET_assert (NULL == handle->request_head); GNUNET_free (handle); } @@ -327,17 +348,85 @@ GNUNET_CREDENTIAL_disconnect (struct GNUNET_CREDENTIAL_Handle *handle) * @param lr the verify request to cancel */ void -GNUNET_CREDENTIAL_verify_cancel (struct GNUNET_CREDENTIAL_Request *vr) +GNUNET_CREDENTIAL_request_cancel (struct GNUNET_CREDENTIAL_Request *vr) { struct GNUNET_CREDENTIAL_Handle *handle = vr->credential_handle; - GNUNET_CONTAINER_DLL_remove (handle->verify_head, - handle->verify_tail, + GNUNET_CONTAINER_DLL_remove (handle->request_head, + handle->request_tail, vr); GNUNET_MQ_discard (vr->env); GNUNET_free (vr); } + +/** + * Performs attribute collection. + * Collects all credentials of subject to fulfill the + * attribute, if possible + * + * @param handle handle to the Credential service + * @param issuer_key the issuer public key + * @param issuer_attribute the issuer attribute + * @param subject_key the subject public key + * @param credential_count number of credentials provided + * @param credentials subject credentials + * @param proc function to call on result + * @param proc_cls closure for processor + * @return handle to the queued request + */ +struct GNUNET_CREDENTIAL_Request* +GNUNET_CREDENTIAL_collect (struct GNUNET_CREDENTIAL_Handle *handle, + const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key, + const char *issuer_attribute, + const struct GNUNET_CRYPTO_EcdsaPrivateKey *subject_key, + GNUNET_CREDENTIAL_CredentialResultProcessor proc, + void *proc_cls) +{ + /* IPC to shorten credential names, return shorten_handle */ + struct CollectMessage *c_msg; + struct GNUNET_CREDENTIAL_Request *vr; + size_t nlen; + + if (NULL == issuer_attribute) + { + GNUNET_break (0); + return NULL; + } + + //DEBUG LOG + LOG (GNUNET_ERROR_TYPE_DEBUG, + "Trying to collect `%s' in CREDENTIAL\n", + issuer_attribute); + nlen = strlen (issuer_attribute) + 1; + if (nlen >= GNUNET_MAX_MESSAGE_SIZE - sizeof (*vr)) + { + GNUNET_break (0); + return NULL; + } + vr = GNUNET_new (struct GNUNET_CREDENTIAL_Request); + vr->credential_handle = handle; + vr->verify_proc = proc; + vr->proc_cls = proc_cls; + vr->r_id = handle->r_id_gen++; + vr->env = GNUNET_MQ_msg_extra (c_msg, + nlen, + GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT); + c_msg->id = htonl (vr->r_id); + c_msg->subject_key = *subject_key; + c_msg->issuer_key = *issuer_key; + c_msg->issuer_attribute_len = htons(strlen(issuer_attribute)); + GNUNET_memcpy (&c_msg[1], + issuer_attribute, + strlen (issuer_attribute)); + GNUNET_CONTAINER_DLL_insert (handle->request_head, + handle->request_tail, + vr); + if (NULL != handle->mq) + GNUNET_MQ_send_copy (handle->mq, + vr->env); + return vr; +} /** * Performs attribute verification. * Checks if there is a delegation chain from @@ -350,7 +439,8 @@ GNUNET_CREDENTIAL_verify_cancel (struct GNUNET_CREDENTIAL_Request *vr) * @param issuer_key the issuer public key * @param issuer_attribute the issuer attribute * @param subject_key the subject public key - * @param subject_attribute the attribute claimed by the subject + * @param credential_count number of credentials provided + * @param credentials subject credentials * @param proc function to call on result * @param proc_cls closure for processor * @return handle to the queued request @@ -360,26 +450,32 @@ GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle, const struct GNUNET_CRYPTO_EcdsaPublicKey *issuer_key, const char *issuer_attribute, const struct GNUNET_CRYPTO_EcdsaPublicKey *subject_key, - const char *subject_attribute, - GNUNET_CREDENTIAL_VerifyResultProcessor proc, + uint32_t credential_count, + const struct GNUNET_CREDENTIAL_Credential *credentials, + GNUNET_CREDENTIAL_CredentialResultProcessor proc, void *proc_cls) { /* IPC to shorten credential names, return shorten_handle */ struct VerifyMessage *v_msg; struct GNUNET_CREDENTIAL_Request *vr; size_t nlen; + size_t clen; - if (NULL == issuer_attribute || NULL == subject_attribute) + if (NULL == issuer_attribute || NULL == credentials) { GNUNET_break (0); return NULL; } + + clen = GNUNET_CREDENTIAL_credentials_get_size (credential_count, + credentials); + //DEBUG LOG LOG (GNUNET_ERROR_TYPE_DEBUG, "Trying to verify `%s' in CREDENTIAL\n", issuer_attribute); - nlen = strlen (issuer_attribute) + strlen (subject_attribute) + 1; - if (nlen >= GNUNET_SERVER_MAX_MESSAGE_SIZE - sizeof (*vr)) + nlen = strlen (issuer_attribute) + 1 + clen; + if (nlen >= GNUNET_MAX_MESSAGE_SIZE - sizeof (*vr)) { GNUNET_break (0); return NULL; @@ -394,17 +490,19 @@ GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle, GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY); v_msg->id = htonl (vr->r_id); v_msg->subject_key = *subject_key; + v_msg->c_count = htonl(credential_count); v_msg->issuer_key = *issuer_key; v_msg->issuer_attribute_len = htons(strlen(issuer_attribute)); - v_msg->subject_attribute_len = htons(strlen(subject_attribute)); GNUNET_memcpy (&v_msg[1], issuer_attribute, strlen (issuer_attribute)); - GNUNET_memcpy (((char*)&v_msg[1]) + strlen (issuer_attribute), - subject_attribute, - strlen (subject_attribute)); - GNUNET_CONTAINER_DLL_insert (handle->verify_head, - handle->verify_tail, + GNUNET_CREDENTIAL_credentials_serialize (credential_count, + credentials, + clen, + ((char*)&v_msg[1]) + + strlen (issuer_attribute) + 1); + GNUNET_CONTAINER_DLL_insert (handle->request_head, + handle->request_tail, vr); if (NULL != handle->mq) GNUNET_MQ_send_copy (handle->mq, @@ -412,52 +510,4 @@ GNUNET_CREDENTIAL_verify (struct GNUNET_CREDENTIAL_Handle *handle, return vr; } -/** - * Issue an attribute to a subject - * - * @param handle handle to the Credential service - * @param issuer the ego that should be used to issue the attribute - * @param subject the subject of the attribute - * @param attribute the name of the attribute - * @return handle to the queued request - */ -struct GNUNET_CREDENTIAL_CredentialRecordData * -GNUNET_CREDENTIAL_issue (struct GNUNET_CREDENTIAL_Handle *handle, - const struct GNUNET_CRYPTO_EcdsaPrivateKey *issuer, - struct GNUNET_CRYPTO_EcdsaPublicKey *subject, - const char *attribute, - struct GNUNET_TIME_Absolute *expiration) -{ - struct GNUNET_CREDENTIAL_CredentialRecordData *crd; - - crd = GNUNET_malloc (sizeof (struct GNUNET_CREDENTIAL_CredentialRecordData) + strlen (attribute) + 1); - - crd->purpose.size = htonl (strlen (attribute) + 1 + - sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey) + - sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) + - sizeof (uint64_t)); - - crd->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_CREDENTIAL); - GNUNET_CRYPTO_ecdsa_key_get_public (issuer, - &crd->issuer_key); - crd->subject_key = *subject; - crd->expiration = GNUNET_htonll (expiration->abs_value_us); - GNUNET_memcpy (&crd[1], - attribute, - strlen (attribute)); - if (GNUNET_OK != - GNUNET_CRYPTO_ecdsa_sign (issuer, - &crd->purpose, - &crd->sig)) - { - GNUNET_break (0); - GNUNET_free (crd); - return NULL; - } - return crd; -} - - - - /* end of credential_api.c */