X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=src%2Fidentity-provider%2Fidentity_token.c;h=31249840b0ff989ac4b5375601549336adf9b4fe;hb=2105059516320800eaa8fff1196b58f29a50ba7c;hp=0f6cba62633ed0ba60177e6c8f6a9fd417e0873d;hpb=548c7bbb68f5c22eadff4d54630d369e322a58b8;p=oweals%2Fgnunet.git diff --git a/src/identity-provider/identity_token.c b/src/identity-provider/identity_token.c index 0f6cba626..31249840b 100644 --- a/src/identity-provider/identity_token.c +++ b/src/identity-provider/identity_token.c @@ -1,6 +1,6 @@ /* This file is part of GNUnet - Copyright (C) 2010-2015 Christian Grothoff (and other contributing authors) + Copyright (C) 2010-2015 GNUnet e.V. GNUnet is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published @@ -19,7 +19,7 @@ */ /** - * @file identity-token/identity_token.c + * @file identity-provider/identity_token.c * @brief helper library to manage identity tokens * @author Martin Schanzenbach */ @@ -28,6 +28,7 @@ #include "gnunet_signatures.h" #include "identity_token.h" #include +#include #define JWT_ALG "alg" @@ -97,7 +98,10 @@ decrypt_str_ecdhe (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, &enc_key, &enc_iv, str_buf); - GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Decrypted bytes: %d Expected bytes: %d\n", str_size, cyphertext_len); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Decrypted bytes: %zd Expected bytes: %zd\n", + str_size, + cyphertext_len); if (-1 == str_size) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "ECDH invalid\n"); @@ -105,7 +109,7 @@ decrypt_str_ecdhe (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key, return GNUNET_SYSERR; } *result_str = GNUNET_malloc (str_size+1); - memcpy (*result_str, str_buf, str_size); + GNUNET_memcpy (*result_str, str_buf, str_size); (*result_str)[str_size] = '\0'; GNUNET_free (str_buf); return GNUNET_OK; @@ -171,14 +175,14 @@ encrypt_str_ecdhe (const char *plaintext, pub_key, &new_key_hash)); create_sym_key_from_ecdh(&new_key_hash, &skey, &iv); - GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Encrypting string %s\n (len=%d)", + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Encrypting string %s\n (len=%zd)", plaintext, strlen (plaintext)); enc_size = GNUNET_CRYPTO_symmetric_encrypt (plaintext, strlen (plaintext), &skey, &iv, *cyphertext); - GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Encrypted (len=%d)", enc_size); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Encrypted (len=%zd)", enc_size); return GNUNET_OK; } @@ -420,6 +424,9 @@ token_parse (const char* raw_data, GNUNET_asprintf (&tmp_buf, "%s", raw_data); ecdh_pubkey_str = strtok (tmp_buf, ","); enc_token_str = strtok (NULL, ","); + + GNUNET_assert (NULL != ecdh_pubkey_str); + GNUNET_assert (NULL != enc_token_str); GNUNET_STRINGS_string_to_data (ecdh_pubkey_str, strlen (ecdh_pubkey_str), @@ -535,7 +542,7 @@ token_to_string (const struct IdentityToken *token, purpose->size = htonl (strlen (signature_target) + sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose)); purpose->purpose = htonl(GNUNET_SIGNATURE_PURPOSE_GNUID_TOKEN); - memcpy (&purpose[1], signature_target, strlen (signature_target)); + GNUNET_memcpy (&purpose[1], signature_target, strlen (signature_target)); if (GNUNET_OK != GNUNET_CRYPTO_ecdsa_sign (priv_key, purpose, (struct GNUNET_CRYPTO_EcdsaSignature *)&token->signature)) @@ -543,6 +550,7 @@ token_to_string (const struct IdentityToken *token, GNUNET_free (signature_target); GNUNET_free (payload_str); GNUNET_free (payload_base64); + GNUNET_free (header_base64); GNUNET_free (purpose); return GNUNET_SYSERR; } @@ -597,14 +605,14 @@ token_serialize (const struct IdentityToken *token, } struct TokenTicketPayload* -ticket_payload_create (const char* nonce, +ticket_payload_create (uint64_t nonce, const struct GNUNET_CRYPTO_EcdsaPublicKey* identity_pkey, const char* lbl_str) { struct TokenTicketPayload* payload; payload = GNUNET_malloc (sizeof (struct TokenTicketPayload)); - GNUNET_asprintf (&payload->nonce, nonce, strlen (nonce)); + payload->nonce = nonce; payload->identity_key = *identity_pkey; GNUNET_asprintf (&payload->label, lbl_str, strlen (lbl_str)); return payload; @@ -613,8 +621,6 @@ ticket_payload_create (const char* nonce, void ticket_payload_destroy (struct TokenTicketPayload* payload) { - if (NULL != payload->nonce) - GNUNET_free (payload->nonce); if (NULL != payload->label) GNUNET_free (payload->label); GNUNET_free (payload); @@ -630,7 +636,7 @@ ticket_payload_serialize (struct TokenTicketPayload *payload, sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)); GNUNET_asprintf (result, - "{\"nonce\": \"%u\",\"identity\": \"%s\",\"label\": \"%s\"}", + "{\"nonce\": \"%"SCNu64"\",\"identity\": \"%s\",\"label\": \"%s\"}", payload->nonce, identity_key_str, payload->label); GNUNET_free (identity_key_str); @@ -645,7 +651,7 @@ ticket_payload_serialize (struct TokenTicketPayload *payload, * data and E */ struct TokenTicket* -ticket_create (const char* nonce_str, +ticket_create (uint64_t nonce, const struct GNUNET_CRYPTO_EcdsaPublicKey* identity_pkey, const char* lbl_str, const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key) @@ -654,7 +660,7 @@ ticket_create (const char* nonce_str, struct TokenTicketPayload *code_payload; ticket = GNUNET_malloc (sizeof (struct TokenTicket)); - code_payload = ticket_payload_create (nonce_str, + code_payload = ticket_payload_create (nonce, identity_pkey, lbl_str); ticket->aud_key = *aud_key; @@ -708,11 +714,11 @@ ticket_serialize (struct TokenTicket *ticket, strlen (code_payload_str)); purpose->purpose = htonl(GNUNET_SIGNATURE_PURPOSE_GNUID_TICKET); write_ptr = (char*) &purpose[1]; - memcpy (write_ptr, + GNUNET_memcpy (write_ptr, &ticket->ecdh_pubkey, sizeof (struct GNUNET_CRYPTO_EcdhePublicKey)); write_ptr += sizeof (struct GNUNET_CRYPTO_EcdhePublicKey); - memcpy (write_ptr, enc_ticket_payload, strlen (code_payload_str)); + GNUNET_memcpy (write_ptr, enc_ticket_payload, strlen (code_payload_str)); GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_ecdsa_sign (priv_key, purpose, &ticket->signature)); @@ -755,6 +761,7 @@ ticket_payload_parse(const char *raw_data, json_t *nonce_json; json_error_t err_json; char* data_str; + uint64_t nonce; struct GNUNET_CRYPTO_EcdsaPublicKey id_pkey; if (GNUNET_OK != decrypt_str_ecdhe (priv_key, @@ -818,8 +825,10 @@ ticket_payload_parse(const char *raw_data, nonce_str = json_string_value (nonce_json); GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Found nonce: %s\n", nonce_str); + + GNUNET_assert (0 != sscanf (nonce_str, "%"SCNu64, &nonce)); - *result = ticket_payload_create (nonce_str, + *result = ticket_payload_create (nonce, (const struct GNUNET_CRYPTO_EcdsaPublicKey*)&id_pkey, label_str); GNUNET_free (data_str); @@ -923,9 +932,9 @@ ticket_parse (const char *raw_data, enc_data_len); purpose->purpose = htonl(GNUNET_SIGNATURE_PURPOSE_GNUID_TICKET); write_ptr = (char*) &purpose[1]; - memcpy (write_ptr, &ticket->ecdh_pubkey, sizeof (struct GNUNET_CRYPTO_EcdhePublicKey)); + GNUNET_memcpy (write_ptr, &ticket->ecdh_pubkey, sizeof (struct GNUNET_CRYPTO_EcdhePublicKey)); write_ptr += sizeof (struct GNUNET_CRYPTO_EcdhePublicKey); - memcpy (write_ptr, enc_data, enc_data_len); + GNUNET_memcpy (write_ptr, enc_data, enc_data_len); if (GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify (GNUNET_SIGNATURE_PURPOSE_GNUID_TICKET, purpose,