/*
- This file is part of GNUnet. Copyright (C) 2001-2014 Christian Grothoff
+ This file is part of GNUnet. Copyright (C) 2001-2018 Christian Grothoff
(and other contributing authors)
GNUnet is free software; you can redistribute it and/or modify
*/
/**
- * @file util/crypto_random.c
- * @brief functions to gather random numbers
- * @author Christian Grothoff
+ * @file abe/abe.c
+ * @brief functions for Attribute-Based Encryption
+ * @author Martin Schanzenbach
*/
return len;
}
+/**
+ * @ingroup abe
+ * Create a new CP-ABE master key. Caller must free return value.
+ *
+ * @return fresh private key; free using #GNUNET_ABE_cpabe_delete_master_key
+ */
struct GNUNET_ABE_AbeMasterKey*
GNUNET_ABE_cpabe_create_master_key (void)
{
return key;
}
+/**
+ * @ingroup abe
+ * Delete a CP-ABE master key.
+ *
+ * @param key the master key
+ * @return fresh private key; free using #GNUNET_free
+ */
void
GNUNET_ABE_cpabe_delete_master_key (struct GNUNET_ABE_AbeMasterKey *key)
{
GNUNET_free (key);
}
+/**
+ * @ingroup abe
+ * Create a new CP-ABE key. Caller must free return value.
+ *
+ * @param key the master key
+ * @param attrs the attributes to append to the key
+ * @return fresh private key; free using #GNUNET_ABE_cpabe_delete_key
+ */
struct GNUNET_ABE_AbeKey*
GNUNET_ABE_cpabe_create_key (struct GNUNET_ABE_AbeMasterKey *key,
char **attrs)
return prv_key;
}
+/**
+ * @ingroup abe
+ * Delete a CP-ABE key.
+ *
+ * @param key the key to delete
+ * @param delete_pub GNUNE_YES if the public key should also be freed (bug in gabe)
+ * @return fresh private key; free using #GNUNET_free
+ */
void
GNUNET_ABE_cpabe_delete_key (struct GNUNET_ABE_AbeKey *key,
int delete_pub)
GNUNET_free (key);
}
-ssize_t
+static ssize_t
write_cpabe (void **result,
uint32_t file_len,
char* cph_buf,
return 12 + cph_buf_len + aes_buf_len;
}
-ssize_t
+static ssize_t
read_cpabe (const void *data,
char** cph_buf,
int *cph_buf_len,
return buf_len;
}
+/**
+ * @ingroup abe
+ * Encrypt a block using sessionkey.
+ *
+ * @param block the block to encrypt
+ * @param size the size of the @a block
+ * @param policy the ABE policy
+ * @param key the key used to encrypt
+ * @param result the result buffer. Will be allocated. Free using #GNUNET_free
+ * @return the size of the encrypted block, -1 for errors
+ */
ssize_t
GNUNET_ABE_cpabe_encrypt (const void *block,
size_t size,
return result_len;
}
+/**
+ * @ingroup abe
+ * Decrypt a block using the ABE key.
+ *
+ * @param block the block to encrypt
+ * @param size the size of the @a block
+ * @param key the key used to decrypt
+ * @param result the result buffer. Will be allocated. Free using #GNUNET_free
+ * @return the size of the encrypted block, -1 for errors
+ */
ssize_t
GNUNET_ABE_cpabe_decrypt (const void *block,
size_t size,
return plt_len;
}
+/**
+ * @ingroup abe
+ * Serialize an ABE key.
+ *
+ * @param key the key to serialize
+ * @param result the result buffer. Will be allocated. Free using #GNUNET_free
+ * @return the size of the encrypted block, -1 for errors
+ */
ssize_t
GNUNET_ABE_cpabe_serialize_key (const struct GNUNET_ABE_AbeKey *key,
void **result)
return len;
}
+/**
+ * @ingroup abe
+ * Deserialize a serialized ABE key.
+ *
+ * @param data the data to deserialize
+ * @param len the length of the data.
+ * @return the ABE key. NULL of unsuccessful
+ */
struct GNUNET_ABE_AbeKey*
GNUNET_ABE_cpabe_deserialize_key (const void *data,
size_t len)
return key;
}
+/**
+ * @ingroup abe
+ * Serialize an ABE master key.
+ *
+ * @param key the key to serialize
+ * @param result the result buffer. Will be allocated. Free using #GNUNET_free
+ * @return the size of the encrypted block, -1 for errors
+ */
ssize_t
GNUNET_ABE_cpabe_serialize_master_key (const struct GNUNET_ABE_AbeMasterKey *key,
void **result)
return len;
}
+/**
+ * @ingroup abe
+ * Deserialize an ABE master key.
+ *
+ * @param data the data to deserialize
+ * @param len the length of the data.
+ * @return the ABE key. NULL of unsuccessful
+ */
struct GNUNET_ABE_AbeMasterKey*
GNUNET_ABE_cpabe_deserialize_master_key (const void *data,
size_t len)
/**
* @file credential/credential.h
* @brief IPC messages between CREDENTIAL API and CREDENTIAL service
- * @author Adnan Husain
+ * @author Martin Schanzenbach
*/
#ifndef CREDENTIAL_H
#define CREDENTIAL_H
/**
* @file credential/credential_api.c
* @brief library to access the CREDENTIAL service
- * @author Adnan Husain
+ * @author Martin Schanzenbach
*/
#include "platform.h"
#include "gnunet_util_lib.h"
* Check validity of message received from the CREDENTIAL service
*
* @param cls the `struct GNUNET_CREDENTIAL_Handle *`
- * @param loookup_msg the incoming message
+ * @param vr_msg the incoming message
*/
static int
check_result (void *cls,
* Handler for messages received from the CREDENTIAL service
*
* @param cls the `struct GNUNET_CREDENTIAL_Handle *`
- * @param loookup_msg the incoming message
+ * @param vr_msg the incoming message
*/
static void
handle_result (void *cls,
* @param lr the verify request to cancel
*/
void
-GNUNET_CREDENTIAL_request_cancel (struct GNUNET_CREDENTIAL_Request *vr)
+GNUNET_CREDENTIAL_request_cancel (struct GNUNET_CREDENTIAL_Request *lr)
{
- struct GNUNET_CREDENTIAL_Handle *handle = vr->credential_handle;
+ struct GNUNET_CREDENTIAL_Handle *handle = lr->credential_handle;
GNUNET_CONTAINER_DLL_remove (handle->request_head,
handle->request_tail,
- vr);
- GNUNET_MQ_discard (vr->env);
- GNUNET_free (vr);
+ lr);
+ GNUNET_MQ_discard (lr->env);
+ GNUNET_free (lr);
}
* @param issuer_key the issuer public key
* @param issuer_attribute the issuer attribute
* @param subject_key the subject public key
- * @param credential_count number of credentials provided
- * @param credentials subject credentials
* @param proc function to call on result
* @param proc_cls closure for processor
* @return handle to the queued request
/**
- * @file credential/credential_mic.c
+ * @file credential/credential_misc.c
* @brief Misc API for credentials
*
* @author Martin Schanzenbach
/**
* Issue an attribute to a subject
*
- * @param handle handle to the Credential service
* @param issuer the ego that should be used to issue the attribute
* @param subject the subject of the attribute
* @param attribute the name of the attribute
/**
* Calculate how many bytes we will need to serialize
- * the given delegation chain and credential
+ * the given delegation chain
*
- * @param d_count number of delegation chain entries
- * @param dd array of #GNUNET_CREDENTIAL_Delegation
- * @param cd a #GNUNET_CREDENTIAL_Credential
+ * @param ds_count number of delegation chain entries
+ * @param dsr array of #GNUNET_CREDENTIAL_DelegationSet
* @return the required size to serialize
*/
size_t
* Serizalize the given delegation chain entries and credential
*
* @param d_count number of delegation chain entries
- * @param dd array of #GNUNET_CREDENTIAL_Delegation
- * @param cd a #GNUNET_CREDENTIAL_Credential
+ * @param dsr array of #GNUNET_CREDENTIAL_DelegationSet
* @param dest_size size of the destination
* @param dest where to store the result
* @return the size of the data, -1 on failure
* @param len size of the serialized delegation chain and cred
* @param src the serialized data
* @param d_count the number of delegation chain entries
- * @param dd where to put the delegation chain entries
- * @param cd where to put the credential data
+ * @param dsr where to put the delegation chain entries
* @return #GNUNET_OK on success, #GNUNET_SYSERR on error
*/
int
/**
* @file gnunet-credential.c
* @brief command line tool to access command line Credential service
- * @author Adnan Husain
+ * @author Martin Schanzenbach
*/
#include "platform.h"
#include <gnunet_util_lib.h>
GNUNET_SCHEDULER_shutdown ();
}
-/**
- * Function called with the result of a Credential lookup.
- *
- * @param cls the 'const char *' name that was resolved
- * @param cd_count number of records returned
- * @param cd array of @a cd_count records with the results
- */
static void
handle_collect_result (void *cls,
unsigned int d_count,
}
-/**
- * Function called with the result of a Credential lookup.
- *
- * @param cls the 'const char *' name that was resolved
- * @param cd_count number of records returned
- * @param cd array of @a cd_count records with the results
- */
static void
handle_verify_result (void *cls,
unsigned int d_count,
Boston, MA 02110-1301, USA.
*/
/**
- * @file gns/gnunet-service-credential.c
- * @brief GNU Credential Service (main service)
- * @author Adnan Husain
+ * @file credential/gnunet-service-credential.c
+ * @brief GNUnet Credential Service (main service)
+ * @author Martin Schanzenbach
*/
#include "platform.h"
#include "gnunet_util_lib.h"
}
GNUNET_free (dq_entry);
}
- if (NULL != ds_entry->issuer_key)
- GNUNET_free (ds_entry->issuer_key);
- if (NULL != ds_entry->lookup_attribute)
- GNUNET_free (ds_entry->lookup_attribute);
- if (NULL != ds_entry->issuer_attribute)
- GNUNET_free (ds_entry->issuer_attribute);
- if (NULL != ds_entry->unresolved_attribute_delegation)
- GNUNET_free (ds_entry->unresolved_attribute_delegation);
- if (NULL != ds_entry->attr_trailer)
- GNUNET_free (ds_entry->attr_trailer);
+ GNUNET_free_non_null (ds_entry->issuer_key);
+ GNUNET_free_non_null (ds_entry->lookup_attribute);
+ GNUNET_free_non_null (ds_entry->issuer_attribute);
+ GNUNET_free_non_null (ds_entry->unresolved_attribute_delegation);
+ GNUNET_free_non_null (ds_entry->attr_trailer);
if (NULL != ds_entry->lookup_request)
{
GNUNET_GNS_lookup_cancel (ds_entry->lookup_request);
}
if (NULL != ds_entry->delegation_chain_entry)
{
- if (NULL != ds_entry->delegation_chain_entry->subject_attribute)
- GNUNET_free (ds_entry->delegation_chain_entry->subject_attribute);
- if (NULL != ds_entry->delegation_chain_entry->issuer_attribute)
- GNUNET_free (ds_entry->delegation_chain_entry->issuer_attribute);
+ GNUNET_free_non_null (ds_entry->delegation_chain_entry->subject_attribute);
+ GNUNET_free_non_null (ds_entry->delegation_chain_entry->issuer_attribute);
GNUNET_free (ds_entry->delegation_chain_entry);
}
GNUNET_free (ds_entry);
vrh->lookup_request = NULL;
}
cleanup_delegation_set (vrh->root_set);
- if (NULL != vrh->issuer_attribute)
- GNUNET_free (vrh->issuer_attribute);
+ GNUNET_free_non_null (vrh->issuer_attribute);
for (cr_entry = vrh->cred_chain_head;
NULL != vrh->cred_chain_head;
cr_entry = vrh->cred_chain_head)
GNUNET_CONTAINER_DLL_remove (vrh->cred_chain_head,
vrh->cred_chain_tail,
cr_entry);
- if (NULL != cr_entry->credential);
- GNUNET_free (cr_entry->credential);
+ GNUNET_free_non_null (cr_entry->credential);
GNUNET_free (cr_entry);
}
GNUNET_free (vrh);
}
-/**
- * Task run during shutdown.
- *
- * @param cls unused
- * @param tc unused
- */
static void
shutdown_task (void *cls)
{
-/**
- * Send.
- *
- * @param handle the handle to the request
- */
static void
send_lookup_response (struct VerifyRequestHandle *vrh)
{
struct CredentialRecordEntry *cd;
struct CredentialRecordEntry *tmp;
size_t size;
- int i;
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Sending response\n");
dce = vrh->delegation_chain_head;
- for (i=0;i<vrh->delegation_chain_size;i++)
+ for (uint32_t i=0;i<vrh->delegation_chain_size;i++)
{
dd[i].issuer_key = dce->issuer_key;
dd[i].subject_key = dce->subject_key;
* Append at the end of rmsg
*/
cd = vrh->cred_chain_head;
- for (i=0;i<vrh->cred_chain_size;i++)
+ for (uint32_t i=0;i<vrh->cred_chain_size;i++)
{
cred[i].issuer_key = cd->credential->issuer_key;
cred[i].subject_key = cd->credential->subject_key;
struct DelegationQueueEntry *dq_entry;
char *expanded_attr;
char *lookup_attribute;
- int i;
- int j;
current_set = cls;
"Got %d attrs\n", rd_count);
// Each OR
- for (i=0; i < rd_count; i++)
+ for (uint32_t i=0; i < rd_count; i++)
{
if (GNUNET_GNSRECORD_TYPE_ATTRIBUTE != rd[i].record_type)
continue;
current_set->queue_entries_tail,
dq_entry);
// Each AND
- for (j=0; j<ntohl(sets->set_count); j++)
+ for (uint32_t j=0; j<ntohl(sets->set_count); j++)
{
ds_entry = GNUNET_new (struct DelegationSetQueueEntry);
if (NULL != current_set->attr_trailer)
* Result from GNS lookup.
*
* @param cls the closure (our client lookup handle)
- * @param rd_count the number of records in @a rd
- * @param rd the record data
*/
static void
delegation_chain_resolution_start (void* cls)
ds_entry);
}
-/**
- * Checks a #GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY message
- *
- * @param cls client sending the message
- * @param v_msg message of type `struct VerifyMessage`
- * @return #GNUNET_OK if @a v_msg is well-formed
- */
static int
check_verify (void *cls,
const struct VerifyMessage *v_msg)
return GNUNET_OK;
}
-/**
- * Handle Credential verification requests from client
- *
- * @param cls the closure
- * @param client the client
- * @param message the message
- */
static void
handle_verify (void *cls,
const struct VerifyMessage *v_msg)
struct CredentialRecordEntry *cr_entry;
uint32_t credentials_count;
uint32_t credential_data_size;
- int i;
char attr[GNUNET_CREDENTIAL_MAX_LENGTH + 1];
char issuer_attribute[GNUNET_CREDENTIAL_MAX_LENGTH + 1];
char *attrptr = attr;
return;
}
- for (i=0;i<credentials_count;i++) {
+ for (uint32_t i=0;i<credentials_count;i++) {
cr_entry = GNUNET_new (struct CredentialRecordEntry);
cr_entry->credential = GNUNET_malloc (sizeof (struct GNUNET_CREDENTIAL_Credential) +
credentials[i].issuer_attribute_len);
}
-/**
- * We encountered an error while collecting
- */
static void
handle_cred_collection_error_cb (void *cls)
{
GNUNET_NAMESTORE_zone_iterator_next (vrh->cred_collection_iter);
}
-/**
- * Store credential
- */
static void
handle_cred_collection_cb (void *cls,
const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
struct GNUNET_CREDENTIAL_Credential *crd;
struct CredentialRecordEntry *cr_entry;
int cred_record_count;
- int i;
cred_record_count = 0;
- for (i=0; i < rd_count; i++)
+ for (uint32_t i=0; i < rd_count; i++)
{
if (GNUNET_GNSRECORD_TYPE_CREDENTIAL != rd[i].record_type)
continue;
vrh);
}
-/**
- * We encountered an error while collecting
- */
static void
handle_cred_collection_finished_cb (void *cls)
{
delegation_chain_resolution_start (vrh);
}
-/**
- * Handle Credential collection requests from client
- *
- * @param cls the closure
- * @param client the client
- * @param message the message
- */
static void
handle_collect (void *cls,
const struct CollectMessage *c_msg)
}
-/**
- * Checks a #GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT message
- *
- * @param cls client sending the message
- * @param v_msg message of type `struct CollectMessage`
- * @return #GNUNET_OK if @a v_msg is well-formed
- */
static int
check_collect (void *cls,
const struct CollectMessage *c_msg)
return GNUNET_OK;
}
-/**
- * One of our clients disconnected, clean up after it.
- *
- * @param cls NULL
- * @param client the client that disconnected
- */
static void
client_disconnect_cb (void *cls,
struct GNUNET_SERVICE_Client *client,
client);
}
-/**
- * Add a client to our list of active clients.
- *
- * @param cls NULL
- * @param client client to add
- * @param mq message queue for @a client
- * @return this client
- */
static void *
client_connect_cb (void *cls,
struct GNUNET_SERVICE_Client *client,
* Process Credential requests.
*
* @param cls closure
- * @param server the initialized server
* @param c configuration to use
+ * @param handle service handle
*/
static void
run (void *cls,
/**
* @file credential/plugin_gnsrecord_credential.c
* @brief gnsrecord plugin to provide the API for CREDENTIAL records
- * @author Adnan Husain
+ * @author Martin Schanzenbach
*/
#include "platform.h"
*/
/**
* @author Martin Schanzenbach
- * @file gns/plugin_rest_credential.c
+ * @file credential/plugin_rest_credential.c
* @brief GNUnet CREDENTIAL REST plugin
*
*/
}
-/**
- * Task run on shutdown. Cleans up everything.
- *
- * @param cls unused
- * @param tc scheduler context
- */
static void
do_error (void *cls)
{
/**
* Attribute delegation to JSON
- * @param attr the attribute
+ *
+ * @param delegation_chain_entry the DSE
* @return JSON, NULL if failed
*/
static json_t*
/**
* JSONAPI resource to Credential
+ *
* @param res the JSONAPI resource
* @return the resulting credential, NULL if failed
*/
/**
* Credential to JSON
+ *
* @param cred the credential
* @return the resulting json, NULL if failed
*/
return cred_obj;
}
-/**
- * Function called with the result of a Credential lookup.
- *
- * @param cls the 'const char *' name that was resolved
- * @param cd_count number of records returned
- * @param cd array of @a cd_count records with the results
- */
static void
handle_collect_response (void *cls,
unsigned int d_count,
-/**
- * Function called with the result of a Credential lookup.
- *
- * @param cls the 'const char *' name that was resolved
- * @param cd_count number of records returned
- * @param cd array of @a cd_count records with the results
- */
static void
handle_verify_response (void *cls,
unsigned int d_count,
handle);
}
-/**
- * Handle rest request
- *
- * @param handle the lookup handle
- */
static void
options_cont (struct GNUNET_REST_RequestHandle *con_handle,
const char* url,
}
-/**
- * Function processing the REST call
- *
- * @param method HTTP method
- * @param url URL of the HTTP request
- * @param data body of the HTTP request (optional)
- * @param data_size length of the body
- * @param proc callback function for the result
- * @param proc_cls closure for callback function
- * @return GNUNET_OK if request accepted
- */
static void
rest_credential_process_request(struct GNUNET_REST_RequestHandle *conndata_handle,
GNUNET_REST_ResultProcessor proc,
*/
/**
- * @file identity-provider/identity_attribute.c
+ * @file identity-attribute/identity_attribute.c
* @brief helper library to manage identity attributes
* @author Martin Schanzenbach
*/
/**
* Create a new attribute.
*
- * @param name the attribute name
+ * @param attr_name the attribute name
* @param type the attribute type
* @param data the attribute value
* @param data_size the attribute value size
*/
struct GNUNET_IDENTITY_ATTRIBUTE_Claim *
GNUNET_IDENTITY_ATTRIBUTE_claim_new (const char* attr_name,
- uint32_t attr_type,
+ uint32_t type,
const void* data,
size_t data_size)
{
attr = GNUNET_malloc (sizeof (struct GNUNET_IDENTITY_ATTRIBUTE_Claim) +
strlen (attr_name) + 1 +
data_size);
- attr->type = attr_type;
+ attr->type = type;
attr->data_size = data_size;
attr->version = 0;
write_ptr = (char*)&attr[1];
*/
/**
* @author Martin Schanzenbach
- * @file identity-provider/identity_attribute.h
- * @brief GNUnet Identity Provider library
+ * @file identity-attribute/identity_attribute.h
+ * @brief GNUnet Identity attributes
*
*/
#ifndef IDENTITY_ATTRIBUTE_H
*/
/**
- * @file identity-provider/plugin_identity_attribute_gnuid.c
+ * @file identity-attribute/plugin_identity_attribute_gnuid.c
* @brief identity attribute plugin to provide the API for fundamental
* attribute types.
*
GNUNET_NAMESTORE_disconnect (ns_handle);
if (NULL != stats_handle)
GNUNET_STATISTICS_destroy (stats_handle, GNUNET_NO);
- if (NULL != token)
- GNUNET_free (token);
- if (NULL != label)
- GNUNET_free (label);
+ GNUNET_free_non_null (token);
+ GNUNET_free_non_null (label);
}
* Shutdown task
*
* @param cls NULL
- * @param tc task context
*/
static void
do_shutdown (void *cls)
{
struct AbeBootstrapHandle *abh = cls;
struct GNUNET_ABE_AbeMasterKey *abe_key;
- int i;
- for (i=0;i<rd_count;i++) {
+ for (uint32_t i=0;i<rd_count;i++) {
if (GNUNET_GNSRECORD_TYPE_ABE_MASTER != rd[i].record_type)
continue;
abe_key = GNUNET_ABE_cpabe_deserialize_master_key (rd[i].data,
char *label;
char *policy;
int attrs_len;
- int i;
+ uint32_t i;
size_t code_record_len;
//Create new ABE key for RP
}
-/**
- * Checks a ticket issue message
- *
- * @param cls client sending the message
- * @param im message of type `struct TicketIssueMessage`
- * @return #GNUNET_OK if @a im is well-formed
- */
static int
check_issue_ticket_message(void *cls,
const struct IssueTicketMessage *im)
}
-/**
- *
- * Handler for ticket issue message
- *
- * @param cls unused
- * @param client who sent the message
- * @param message the message
- */
static void
handle_issue_ticket_message (void *cls,
const struct IssueTicketMessage *im)
/**
* Cleanup revoke handle
+ *
+ * @param rh the ticket revocation handle
*/
static void
-cleanup_revoke_ticket_handle (struct TicketRevocationHandle *handle)
-{
- if (NULL != handle->attrs)
- GNUNET_IDENTITY_ATTRIBUTE_list_destroy (handle->attrs);
- if (NULL != handle->rvk_attrs)
- GNUNET_IDENTITY_ATTRIBUTE_list_destroy (handle->rvk_attrs);
- if (NULL != handle->abe_key)
- GNUNET_ABE_cpabe_delete_master_key (handle->abe_key);
- if (NULL != handle->ns_qe)
- GNUNET_NAMESTORE_cancel (handle->ns_qe);
- if (NULL != handle->ns_it)
- GNUNET_NAMESTORE_zone_iteration_stop (handle->ns_it);
- GNUNET_free (handle);
+cleanup_revoke_ticket_handle (struct TicketRevocationHandle *rh)
+{
+ if (NULL != rh->attrs)
+ GNUNET_IDENTITY_ATTRIBUTE_list_destroy (rh->attrs);
+ if (NULL != rh->rvk_attrs)
+ GNUNET_IDENTITY_ATTRIBUTE_list_destroy (rh->rvk_attrs);
+ if (NULL != rh->abe_key)
+ GNUNET_ABE_cpabe_delete_master_key (rh->abe_key);
+ if (NULL != rh->ns_qe)
+ GNUNET_NAMESTORE_cancel (rh->ns_qe);
+ if (NULL != rh->ns_it)
+ GNUNET_NAMESTORE_zone_iteration_stop (rh->ns_it);
+ GNUNET_free (rh);
}
/**
* Send revocation result
+ *
+ * @param rh ticket revocation handle
+ * @param success GNUNET_OK if successful result
*/
static void
send_revocation_finished (struct TicketRevocationHandle *rh,
char *label;
char *policy;
int attrs_len;
- int i;
+ uint32_t i;
int reissue_ticket;
size_t code_record_len;
rh);
}
-/**
- * Checks a ticket revocation message
- *
- * @param cls client sending the message
- * @param im message of type `struct RevokeTicketMessage`
- * @return #GNUNET_OK if @a im is well-formed
- */
static int
check_revoke_ticket_message(void *cls,
const struct RevokeTicketMessage *im)
}
return GNUNET_OK;
}
-/**
- *
- * Handler for ticket revocation message
- *
- * @param cls unused
- * @param client who sent the message
- * @param message the message
- */
+
static void
handle_revoke_ticket_message (void *cls,
const struct RevokeTicketMessage *rm)
-/**
- * Checks a ticket consume message
- *
- * @param cls client sending the message
- * @param im message of type `struct ConsumeTicketMessage`
- * @return #GNUNET_OK if @a im is well-formed
- */
static int
check_consume_ticket_message(void *cls,
const struct ConsumeTicketMessage *cm)
}
-/**
- *
- * Handler for ticket issue message
- *
- * @param cls unused
- * @param client who sent the message
- * @param message the message
- */
static void
handle_consume_ticket_message (void *cls,
const struct ConsumeTicketMessage *cm)
GNUNET_SCHEDULER_add_now (&attr_store_task, ash);
}
-/**
- * Checks a store message
- *
- * @param cls client sending the message
- * @param sam message of type `struct AttributeStoreMessage`
- * @return #GNUNET_OK if @a im is well-formed
- */
static int
check_attribute_store_message(void *cls,
const struct AttributeStoreMessage *sam)
}
-/**
- *
- * Handler for store message
- *
- * @param cls unused
- * @param client who sent the message
- * @param message the message
- */
static void
handle_attribute_store_message (void *cls,
const struct AttributeStoreMessage *sam)
-/**
- * Handles a #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ITERATION_START message
- *
- * @param cls the client sending the message
- * @param zis_msg message from the client
- */
static void
handle_iteration_start (void *cls,
const struct AttributeIterationStartMessage *ais_msg)
}
-/**
- * Handles a #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ITERATION_STOP message
- *
- * @param cls the client sending the message
- * @param ais_msg message from the client
- */
static void
handle_iteration_stop (void *cls,
const struct AttributeIterationStopMessage *ais_msg)
}
-/**
- * Handles a #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_ITERATION_NEXT message
- *
- * @param cls the client sending the message
- * @param message message from the client
- */
static void
handle_iteration_next (void *cls,
const struct AttributeIterationNextMessage *ais_msg)
cleanup_ticket_iter_handle (ti);
}
-/**
- * Handles a #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ITERATION_START message
- *
- * @param cls the client sending the message
- * @param tis_msg message from the client
- */
static void
handle_ticket_iteration_start (void *cls,
const struct TicketIterationStartMessage *tis_msg)
}
-/**
- * Handles a #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ITERATION_STOP message
- *
- * @param cls the client sending the message
- * @param tis_msg message from the client
- */
static void
handle_ticket_iteration_stop (void *cls,
const struct TicketIterationStopMessage *tis_msg)
}
-/**
- * Handles a #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ITERATION_NEXT message
- *
- * @param cls the client sending the message
- * @param message message from the client
- */
static void
handle_ticket_iteration_next (void *cls,
const struct TicketIterationNextMessage *tis_msg)
* Main function that will be run
*
* @param cls closure
- * @param args remaining command-line arguments
- * @param cfgfile name of the configuration file used (for saving, can be NULL)
- * @param c configuration
+ * @param c the configuration used
+ * @param server the service handle
*/
static void
run (void *cls,
struct IssueTicketMessage
{
/**
- * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ISSUE
+ * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ISSUE_TICKET
*/
struct GNUNET_MessageHeader header;
struct RevokeTicketMessage
{
/**
- * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ISSUE
+ * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_REVOKE_TICKET
*/
struct GNUNET_MessageHeader header;
struct RevokeTicketResultMessage
{
/**
- * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ISSUE
+ * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_REVOKE_TICKET_RESULT
*/
struct GNUNET_MessageHeader header;
struct ConsumeTicketMessage
{
/**
- * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_TICKET_ISSUE
+ * Type will be #GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_CONSUME_TICKET
*/
struct GNUNET_MessageHeader header;
};
-
/**
* Try again to connect to the service.
*
- * @param cls handle to the service.
+ * @param h handle to the identity provider service.
*/
static void
-reconnect (struct GNUNET_IDENTITY_PROVIDER_Handle *handle);
+reconnect (struct GNUNET_IDENTITY_PROVIDER_Handle *h);
/**
* Reconnect
/**
* Disconnect from service and then reconnect.
*
- * @param handle our handle
+ * @param handle our service
*/
static void
force_reconnect (struct GNUNET_IDENTITY_PROVIDER_Handle *handle)
/**
* Try again to connect to the service.
*
- * @param cls handle to the identity provider service.
+ * @param h handle to the identity provider service.
*/
static void
reconnect (struct GNUNET_IDENTITY_PROVIDER_Handle *h)
*
* @param h handle to the identity provider
* @param pkey private key of the identity
- * @param name the attribute name
- * @param value the attribute value
+ * @param attr the attribute value
* @param cont continuation to call when done
* @param cont_cls closure for @a cont
* @return handle to abort the request
* @param h the identity provider to use
* @param iss the issuing identity
* @param rp the subject of the ticket (the relying party)
- * @param attr the attributes that the relying party is given access to
+ * @param attrs the attributes that the relying party is given access to
* @param cb the callback
* @param cb_cls the callback closure
* @return handle to abort the operation
* Consumes an issued ticket. The ticket is persisted
* and used to retrieve identity information from the issuer
*
- * @param id the identity provider to use
+ * @param h the identity provider to use
* @param identity the identity that is the subject of the issued ticket (the relying party)
* @param ticket the issued ticket to consume
* @param cb the callback to call
* Lists all tickets that have been issued to remote
* identites (relying parties)
*
- * @param id the identity provider to use
+ * @param h the identity provider to use
* @param identity the issuing identity
* @param error_cb function to call on error (i.e. disconnect),
* the handle is afterwards invalid
* Revoked an issued ticket. The relying party will be unable to retrieve
* updated attributes.
*
- * @param id the identity provider to use
+ * @param h the identity provider to use
* @param identity the issuing identity
* @param ticket the ticket to revoke
* @param cb the callback
*/
/**
- * @file identity/plugin_gnsrecord_identity.c
+ * @file identity-provider/plugin_gnsrecord_identity_provider.c
* @brief gnsrecord plugin to provide the API for identity records
- * @author Christian Grothoff
+ * @author Martin Schanzenbach
*/
#include "platform.h"
#include "gnunet_util_lib.h"
*
* @param cls closure (internal context for the plugin)
* @param ticket the ticket to persist
+ * @param attrs the attributes associated with the ticket
* @return #GNUNET_OK on success, else #GNUNET_SYSERR
*/
static int
* Lookup tickets in the datastore.
*
* @param cls closure (internal context for the plugin)
- * @param zone private key of the zone
- * @param label name of the record in the zone
+ * @param ticket the ticket to retrieve attributes for
* @param iter function to call with the result
* @param iter_cls closure for @a iter
* @return #GNUNET_OK on success, else #GNUNET_SYSERR
}
-/**
- * Function processing the REST call
- *
- * @param method HTTP method
- * @param url URL of the HTTP request
- * @param data body of the HTTP request (optional)
- * @param data_size length of the body
- * @param proc callback function for the result
- * @param proc_cls closure for callback function
- * @return GNUNET_OK if request accepted
- */
static void
rest_identity_process_request(struct GNUNET_REST_RequestHandle *rest_handle,
GNUNET_REST_ResultProcessor proc,
*/
/**
- * @file include/gnunet_crypto_lib.h
- * @brief cryptographic primitives for GNUnet
+ * @file include/gnunet_abe_lib.h
+ * @brief Attribute-Based Encryption primitives for GNUnet
*
* @author Martin Schanzenbach
*
* @ingroup abe
* Create a new CP-ABE master key. Caller must free return value.
*
- * @return fresh private key; free using #GNUNET_free
+ * @return fresh private key; free using #GNUNET_ABE_cpabe_delete_master_key
*/
struct GNUNET_ABE_AbeMasterKey *
GNUNET_ABE_cpabe_create_master_key (void);
+
+/**
+ * @ingroup abe
+ * Delete a CP-ABE master key.
+ *
+ * @param key the master key
+ * @return fresh private key; free using #GNUNET_free
+ */
void
GNUNET_ABE_cpabe_delete_master_key (struct GNUNET_ABE_AbeMasterKey *key);
* @ingroup abe
* Create a new CP-ABE key. Caller must free return value.
*
- * @return fresh private key; free using #GNUNET_free
+ * @param key the master key
+ * @param attrs the attributes to append to the key
+ * @return fresh private key; free using #GNUNET_ABE_cpabe_delete_key
*/
struct GNUNET_ABE_AbeKey *
-GNUNET_ABE_cpabe_create_key (struct GNUNET_ABE_AbeMasterKey *msk,
+GNUNET_ABE_cpabe_create_key (struct GNUNET_ABE_AbeMasterKey *key,
char **attrs);
+
+/**
+ * @ingroup abe
+ * Delete a CP-ABE key.
+ *
+ * @param key the key to delete
+ * @param delete_pub GNUNE_YES if the public key should also be freed (bug in gabe)
+ * @return fresh private key; free using #GNUNET_free
+ */
void
GNUNET_ABE_cpabe_delete_key (struct GNUNET_ABE_AbeKey *key,
int delete_pub);
*
* @param block the block to encrypt
* @param size the size of the @a block
- * @param sessionkey the key used to encrypt
- * @param iv the initialization vector to use, use INITVALUE
- * for streams.
+ * @param policy the ABE policy
+ * @param key the key used to encrypt
+ * @param result the result buffer. Will be allocated. Free using #GNUNET_free
* @return the size of the encrypted block, -1 for errors
*/
ssize_t
/**
* @ingroup abe
- * Encrypt a block using sessionkey.
+ * Decrypt a block using the ABE key.
*
* @param block the block to encrypt
* @param size the size of the @a block
- * @param sessionkey the key used to encrypt
- * @param iv the initialization vector to use, use INITVALUE
- * for streams.
+ * @param key the key used to decrypt
+ * @param result the result buffer. Will be allocated. Free using #GNUNET_free
* @return the size of the encrypted block, -1 for errors
*/
ssize_t
const struct GNUNET_ABE_AbeKey *key,
void **result);
+/**
+ * @ingroup abe
+ * Serialize an ABE key.
+ *
+ * @param key the key to serialize
+ * @param result the result buffer. Will be allocated. Free using #GNUNET_free
+ * @return the size of the encrypted block, -1 for errors
+ */
ssize_t
GNUNET_ABE_cpabe_serialize_key (const struct GNUNET_ABE_AbeKey *key,
void **result);
+/**
+ * @ingroup abe
+ * Deserialize a serialized ABE key.
+ *
+ * @param data the data to deserialize
+ * @param len the length of the data.
+ * @return the ABE key. NULL of unsuccessful
+ */
struct GNUNET_ABE_AbeKey*
GNUNET_ABE_cpabe_deserialize_key (const void *data,
size_t len);
+/**
+ * @ingroup abe
+ * Serialize an ABE master key.
+ *
+ * @param key the key to serialize
+ * @param result the result buffer. Will be allocated. Free using #GNUNET_free
+ * @return the size of the encrypted block, -1 for errors
+ */
ssize_t
GNUNET_ABE_cpabe_serialize_master_key (const struct GNUNET_ABE_AbeMasterKey *key,
void **result);
+/**
+ * @ingroup abe
+ * Deserialize an ABE master key.
+ *
+ * @param data the data to deserialize
+ * @param len the length of the data.
+ * @return the ABE key. NULL of unsuccessful
+ */
struct GNUNET_ABE_AbeMasterKey*
GNUNET_ABE_cpabe_deserialize_master_key (const void *data,
size_t len);
/**
* @author Martin Schanzenbach
- * @author Adnan Husain
*
* @file
* API to the Credential service
* @param issuer_key the issuer public key
* @param issuer_attribute the issuer attribute
* @param subject_key the subject public key
- * @param subject_attribute the attribute claimed by the subject
+ * @param credential_count number of credentials
+ * @param credentials the subject credentials
* @param proc function to call on result
* @param proc_cls closure for processor
* @return handle to the queued request
* @param attribute the name of the attribute to delegate
* @param subject the subject of the delegation
* @param delegated_attribute the name of the attribute that is delegated to
+ * @param proc the result callback
+ * @param proc_cls the result closure context
* @return handle to the queued request
*/
struct GNUNET_CREDENTIAL_Request *
* @param handle handle to the Credential service
* @param issuer the ego that was used to delegate the attribute
* @param attribute the name of the attribute that is delegated
+ * @param proc the callback
+ * @param proc_cls callback closure
* @return handle to the queued request
*/
struct GNUNET_CREDENTIAL_Request *
/**
* Issue an attribute to a subject
*
- * @param handle handle to the Credential service
* @param issuer the ego that should be used to issue the attribute
* @param subject the subject of the attribute
* @param attribute the name of the attribute
* @return handle to the queued request
*/
struct GNUNET_CREDENTIAL_Credential*
-GNUNET_CREDENTIAL_credential_issue (
- const struct GNUNET_CRYPTO_EcdsaPrivateKey *issuer,
+GNUNET_CREDENTIAL_credential_issue (const struct GNUNET_CRYPTO_EcdsaPrivateKey *issuer,
struct GNUNET_CRYPTO_EcdsaPublicKey *subject,
const char *attribute,
struct GNUNET_TIME_Absolute *expiration);
-/**
- * Remove a credential
- *
- * @param handle handle to the Credential service
- * @param issuer the identity that issued the credential
- * @param subject the subject of the credential
- * @param credential the name of the credential
- * @return handle to the queued request
- */
-/**
- struct GNUNET_CREDENTIAL_IssueRequest *
- GNUNET_CREDENTIAL_remove (struct GNUNET_CREDENTIAL_Handle *handle,
- struct GNUNET_IDENTITY_Ego *issuer,
- struct GNUNET_IDENTITY_Ego *subject,
- const char *credential,
- GNUNET_CREDENTIAL_IssueResultProcessor proc,
- void *proc_cls);
- */
-
/**
* Cancel pending lookup request
* @param lr the lookup request to cancel
*/
void
-GNUNET_CREDENTIAL_request_cancel (struct GNUNET_CREDENTIAL_Request *vr);
+GNUNET_CREDENTIAL_request_cancel (struct GNUNET_CREDENTIAL_Request *lr);
#if 0 /* keep Emacsens' auto-indent happy */
/**
* Create a new attribute claim.
*
- * @param name the attribute name
+ * @param attr_name the attribute name
* @param type the attribute type
* @param data the attribute value
* @param data_size the attribute value size
* Process an attribute that was stored in the idp.
*
* @param cls closure
+ * @param identity the identity
* @param attr the attribute
*/
typedef void
/**
* Issues a ticket to another identity. The identity may use
- * @GNUNET_IDENTITY_PROVIDER_authorization_ticket_consume to consume the ticket
+ * GNUNET_IDENTITY_PROVIDER_ticket_consume to consume the ticket
* and retrieve the attributes specified in the AttributeList.
*
- * @param id the identity provider to use
+ * @param h the identity provider to use
* @param iss the issuing identity
* @param rp the subject of the ticket (the relying party)
- * @param attr the attributes that the relying party is given access to
+ * @param attrs the attributes that the relying party is given access to
* @param cb the callback
* @param cb_cls the callback closure
* @return handle to abort the operation
*/
struct GNUNET_IDENTITY_PROVIDER_Operation *
-GNUNET_IDENTITY_PROVIDER_ticket_issue (struct GNUNET_IDENTITY_PROVIDER_Handle *id,
+GNUNET_IDENTITY_PROVIDER_ticket_issue (struct GNUNET_IDENTITY_PROVIDER_Handle *h,
const struct GNUNET_CRYPTO_EcdsaPrivateKey *iss,
const struct GNUNET_CRYPTO_EcdsaPublicKey *rp,
const struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attrs,
* Revoked an issued ticket. The relying party will be unable to retrieve
* updated attributes.
*
- * @param id the identity provider to use
+ * @param h the identity provider to use
* @param identity the issuing identity
* @param ticket the ticket to revoke
* @param cb the callback
* @return handle to abort the operation
*/
struct GNUNET_IDENTITY_PROVIDER_Operation *
-GNUNET_IDENTITY_PROVIDER_ticket_revoke (struct GNUNET_IDENTITY_PROVIDER_Handle *id,
+GNUNET_IDENTITY_PROVIDER_ticket_revoke (struct GNUNET_IDENTITY_PROVIDER_Handle *h,
const struct GNUNET_CRYPTO_EcdsaPrivateKey *identity,
const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket,
GNUNET_IDENTITY_PROVIDER_ContinuationWithStatus cb,
* Consumes an issued ticket. The ticket is persisted
* and used to retrieve identity information from the issuer
*
- * @param id the identity provider to use
+ * @param h the identity provider to use
* @param identity the identity that is the subject of the issued ticket (the audience)
* @param ticket the issued ticket to consume
* @param cb the callback to call
* @return handle to abort the operation
*/
struct GNUNET_IDENTITY_PROVIDER_Operation *
-GNUNET_IDENTITY_PROVIDER_ticket_consume (struct GNUNET_IDENTITY_PROVIDER_Handle *id,
+GNUNET_IDENTITY_PROVIDER_ticket_consume (struct GNUNET_IDENTITY_PROVIDER_Handle *h,
const struct GNUNET_CRYPTO_EcdsaPrivateKey *identity,
const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket,
GNUNET_IDENTITY_PROVIDER_AttributeResult cb,
* Lists all tickets that have been issued to remote
* identites (relying parties)
*
- * @param id the identity provider to use
+ * @param h the identity provider to use
* @param identity the issuing identity
* @param error_cb function to call on error (i.e. disconnect),
* the handle is afterwards invalid
*
* @param url URL to check
* @param namespace namespace to check against
- * @retun GNUNET_YES if namespace matches
+ * @return GNUNET_YES if namespace matches
*/
int
GNUNET_REST_namespace_match (const char *url, const char *namespace);
* Create REST MHD response
*
* @param data result
- * @retun MHD response
+ * @return MHD response
*/
struct MHD_Response*
GNUNET_REST_create_response (const char *data);
/**
* Plugin name. Used as the namespace for the API.
- * e.g. http://hostname:port/<name>
+ * e.g. http://hostname:port/name
*/
char *name;
projects / oweals / gnunet.git / commitdiff