json_t *attr_obj;
issuer = GNUNET_CRYPTO_ecdsa_public_key_to_string (&delegation_chain_entry->issuer_key);
+ if (NULL == issuer)
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Issuer in delegation malformed\n");
return NULL;
}
subject = GNUNET_CRYPTO_ecdsa_public_key_to_string (&delegation_chain_entry->subject_key);
+ if (NULL == subject)
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Subject in credential malformed\n");
}
attr_obj = json_object ();
- json_object_set_new (attr_obj, "subject", json_string (subject));
- json_object_set_new (attr_obj, "issuer", json_string (issuer));
+ json_object_set_new (attr_obj, "issuer", json_string (issuer));
json_object_set_new (attr_obj, "issuer_attribute",
json_string (delegation_chain_entry->issuer_attribute));
+ json_object_set_new (attr_obj, "subject", json_string (subject));
if (0 < delegation_chain_entry->subject_attribute_len)
{
json_object_set_new (attr_obj, "subject_attribute",
json_string (delegation_chain_entry->subject_attribute));
}
+ GNUNET_free (issuer);
GNUNET_free (subject);
return attr_obj;
}
json_t *cred_array;
json_t *attr_array;
char *result;
+ char *issuer;
+ char *id;
uint32_t i;
handle->verify_request = NULL;
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
+ issuer = GNUNET_CRYPTO_ecdsa_public_key_to_string (&handle->issuer_key);
+ if (NULL == issuer)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Issuer in delegation malformed\n");
+ return;
+ }
+ GNUNET_asprintf (&id,
+ "%s.%s",
+ issuer,
+ handle->issuer_attr);
+ GNUNET_free (issuer);
json_document = GNUNET_JSONAPI_document_new ();
json_resource = GNUNET_JSONAPI_resource_new (GNUNET_REST_JSONAPI_CREDENTIAL_TYPEINFO,
- handle->issuer_attr);
- cred_obj = credential_to_json (cred);
+ id);
+ GNUNET_free (id);
attr_array = json_array ();
for (i = 0; i < d_count; i++)
{
attr_obj = attribute_delegation_to_json (&delegation_chain[i]);
- json_array_append (attr_array, attr_obj);
- json_decref (attr_obj);
+ json_array_append_new (attr_array, attr_obj);
}
cred_array = json_array ();
for (i=0;i<c_count;i++)
{
cred_obj = credential_to_json (&cred[i]);
- json_array_append (cred_array, cred_obj);
- json_decref (cred_obj);
+ json_array_append_new (cred_array, cred_obj);
}
GNUNET_JSONAPI_resource_add_attr (json_resource,
GNUNET_REST_JSONAPI_CREDENTIAL,
--- /dev/null
+#!/bin/bash
+trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
+
+LOCATION=$(which gnunet-config)
+if [ -z $LOCATION ]
+then
+ LOCATION="gnunet-config"
+fi
+$LOCATION --version 1> /dev/null
+if test $? != 0
+then
+ echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
+ exit 77
+fi
+
+rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
+
+# (1) Service.user -> GNU.project.member
+# (2) GNU.project -> GNUnet
+# (3) GNUnet.member -> GNUnet.developer
+# (4) GNUnet.member -> GNUnet.user
+# (5) GNUnet.developer -> Alice
+
+
+which timeout &> /dev/null && DO_TIMEOUT="timeout 30"
+gnunet-arm -s -c test_credential_lookup.conf
+gnunet-identity -C service -c test_credential_lookup.conf
+gnunet-identity -C alice -c test_credential_lookup.conf
+gnunet-identity -C gnu -c test_credential_lookup.conf
+gnunet-identity -C gnunet -c test_credential_lookup.conf
+
+GNU_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep gnu | grep -v gnunet | awk '{print $3}')
+ALICE_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep alice | awk '{print $3}')
+GNUNET_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep gnunet | awk '{print $3}')
+SERVICE_KEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep service | awk '{print $3}')
+
+USER_ATTR="user"
+GNU_PROJECT_ATTR="project"
+MEMBER_ATTR="member"
+DEVELOPER_ATTR="developer"
+DEV_ATTR="developer"
+TEST_CREDENTIAL="mygnunetcreds"
+
+# (1) A service assigns the attribute "user" to all entities that have been assigned "member" by entities that werde assigned "project" from GNU
+gnunet-namestore -p -z service -a -n $USER_ATTR -t ATTR -V "$GNU_KEY $GNU_PROJECT_ATTR.$MEMBER_ATTR" -e 5m -c test_credential_lookup.conf
+
+# (2) GNU recognized GNUnet as a GNU project and delegates the "project" attribute
+gnunet-namestore -p -z gnu -a -n $GNU_PROJECT_ATTR -t ATTR -V "$GNUNET_KEY" -e 5m -c test_credential_lookup.conf
+
+# (3+4) GNUnet assigns the attribute "member" to all entities gnunet has also assigned "developer" or "user"
+gnunet-namestore -p -z gnunet -a -n $MEMBER_ATTR -t ATTR -V "$GNUNET_KEY $DEVELOPER_ATTR" -e 5m -c test_credential_lookup.conf
+gnunet-namestore -p -z gnunet -a -n $MEMBER_ATTR -t ATTR -V "$GNUNET_KEY $USER_ATTR" -e 5m -c test_credential_lookup.conf
+
+# (5) GNUnet issues Alice the credential "developer"
+CRED=`$DO_TIMEOUT gnunet-credential --issue --ego=gnunet --subject=$ALICE_KEY --attribute=$DEV_ATTR --ttl=5m -c test_credential_lookup.conf`
+
+# Alice stores the credential under "mygnunetcreds"
+gnunet-namestore -p -z alice -a -n $TEST_CREDENTIAL -t CRED -V "$CRED" -e 5m -c test_credential_lookup.conf
+
+#TODO2 Add -z swich like in gnunet-gns
+RES_CRED=`gnunet-credential --verify --issuer=$SERVICE_KEY --attribute=$USER_ATTR --subject=$ALICE_KEY --credential=$TEST_CREDENTIAL -c test_credential_lookup.conf`
+
+gnunet-arm -i rest -c test_credential_lookup.conf
+
+sleep 5
+
+echo "localhost:7776/credential?attribute=$SERVICE_KEY.$USER_ATTR&credential=$ALICE_KEY.$TEST_CREDENTIAL"
+curl -v "localhost:7776/credential?attribute=$SERVICE_KEY.$USER_ATTR&credential=$ALICE_KEY.$TEST_CREDENTIAL"
+
+#TODO cleanup properly
+gnunet-namestore -z alice -d -n $TEST_CREDENTIAL -t CRED -e never -c test_credential_lookup.conf
+gnunet-namestore -z gnu -d -n $GNU_PROJECT_ATTR -t ATTR -c test_credential_lookup.conf
+gnunet-namestore -z gnunet -d -n $MEMBER_ATTR -t ATTR -c test_credential_lookup.conf
+gnunet-namestore -z service -d -n $USER_ATTR -t ATTR -c test_credential_lookup.conf
+gnunet-arm -e -c test_credential_lookup.conf
+
+if [ "$RES_CRED" != "Failed." ]
+then
+ echo -e "${RES_CRED}"
+ exit 0
+else
+ echo "FAIL: Failed to verify credential $RES_CRED."
+ exit 1
+fi
projects / oweals / gnunet.git / commitdiff