-add serializer
authorSchanzenbach, Martin <mschanzenbach@posteo.de>
Wed, 14 Dec 2016 06:52:23 +0000 (07:52 +0100)
committerSchanzenbach, Martin <mschanzenbach@posteo.de>
Wed, 14 Dec 2016 06:52:23 +0000 (07:52 +0100)
src/credential/Makefile.am
src/credential/credential.h
src/credential/credential_api.c
src/credential/credential_serialization.c [new file with mode: 0644]
src/credential/credential_serialization.h [new file with mode: 0644]
src/credential/gnunet-credential.c
src/credential/gnunet-service-credential.c
src/credential/plugin_rest_credential.c
src/credential/test_credential_verify.sh
src/include/gnunet_credential_service.h

index 13da9dc0f59c2b3e835fdbfc561bb155921e4905..51dbb34d753ea276014f83f27ce4f6a72928daf8 100644 (file)
@@ -63,8 +63,9 @@ libgnunet_plugin_gnsrecord_credential_la_LDFLAGS = \
 
 
 gnunet_service_credential_SOURCES = \
- gnunet-service-credential.c 
+ gnunet-service-credential.c
 gnunet_service_credential_LDADD = \
+       libgnunetcredential.la \
   $(top_builddir)/src/util/libgnunetutil.la \
        $(top_builddir)/src/gns/libgnunetgns.la \
   $(top_builddir)/src/statistics/libgnunetstatistics.la \
@@ -72,7 +73,8 @@ gnunet_service_credential_LDADD = \
 
 
 libgnunetcredential_la_SOURCES = \
- credential_api.c credential.h
+ credential_api.c credential.h \
+ credential_serialization.c
 libgnunetcredential_la_LIBADD = \
  $(top_builddir)/src/util/libgnunetutil.la $(XLIB) 
 libgnunetcredential_la_LDFLAGS = \
index d52776cfa44a6235bbc54fcd95384802b2c1de1b..209fcdcaa9f7db21ce3c5403cda145b1b9dbd8d6 100644 (file)
@@ -92,7 +92,7 @@ struct VerifyResultMessage
   /**
    * The number of credentials in the response
    */
-  uint32_t cd_count GNUNET_PACKED;
+  uint32_t d_count GNUNET_PACKED;
 
   /* followed by ad_count GNUNET_CREDENTIAL_RecordData structs*/
 
index 54a02484df59a3c37918bde2ce31a75bc39d83cc..cae670206586fc7da3279bd3d7b54a2f3f422088 100644 (file)
@@ -30,6 +30,7 @@
 #include "gnunet_protocols.h"
 #include "gnunet_signatures.h"
 #include "credential.h"
+#include "credential_serialization.h"
 #include "gnunet_credential_service.h"
 #include "gnunet_identity_service.h"
 
@@ -213,6 +214,10 @@ handle_result (void *cls,
   struct GNUNET_CREDENTIAL_Handle *handle = cls;
   uint32_t r_id = ntohl (vr_msg->id);
   struct GNUNET_CREDENTIAL_Request *vr;
+  size_t mlen = ntohs (vr_msg->header.size) - sizeof (*vr_msg);
+  uint32_t d_count = ntohl (vr_msg->d_count);
+  struct GNUNET_CREDENTIAL_Delegation d_chain[d_count];
+  struct GNUNET_CREDENTIAL_Credential cred;
   GNUNET_CREDENTIAL_VerifyResultProcessor proc;
   void *proc_cls;
 
@@ -229,24 +234,23 @@ handle_result (void *cls,
                                handle->verify_tail,
                                vr);
   GNUNET_free (vr);
-  /**
   GNUNET_assert (GNUNET_OK ==
-                 GNUNET_CREDENTIAL_records_deserialize (mlen,
-                                                       (const char*) &lookup_msg[1],
-                                                       rd_count,
-                                                         rd));
-                                                         */
+                 GNUNET_CREDENTIAL_delegation_chain_deserialize (mlen,
+                                                       (const char*) &vr_msg[1],
+                                                       d_count,
+                                                       d_chain,
+                                                       &cred));
   if (GNUNET_NO == ntohl (vr_msg->cred_found))
   {
     proc (proc_cls,
-          NULL,
           0,
+          NULL,
           NULL); // TODO
   } else {
     proc (proc_cls,
-          (struct GNUNET_CREDENTIAL_CredentialRecordData*) &vr_msg[1],
-          0,
-          NULL);
+          d_count,
+          d_chain,
+          &cred);
   }
 }
 
diff --git a/src/credential/credential_serialization.c b/src/credential/credential_serialization.c
new file mode 100644 (file)
index 0000000..2fbcebd
--- /dev/null
@@ -0,0 +1,215 @@
+/*
+     This file is part of GNUnet.
+     Copyright (C) 2009-2013, 2016 GNUnet e.V.
+
+     GNUnet is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published
+     by the Free Software Foundation; either version 3, or (at your
+     option) any later version.
+
+     GNUnet is distributed in the hope that it will be useful, but
+     WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+     General Public License for more details.
+
+     You should have received a copy of the GNU General Public License
+     along with GNUnet; see the file COPYING.  If not, write to the
+     Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+     Boston, MA 02110-1301, USA.
+*/
+
+
+/**
+ * @file credential/credential_serialization.c
+ * @brief API to serialize and deserialize delegation chains 
+ * and credentials
+ * @author Martin Schanzenbach
+ */
+#include "platform.h"
+#include "gnunet_util_lib.h"
+#include "gnunet_constants.h"
+#include "gnunet_credential_service.h"
+
+GNUNET_NETWORK_STRUCT_BEGIN
+
+struct NetworkRecord
+{
+  /**
+   * Issuer key
+   */
+  struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key;
+  
+  /**
+   * Subject key
+   */
+  struct GNUNET_CRYPTO_EcdsaPublicKey subject_key;
+  
+  /**
+   * Issuer attributes
+   */
+  uint32_t issuer_attribute_len GNUNET_PACKED;
+  
+  /**
+   * Subject attributes
+   */
+  uint32_t subject_attribute_len GNUNET_PACKED;
+};
+
+GNUNET_NETWORK_STRUCT_END
+
+/**
+ * Calculate how many bytes we will need to serialize
+ * the given delegation chain and credential
+ *
+ * @param d_count number of delegation chain entries
+ * @param dd array of #GNUNET_CREDENTIAL_Delegation
+ * @param cd a #GNUNET_CREDENTIAL_Credential
+ * @return the required size to serialize
+ */
+size_t
+GNUNET_CREDENTIAL_delegation_chain_get_size (unsigned int d_count,
+                                             const struct GNUNET_CREDENTIAL_Delegation *dd,
+                                             const struct GNUNET_CREDENTIAL_Credential *cd)
+{
+  unsigned int i;
+  size_t ret;
+
+  ret = sizeof (struct NetworkRecord) * (d_count + 1);
+
+  for (i=0; i<d_count;i++)
+  {
+    GNUNET_assert ((ret +
+                    dd[i].issuer_attribute_len +
+                    dd[i].subject_attribute_len) >= ret);
+    ret += dd[i].issuer_attribute_len + dd[i].subject_attribute_len;
+  }
+  GNUNET_assert ((ret + cd->issuer_attribute_len) >= ret);
+  ret += cd->issuer_attribute_len;
+  return ret;
+}
+
+/**
+ * Serizalize the given delegation chain entries and credential
+ *
+ * @param d_count number of delegation chain entries
+ * @param dd array of #GNUNET_CREDENTIAL_Delegation
+ * @param cd a #GNUNET_CREDENTIAL_Credential
+ * @param dest_size size of the destination
+ * @param dest where to store the result
+ * @return the size of the data, -1 on failure
+ */
+ssize_t
+GNUNET_CREDENTIAL_delegation_chain_serialize (unsigned int d_count,
+                                              const struct GNUNET_CREDENTIAL_Delegation *dd,
+                                              const struct GNUNET_CREDENTIAL_Credential *cd,
+                                              size_t dest_size,
+                                              char *dest)
+{
+  struct NetworkRecord rec;
+  unsigned int i;
+  size_t off;
+
+  off = 0;
+  for (i=0;i<d_count;i++)
+  {
+    rec.issuer_attribute_len = htonl ((uint32_t) dd[i].issuer_attribute_len);
+    rec.subject_attribute_len = htonl ((uint32_t) dd[i].subject_attribute_len);
+    rec.issuer_key = dd[i].issuer_key;
+    rec.subject_key = dd[i].subject_key;
+    if (off + sizeof (rec) > dest_size)
+      return -1;
+    GNUNET_memcpy (&dest[off],
+                   &rec,
+                   sizeof (rec));
+    off += sizeof (rec);
+    if (off + dd[i].issuer_attribute_len > dest_size)
+      return -1;
+    GNUNET_memcpy (&dest[off],
+                   dd[i].issuer_attribute,
+                   dd[i].issuer_attribute_len);
+    off += dd[i].issuer_attribute_len;
+    if (0 == dd[i].subject_attribute_len)
+      continue;
+    if (off + dd[i].subject_attribute_len > dest_size)
+      return -1;
+    GNUNET_memcpy (&dest[off],
+                   dd[i].subject_attribute,
+                   dd[i].subject_attribute_len);
+    off += dd[i].subject_attribute_len;
+  }
+  rec.issuer_attribute_len = htonl ((uint32_t) cd->issuer_attribute_len);
+  rec.subject_attribute_len = htonl (0);
+  rec.issuer_key = cd->issuer_key;
+  if (off + sizeof (rec) > dest_size)
+    return -1;
+  GNUNET_memcpy (&dest[off],
+                 &rec,
+                 sizeof (rec));
+  off += sizeof (rec);
+  if (off + cd->issuer_attribute_len > dest_size)
+    return -1;
+  GNUNET_memcpy (&dest[off],
+                 cd->issuer_attribute,
+                 cd->issuer_attribute_len);
+  off += cd->issuer_attribute_len;
+
+  return off;
+}
+
+
+/**
+ * Deserialize the given destination
+ *
+ * @param len size of the serialized delegation chain and cred
+ * @param src the serialized data
+ * @param d_count the number of delegation chain entries
+ * @param dd where to put the delegation chain entries
+ * @param cd where to put the credential data
+ * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
+ */
+int
+GNUNET_CREDENTIAL_delegation_chain_deserialize (size_t len,
+                                                const char *src,
+                                                unsigned int d_count,
+                                                struct GNUNET_CREDENTIAL_Delegation *dd,
+                                                struct GNUNET_CREDENTIAL_Credential *cd)
+{
+  struct NetworkRecord rec;
+  unsigned int i;
+  size_t off;
+
+  off = 0;
+  for (i=0;i<d_count;i++)
+  {
+    if (off + sizeof (rec) > len)
+      return GNUNET_SYSERR;
+    GNUNET_memcpy (&rec, &src[off], sizeof (rec));
+    dd[i].issuer_attribute_len = ntohl ((uint32_t) rec.issuer_attribute_len);
+    dd[i].issuer_key = rec.issuer_key;
+    dd[i].subject_key = rec.subject_key;
+    off += sizeof (rec);
+    if (off + dd[i].issuer_attribute_len > len)
+      return GNUNET_SYSERR;
+    dd[i].issuer_attribute = &src[off];
+    off += dd[i].issuer_attribute_len;
+    dd[i].subject_attribute_len = ntohl ((uint32_t) rec.subject_attribute_len);
+    if (off + dd[i].subject_attribute_len > len)
+      return GNUNET_SYSERR;
+    dd[i].subject_attribute = &src[off];
+    off += dd[i].subject_attribute_len;
+  }
+  if (off + sizeof (rec) > len)
+    return GNUNET_SYSERR;
+  GNUNET_memcpy (&rec, &src[off], sizeof (rec));
+  cd->issuer_attribute_len = ntohl ((uint32_t) rec.issuer_attribute_len);
+  cd->issuer_key = rec.issuer_key;
+  cd->subject_key = rec.subject_key;
+  off += sizeof (rec);
+  if (off + cd->issuer_attribute_len > len)
+    return GNUNET_SYSERR;
+  cd->issuer_attribute = &src[off];
+  off += cd->issuer_attribute_len;
+  return GNUNET_OK;
+}
+
+/* end of credential_serialization.c */
diff --git a/src/credential/credential_serialization.h b/src/credential/credential_serialization.h
new file mode 100644 (file)
index 0000000..7e984ce
--- /dev/null
@@ -0,0 +1,81 @@
+/*
+     This file is part of GNUnet.
+     Copyright (C) 2009-2013, 2016 GNUnet e.V.
+
+     GNUnet is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published
+     by the Free Software Foundation; either version 3, or (at your
+     option) any later version.
+
+     GNUnet is distributed in the hope that it will be useful, but
+     WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+     General Public License for more details.
+
+     You should have received a copy of the GNU General Public License
+     along with GNUnet; see the file COPYING.  If not, write to the
+     Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+     Boston, MA 02110-1301, USA.
+*/
+
+
+/**
+ * @file credential/credential_serialization.h
+ * @brief API to serialize and deserialize delegation chains 
+ * and credentials
+ * @author Martin Schanzenbach
+ */
+#include "platform.h"
+#include "gnunet_util_lib.h"
+#include "gnunet_constants.h"
+#include "gnunet_credential_service.h"
+
+/**
+ * Calculate how many bytes we will need to serialize
+ * the given delegation chain and credential
+ *
+ * @param d_count number of delegation chain entries
+ * @param dd array of #GNUNET_CREDENTIAL_Delegation
+ * @param cd a #GNUNET_CREDENTIAL_Credential
+ * @return the required size to serialize
+ */
+size_t
+GNUNET_CREDENTIAL_delegation_chain_get_size (unsigned int d_count,
+                                             const struct GNUNET_CREDENTIAL_Delegation *dd,
+                                             const struct GNUNET_CREDENTIAL_Credential *cd);
+
+/**
+ * Serizalize the given delegation chain entries and credential
+ *
+ * @param d_count number of delegation chain entries
+ * @param dd array of #GNUNET_CREDENTIAL_Delegation
+ * @param cd a #GNUNET_CREDENTIAL_Credential
+ * @param dest_size size of the destination
+ * @param dest where to store the result
+ * @return the size of the data, -1 on failure
+ */
+ssize_t
+GNUNET_CREDENTIAL_delegation_chain_serialize (unsigned int d_count,
+                                              const struct GNUNET_CREDENTIAL_Delegation *dd,
+                                              const struct GNUNET_CREDENTIAL_Credential *cd,
+                                              size_t dest_size,
+                                              char *dest);
+
+
+/**
+ * Deserialize the given destination
+ *
+ * @param len size of the serialized delegation chain and cred
+ * @param src the serialized data
+ * @param d_count the number of delegation chain entries
+ * @param dd where to put the delegation chain entries
+ * @param cd where to put the credential data
+ * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
+ */
+int
+GNUNET_CREDENTIAL_delegation_chain_deserialize (size_t len,
+                                                const char *src,
+                                                unsigned int d_count,
+                                                struct GNUNET_CREDENTIAL_Delegation *dd,
+                                                struct GNUNET_CREDENTIAL_Credential *cd);
+/* end of credential_serialization.h */
index d728f533d5f24044dfae44c8e6ff7cb61c5cd9de..82f0e349c4c2691d1e16023b318fcd24f0a4d07d 100644 (file)
@@ -157,17 +157,43 @@ do_timeout (void *cls)
  */
 static void
 handle_verify_result (void *cls,
-                      struct GNUNET_CREDENTIAL_CredentialRecordData *cred,
-                      uint32_t delegation_count,
-                      struct GNUNET_CREDENTIAL_AttributeRecordData *deleg)
+                      unsigned int d_count,
+                      struct GNUNET_CREDENTIAL_Delegation *dc,
+                      struct GNUNET_CREDENTIAL_Credential *cred)
 {
-
+  int i;
 
   verify_request = NULL;
   if (NULL == cred)
-    printf ("Verify failed.\n");
+    printf ("Failed.\n");
   else
+  {
+    for (i=0;i<d_count;i++)
+    {
+      char iss_attr[dc[i].issuer_attribute_len];
+      char* iss_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dc[i].issuer_key);
+      char* sub_key = GNUNET_CRYPTO_ecdsa_public_key_to_string (&dc[i].subject_key);
+
+      char sub_attr[dc[i].subject_attribute_len];
+      memcpy (iss_attr,
+              dc[i].issuer_attribute,
+              dc[i].issuer_attribute_len);
+      iss_attr[dc[i].issuer_attribute_len] = '\0';
+      printf ("%s.%s <- ",iss_key, iss_attr);
+      printf ("%s",sub_key);
+      if (0 != dc[i].subject_attribute_len)
+      {
+        memcpy (sub_attr,
+                dc[i].subject_attribute,
+                dc[i].subject_attribute_len);
+        sub_attr[dc[i].subject_attribute_len] = '\0';
+
+        printf (".%s",sub_attr);
+      }
+      printf ("\n");
+    }
     printf ("Successful.\n");
+  }
 
 
   GNUNET_SCHEDULER_shutdown ();
@@ -209,7 +235,7 @@ identity_cb (void *cls,
     GNUNET_SCHEDULER_shutdown ();
     return;
   } else if (GNUNET_OK == GNUNET_STRINGS_fancy_time_to_relative (expiration,
-                                                          &etime_rel))
+                                                                 &etime_rel))
   {
     etime_abs = GNUNET_TIME_relative_to_absolute (etime_rel);
   } else if (GNUNET_OK != GNUNET_STRINGS_fancy_time_to_absolute (expiration,
index 38d74e2abd9fb74860cc34f0544cdd728929ce6e..74e1e1cd2707df279b964d5535588d8ef09d8482 100644 (file)
@@ -27,6 +27,7 @@
 #include "gnunet_credential_service.h"
 #include "gnunet_statistics_service.h"
 #include "credential.h"
+#include "credential_serialization.h"
 #include "gnunet_protocols.h"
 #include "gnunet_signatures.h"
 
@@ -165,6 +166,11 @@ struct DelegationQueueEntry
    * The delegation chain entry
    */
   struct GNUNET_CREDENTIAL_DelegationChainEntry *delegation_chain_entry;
+
+  /**
+   * Delegation chain length until now
+   */
+  uint32_t d_count;
 };
 
 
@@ -220,11 +226,6 @@ struct VerifyRequestHandle
    */
   struct CredentialRecordEntry *cred_chain_tail;
 
-  /**
-   * Number of chain entries
-   */
-  uint32_t cred_chain_entries;
-
   /**
    * Delegation Queue
    */
@@ -250,6 +251,11 @@ struct VerifyRequestHandle
    */
   uint32_t credential_size;
 
+  /**
+   * Length of found delegation chain
+   */
+  uint32_t d_count;
+
   /**
    * request id
    */
@@ -439,65 +445,92 @@ send_lookup_response (struct VerifyRequestHandle *vrh)
   struct GNUNET_MQ_Envelope *env;
   struct VerifyResultMessage *rmsg;
   struct DelegationQueueEntry *dq_entry;
-  char *write_ptr;
   size_t size = vrh->credential_size;
+  struct GNUNET_CREDENTIAL_Delegation dd[vrh->d_count];
+  struct GNUNET_CREDENTIAL_Credential cred;
 
   GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
               "Sending response\n");
-
-  for (dq_entry = vrh->chain_end; NULL != dq_entry; dq_entry = dq_entry->parent)
+  dq_entry = vrh->chain_end;
+  for (int i=0; i<vrh->d_count; i++)
   {
-    if (NULL == dq_entry->delegation_chain_entry)
-      break;
-    size += sizeof (struct GNUNET_CREDENTIAL_DelegationChainEntry);
+    dd[i].issuer_key = dq_entry->delegation_chain_entry->issuer_key;
+    dd[i].subject_key = dq_entry->delegation_chain_entry->subject_key;
+    dd[i].issuer_attribute = dq_entry->delegation_chain_entry->issuer_attribute;
+    dd[i].issuer_attribute_len = strlen (dq_entry->delegation_chain_entry->issuer_attribute);
+    dd[i].subject_attribute_len = 0;
     if (NULL != dq_entry->delegation_chain_entry->subject_attribute)
-      size += strlen (dq_entry->delegation_chain_entry->subject_attribute) + 1;
-    size += strlen(dq_entry->delegation_chain_entry->issuer_attribute) + 1;
+    {
+      dd[i].subject_attribute = dq_entry->delegation_chain_entry->subject_attribute;
+      dd[i].subject_attribute_len = strlen(dq_entry->delegation_chain_entry->subject_attribute);
+    }
+    dq_entry = dq_entry->parent;
   }
 
+    /**
+   * Get serialized record data
+   * Append at the end of rmsg
+   */
+   cred.issuer_key = vrh->credential->issuer_key;
+  cred.subject_key = vrh->credential->issuer_key;
+  cred.issuer_attribute_len = strlen((char*)&vrh->credential[1]);
+  cred.issuer_attribute = (char*)&vrh->credential[1];
+  size = GNUNET_CREDENTIAL_delegation_chain_get_size (vrh->d_count,
+                                                      dd,
+                                                      &cred);
   env = GNUNET_MQ_msg_extra (rmsg,
                              size,
                              GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY_RESULT);
   //Assign id so that client can find associated request
   rmsg->id = vrh->request_id;
-  rmsg->cd_count = htonl (vrh->cred_chain_entries);
-
-  /**
-   * Get serialized record data
-   * Append at the end of rmsg
-   */
-  rmsg->cred_found = htonl (GNUNET_NO);
+  rmsg->d_count = htonl (vrh->d_count);
 
   if (NULL != vrh->credential)
-  {
-    memcpy (&rmsg[1],
-            vrh->credential,
-            vrh->credential_size);
     rmsg->cred_found = htonl (GNUNET_YES);
-  }
+  else
+    rmsg->cred_found = htonl (GNUNET_NO);
+
+  GNUNET_assert (-1 != GNUNET_CREDENTIAL_delegation_chain_serialize (vrh->d_count,
+                                                dd,
+                                                &cred,
+                                                size,
+                                                (char*)&rmsg[1]));
+
+
+  /*for (dq_entry = vrh->chain_end; NULL != dq_entry; dq_entry = dq_entry->parent)
+    {
+    if (NULL == dq_entry->delegation_chain_entry)
+    break;
+    size += sizeof (struct GNUNET_CREDENTIAL_DelegationChainEntry);
+    if (NULL != dq_entry->delegation_chain_entry->subject_attribute)
+    size += strlen (dq_entry->delegation_chain_entry->subject_attribute) + 1;
+    size += strlen(dq_entry->delegation_chain_entry->issuer_attribute) + 1;
+    d_count++;
+    }*/
+
   //TODO refactor into serializer module
-  write_ptr = (char*)&rmsg[1] + vrh->credential_size;
-  for (dq_entry = vrh->chain_end; NULL != dq_entry; dq_entry = dq_entry->parent)
-  {
+  /*write_ptr = (char*)&rmsg[1] + vrh->credential_size;
+    for (dq_entry = vrh->chain_end; NULL != dq_entry; dq_entry = dq_entry->parent)
+    {
     if (NULL == dq_entry->delegation_chain_entry)
-      break;
+    break;
     memcpy (write_ptr,
-            dq_entry->delegation_chain_entry,
-            sizeof (struct GNUNET_CREDENTIAL_DelegationChainEntry));
+    dq_entry->delegation_chain_entry,
+    sizeof (struct GNUNET_CREDENTIAL_DelegationChainEntry));
     write_ptr += sizeof (struct GNUNET_CREDENTIAL_DelegationChainEntry);
     if (NULL != dq_entry->delegation_chain_entry->subject_attribute)
     {
-      GNUNET_snprintf (write_ptr,
-                       strlen (dq_entry->delegation_chain_entry->subject_attribute) + 2,
-                       "%s;",
-                       dq_entry->delegation_chain_entry->subject_attribute);
-      write_ptr += strlen (dq_entry->delegation_chain_entry->subject_attribute) + 1;
+    GNUNET_snprintf (write_ptr,
+    strlen (dq_entry->delegation_chain_entry->subject_attribute) + 2,
+    "%s;",
+    dq_entry->delegation_chain_entry->subject_attribute);
+    write_ptr += strlen (dq_entry->delegation_chain_entry->subject_attribute) + 1;
     }
     memcpy (write_ptr,
-            dq_entry->delegation_chain_entry->issuer_attribute,
-            strlen(dq_entry->delegation_chain_entry->issuer_attribute));
+    dq_entry->delegation_chain_entry->issuer_attribute,
+    strlen(dq_entry->delegation_chain_entry->issuer_attribute));
     write_ptr += strlen(dq_entry->delegation_chain_entry->issuer_attribute) + 1;
-  }
+    }*/
   GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq(vrh->client),
                   env);
   GNUNET_CONTAINER_DLL_remove (vrh_head, vrh_tail, vrh);
@@ -580,6 +613,7 @@ backward_resolution (void* cls,
     dq_entry->delegation_chain_entry->issuer_attribute = GNUNET_strdup (current_delegation->lookup_attribute);
 
     dq_entry->parent = current_delegation;
+    dq_entry->d_count = current_delegation->d_count + 1;
     GNUNET_CONTAINER_DLL_insert (current_delegation->children_head,
                                  current_delegation->children_tail,
                                  dq_entry);
@@ -608,6 +642,7 @@ backward_resolution (void* cls,
       vrh->credential = GNUNET_malloc (cred_pointer->data_size);
       vrh->credential_size = cred_pointer->data_size;
       vrh->chain_end = dq_entry;
+      vrh->d_count = dq_entry->d_count;
       //Found match
       send_lookup_response (vrh);
       return;
@@ -743,6 +778,7 @@ handle_credential_query (void* cls,
   dq_entry->issuer_attribute = GNUNET_strdup (vrh->issuer_attribute);
   dq_entry->handle = vrh;
   dq_entry->lookup_attribute = GNUNET_strdup (vrh->issuer_attribute);
+  dq_entry->d_count = 0;
   vrh->chain_start = dq_entry;
   vrh->pending_lookups = 1;
   //Start with backward resolution
index 137f55c479e3fca5f3a2e7f039fee33701fe97cc..798f76049ca1ac6a1316dd80bac95745512f5fd0 100644 (file)
@@ -186,22 +186,45 @@ do_error (void *cls)
  * @return JSON, NULL if failed
  */
 static json_t*
-attribute_delegation_to_json (struct GNUNET_CREDENTIAL_AttributeRecordData *attr)
+attribute_delegation_to_json (struct GNUNET_CREDENTIAL_Delegation *delegation_chain_entry)
 {
   char *subject;
-  char *attribute;
+  char *issuer;
+  char iss_attribute[delegation_chain_entry->issuer_attribute_len];
+  char sub_attribute[delegation_chain_entry->subject_attribute_len];
   json_t *attr_obj;
 
-  subject = GNUNET_CRYPTO_ecdsa_public_key_to_string (&attr->subject_key);
+  issuer = GNUNET_CRYPTO_ecdsa_public_key_to_string (&delegation_chain_entry->issuer_key);
+  {
+    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                "Issuer in delegation malformed\n");
+    return NULL;
+  }
+  subject = GNUNET_CRYPTO_ecdsa_public_key_to_string (&delegation_chain_entry->subject_key);
   {
     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                 "Subject in credential malformed\n");
+    GNUNET_free (issuer);
     return NULL;
   }
-  attribute = (char*)&attr[1];
   attr_obj = json_object ();
+  memcpy (iss_attribute,
+          delegation_chain_entry->issuer_attribute,
+          delegation_chain_entry->issuer_attribute_len);
+  iss_attribute[delegation_chain_entry->issuer_attribute_len] = '\0';
+
   json_object_set_new (attr_obj, "subject", json_string (subject));
-  json_object_set_new (attr_obj, "attribute", json_string (attribute));
+  json_object_set_new (attr_obj, "issuer", json_string (issuer));
+  json_object_set_new (attr_obj, "issuer_attribute", json_string (iss_attribute));
+
+  if (0 < delegation_chain_entry->subject_attribute_len)
+  {
+    memcpy (sub_attribute,
+            delegation_chain_entry->subject_attribute,
+            delegation_chain_entry->subject_attribute_len);
+    sub_attribute[delegation_chain_entry->subject_attribute_len] = '\0';
+    json_object_set_new (attr_obj, "subject_attribute", json_string (sub_attribute));
+  }
   GNUNET_free (subject);
   return attr_obj;
 }
@@ -212,14 +235,11 @@ attribute_delegation_to_json (struct GNUNET_CREDENTIAL_AttributeRecordData *attr
  * @return the resulting json, NULL if failed
  */
 static json_t*
-credential_to_json (struct GNUNET_CREDENTIAL_CredentialRecordData *cred)
+credential_to_json (struct GNUNET_CREDENTIAL_Credential *cred)
 {
-  struct GNUNET_TIME_Absolute exp;
-  const char* exp_str;
   char *issuer;
   char *subject;
-  char *attribute;
-  char *signature;
+  char attribute[cred->issuer_attribute_len + 1];
   json_t *cred_obj;
 
   issuer = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->issuer_key);
@@ -237,21 +257,16 @@ credential_to_json (struct GNUNET_CREDENTIAL_CredentialRecordData *cred)
     GNUNET_free (issuer);
     return NULL;
   }
-  GNUNET_STRINGS_base64_encode ((char*)&cred->signature,
-                                sizeof (struct GNUNET_CRYPTO_EcdsaSignature),
-                                &signature);
-  attribute = (char*)&cred[1];
-  exp.abs_value_us = ntohs (cred->expiration);
-  exp_str = GNUNET_STRINGS_absolute_time_to_string (exp);
+  memcpy (attribute,
+          cred->issuer_attribute,
+          cred->issuer_attribute_len);
+  attribute[cred->issuer_attribute_len] = '\0';
   cred_obj = json_object ();
   json_object_set_new (cred_obj, "issuer", json_string (issuer));
   json_object_set_new (cred_obj, "subject", json_string (subject));
   json_object_set_new (cred_obj, "attribute", json_string (attribute));
-  json_object_set_new (cred_obj, "signature", json_string (signature));
-  json_object_set_new (cred_obj, "expiration", json_string (exp_str));
   GNUNET_free (issuer);
   GNUNET_free (subject);
-  GNUNET_free (signature);
   return cred_obj;
 }
 
@@ -264,9 +279,9 @@ credential_to_json (struct GNUNET_CREDENTIAL_CredentialRecordData *cred)
  */
 static void
 handle_verify_response (void *cls,
-                        struct GNUNET_CREDENTIAL_CredentialRecordData *cred,
-                        uint32_t delegation_count,
-                        struct GNUNET_CREDENTIAL_AttributeRecordData *deleg)
+                        unsigned int d_count,
+                        struct GNUNET_CREDENTIAL_Delegation *delegation_chain,
+                        struct GNUNET_CREDENTIAL_Credential *cred)
 {
 
   struct VerifyHandle *handle = cls;
@@ -292,9 +307,9 @@ handle_verify_response (void *cls,
                                                handle->issuer_attr);
   cred_obj = credential_to_json (cred);
   result_array = json_array ();
-  for (i = 0; i < delegation_count; i++)
+  for (i = 0; i < d_count; i++)
   {
-    attr_obj = attribute_delegation_to_json (&(deleg[i]));
+    attr_obj = attribute_delegation_to_json (&delegation_chain[i]);
     json_array_append (result_array, attr_obj);
     json_decref (attr_obj);
   }
index 3b76d20e5b1610cfb7d72c9664357e6834ea9b6c..012341f5f2b94954ae6b07b893754ecca83f93cf 100755 (executable)
@@ -67,10 +67,11 @@ gnunet-namestore -z gnunet -d -n $MEMBER_ATTR -t ATTR -c test_credential_lookup.
 gnunet-namestore -z service -d -n $USER_ATTR -t ATTR -c test_credential_lookup.conf
 gnunet-arm -e -c test_credential_lookup.conf
 
-if [ "$RES_CRED" == "Successful." ]
+if [ "$RES_CRED" != "Failed." ]
 then
+  echo $RES_CRED
   exit 0
 else
-  echo "FAIL: Failed to verify credential $RES_IP."
+  echo "FAIL: Failed to verify credential $RES_CRED."
   exit 1
 fi
index 549c25ef8b7bb611ca3d6909431c98e207665f08..ba72b752be445ee81be2cf79de524f995fdf003a 100644 (file)
@@ -125,6 +125,69 @@ struct GNUNET_CREDENTIAL_AttributeRecordData {
    */
 };
 
+/**
+ * A delegation
+*/
+struct GNUNET_CREDENTIAL_Delegation {
+  
+  /**
+   * The issuer of the delegation
+   */
+  struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key;
+
+  /**
+   * Public key of the subject this attribute was delegated to
+   */
+  struct GNUNET_CRYPTO_EcdsaPublicKey subject_key;
+
+  /**
+   * Length of the attribute
+   */
+  uint32_t issuer_attribute_len;
+
+  /**
+   * The attribute
+   */
+  const char *issuer_attribute;
+
+  /**
+   * Length of the attribute
+   */
+  uint32_t subject_attribute_len;
+
+  /**
+   * The attribute
+   */
+  const char *subject_attribute;
+};
+
+
+/**
+ * A credential
+*/
+struct GNUNET_CREDENTIAL_Credential {
+  
+  /**
+   * The issuer of the credential
+   */
+  struct GNUNET_CRYPTO_EcdsaPublicKey issuer_key;
+
+  /**
+   * Public key of the subject this credential was issued to
+   */
+  struct GNUNET_CRYPTO_EcdsaPublicKey subject_key;
+
+  /**
+   * Length of the attribute
+   */
+  uint32_t issuer_attribute_len;
+
+  /**
+   * The attribute
+   */
+  const char *issuer_attribute;
+  
+};
 
 
 GNUNET_NETWORK_STRUCT_END
@@ -159,9 +222,9 @@ GNUNET_CREDENTIAL_disconnect (struct GNUNET_CREDENTIAL_Handle *handle);
  * @param rd the records in reply
  */
 typedef void (*GNUNET_CREDENTIAL_VerifyResultProcessor) (void *cls,
-                                                 struct GNUNET_CREDENTIAL_CredentialRecordData *credential,
-              uint32_t delegation_length,
-              struct GNUNET_CREDENTIAL_AttributeRecordData *delegation_chain);
+                                                         unsigned int d_count,
+                                                         struct GNUNET_CREDENTIAL_Delegation *delegation_chain,
+                                                         struct GNUNET_CREDENTIAL_Credential *credential);
 
 /**
  * Iterator called on obtained result for an attribute delegation.