* Attribute version
*/
uint32_t attribute_version;
-
+
/**
* Name length
*/
*/
static struct GNUNET_IDENTITY_ATTRIBUTE_ClaimList *attr_list;
+/**
+ * Attribute expiration interval
+ */
+static struct GNUNET_TIME_Relative exp_interval;
+
static void
do_cleanup(void *cls)
{
idp_op = GNUNET_IDENTITY_PROVIDER_attribute_store (idp_handle,
pkey,
claim,
+ &exp_interval,
&store_attr_cont,
NULL);
int
main(int argc, char *const argv[])
{
+ exp_interval = GNUNET_TIME_UNIT_HOURS;
struct GNUNET_GETOPT_CommandLineOption options[] = {
GNUNET_GETOPT_option_string ('a',
NULL,
gettext_noop ("Type of attribute"),
&type_str),
+ GNUNET_GETOPT_option_relative_time ('E',
+ "expiration",
+ NULL,
+ gettext_noop ("Expiration interval of the attribute"),
+ &exp_interval),
+
GNUNET_GETOPT_OPTION_END
};
return (GNUNET_OK == GNUNET_PROGRAM_run (argc, argv, "ct",
*/
struct GNUNET_IDENTITY_ATTRIBUTE_Claim *claim;
+ /**
+ * The attribute expiration interval
+ */
+ struct GNUNET_TIME_Relative exp;
+
/**
* request id
*/
}
/**
- * Revoke next attribte by reencryption with
- * new ABE master
+ * Failed to check for attribute
*/
static void
-reenc_next_attribute (struct TicketRevocationHandle *rh)
+check_attr_error (void *cls)
+{
+ struct TicketRevocationHandle *rh = cls;
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Unable to check for existing attribute\n");
+ send_revocation_finished (rh, GNUNET_SYSERR);
+ cleanup_revoke_ticket_handle (rh);
+}
+
+/**
+ * Check for existing attribute and overwrite
+ */
+static void
+check_attr_cb (void *cls,
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone,
+ const char *label,
+ unsigned int rd_count,
+ const struct GNUNET_GNSRECORD_Data *rd_old)
{
+ struct TicketRevocationHandle *rh = cls;
struct GNUNET_GNSRECORD_Data rd[1];
char* buf;
char* enc_buf;
char* policy;
uint32_t attr_ver;
- if (NULL == rh->attrs->list_head)
- {
- revocation_reissue_tickets (rh);
- return;
- }
+
buf_size = GNUNET_IDENTITY_ATTRIBUTE_serialize_get_size (rh->attrs->list_head->claim);
buf = GNUNET_malloc (buf_size);
GNUNET_IDENTITY_ATTRIBUTE_serialize (rh->attrs->list_head->claim,
- buf);
+ buf);
rh->attrs->list_head->claim->version++;
GNUNET_asprintf (&policy, "%s_%lu",
rh->attrs->list_head->claim->name,
* Encrypt the attribute value and store in namestore
*/
enc_size = GNUNET_ABE_cpabe_encrypt (buf,
- buf_size,
- policy, //Policy
- rh->abe_key,
- (void**)&enc_buf);
+ buf_size,
+ policy, //Policy
+ rh->abe_key,
+ (void**)&enc_buf);
GNUNET_free (buf);
if (GNUNET_SYSERR == enc_size)
{
rd[0].data = rd_buf;
rd[0].record_type = GNUNET_GNSRECORD_TYPE_ID_ATTR;
rd[0].flags = GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION;
- rd[0].expiration_time = GNUNET_TIME_UNIT_HOURS.rel_value_us; //TODO sane?
+ rd[0].expiration_time = rd_old[0].expiration_time;
rh->ns_qe = GNUNET_NAMESTORE_records_store (ns_handle,
&rh->identity,
rh->attrs->list_head->claim->name,
GNUNET_free (rd_buf);
}
+
+/**
+ * Revoke next attribte by reencryption with
+ * new ABE master
+ */
+static void
+reenc_next_attribute (struct TicketRevocationHandle *rh)
+{
+ if (NULL == rh->attrs->list_head)
+ {
+ revocation_reissue_tickets (rh);
+ return;
+ }
+ /* First check if attribute still exists */
+ rh->ns_qe = GNUNET_NAMESTORE_records_lookup (ns_handle,
+ &rh->identity,
+ rh->attrs->list_head->claim->name,
+ &check_attr_error,
+ rh,
+ &check_attr_cb,
+ rh);
+}
+
+
/**
* Namestore callback after revoked attribute
* is stored
rd[0].data = rd_buf;
rd[0].record_type = GNUNET_GNSRECORD_TYPE_ID_ATTR;
rd[0].flags = GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION;
- rd[0].expiration_time = GNUNET_TIME_UNIT_HOURS.rel_value_us; //TODO sane?
+ rd[0].expiration_time = as_handle->exp.rel_value_us;
as_handle->ns_qe = GNUNET_NAMESTORE_records_store (ns_handle,
&as_handle->identity,
as_handle->claim->name,
as_handle->r_id = ntohl (sam->id);
as_handle->identity = sam->identity;
+ as_handle->exp.rel_value_us = GNUNET_ntohll (sam->exp);
GNUNET_CRYPTO_ecdsa_key_get_public (&sam->identity,
&as_handle->identity_pkey);
*/
uint32_t attr_len GNUNET_PACKED;
+ /**
+ * The expiration interval of the attribute
+ */
+ uint64_t exp GNUNET_PACKED;
+
/**
* Identity
*/
* @param h handle to the identity provider
* @param pkey private key of the identity
* @param attr the attribute value
+ * @param exp_interval the relative expiration interval for the attribute
* @param cont continuation to call when done
* @param cont_cls closure for @a cont
* @return handle to abort the request
GNUNET_IDENTITY_PROVIDER_attribute_store (struct GNUNET_IDENTITY_PROVIDER_Handle *h,
const struct GNUNET_CRYPTO_EcdsaPrivateKey *pkey,
const struct GNUNET_IDENTITY_ATTRIBUTE_Claim *attr,
+ const struct GNUNET_TIME_Relative *exp_interval,
GNUNET_IDENTITY_PROVIDER_ContinuationWithStatus cont,
void *cont_cls)
{
GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ATTRIBUTE_STORE);
sam->identity = *pkey;
sam->id = htonl (op->r_id);
+ sam->exp = GNUNET_htonll (exp_interval->rel_value_us);
GNUNET_IDENTITY_ATTRIBUTE_serialize (attr,
(char*)&sam[1]);
const char* identity;
const char* name_str;
const char* value_str;
+ const char* exp_str;
struct RequestHandle *handle = cls;
struct EgoEntry *ego_entry;
struct GNUNET_IDENTITY_ATTRIBUTE_Claim *attribute;
struct GNUNET_JSONAPI_Document *json_obj;
struct GNUNET_JSONAPI_Resource *json_res;
+ struct GNUNET_TIME_Relative exp;
char term_data[handle->rest_handle->data_size+1];
json_t *value_json;
json_t *data_json;
+ json_t *exp_json;
json_error_t err;
struct GNUNET_JSON_Specification docspec[] = {
GNUNET_JSON_spec_jsonapi_document (&json_obj),
return;
}
name_str = GNUNET_JSONAPI_resource_get_id (json_res);
+ exp_json = GNUNET_JSONAPI_resource_read_attr (json_res,
+ "exp");
+ exp_str = json_string_value (exp_json);
+ if (NULL == exp_str) {
+ exp = GNUNET_TIME_UNIT_HOURS;
+ } else {
+ if (GNUNET_OK != GNUNET_STRINGS_fancy_time_to_relative (exp_str,
+ &exp)) {
+ exp = GNUNET_TIME_UNIT_HOURS;
+ }
+ }
+
value_json = GNUNET_JSONAPI_resource_read_attr (json_res,
"value");
value_str = json_string_value (value_json);
handle->idp_op = GNUNET_IDENTITY_PROVIDER_attribute_store (handle->idp,
identity_priv,
attribute,
+ &exp,
&finished_cont,
handle);
GNUNET_free (attribute);
* @param h handle to the identity provider
* @param pkey private key of the identity
* @param attr the attribute
+ * @param exp_interval the relative expiration interval for the attribute
* @param cont continuation to call when done
* @param cont_cls closure for @a cont
* @return handle to abort the request
GNUNET_IDENTITY_PROVIDER_attribute_store (struct GNUNET_IDENTITY_PROVIDER_Handle *h,
const struct GNUNET_CRYPTO_EcdsaPrivateKey *pkey,
const struct GNUNET_IDENTITY_ATTRIBUTE_Claim *attr,
+ const struct GNUNET_TIME_Relative *exp_interval,
GNUNET_IDENTITY_PROVIDER_ContinuationWithStatus cont,
void *cont_cls);
projects / oweals / gnunet.git / commitdiff