- new message, message type and api function to handle intermediate result reporting
- removed GNUNET_SIGNATURE_PURPOSE_CREDENTIAL completely and the one usage that was still around
- new test: AND with both parts having a bidirectional forward match
/* followed by ad_count GNUNET_CREDENTIAL_RecordData structs*/
};
+/**
+ * Message from CREDENTIAL service to client: new results.
+ */
+struct DelegationChainIntermediateMessage
+{
+ /**
+ * Header of type #GNUNET_MESSAGE_TYPE_CREDENTIAL_INTERMEDIATE_RESULT
+ */
+ struct GNUNET_MessageHeader header;
+
+ /**
+ * Unique identifier for this request (for key collisions).
+ */
+ uint32_t id GNUNET_PACKED;
+
+ uint32_t size GNUNET_PACKED;
+};
+
struct DelegationRecordData
{
/**
*/
void *proc_cls;
+ /**
+ * processor to call on intermediate result
+ */
+ GNUNET_CREDENTIAL_IntermediateResultProcessor int_proc;
+
+ /**
+ * @e verify_proc2 closure
+ */
+ void *proc2_cls;
+
/**
* Envelope with the message for this queue entry.
*/
}
}
+static int
+check_intermediate (void *cls, const struct DelegationChainIntermediateMessage *vr_msg)
+{
+ //TODO
+ return GNUNET_OK;
+}
+
+static void
+handle_intermediate (void *cls, const struct DelegationChainIntermediateMessage *vr_msg)
+{
+ struct GNUNET_CREDENTIAL_Handle *handle = cls;
+ uint32_t r_id = ntohl (vr_msg->id);
+ uint32_t size = ntohl (vr_msg->size);
+ struct GNUNET_CREDENTIAL_Request *vr;
+ GNUNET_CREDENTIAL_IntermediateResultProcessor proc;
+ void *proc_cls;
+ struct GNUNET_CREDENTIAL_Delegation *dd;
+
+ LOG (GNUNET_ERROR_TYPE_DEBUG, "Received intermediate reply from CREDENTIAL service\n");
+ for (vr = handle->request_head; NULL != vr; vr = vr->next)
+ if (vr->r_id == r_id)
+ break;
+ if (NULL == vr)
+ return;
+
+ proc = vr->int_proc;
+ proc_cls = vr->proc2_cls;
+
+ dd = GNUNET_new (struct GNUNET_CREDENTIAL_Delegation);
+ GNUNET_assert (
+ GNUNET_OK ==
+ GNUNET_CREDENTIAL_delegation_chain_deserialize (size,
+ (const char *) &vr_msg[1],
+ 1,
+ dd,
+ 0,
+ NULL));
+
+ proc (proc_cls, dd);
+}
+
+
/**
* Reconnect to CREDENTIAL service.
GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT_RESULT,
struct DelegationChainResultMessage,
handle),
+ GNUNET_MQ_hd_var_size (intermediate,
+ GNUNET_MESSAGE_TYPE_CREDENTIAL_INTERMEDIATE_RESULT,
+ struct DelegationChainIntermediateMessage,
+ handle),
GNUNET_MQ_handler_end ()};
struct GNUNET_CREDENTIAL_Request *vr;
const struct GNUNET_CRYPTO_EcdsaPrivateKey *subject_key,
enum GNUNET_CREDENTIAL_AlgoDirectionFlags direction,
GNUNET_CREDENTIAL_CredentialResultProcessor proc,
- void *proc_cls)
+ void *proc_cls,
+ GNUNET_CREDENTIAL_IntermediateResultProcessor proc2,
+ void *proc2_cls)
{
/* IPC to shorten credential names, return shorten_handle */
struct CollectMessage *c_msg;
vr->credential_handle = handle;
vr->verify_proc = proc;
vr->proc_cls = proc_cls;
+ vr->int_proc = proc2;
+ vr->proc2_cls = proc2_cls;
vr->r_id = handle->r_id_gen++;
vr->env =
GNUNET_MQ_msg_extra (c_msg, nlen, GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT);
const struct GNUNET_CREDENTIAL_Delegate *delegates,
enum GNUNET_CREDENTIAL_AlgoDirectionFlags direction,
GNUNET_CREDENTIAL_CredentialResultProcessor proc,
- void *proc_cls)
+ void *proc_cls,
+ GNUNET_CREDENTIAL_IntermediateResultProcessor proc2,
+ void *proc2_cls)
{
/* IPC to shorten credential names, return shorten_handle */
struct VerifyMessage *v_msg;
vr->credential_handle = handle;
vr->verify_proc = proc;
vr->proc_cls = proc_cls;
+ vr->int_proc = proc2;
+ vr->proc2_cls = proc2_cls;
vr->r_id = handle->r_id_gen++;
vr->env =
GNUNET_MQ_msg_extra (v_msg, nlen, GNUNET_MESSAGE_TYPE_CREDENTIAL_VERIFY);
c_rec.issuer_key = cd[i].issuer_key;
c_rec.subject_key = cd[i].subject_key;
c_rec.signature = cd[i].signature;
- c_rec.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_CREDENTIAL);
+ c_rec.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_DELEGATE);
c_rec.purpose.size =
htonl ((sizeof (struct DelegateEntry) + cd[i].issuer_attribute_len) -
sizeof (struct GNUNET_CRYPTO_EcdsaSignature));
GNUNET_free (del);
return dele;
-
- // Entweder: strdup und destroy (free auf die subjct_attribute/issuer_attribute)
- // oder: pointer auf cred[1], aber nach jedem string im combined string ein EOS <- besser
- // function comment: cred must be freed by caller, (add missing sub_iss)
}
GNUNET_SCHEDULER_shutdown ();
}
+static void
+handle_intermediate_result(void *cls,
+struct GNUNET_CREDENTIAL_Delegation *dd)
+{
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Intermediate result: %s.%s <- %s.%s\n",
+ GNUNET_CRYPTO_ecdsa_public_key_to_string (&dd->issuer_key),
+ dd->issuer_attribute,
+ GNUNET_CRYPTO_ecdsa_public_key_to_string (&dd->subject_key),
+ dd->subject_attribute);
+}
+
static void
handle_collect_result (void *cls,
unsigned int d_count,
privkey,
direction,
&handle_collect_result,
- NULL);
+ NULL,
+ &handle_intermediate_result,
+ NULL);
return;
}
GNUNET_SCHEDULER_shutdown ();
delegates,
direction,
&handle_verify_result,
- NULL);
+ NULL,
+ &handle_intermediate_result,
+ NULL);
for (i = 0; i < count; i++)
{
GNUNET_free ((char *) delegates[i].issuer_attribute);
*/
struct VerifyRequestHandle
{
-
/**
* We keep these in a DLL.
*/
}
}
+static void
+send_intermediate_response(struct VerifyRequestHandle *vrh, struct DelegationChainEntry *ch_entry){
+ struct DelegationChainIntermediateMessage *rmsg;
+ struct GNUNET_MQ_Envelope *env;
+ struct GNUNET_CREDENTIAL_Delegation *dd;
+ size_t size;
+
+ dd = GNUNET_new (struct GNUNET_CREDENTIAL_Delegation);
+ dd->issuer_key = ch_entry->issuer_key;
+ dd->subject_key = ch_entry->subject_key;
+ dd->issuer_attribute = ch_entry->issuer_attribute;
+ dd->issuer_attribute_len = strlen (ch_entry->issuer_attribute) + 1;
+ dd->subject_attribute_len = 0;
+ dd->subject_attribute = NULL;
+ if (NULL != ch_entry->subject_attribute)
+ {
+ dd->subject_attribute = ch_entry->subject_attribute;
+ dd->subject_attribute_len = strlen (ch_entry->subject_attribute) + 1;
+ }
+
+
+ size = GNUNET_CREDENTIAL_delegation_chain_get_size (1,
+ dd,
+ 0,
+ NULL);
+
+ env = GNUNET_MQ_msg_extra (rmsg,
+ size,
+ GNUNET_MESSAGE_TYPE_CREDENTIAL_INTERMEDIATE_RESULT);
+ // Assign id so that client can find associated request
+ rmsg->id = vrh->request_id;
+ rmsg->size = htonl(size);
+
+ GNUNET_assert (
+ -1 != GNUNET_CREDENTIAL_delegation_chain_serialize (1,
+ dd,
+ 0,
+ NULL,
+ size,
+ (char *) &rmsg[1]));
+ GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq (vrh->client), env);
+}
static void
send_lookup_response (struct VerifyRequestHandle *vrh)
ds_entry->delegation_chain_entry->issuer_key = del->issuer_key;
ds_entry->delegation_chain_entry->issuer_attribute =
GNUNET_strdup (del->issuer_attribute);
+
+ // Found new entry, repoting intermediate result
+ send_intermediate_response(vrh, ds_entry->delegation_chain_entry);
// current delegation as parent
ds_entry->parent_queue_entry = dq_entry;
ds_entry->delegation_chain_entry->issuer_attribute =
GNUNET_strdup (current_set->lookup_attribute);
+ // Found new entry, repoting intermediate result
+ send_intermediate_response(vrh, ds_entry->delegation_chain_entry);
+
ds_entry->parent_queue_entry = dq_entry; // current_delegation;
/**
--- /dev/null
+#!/usr/bin/env bash
+trap "gnunet-arm -e -c test_credential_lookup.conf" SIGINT
+
+LOCATION=$(which gnunet-config)
+if [ -z $LOCATION ]
+then
+ LOCATION="gnunet-config"
+fi
+$LOCATION --version 1> /dev/null
+if test $? != 0
+then
+ echo "GNUnet command line tools cannot be found, check environmental variables PATH and GNUNET_PREFIX"
+ exit 77
+fi
+
+rm -rf `gnunet-config -c test_credential_lookup.conf -s PATHS -o GNUNET_HOME -f`
+
+
+
+
+which timeout > /dev/null 2>&1 && DO_TIMEOUT="timeout 10"
+gnunet-arm -s -c test_credential_lookup.conf
+
+gnunet-identity -C a -c test_credential_lookup.conf
+gnunet-identity -C b -c test_credential_lookup.conf
+gnunet-identity -C c -c test_credential_lookup.conf
+gnunet-identity -C d -c test_credential_lookup.conf
+gnunet-identity -C e -c test_credential_lookup.conf
+gnunet-identity -C f -c test_credential_lookup.conf
+gnunet-identity -C g -c test_credential_lookup.conf
+gnunet-identity -C h -c test_credential_lookup.conf
+AKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep a | awk '{print $3}')
+BKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep b | awk '{print $3}')
+CKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep c | awk '{print $3}')
+DKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep d | awk '{print $3}')
+EKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep e | awk '{print $3}')
+FKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep f | awk '{print $3}')
+GKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep g | awk '{print $3}')
+HKEY=$(gnunet-identity -d -c test_credential_lookup.conf | grep h | awk '{print $3}')
+
+# (1) (A.a) <- B.b
+# (2) (B.b) <- C.c AND G.g
+# (3) C.c <- (D.d)
+# (4) D.d <- (E.e)
+# (5) E.e <- (F) priv
+# (6) G.g <- (H.h)
+# (7) H.h <- (F) priv
+
+# BIDIRECTIONAL
+gnunet-credential --createIssuerSide --ego=a --attribute="a" --subject="$BKEY b" --ttl=5m -c test_credential_lookup.conf
+gnunet-namestore -D -z a
+gnunet-credential --createIssuerSide --ego=b --attribute="b" --subject="$CKEY c, $GKEY g" --ttl=5m -c test_credential_lookup.conf
+gnunet-namestore -D -z b
+
+SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=c --attribute="c" --subject="$DKEY d" --ttl="2019-12-12 10:00:00"`
+gnunet-credential --createSubjectSide --ego=d --import "$SIGNED"
+gnunet-namestore -D -z d
+SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=d --attribute="d" --subject="$EKEY e" --ttl="2019-12-12 10:00:00"`
+gnunet-credential --createSubjectSide --ego=e --import "$SIGNED"
+gnunet-namestore -D -z e
+SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=g --attribute="g" --subject="$HKEY h" --ttl="2019-12-12 10:00:00"`
+gnunet-credential --createSubjectSide --ego=h --import "$SIGNED"
+gnunet-namestore -D -z h
+SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=e --attribute="e" --subject="$FKEY" --ttl="2019-12-12 10:00:00"`
+gnunet-credential --createSubjectSide --ego=f --import "$SIGNED" --private
+SIGNED=`$DO_TIMEOUT gnunet-credential --signSubjectSide --ego=h --attribute="h" --subject="$FKEY" --ttl="2019-12-12 10:00:00"`
+gnunet-credential --createSubjectSide --ego=f --import "$SIGNED" --private
+gnunet-namestore -D -z f
+
+# Starting to resolve
+echo "+++ Starting to Resolve +++"
+
+DELS=`$DO_TIMEOUT gnunet-credential --collect --issuer=$AKEY --attribute="a" --ego=f -c test_credential_lookup.conf | paste -d, -s - -`
+echo $DELS
+echo gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate=\'$DELS\' -c test_credential_lookup.conf
+RES_DELS=`gnunet-credential --verify --issuer=$AKEY --attribute="a" --subject=$FKEY --delegate="$DELS" -c test_credential_lookup.conf`
+
+# Cleanup properly
+gnunet-namestore -z a -d -n "a" -t ATTR -c test_credential_lookup.conf
+gnunet-namestore -z b -d -n "b" -t ATTR -c test_credential_lookup.conf
+gnunet-namestore -z d -d -n "@" -t DEL -c test_credential_lookup.conf
+gnunet-namestore -z e -d -n "@" -t DEL -c test_credential_lookup.conf
+gnunet-namestore -z f -d -n "@" -t DEL -c test_credential_lookup.conf
+gnunet-namestore -z h -d -n "@" -t DEL -c test_credential_lookup.conf
+
+gnunet-arm -e -c test_credential_lookup.conf
+
+if [ "$RES_DELS" != "Failed." ]
+then
+ # TODO: replace echo -e bashism
+ echo -e "${RES_DELS}"
+ exit 0
+else
+ echo "FAIL: Failed to verify credential $RES_DELS."
+ exit 1
+fi
+
unsigned int d_count,
struct GNUNET_CREDENTIAL_Delegation *delegation_chain,
unsigned int c_count,
- struct GNUNET_CREDENTIAL_Delegate *credential);
+ struct GNUNET_CREDENTIAL_Delegate *delegte);
+
+typedef void (*GNUNET_CREDENTIAL_IntermediateResultProcessor) (void *cls,
+ struct GNUNET_CREDENTIAL_Delegation *delegation);
/**
* Iterator called on obtained result for an attribute delegation.
const struct GNUNET_CREDENTIAL_Delegate *delegates,
enum GNUNET_CREDENTIAL_AlgoDirectionFlags direction,
GNUNET_CREDENTIAL_CredentialResultProcessor proc,
- void *proc_cls);
+ void *proc_cls,
+ GNUNET_CREDENTIAL_IntermediateResultProcessor,
+ void *proc2_cls);
struct GNUNET_CREDENTIAL_Request*
GNUNET_CREDENTIAL_collect (struct GNUNET_CREDENTIAL_Handle *handle,
const struct GNUNET_CRYPTO_EcdsaPrivateKey *subject_key,
enum GNUNET_CREDENTIAL_AlgoDirectionFlags direction,
GNUNET_CREDENTIAL_CredentialResultProcessor proc,
- void *proc_cls);
+ void *proc_cls,
+ GNUNET_CREDENTIAL_IntermediateResultProcessor,
+ void *proc2_cls);
/**
* Delegate an attribute
#define GNUNET_MESSAGE_TYPE_CREDENTIAL_COLLECT_RESULT 984
+#define GNUNET_MESSAGE_TYPE_CREDENTIAL_INTERMEDIATE_RESULT 985
+
/******************************************************************************/
/**
* Signature for a GNUnet credential
*/
-#define GNUNET_SIGNATURE_PURPOSE_CREDENTIAL 28
+#define GNUNET_SIGNATURE_PURPOSE_DELEGATE 28
/**
* Signature by a peer affirming that this is one of its
*/
#define GNUNET_SIGNATURE_PURPOSE_TRANSPORT_DV_INITIATOR 37
-/**
- * Signature for a GNUnet delegate
- */
-#define GNUNET_SIGNATURE_PURPOSE_DELEGATE 38
#if 0 /* keep Emacsens' auto-indent happy */
{
projects / oweals / gnunet.git / commitdiff