-update rest
authorSchanzenbach, Martin <mschanzenbach@posteo.de>
Wed, 28 Dec 2016 19:50:33 +0000 (20:50 +0100)
committerSchanzenbach, Martin <mschanzenbach@posteo.de>
Wed, 28 Dec 2016 19:50:33 +0000 (20:50 +0100)
src/credential/gnunet-service-credential.c
src/credential/plugin_rest_credential.c

index 4841370b350931118a5d9fecb4be724b504d0629..ec89da323ec6a9e9511896870c89236b6c535841 100644 (file)
@@ -880,19 +880,22 @@ static void
 handle_verify (void *cls,
                const struct VerifyMessage *v_msg) 
 {
-  char attr[GNUNET_CREDENTIAL_MAX_LENGTH + 1];
-  char issuer_attribute[GNUNET_CREDENTIAL_MAX_LENGTH + 1];
   struct VerifyRequestHandle *vrh;
   struct GNUNET_SERVICE_Client *client = cls;
+  struct CredentialRecordEntry *cr_entry;
+  uint32_t credentials_count;
+  uint32_t credential_data_size;
+  int i;
+  char attr[GNUNET_CREDENTIAL_MAX_LENGTH + 1];
+  char issuer_attribute[GNUNET_CREDENTIAL_MAX_LENGTH + 1];
   char *attrptr = attr;
+  char *credential_data;
   const char *utf_in;
 
   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
               "Received VERIFY message\n");
-
   utf_in = (const char *) &v_msg[1];
   GNUNET_STRINGS_utf8_tolower (utf_in, attrptr);
-
   GNUNET_memcpy (issuer_attribute, attr, ntohs (v_msg->issuer_attribute_len));
   issuer_attribute[ntohs (v_msg->issuer_attribute_len)] = '\0';
   vrh = GNUNET_new (struct VerifyRequestHandle);
@@ -913,15 +916,13 @@ handle_verify (void *cls,
    * First, collect credentials
    * TODO: cleanup!
    */
-  uint32_t credentials_count = ntohl(v_msg->c_count);
-  int i;
-  uint32_t credential_data_size = ntohs (v_msg->header.size) 
+  credentials_count = ntohl(v_msg->c_count);
+  credential_data_size = ntohs (v_msg->header.size) 
     - sizeof (struct VerifyMessage)
     - ntohs (v_msg->issuer_attribute_len)
     - 1;
   struct GNUNET_CREDENTIAL_Credential credentials[credentials_count];
-  char *credential_data = (char*)&v_msg[1] + ntohs (v_msg->issuer_attribute_len) + 1;
-  struct CredentialRecordEntry *cr_entry;
+  credential_data = (char*)&v_msg[1] + ntohs (v_msg->issuer_attribute_len) + 1;
   if (GNUNET_OK != GNUNET_CREDENTIAL_credentials_deserialize (credential_data_size,
                                                               credential_data,
                                                               credentials_count,
index f13e26cd4140512bb8115d22af1c9b08e5e37d14..0d469f5de97ac8c36322190ba2ffb19e5dc12c48 100644 (file)
@@ -244,6 +244,76 @@ attribute_delegation_to_json (struct GNUNET_CREDENTIAL_Delegation *delegation_ch
   return attr_obj;
 }
 
+/**
+ * JSONAPI resource to Credential
+ * @param res the JSONAPI resource
+ * @return the resulting credential, NULL if failed
+ */
+static struct GNUNET_CREDENTIAL_Credential*
+json_to_credential (json_t *res)
+{
+  struct GNUNET_CREDENTIAL_Credential *cred;
+  json_t *tmp;
+  const char *attribute;
+  const char *signature;
+  char *sig;
+
+  tmp = json_object_get (res, "attribute");
+  if (0 == json_is_string (tmp))
+  {
+    return NULL;
+  }
+  attribute = json_string_value (tmp);
+  cred = GNUNET_malloc (sizeof (struct GNUNET_CREDENTIAL_Credential)
+                        + strlen (attribute));
+  cred->issuer_attribute = attribute;
+  cred->issuer_attribute_len = strlen (attribute);
+  tmp = json_object_get (res, "issuer");
+  if (0 == json_is_string (tmp))
+  {
+    GNUNET_free (cred);
+    return NULL;
+  }
+
+  GNUNET_CRYPTO_ecdsa_public_key_from_string (json_string_value(tmp),
+                                              strlen (json_string_value(tmp)),
+                                              &cred->issuer_key);
+  tmp = json_object_get (res, "subject");
+  if (0 == json_is_string (tmp))
+  {
+    GNUNET_free (cred);
+    return NULL;
+  }
+  GNUNET_CRYPTO_ecdsa_public_key_from_string (json_string_value(tmp),
+                                              strlen (json_string_value(tmp)),
+                                              &cred->subject_key);
+
+  tmp = json_object_get (res, "signature");
+  if (0 == json_is_string (tmp))
+  {
+    GNUNET_free (cred);
+    return NULL;
+  }
+  signature = json_string_value (tmp);
+  GNUNET_STRINGS_base64_decode (signature,
+                                strlen (signature),
+                                (char**)&sig);
+  GNUNET_memcpy (&cred->signature,
+                 sig,
+                 sizeof (struct GNUNET_CRYPTO_EcdsaSignature));
+  GNUNET_free (sig);
+  tmp = json_object_get (res, "expiration");
+  if (0 == json_is_integer (tmp))
+  {
+    GNUNET_free (cred);
+    return NULL;
+  }
+  cred->expiration.abs_value_us = json_integer_value (tmp); 
+  return cred;
+}
+
+
 /**
  * Credential to JSON
  * @param cred the credential
@@ -254,6 +324,7 @@ credential_to_json (struct GNUNET_CREDENTIAL_Credential *cred)
 {
   char *issuer;
   char *subject;
+  char *signature;
   char attribute[cred->issuer_attribute_len + 1];
   json_t *cred_obj;
 
@@ -272,6 +343,9 @@ credential_to_json (struct GNUNET_CREDENTIAL_Credential *cred)
     GNUNET_free (issuer);
     return NULL;
   }
+  GNUNET_STRINGS_base64_encode ((char*)&cred->signature,
+                                sizeof (struct GNUNET_CRYPTO_EcdsaSignature),
+                                &signature);
   memcpy (attribute,
           cred->issuer_attribute,
           cred->issuer_attribute_len);
@@ -280,8 +354,11 @@ credential_to_json (struct GNUNET_CREDENTIAL_Credential *cred)
   json_object_set_new (cred_obj, "issuer", json_string (issuer));
   json_object_set_new (cred_obj, "subject", json_string (subject));
   json_object_set_new (cred_obj, "attribute", json_string (attribute));
+  json_object_set_new (cred_obj, "signature", json_string (signature));
+  json_object_set_new (cred_obj, "expiration", json_integer (cred->expiration.abs_value_us));
   GNUNET_free (issuer);
   GNUNET_free (subject);
+  GNUNET_free (signature);
   return cred_obj;
 }
 
@@ -377,8 +454,17 @@ verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
 {
   struct RequestHandle *handle = cls;
   struct GNUNET_HashCode key;
+  struct GNUNET_JSONAPI_Document *json_obj;
+  struct GNUNET_JSONAPI_Resource *res;
+  struct GNUNET_CREDENTIAL_Credential *cred;
   char *tmp;
   char *entity_attr;
+  int i;
+  uint32_t credential_count;
+  uint32_t resource_count;
+  json_t *cred_json;
+  json_t *data_js;
+  json_error_t err;
 
   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
               "Connecting...\n");
@@ -456,8 +542,6 @@ verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
   }
   tmp = GNUNET_CONTAINER_multihashmap_get (conndata_handle->url_param_map,
                                            &key);
-  entity_attr = GNUNET_strdup (tmp);
-  tmp = strtok(entity_attr, ".");
   if (NULL == tmp)
   {
     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
@@ -476,26 +560,74 @@ verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle,
     GNUNET_SCHEDULER_add_now (&do_error, handle);
     return;
   }
-  tmp = strtok (NULL, ".");
-  if (NULL == tmp)
+  GNUNET_free (entity_attr);
+
+  if (0 >= handle->rest_handle->data_size)
   {
     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
-                "Malformed subject attribute\n");
-    GNUNET_free (entity_attr);
-    GNUNET_SCHEDULER_add_now (&do_error, handle); 
+                "Missing credentials\n");
+    GNUNET_SCHEDULER_add_now (&do_error, handle);
     return;
   }
-  handle->subject_attr = GNUNET_strdup (tmp);
-  GNUNET_free (entity_attr);
+
+  struct GNUNET_JSON_Specification docspec[] = {
+    GNUNET_JSON_spec_jsonapi_document (&json_obj),
+    GNUNET_JSON_spec_end()
+  };
+  char term_data[handle->rest_handle->data_size+1];
+  term_data[handle->rest_handle->data_size] = '\0';
+  credential_count = 0;
+  GNUNET_memcpy (term_data,
+                 handle->rest_handle->data,
+                 handle->rest_handle->data_size);
+  data_js = json_loads (term_data,
+                        JSON_DECODE_ANY,
+                        &err);
+  GNUNET_assert (GNUNET_OK == GNUNET_JSON_parse (data_js, docspec,
+                                                 NULL, NULL));
+  json_decref (data_js);
+  if (NULL == json_obj)
+  {
+    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                "Unable to parse JSONAPI Object from %s\n",
+                term_data);
+    GNUNET_SCHEDULER_add_now (&do_error, handle);
+    return;
+  }
+
+  resource_count = GNUNET_JSONAPI_document_resource_count(json_obj);
+  struct GNUNET_CREDENTIAL_Credential credentials[credential_count];
+  for (i=0;i<resource_count;i++)
+  {
+    res = (GNUNET_JSONAPI_document_get_resource(json_obj, i));
+    if (GNUNET_NO == GNUNET_JSONAPI_resource_check_type(res,
+                                                        GNUNET_REST_JSONAPI_CREDENTIAL_TYPEINFO))
+    {
+      GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                  "Resource not a credential!\n");
+      continue;
+    }
+    credential_count++;
+    cred_json = GNUNET_JSONAPI_resource_read_attr (res,
+                                                   GNUNET_REST_JSONAPI_CREDENTIAL);
+    cred = json_to_credential (cred_json);
+    GNUNET_memcpy (&credentials[i],
+                   cred,
+                   sizeof (struct GNUNET_CREDENTIAL_Credential));
+    credentials[i].issuer_attribute = GNUNET_strdup (cred->issuer_attribute);
+    GNUNET_free (cred);
+  }
 
   handle->verify_request = GNUNET_CREDENTIAL_verify (handle->credential,
                                                      &handle->issuer_key,
                                                      handle->issuer_attr,
                                                      &handle->subject_key,
-                                                     0,
-                                                     NULL,//TODOhandle->subject_attr,
+                                                     credential_count,
+                                                     credentials,
                                                      &handle_verify_response,
                                                      handle);
+  for (i=0;i<credential_count;i++)
+    GNUNET_free ((char*)credentials[i].issuer_attribute);
 
 }