From d03ce063cf660a1f9f37b917eab3747a40937d68 Mon Sep 17 00:00:00 2001 From: "Schanzenbach, Martin" Date: Tue, 13 Dec 2016 10:18:40 +0100 Subject: [PATCH] -more rest --- src/credential/credential_api.c | 2 +- src/credential/gnunet-service-credential.c | 2 +- src/credential/plugin_gnsrecord_credential.c | 4 +- src/credential/plugin_rest_credential.c | 153 ++++++++++++++++++- src/include/gnunet_credential_service.h | 2 +- 5 files changed, 153 insertions(+), 10 deletions(-) diff --git a/src/credential/credential_api.c b/src/credential/credential_api.c index 5bc1e52f1..54a02484d 100644 --- a/src/credential/credential_api.c +++ b/src/credential/credential_api.c @@ -457,7 +457,7 @@ GNUNET_CREDENTIAL_issue (struct GNUNET_CREDENTIAL_Handle *handle, if (GNUNET_OK != GNUNET_CRYPTO_ecdsa_sign (issuer, &crd->purpose, - &crd->sig)) + &crd->signature)) { GNUNET_break (0); GNUNET_free (crd); diff --git a/src/credential/gnunet-service-credential.c b/src/credential/gnunet-service-credential.c index f07c777d6..e0e845468 100644 --- a/src/credential/gnunet-service-credential.c +++ b/src/credential/gnunet-service-credential.c @@ -533,7 +533,7 @@ handle_credential_query (void* cls, crd = rd[i].data; if(GNUNET_OK != GNUNET_CRYPTO_ecdsa_verify(GNUNET_SIGNATURE_PURPOSE_CREDENTIAL, &crd->purpose, - &crd->sig, + &crd->signature, &crd->issuer_key)) { GNUNET_log (GNUNET_ERROR_TYPE_WARNING, diff --git a/src/credential/plugin_gnsrecord_credential.c b/src/credential/plugin_gnsrecord_credential.c index ece4be1e3..281113a34 100644 --- a/src/credential/plugin_gnsrecord_credential.c +++ b/src/credential/plugin_gnsrecord_credential.c @@ -98,7 +98,7 @@ credential_value_to_string (void *cls, issuer_pkey = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred.issuer_key); etime_abs.abs_value_us = GNUNET_ntohll(cred.expiration); expiration = GNUNET_STRINGS_absolute_time_to_string (etime_abs); - GNUNET_STRINGS_base64_encode ((char*)&cred.sig, + GNUNET_STRINGS_base64_encode ((char*)&cred.signature, sizeof (struct GNUNET_CRYPTO_EcdsaSignature), &signature); GNUNET_asprintf (&cred_str, @@ -219,7 +219,7 @@ credential_string_to_value (void *cls, GNUNET_STRINGS_base64_decode (signature, strlen (signature), (char**)&sig); - cred->sig = *sig; + cred->signature = *sig; cred->expiration = GNUNET_htonll (etime_abs.abs_value_us); cred->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_CREDENTIAL); cred->purpose.size = htonl (strlen (name) + 1 + sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) + diff --git a/src/credential/plugin_rest_credential.c b/src/credential/plugin_rest_credential.c index 51d91079a..137f55c47 100644 --- a/src/credential/plugin_rest_credential.c +++ b/src/credential/plugin_rest_credential.c @@ -37,6 +37,12 @@ #define GNUNET_REST_API_NS_CREDENTIAL "/credential" +#define GNUNET_REST_JSONAPI_CREDENTIAL "credential" + +#define GNUNET_REST_JSONAPI_CREDENTIAL_TYPEINFO "credential" + +#define GNUNET_REST_JSONAPI_CREDENTIAL_CHAIN "chain" + #define GNUNET_REST_JSONAPI_CREDENTIAL_ISSUER_ATTR "attribute" #define GNUNET_REST_JSONAPI_CREDENTIAL_SUBJECT_ATTR "credential" @@ -174,6 +180,143 @@ do_error (void *cls) cleanup_handle (handle); } +/** + * Attribute delegation to JSON + * @param attr the attribute + * @return JSON, NULL if failed + */ +static json_t* +attribute_delegation_to_json (struct GNUNET_CREDENTIAL_AttributeRecordData *attr) +{ + char *subject; + char *attribute; + json_t *attr_obj; + + subject = GNUNET_CRYPTO_ecdsa_public_key_to_string (&attr->subject_key); + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Subject in credential malformed\n"); + return NULL; + } + attribute = (char*)&attr[1]; + attr_obj = json_object (); + json_object_set_new (attr_obj, "subject", json_string (subject)); + json_object_set_new (attr_obj, "attribute", json_string (attribute)); + GNUNET_free (subject); + return attr_obj; +} + +/** + * Credential to JSON + * @param cred the credential + * @return the resulting json, NULL if failed + */ +static json_t* +credential_to_json (struct GNUNET_CREDENTIAL_CredentialRecordData *cred) +{ + struct GNUNET_TIME_Absolute exp; + const char* exp_str; + char *issuer; + char *subject; + char *attribute; + char *signature; + json_t *cred_obj; + + issuer = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->issuer_key); + if (NULL == issuer) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Issuer in credential malformed\n"); + return NULL; + } + subject = GNUNET_CRYPTO_ecdsa_public_key_to_string (&cred->subject_key); + if (NULL == subject) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Subject in credential malformed\n"); + GNUNET_free (issuer); + return NULL; + } + GNUNET_STRINGS_base64_encode ((char*)&cred->signature, + sizeof (struct GNUNET_CRYPTO_EcdsaSignature), + &signature); + attribute = (char*)&cred[1]; + exp.abs_value_us = ntohs (cred->expiration); + exp_str = GNUNET_STRINGS_absolute_time_to_string (exp); + cred_obj = json_object (); + json_object_set_new (cred_obj, "issuer", json_string (issuer)); + json_object_set_new (cred_obj, "subject", json_string (subject)); + json_object_set_new (cred_obj, "attribute", json_string (attribute)); + json_object_set_new (cred_obj, "signature", json_string (signature)); + json_object_set_new (cred_obj, "expiration", json_string (exp_str)); + GNUNET_free (issuer); + GNUNET_free (subject); + GNUNET_free (signature); + return cred_obj; +} + +/** + * Function called with the result of a Credential lookup. + * + * @param cls the 'const char *' name that was resolved + * @param cd_count number of records returned + * @param cd array of @a cd_count records with the results + */ +static void +handle_verify_response (void *cls, + struct GNUNET_CREDENTIAL_CredentialRecordData *cred, + uint32_t delegation_count, + struct GNUNET_CREDENTIAL_AttributeRecordData *deleg) +{ + + struct VerifyHandle *handle = cls; + struct MHD_Response *resp; + struct GNUNET_JSONAPI_Document *json_document; + struct GNUNET_JSONAPI_Resource *json_resource; + json_t *cred_obj; + json_t *attr_obj; + json_t *result_array; + char *result; + uint32_t i; + + handle->verify_request = NULL; + if (NULL == cred) { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Verify failed.\n"); + handle->response_code = MHD_HTTP_NOT_FOUND; + GNUNET_SCHEDULER_add_now (&do_error, handle); + return; + } + json_document = GNUNET_JSONAPI_document_new (); + json_resource = GNUNET_JSONAPI_resource_new (GNUNET_REST_JSONAPI_CREDENTIAL_TYPEINFO, + handle->issuer_attr); + cred_obj = credential_to_json (cred); + result_array = json_array (); + for (i = 0; i < delegation_count; i++) + { + attr_obj = attribute_delegation_to_json (&(deleg[i])); + json_array_append (result_array, attr_obj); + json_decref (attr_obj); + } + GNUNET_JSONAPI_resource_add_attr (json_resource, + GNUNET_REST_JSONAPI_CREDENTIAL, + cred_obj); + GNUNET_JSONAPI_resource_add_attr (json_resource, + GNUNET_REST_JSONAPI_CREDENTIAL_CHAIN, + result_array); + GNUNET_JSONAPI_document_resource_add (json_document, json_resource); + GNUNET_JSONAPI_document_serialize (json_document, &result); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Result %s\n", + result); + json_decref (result_array); + GNUNET_JSONAPI_document_delete (json_document); + resp = GNUNET_REST_create_response (result); + handle->proc (handle->proc_cls, resp, MHD_HTTP_OK); + GNUNET_free (result); + cleanup_handle (handle); +} + static void verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle, @@ -292,14 +435,14 @@ verify_cred_cont (struct GNUNET_REST_RequestHandle *conndata_handle, } handle->subject_attr = GNUNET_strdup (tmp); GNUNET_free (entity_attr); - + handle->verify_request = GNUNET_CREDENTIAL_verify (handle->credential, &handle->issuer_key, handle->issuer_attr, &handle->subject_key, handle->subject_attr, - NULL, - NULL); + &handle_verify_response, + handle); } @@ -341,8 +484,8 @@ options_cont (struct GNUNET_REST_RequestHandle *con_handle, */ static void rest_credential_process_request(struct GNUNET_REST_RequestHandle *conndata_handle, - GNUNET_REST_ResultProcessor proc, - void *proc_cls) + GNUNET_REST_ResultProcessor proc, + void *proc_cls) { struct VerifyHandle *handle = GNUNET_new (struct VerifyHandle); struct GNUNET_REST_RequestHandlerError err; diff --git a/src/include/gnunet_credential_service.h b/src/include/gnunet_credential_service.h index f7b09b3ff..549c25ef8 100644 --- a/src/include/gnunet_credential_service.h +++ b/src/include/gnunet_credential_service.h @@ -81,7 +81,7 @@ struct GNUNET_CREDENTIAL_CredentialRecordData { /** * The signature for this credential by the issuer */ - struct GNUNET_CRYPTO_EcdsaSignature sig; + struct GNUNET_CRYPTO_EcdsaSignature signature; /** * Signature meta -- 2.25.1