[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r36866 - in gnunet/src: identity-provider include
From: |
gnunet |
Subject: |
[GNUnet-SVN] r36866 - in gnunet/src: identity-provider include |
Date: |
Sun, 24 Jan 2016 11:44:10 +0100 |
Author: schanzen
Date: 2016-01-24 11:44:10 +0100 (Sun, 24 Jan 2016)
New Revision: 36866
Modified:
gnunet/src/identity-provider/gnunet-service-identity-provider.c
gnunet/src/identity-provider/identity_provider.h
gnunet/src/identity-provider/identity_provider_api.c
gnunet/src/identity-provider/identity_token.c
gnunet/src/identity-provider/identity_token.h
gnunet/src/identity-provider/plugin_rest_identity_provider.c
gnunet/src/include/gnunet_identity_provider_service.h
Log:
- fix
Modified: gnunet/src/identity-provider/gnunet-service-identity-provider.c
===================================================================
--- gnunet/src/identity-provider/gnunet-service-identity-provider.c
2016-01-23 13:47:22 UTC (rev 36865)
+++ gnunet/src/identity-provider/gnunet-service-identity-provider.c
2016-01-24 10:44:10 UTC (rev 36866)
@@ -876,7 +876,8 @@
static struct GNUNET_IDENTITY_PROVIDER_ExchangeResultMessage*
create_exchange_result_message (const char* token,
- const char* label)
+ const char* label,
+ uint64_t ticket_nonce)
{
struct GNUNET_IDENTITY_PROVIDER_ExchangeResultMessage *erm;
uint16_t token_len = strlen (token) + 1;
@@ -885,6 +886,7 @@
erm->header.type = htons
(GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_EXCHANGE_RESULT);
erm->header.size = htons (sizeof (struct
GNUNET_IDENTITY_PROVIDER_ExchangeResultMessage)
+ token_len);
+ erm->ticket_nonce = htonl (ticket_nonce);
memcpy (&erm[1], token, token_len);
return erm;
}
@@ -1007,12 +1009,12 @@
//Remote nonce
nonce_str = NULL;
- GNUNET_asprintf (&nonce_str, "%d", handle->nonce);
+ GNUNET_asprintf (&nonce_str, "%lu", handle->nonce);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Request nonce: %s\n", nonce_str);
GNUNET_CRYPTO_ecdsa_key_get_public (&handle->iss_key,
&pub_key);
- handle->ticket = ticket_create (nonce_str,
+ handle->ticket = ticket_create (handle->nonce,
&pub_key,
handle->label,
&handle->aud_key);
@@ -1190,7 +1192,8 @@
&token_str));
erm = create_exchange_result_message (token_str,
- handle->label);
+ handle->label,
+ handle->ticket->payload->nonce);
GNUNET_SERVER_notification_context_unicast (nc,
handle->client,
&erm->header,
Modified: gnunet/src/identity-provider/identity_provider.h
===================================================================
--- gnunet/src/identity-provider/identity_provider.h 2016-01-23 13:47:22 UTC
(rev 36865)
+++ gnunet/src/identity-provider/identity_provider.h 2016-01-24 10:44:10 UTC
(rev 36866)
@@ -81,10 +81,10 @@
struct GNUNET_MessageHeader header;
/**
- * Number of bytes in token string including 0-termination, in NBO;
+ * Nonce found in ticket. NBO
* 0 on error.
*/
- uint16_t name_len GNUNET_PACKED;
+ uint64_t ticket_nonce GNUNET_PACKED;
/* followed by 0-terminated token */
Modified: gnunet/src/identity-provider/identity_provider_api.c
===================================================================
--- gnunet/src/identity-provider/identity_provider_api.c 2016-01-23
13:47:22 UTC (rev 36865)
+++ gnunet/src/identity-provider/identity_provider_api.c 2016-01-24
10:44:10 UTC (rev 36866)
@@ -197,6 +197,7 @@
char *token_str;
char *label_str;
uint16_t size;
+ uint64_t ticket_nonce;
if (NULL == msg)
{
@@ -295,8 +296,9 @@
GNUNET_CLIENT_receive (h->client, &message_handler, h,
GNUNET_TIME_UNIT_FOREVER_REL);
token.data = str;
+ ticket_nonce = ntohl (erm->ticket_nonce);
if (NULL != op->ex_cb)
- op->ex_cb (op->cls, &token);
+ op->ex_cb (op->cls, &token, ticket_nonce);
GNUNET_free (op);
break;
Modified: gnunet/src/identity-provider/identity_token.c
===================================================================
--- gnunet/src/identity-provider/identity_token.c 2016-01-23 13:47:22 UTC
(rev 36865)
+++ gnunet/src/identity-provider/identity_token.c 2016-01-24 10:44:10 UTC
(rev 36866)
@@ -597,7 +597,7 @@
}
struct TokenTicketPayload*
-ticket_payload_create (const char* nonce,
+ticket_payload_create (uint64_t nonce,
const struct GNUNET_CRYPTO_EcdsaPublicKey*
identity_pkey,
const char* lbl_str)
{
@@ -604,7 +604,7 @@
struct TokenTicketPayload* payload;
payload = GNUNET_malloc (sizeof (struct TokenTicketPayload));
- GNUNET_asprintf (&payload->nonce, nonce, strlen (nonce));
+ payload->nonce = nonce;
payload->identity_key = *identity_pkey;
GNUNET_asprintf (&payload->label, lbl_str, strlen (lbl_str));
return payload;
@@ -613,8 +613,6 @@
void
ticket_payload_destroy (struct TokenTicketPayload* payload)
{
- if (NULL != payload->nonce)
- GNUNET_free (payload->nonce);
if (NULL != payload->label)
GNUNET_free (payload->label);
GNUNET_free (payload);
@@ -630,7 +628,7 @@
sizeof (struct
GNUNET_CRYPTO_EcdsaPublicKey));
GNUNET_asprintf (result,
- "{\"nonce\": \"%u\",\"identity\": \"%s\",\"label\":
\"%s\"}",
+ "{\"nonce\": \"%lu\",\"identity\": \"%s\",\"label\":
\"%s\"}",
payload->nonce, identity_key_str, payload->label);
GNUNET_free (identity_key_str);
@@ -645,7 +643,7 @@
* data and E
*/
struct TokenTicket*
-ticket_create (const char* nonce_str,
+ticket_create (uint64_t nonce,
const struct GNUNET_CRYPTO_EcdsaPublicKey* identity_pkey,
const char* lbl_str,
const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key)
@@ -654,7 +652,7 @@
struct TokenTicketPayload *code_payload;
ticket = GNUNET_malloc (sizeof (struct TokenTicket));
- code_payload = ticket_payload_create (nonce_str,
+ code_payload = ticket_payload_create (nonce,
identity_pkey,
lbl_str);
ticket->aud_key = *aud_key;
@@ -755,6 +753,7 @@
json_t *nonce_json;
json_error_t err_json;
char* data_str;
+ uint64_t nonce;
struct GNUNET_CRYPTO_EcdsaPublicKey id_pkey;
if (GNUNET_OK != decrypt_str_ecdhe (priv_key,
@@ -818,8 +817,10 @@
nonce_str = json_string_value (nonce_json);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Found nonce: %s\n", nonce_str);
+
+ GNUNET_assert (0 != sscanf (nonce_str, "%lu", &nonce));
- *result = ticket_payload_create (nonce_str,
+ *result = ticket_payload_create (nonce,
(const struct
GNUNET_CRYPTO_EcdsaPublicKey*)&id_pkey,
label_str);
GNUNET_free (data_str);
Modified: gnunet/src/identity-provider/identity_token.h
===================================================================
--- gnunet/src/identity-provider/identity_token.h 2016-01-23 13:47:22 UTC
(rev 36865)
+++ gnunet/src/identity-provider/identity_token.h 2016-01-24 10:44:10 UTC
(rev 36866)
@@ -110,7 +110,7 @@
/**
* Nonce
*/
- char* nonce;
+ uint64_t nonce;
/**
* Label
@@ -293,7 +293,7 @@
* Creates a ticket that can be exchanged by the audience for
* the token. The token must be placed under the label
*
- * @param nonce_str nonce provided by the audience that requested the ticket
+ * @param nonce nonce provided by the audience that requested the ticket
* @param iss_pkey the issuer pubkey used to sign the ticket
* @param label the label encoded in the ticket
* @param aud_ley the audience pubkey used to encrypt the ticket payload
@@ -301,7 +301,7 @@
* @return the ticket
*/
struct TokenTicket*
-ticket_create (const char* nonce_str,
+ticket_create (uint64_t nonce,
const struct GNUNET_CRYPTO_EcdsaPublicKey* iss_pkey,
const char* lbl_str,
const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key);
Modified: gnunet/src/identity-provider/plugin_rest_identity_provider.c
===================================================================
--- gnunet/src/identity-provider/plugin_rest_identity_provider.c
2016-01-23 13:47:22 UTC (rev 36865)
+++ gnunet/src/identity-provider/plugin_rest_identity_provider.c
2016-01-24 10:44:10 UTC (rev 36866)
@@ -62,6 +62,11 @@
#define GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TICKET "ticket"
/**
+ * The parameter name in which the expected nonce must be provided
+ */
+#define GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_EXPECTED_NONCE "expected_nonce"
+
+/**
* The parameter name in which the ticket must be provided
*/
#define GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TOKEN "token"
@@ -767,14 +772,45 @@
*/
static void
exchange_cont (void *cls,
- const struct GNUNET_IDENTITY_PROVIDER_Token *token)
+ const struct GNUNET_IDENTITY_PROVIDER_Token *token,
+ uint64_t ticket_nonce)
{
json_t *root;
struct RequestHandle *handle = cls;
struct MHD_Response *resp;
+ struct GNUNET_HashCode key;
char* result;
char* token_str;
+ char* nonce_str;
+ uint64_t expected_nonce;
+
+ //Get nonce
+ GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_EXPECTED_NONCE,
+ strlen
(GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_EXPECTED_NONCE),
+ &key);
+ if ( GNUNET_NO ==
+ GNUNET_CONTAINER_multihashmap_contains
(handle->conndata_handle->url_param_map,
+ &key) )
+ {
+ handle->emsg = GNUNET_strdup ("No nonce given.");
+ GNUNET_SCHEDULER_add_now (&do_error, handle);
+ return;
+ }
+ nonce_str = GNUNET_CONTAINER_multihashmap_get
(handle->conndata_handle->url_param_map,
+ &key);
+ GNUNET_assert (1 == sscanf (nonce_str, "%lu", &expected_nonce));
+
+ if (ticket_nonce != expected_nonce)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Ticket nonce %lu does not match expected nonce %lu\n",
+ ticket_nonce, expected_nonce);
+ handle->emsg = GNUNET_strdup ("Ticket nonce does not match expected
nonce\n");
+ GNUNET_SCHEDULER_add_now (&do_error, handle);
+ return;
+ }
+
root = json_object ();
token_str = GNUNET_IDENTITY_PROVIDER_token_to_string (token);
json_object_set_new (root, "token", json_string (token_str));
@@ -820,6 +856,7 @@
return;
}
+ //Get ticket
GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TICKET,
strlen (GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TICKET),
&key);
@@ -834,7 +871,6 @@
}
ticket_str = GNUNET_CONTAINER_multihashmap_get
(handle->conndata_handle->url_param_map,
&key);
-
handle->priv_key = GNUNET_IDENTITY_ego_get_private_key (ego);
GNUNET_IDENTITY_PROVIDER_string_to_ticket (ticket_str,
&ticket);
Modified: gnunet/src/include/gnunet_identity_provider_service.h
===================================================================
--- gnunet/src/include/gnunet_identity_provider_service.h 2016-01-23
13:47:22 UTC (rev 36865)
+++ gnunet/src/include/gnunet_identity_provider_service.h 2016-01-24
10:44:10 UTC (rev 36866)
@@ -75,7 +75,8 @@
*/
typedef void
(*GNUNET_IDENTITY_PROVIDER_ExchangeCallback)(void *cls,
- const struct GNUNET_IDENTITY_PROVIDER_Token
*token);
+ const struct GNUNET_IDENTITY_PROVIDER_Token *token,
+ uint64_t ticket_nonce);
/**
* Method called when a token has been issued.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r36866 - in gnunet/src: identity-provider include,
gnunet <=