[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] 02/10: Worked on truth upload
From: |
gnunet |
Subject: |
[taler-anastasis] 02/10: Worked on truth upload |
Date: |
Wed, 15 Jan 2020 23:42:26 +0100 |
This is an automated email from the git hooks/post-receive script.
dennis-neufeld pushed a commit to branch master
in repository anastasis.
commit d7bdda52000cd8ea50757a44f865d7713a5b1300
Author: Dennis Neufeld <address@hidden>
AuthorDate: Wed Dec 25 22:12:13 2019 +0000
Worked on truth upload
---
src/backend/Makefile.am | 3 +-
src/backend/anastasis-httpd.c | 19 ++++-
src/backend/anastasis-httpd.h | 6 ++
src/backend/anastasis-httpd_policy_upload.c | 2 +-
src/backend/anastasis-httpd_truth.c | 23 +-----
src/backend/anastasis-httpd_truth.h | 11 ++-
src/backend/anastasis-httpd_truth_upload.c | 123 ++++++++++++++++++++++++++++
src/backend/anastasis.conf | 3 +
src/include/anastasis_crypto_lib.h | 11 +--
src/include/anastasis_database_plugin.h | 56 +++++++++----
src/include/anastasis_service.h | 10 ++-
src/stasis/plugin_anastasis_postgres.c | 54 ++++++++----
12 files changed, 253 insertions(+), 68 deletions(-)
diff --git a/src/backend/Makefile.am b/src/backend/Makefile.am
index 4e41dfa..901a708 100644
--- a/src/backend/Makefile.am
+++ b/src/backend/Makefile.am
@@ -16,7 +16,8 @@ anastasis_httpd_SOURCES = \
anastasis-httpd_mhd.c anastasis-httpd_mhd.h \
anastasis-httpd_policy.c anastasis-httpd_policy.h \
anastasis-httpd_policy_upload.c \
- anastasis-httpd_truth.c anastasis-httpd_truth.h
+ anastasis-httpd_truth.c anastasis-httpd_truth.h \
+ anastasis-httpd_truth_upload.c
anastasis_httpd_LDADD = \
$(top_builddir)/src/util/libanastasisutil.la \
diff --git a/src/backend/anastasis-httpd.c b/src/backend/anastasis-httpd.c
index d1d8f33..8d31620 100644
--- a/src/backend/anastasis-httpd.c
+++ b/src/backend/anastasis-httpd.c
@@ -53,6 +53,11 @@ char *AH_backend_url;
*/
char *AH_fulfillment_url;
+/**
+ * Standard time range the truth expires.
+ */
+struct GNUNET_TIME_Relative AH_truth_expiration;
+
/**
* Our context for making HTTP requests.
*/
@@ -537,7 +542,19 @@ run (void *cls,
{
GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
"anastasis",
- "BASE_URL");
+ "FULLFILLMENT_URL");
+ GNUNET_SCHEDULER_shutdown ();
+ return;
+ }
+ if (GNUNET_OK !=
+ GNUNET_CONFIGURATION_get_value_time (config,
+ "anastasis",
+ "TRUTH_EXPIRATION",
+ &AH_truth_expiration))
+ {
+ GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
+ "anastasis",
+ "TRUTH_EXPIRATION");
GNUNET_SCHEDULER_shutdown ();
return;
}
diff --git a/src/backend/anastasis-httpd.h b/src/backend/anastasis-httpd.h
index 2bf6cf3..f08edbd 100644
--- a/src/backend/anastasis-httpd.h
+++ b/src/backend/anastasis-httpd.h
@@ -154,6 +154,12 @@ extern char *AH_backend_url;
*/
extern char *AH_fulfillment_url;
+/**
+ * Standard time range the truth expires.
+ */
+extern struct GNUNET_TIME_Relative AH_truth_expiration;
+
+
/**
* Our context for making HTTP requests.
*/
diff --git a/src/backend/anastasis-httpd_policy_upload.c
b/src/backend/anastasis-httpd_policy_upload.c
index 04b0548..0581af7 100644
--- a/src/backend/anastasis-httpd_policy_upload.c
+++ b/src/backend/anastasis-httpd_policy_upload.c
@@ -761,7 +761,7 @@ AH_handler_policy_post (struct MHD_Connection *connection,
"Account signature does not match
upload");
}
}
- /* get ready to hash (done here as we may go aANASTASIS for payments next)
*/
+ /* get ready to hash (done here as we may go async for payments next) */
puc->hash_ctx = GNUNET_CRYPTO_hash_context_start ();
/* Check database to see if the transaction is permissable */
diff --git a/src/backend/anastasis-httpd_truth.c
b/src/backend/anastasis-httpd_truth.c
index 87b903e..55e0f8a 100644
--- a/src/backend/anastasis-httpd_truth.c
+++ b/src/backend/anastasis-httpd_truth.c
@@ -22,6 +22,7 @@
*/
#include "platform.h"
#include "anastasis-httpd.h"
+#include "anastasis-httpd_truth.h"
#include <gnunet/gnunet_util_lib.h>
#include <gnunet/gnunet_rest_lib.h>
@@ -39,24 +40,4 @@ AH_handler_truth_get (struct MHD_Connection *connection,
{
// FIXME: Handle truth get
return MHD_NO;
-}
-
-
-/**
- * @param connection the MHD connection to handle
- * @param con_cls the connection's closure
- * @param url handles a URL of the format "/truth/$UUID"
- * @param upload_data upload data (truth)
- * @param upload_data_size number of bytes (left) in @a upload_data
- * @return MHD result code
- */
-int
-AH_handler_truth_post (struct MHD_Connection *connection,
- void **con_cls,
- const char *url,
- const char *upload_data,
- size_t *upload_data_size)
-{
- // FIXME: Handle truth get
- return MHD_NO;
-}
+}
\ No newline at end of file
diff --git a/src/backend/anastasis-httpd_truth.h
b/src/backend/anastasis-httpd_truth.h
index 57774c5..aa3ae6e 100644
--- a/src/backend/anastasis-httpd_truth.h
+++ b/src/backend/anastasis-httpd_truth.h
@@ -38,17 +38,16 @@ AH_handler_truth_get (struct MHD_Connection *connection,
/**
* @param connection the MHD connection to handle
* @param con_cls the connection's closure
- * @param url handles a URL of the format "/truth/$UUID"
- * @param upload_data upload data (truth)
- * @param upload_data_size number of bytes (left) in @a upload_data
+ * @param url handles a URL of the format "/truth/$UUID
+ * @param truth_data truth data
+ * @param truth_data_size number of bytes (left) in @a truth_data
* @return MHD result code
*/
int
AH_handler_truth_post (struct MHD_Connection *connection,
void **con_cls,
const char *url,
- const char *upload_data,
- size_t *upload_data_size);
-
+ const char *truth_data,
+ size_t *truth_data_size);
#endif
\ No newline at end of file
diff --git a/src/backend/anastasis-httpd_truth_upload.c
b/src/backend/anastasis-httpd_truth_upload.c
new file mode 100644
index 0000000..e6477e2
--- /dev/null
+++ b/src/backend/anastasis-httpd_truth_upload.c
@@ -0,0 +1,123 @@
+/*
+ This file is part of TALER
+ Copyright (C) 2019 GNUnet e.V.
+
+ TALER is free software; you can redistribute it and/or modify it under the
+ terms of the GNU Affero General Public License as published by the Free
Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
details.
+
+ You should have received a copy of the GNU Affero General Public License
along with
+ TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+*/
+/**
+ * @file anastasis-httpd_truth.c
+ * @brief functions to handle incoming requests on /truth
+ * @author Dennis Neufeld
+ * @author Dominik Meister
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include "anastasis-httpd.h"
+#include "anastasis_service.h"
+#include "anastasis-httpd_truth.h"
+#include <gnunet/gnunet_util_lib.h>
+#include <gnunet/gnunet_rest_lib.h>
+#include <taler/taler_json_lib.h>
+#include <taler/taler_merchant_service.h>
+#include <taler/taler_signatures.h>
+#include <uuid/uuid.h>
+
+/**
+ * @param connection the MHD connection to handle
+ * @param truth information about the truth
+ * @return MHD result code
+ */
+static int
+verify_and_execute_truth (struct MHD_Connection *connection,
+ struct ANASTASIS_DB_Truth *truth,
+ const uuid_t *uuid)
+{
+ enum ANASTASIS_DB_QueryStatus qs;
+
+ qs = db->store_truth (db->cls,
+ uuid,
+ truth->keyshare_data,
+ sizeof (&truth->keyshare_data),
+ truth->truth_mime,
+ truth->encrypted_truth,
+ sizeof (&truth->encrypted_truth),
+ &truth->aes_gcm_tag,
+ &truth->nonce,
+ truth->method,
+ AH_truth_expiration);
+}
+
+/**
+ * @param connection the MHD connection to handle
+ * @param con_cls the connection's closure
+ * @param url handles a URL of the format "/truth/$UUID
+ * @param truth_data truth data
+ * @param truth_data_size number of bytes (left) in @a truth_data
+ * @return MHD result code
+ */
+int
+AH_handler_truth_post (struct MHD_Connection *connection,
+ void **con_cls,
+ const char *url,
+ const char *truth_data,
+ size_t *truth_data_size)
+{
+ json_t *json;
+ uuid_t uuid;
+ int res;
+ struct ANASTASIS_DB_Truth truth;
+
+ /* extract publickey from url */
+ GNUNET_assert (0 == strncmp (url,
+ "/truth/",
+ strlen ("/truth/")));
+ {
+ const char *uuid_str;
+
+ uuid_str = &url[strlen ("/truth/")];
+ uuid_parse (uuid_str, uuid);
+ }
+ {
+ struct GNUNET_JSON_Specification spec[] = {
+ GNUNET_JSON_spec_fixed_auto ("keyshare_data", &truth.keyshare_data),
+ GNUNET_JSON_spec_string ("method", &truth.method),
+ GNUNET_JSON_spec_uint32 ("nonce", &truth.nonce),
+ GNUNET_JSON_spec_fixed_auto ("aes_gcm_tag", &truth.aes_gcm_tag),
+ GNUNET_JSON_spec_fixed_auto ("encrypted_truth", &truth.encrypted_truth),
+ GNUNET_JSON_spec_string ("truth_mime", &truth.truth_mime),
+ GNUNET_JSON_spec_end ()
+ };
+
+ res = TALER_MHD_parse_post_json (connection,
+ con_cls,
+ truth_data,
+ truth_data_size,
+ &json);
+ if (GNUNET_SYSERR == res)
+ return MHD_NO;
+ if ( (GNUNET_NO == res) || (NULL == json) )
+ return MHD_YES;
+ res = TALER_MHD_parse_json_data (connection,
+ json,
+ spec);
+ json_decref (json);
+ if (GNUNET_SYSERR == res)
+ return MHD_NO; /* hard failure */
+ if (GNUNET_NO == res)
+ return MHD_YES; /* failure */
+ res = verify_and_execute_truth (connection,
+ &truth,
+ &uuid);
+ GNUNET_JSON_parse_free (spec);
+ return res;
+ }
+}
diff --git a/src/backend/anastasis.conf b/src/backend/anastasis.conf
index 22e00de..9c61c61 100644
--- a/src/backend/anastasis.conf
+++ b/src/backend/anastasis.conf
@@ -35,6 +35,9 @@ FULFILLMENT_URL = taler://fulfillment-success
# Base URL of our payment backend
PAYMENT_BACKEND_URL = http://localhost:9976/
+# Standard expiration time in microseconds range of truth (2 years)
+TRUTH_EXPIRATION = 63115200000000
+
# Configuration for postgres database.
[anastasisdb-postgres]
CONFIG = postgres:///anastasis
diff --git a/src/include/anastasis_crypto_lib.h
b/src/include/anastasis_crypto_lib.h
index 43b40a3..d14b1ea 100644
--- a/src/include/anastasis_crypto_lib.h
+++ b/src/include/anastasis_crypto_lib.h
@@ -18,7 +18,7 @@ struct ANASTASIS_CRYPTO_truth_key
uint32_t key[8];
};
-struct ANASTASIS_CRYPTO_salt
+struct ANASTASIS_CRYPTO_Salt
{
uint32_t key[8];
};
@@ -113,15 +113,15 @@ ANASTASIS_CRYPTO_recovery_document_decrypt (const struct
struct ANASTASIS_CRYPTO_EscrowMasterKey *
ANASTASIS_CRYPTO_escrow_master_key_create (const struct
- ANASTASIS_CRYPTO_KeyShare *
- keyShare
+ ANASTASIS_CRYPTO_KeyShare *keyShare,
unsigned int keyshare_length);
struct ANASTASIS_CRYPTO_Policy *
ANSTASIS_CRYPTO_policy_create (const struct
- ANASTASIS_CRYPTO_salt *
+ ANASTASIS_CRYPT_Salt *
salt,
+ struct
ANASTASIS_CRYPTO_encMasterkey *
masterkey,
const struct
@@ -139,7 +139,8 @@ ANASTASIS_CRYPTO_escrow_method_create (const char *base_url,
struct
ANASTASIS_CRYPTO_truth_key *
key,
- ANASTASIS_CRYPTO_salt *
+ struct
+ ANASTASIS_CRYPTO_Salt *
salt,
void *challenge,
size_t challange_size
diff --git a/src/include/anastasis_database_plugin.h
b/src/include/anastasis_database_plugin.h
index b9afe38..8c87130 100644
--- a/src/include/anastasis_database_plugin.h
+++ b/src/include/anastasis_database_plugin.h
@@ -24,10 +24,29 @@
#include <gnunet/gnunet_util_lib.h>
#include <anastasis_error_codes.h>
#include "anastasis_service.h"
+#include "anastasis_crypto_lib.h"
#include <jansson.h>
#include <taler/taler_util.h>
#include <uuid/uuid.h>
+/**
+ * @brief Specification for a /truth operation.
+ */
+struct ANASTASIS_DB_Truth
+{
+ const void *keyshare_data;
+
+ uint32_t nonce;
+
+ // AES_GCM_Tag
+ unsigned char aes_gcm_tag[16];
+
+ const void *encrypted_truth;
+
+ const char *truth_mime;
+
+ const char *method;
+};
/**
* Function called on all pending payments for an account.
@@ -217,24 +236,33 @@ struct ANASTASIS_DatabasePlugin
uint32_t *version);
/**
- * Upload Truth, which contains the Truth and the KeyShare.
- *
- * @param cls closure
- * @param uuid the identifier for the Truth
- * @param truth_data contains the encrypted Truth which includes the ground
truth i.e. H(challange answer), phonenumber, SMS
- * @param truth_data_size the size of the Truth
- * @param truth_expiration time till the according data will be stored
- * @return transaction status
- */
+ * Upload Truth, which contains the Truth and the KeyShare.
+ *
+ * @param cls closure
+ * @param uuid the identifier for the Truth
+ * @param key_share_data contains information of an EncryptedKeyShare
+ * @param key_share_data_size size of key_share_data
+ * @param method name of method
+ * @param nonce nonce used to compute encryption key for encrypted_truth
+ * @param aes_gcm_tag authentication tag of encrypted_truth
+ * @param encrypted_truth contains the encrypted Truth which includes the
ground truth i.e. H(challange answer), phonenumber, SMS
+ * @param encrypted_truth_size the size of the Truth
+ * @param truth_expiration time till the according data will be stored
+ * @return transaction status
+ */
enum ANASTASIS_DB_QueryStatus
(*store_truth)(void *cls,
const uuid_t *uuid,
- const void *truth_data,
- size_t truth_data_size,
+ const void *key_share_data,
+ size_t key_share_data_size,
const char *mime_type,
- const void *encrypted_key_share,
- size_t encrypted_key_share_size,
- struct GNUNET_TIME_Relative truth_expiration);
+ const void *encrypted_truth,
+ size_t encrypted_truth_size,
+ const unsigned char aes_gcm_tag[16],
+ const uint32_t *nonce,
+ const char *method,
+ struct
+ GNUNET_TIME_Relative truth_expiration);
/**
diff --git a/src/include/anastasis_service.h b/src/include/anastasis_service.h
index e99a851..530b317 100644
--- a/src/include/anastasis_service.h
+++ b/src/include/anastasis_service.h
@@ -27,6 +27,7 @@
#include <gnunet/gnunet_curl_lib.h>
#include <jansson.h>
#include "anastasis_error_codes.h"
+#include <uuid/uuid.h>
GNUNET_NETWORK_STRUCT_BEGIN
@@ -58,6 +59,13 @@ struct ANASTASIS_PaymentSecretP
struct ANASTASIS_SaltOperation;
+/**
+ * Uuid used for truth upload/download
+ */
+struct ANASTASIS_UuidP
+{
+ uuid_t uuid;
+};
/**
* Data signed by the account public key of a sync client to
@@ -66,7 +74,7 @@ struct ANASTASIS_SaltOperation;
struct ANASTASIS_UploadSignaturePS
{
/**
- * Set to #TALER_SIGNATURE_ANASTASIS_BACKUP_UPLOAD.
+ * Set to #TALER_SIGNATURE_ANASTASIS_POLICY_UPLOAD.
*/
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
diff --git a/src/stasis/plugin_anastasis_postgres.c
b/src/stasis/plugin_anastasis_postgres.c
index 9d43764..c51c1bf 100644
--- a/src/stasis/plugin_anastasis_postgres.c
+++ b/src/stasis/plugin_anastasis_postgres.c
@@ -712,20 +712,29 @@ postgres_record_payment (void *cls,
*
* @param cls closure
* @param uuid the identifier for the Truth
- * @param truth_data contains the encrypted Truth which includes the ground
truth i.e. H(challange answer), phonenumber, SMS
- * @param truth_data_size the size of the Truth
+ * @param key_share_data contains information of an EncryptedKeyShare
+ * @param key_share_data_size size of key_share_data
+ * @param method name of method
+ * @param nonce nonce used to compute encryption key for encrypted_truth
+ * @param aes_gcm_tag authentication tag of encrypted_truth
+ * @param encrypted_truth contains the encrypted Truth which includes the
ground truth i.e. H(challange answer), phonenumber, SMS
+ * @param encrypted_truth_size the size of the Truth
* @param truth_expiration time till the according data will be stored
* @return transaction status
*/
static enum ANASTASIS_DB_QueryStatus
postgres_store_truth (void *cls,
const uuid_t *uuid,
- const void *truth_data,
- size_t truth_data_size,
+ const void *key_share_data,
+ size_t key_share_data_size,
const char *mime_type,
- const void *encrypted_key_share,
- size_t encrypted_key_share_size,
- struct GNUNET_TIME_Relative truth_expiration)
+ const void *encrypted_truth,
+ size_t encrypted_truth_size,
+ const unsigned char aes_gcm_tag[16],
+ const uint32_t *nonce,
+ const char *method,
+ struct
+ GNUNET_TIME_Relative truth_expiration)
{
struct PostgresClosure *pg = cls;
enum ANASTASIS_DB_QueryStatus qs;
@@ -746,10 +755,13 @@ postgres_store_truth (void *cls,
{
struct GNUNET_PQ_QueryParam params[] = {
GNUNET_PQ_query_param_auto_from_type (uuid),
- GNUNET_PQ_query_param_fixed_size (truth_data, truth_data_size),
+ GNUNET_PQ_query_param_fixed_size (key_share_data, key_share_data_size),
+ GNUNET_PQ_query_param_string (method),
+ GNUNET_PQ_query_param_auto_from_type (nonce),
+ GNUNET_PQ_query_param_auto_from_type (aes_gcm_tag),
+ GNUNET_PQ_query_param_fixed_size (encrypted_truth,
+ encrypted_truth_size),
GNUNET_PQ_query_param_string (mime_type),
- GNUNET_PQ_query_param_fixed_size (encrypted_key_share,
- encrypted_key_share_size),
TALER_PQ_query_param_absolute_time (&expiration),
GNUNET_PQ_query_param_end
};
@@ -1044,9 +1056,12 @@ libanastasis_plugin_db_postgres_init (void *cls)
contract terms table */
GNUNET_PQ_make_execute ("CREATE TABLE IF NOT EXISTS anastasis_truth"
"( truth_id UUID PRIMARY KEY NOT NULL,"
- "truth BYTEA NOT NULL,"
- "mime_type VARCHAR,"
- "key_share BYTEA NOT NULL,"
+ "key_share_data BYTEA NOT NULL,"
+ "method VARCHAR,"
+ "nonce BYTEA NOT NULL,"
+ "aes_gcm_tag BYTEA NOT NULL"
+ "encrypted_truth BYTEA NOT NULL,"
+ "truth_mime VARCHAR,"
"expiration TIMESTAMP NOT NULL"
");"),
GNUNET_PQ_make_execute ("CREATE TABLE IF NOT EXISTS anastasis_user"
@@ -1107,13 +1122,16 @@ libanastasis_plugin_db_postgres_init (void *cls)
GNUNET_PQ_make_prepare ("truth_insert",
"INSERT INTO anastasis_truth "
"(truth_id"
- ",truth"
- ",mime_type"
- ",key_share"
+ ",key_share_data"
+ ",method"
+ ",nonce"
+ ",aes_gcm_tag"
+ ",encrypted_truth"
+ ",truth_mime"
",expiration"
") VALUES "
- "($1, $2, $3, $4, $5);",
- 5),
+ "($1, $2, $3, $4, $5, $6, $7);",
+ 7),
GNUNET_PQ_make_prepare ("recovery_document_insert",
"INSERT INTO anastasis_recoverydocument "
"(user_id"
--
To stop receiving notification emails like this one, please contact
address@hidden.
- [taler-anastasis] branch master updated (62e9415 -> 673a9dc), gnunet, 2020/01/15
- [taler-anastasis] 01/10: Added testing command for policy lookup, gnunet, 2020/01/15
- [taler-anastasis] 08/10: Worked on uploading truth, gnunet, 2020/01/15
- [taler-anastasis] 10/10: Merged, gnunet, 2020/01/15
- [taler-anastasis] 03/10: Modified db table anastasis_truth, gnunet, 2020/01/15
- [taler-anastasis] 04/10: Worked on escrow challenge, gnunet, 2020/01/15
- [taler-anastasis] 09/10: Merged, gnunet, 2020/01/15
- [taler-anastasis] 05/10: Worked on escrow challenge, gnunet, 2020/01/15
- [taler-anastasis] 07/10: Worked on truth upload, gnunet, 2020/01/15
- [taler-anastasis] 06/10: Worked on escrow challenge, gnunet, 2020/01/15
- [taler-anastasis] 02/10: Worked on truth upload,
gnunet <=