GNUnet  0.11.x
plugin_reclaim_credential_jwt.c
Go to the documentation of this file.
1 /*
2  This file is part of GNUnet
3  Copyright (C) 2013, 2014, 2016 GNUnet e.V.
4 
5  GNUnet is free software: you can redistribute it and/or modify it
6  under the terms of the GNU Affero General Public License as published
7  by the Free Software Foundation, either version 3 of the License,
8  or (at your option) any later version.
9 
10  GNUnet is distributed in the hope that it will be useful, but
11  WITHOUT ANY WARRANTY; without even the implied warranty of
12  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  Affero General Public License for more details.
14 
15  You should have received a copy of the GNU Affero General Public License
16  along with this program. If not, see <http://www.gnu.org/licenses/>.
17 
18  SPDX-License-Identifier: AGPL3.0-or-later
19  */
20 
28 #include "platform.h"
29 #include "gnunet_util_lib.h"
30 #include "gnunet_reclaim_plugin.h"
31 #include <inttypes.h>
32 #include <jansson.h>
33 
43 static char *
45  uint32_t type,
46  const void *data,
47  size_t data_size)
48 {
49  switch (type)
50  {
52  return GNUNET_strndup (data, data_size);
53 
54  default:
55  return NULL;
56  }
57 }
58 
59 
71 static int
73  uint32_t type,
74  const char *s,
75  void **data,
76  size_t *data_size)
77 {
78  if (NULL == s)
79  return GNUNET_SYSERR;
80  switch (type)
81  {
83  *data = GNUNET_strdup (s);
84  *data_size = strlen (s) + 1;
85  return GNUNET_OK;
86 
87  default:
88  return GNUNET_SYSERR;
89  }
90 }
91 
92 
97 static struct
98 {
99  const char *name;
100  uint32_t number;
102  { NULL, UINT32_MAX } };
103 
111 static uint32_t
112 jwt_typename_to_number (void *cls, const char *jwt_typename)
113 {
114  unsigned int i;
115 
116  i = 0;
117  while ((NULL != jwt_cred_name_map[i].name) &&
118  (0 != strcasecmp (jwt_typename, jwt_cred_name_map[i].name)))
119  i++;
120  return jwt_cred_name_map[i].number;
121 }
122 
123 
131 static const char *
132 jwt_number_to_typename (void *cls, uint32_t type)
133 {
134  unsigned int i;
135 
136  i = 0;
137  while ((NULL != jwt_cred_name_map[i].name) && (type !=
139  number))
140  i++;
141  return jwt_cred_name_map[i].name;
142 }
143 
144 
154  const char *data,
155  size_t data_size)
156 {
157  char *jwt_string;
158  struct GNUNET_RECLAIM_AttributeList *attrs;
159  char delim[] = ".";
160  char *val_str = NULL;
161  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n");
162  char *decoded_jwt;
163  char *tmp;
164  json_t *json_val;
165  json_error_t *json_err = NULL;
166 
167  attrs = GNUNET_new (struct GNUNET_RECLAIM_AttributeList);
168 
169  jwt_string = GNUNET_strndup (data, data_size);
170  const char *jwt_body = strtok (jwt_string, delim);
171  jwt_body = strtok (NULL, delim);
172  GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body),
173  (void **) &decoded_jwt);
174  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Decoded JWT: %s\n", decoded_jwt);
175  GNUNET_assert (NULL != decoded_jwt);
176  json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, json_err);
177  GNUNET_free (decoded_jwt);
178  const char *key;
179  const char *addr_key;
180  json_t *value;
181  json_t *addr_value;
182 
183  json_object_foreach (json_val, key, value) {
184  if (0 == strcmp ("iss", key))
185  continue;
186  if (0 == strcmp ("jti", key))
187  continue;
188  if (0 == strcmp ("exp", key))
189  continue;
190  if (0 == strcmp ("iat", key))
191  continue;
192  if (0 == strcmp ("nbf", key))
193  continue;
194  if (0 == strcmp ("aud", key))
195  continue;
196  if (0 == strcmp ("address", key))
197  {
198  if (!json_is_object(value)) {
200  "address claim in wrong format!");
201  continue;
202  }
203  json_object_foreach (value, addr_key, addr_value) {
204  val_str = json_dumps (addr_value, JSON_ENCODE_ANY);
205  tmp = val_str;
206  //Remove leading " from jasson conversion
207  if (tmp[0] == '"')
208  tmp++;
209  //Remove trailing " from jansson conversion
210  if (tmp[strlen(tmp)-1] == '"')
211  tmp[strlen(tmp)-1] = '\0';
213  addr_key,
214  NULL,
216  tmp,
217  strlen (val_str));
218  GNUNET_free (val_str);
219  }
220  continue;
221  }
222  val_str = json_dumps (value, JSON_ENCODE_ANY);
223  tmp = val_str;
224  //Remove leading " from jasson conversion
225  if (tmp[0] == '"')
226  tmp++;
227  //Remove trailing " from jansson conversion
228  if (tmp[strlen(tmp)-1] == '"')
229  tmp[strlen(tmp)-1] = '\0';
231  key,
232  NULL,
234  tmp,
235  strlen (val_str));
236  GNUNET_free (val_str);
237  }
238  json_decref (json_val);
239  GNUNET_free (jwt_string);
240  return attrs;
241 }
242 
243 
253  const struct GNUNET_RECLAIM_Credential *cred)
254 {
255  return jwt_parse_attributes (cls, cred->data, cred->data_size);
256 }
257 
258 
268  const struct GNUNET_RECLAIM_Presentation *cred)
269 {
270  return jwt_parse_attributes (cls, cred->data, cred->data_size);
271 }
272 
273 
281 char *
282 jwt_get_issuer (void *cls,
283  const char *data,
284  size_t data_size)
285 {
286  const char *jwt_body;
287  char *jwt_string;
288  char delim[] = ".";
289  char *issuer = NULL;
290  char *decoded_jwt;
291  json_t *issuer_json;
292  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n");
293  json_t *json_val;
294  json_error_t *json_err = NULL;
295 
296  jwt_string = GNUNET_strndup (data, data_size);
297  jwt_body = strtok (jwt_string, delim);
298  jwt_body = strtok (NULL, delim);
299  GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body),
300  (void **) &decoded_jwt);
301  json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, json_err);
302  GNUNET_free (decoded_jwt);
303  GNUNET_free (jwt_string);
304  if (NULL == json_val)
305  return NULL;
306  issuer_json = json_object_get (json_val, "iss");
307  if ((NULL == issuer_json) || (! json_is_string (issuer_json))) {
308  json_decref (json_val);
309  return NULL;
310  }
311  issuer = GNUNET_strdup (json_string_value (issuer_json));
312  json_decref (json_val);
313  return issuer;
314 }
315 
316 
324 char *
325 jwt_get_issuer_c (void *cls,
326  const struct GNUNET_RECLAIM_Credential *cred)
327 {
329  return NULL;
330  return jwt_get_issuer (cls, cred->data, cred->data_size);
331 }
332 
333 
341 char *
342 jwt_get_issuer_p (void *cls,
343  const struct GNUNET_RECLAIM_Presentation *cred)
344 {
346  return NULL;
347  return jwt_get_issuer (cls, cred->data, cred->data_size);
348 }
349 
350 
358 int
360  const char *data,
361  size_t data_size,
362  struct GNUNET_TIME_Absolute *exp)
363 {
364  const char *jwt_body;
365  char *jwt_string;
366  char delim[] = ".";
367  char *decoded_jwt;
368  json_t *exp_json;
369  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n");
370  json_t *json_val;
371  json_error_t *json_err = NULL;
372 
373  jwt_string = GNUNET_strndup (data, data_size);
374  jwt_body = strtok (jwt_string, delim);
375  jwt_body = strtok (NULL, delim);
376  GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body),
377  (void **) &decoded_jwt);
378  json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, json_err);
379  GNUNET_free (decoded_jwt);
380  GNUNET_free (jwt_string);
381  if (NULL == json_val)
382  return GNUNET_SYSERR;
383  exp_json = json_object_get (json_val, "exp");
384  if ((NULL == exp_json) || (! json_is_integer (exp_json))) {
385  json_decref (json_val);
386  return GNUNET_SYSERR;
387  }
388  exp->abs_value_us = json_integer_value (exp_json) * 1000 * 1000;
389  json_decref (json_val);
390  return GNUNET_OK;
391 }
392 
393 
401 int
403  const struct GNUNET_RECLAIM_Credential *cred,
404  struct GNUNET_TIME_Absolute *exp)
405 {
406  return jwt_get_expiration (cls, cred->data, cred->data_size, exp);
407 }
408 
409 
417 int
419  const struct GNUNET_RECLAIM_Presentation *cred,
420  struct GNUNET_TIME_Absolute *exp)
421 {
422  return jwt_get_expiration (cls, cred->data, cred->data_size, exp);
423 }
424 
425 
426 int
428  const struct GNUNET_RECLAIM_Credential *cred,
429  const struct GNUNET_RECLAIM_AttributeList *attrs,
430  struct GNUNET_RECLAIM_Presentation **pres)
431 {
432  // FIXME sanity checks??
434  return GNUNET_NO;
436  cred->data,
437  cred->data_size);
438  return GNUNET_OK;
439 }
440 
441 
448 void *
450 {
452 
469  return api;
470 }
471 
472 
479 void *
481 {
483 
484  GNUNET_free (api);
485  return NULL;
486 }
487 
488 
489 /* end of plugin_reclaim_credential_type_jwt.c */
GNUNET_RECLAIM_PresentationTypenameToNumberFunction typename_to_number_p
Typename to number.
static const char * jwt_number_to_typename(void *cls, uint32_t type)
Convert a type number (i.e.
struct GNUNET_RECLAIM_AttributeList * jwt_parse_attributes(void *cls, const char *data, size_t data_size)
Parse a JWT and return the respective claim value as Attribute.
int jwt_get_expiration_p(void *cls, const struct GNUNET_RECLAIM_Presentation *cred, struct GNUNET_TIME_Absolute *exp)
Parse a JWT and return the expiration.
uint32_t type
Type/Format of Claim.
uint32_t type
Type/Format of Claim.
static size_t data_size
Number of bytes in data.
Definition: gnunet-abd.c:187
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
size_t data_size
Number of bytes in data.
GNUNET_RECLAIM_PresentationNumberToTypenameFunction number_to_typename_p
Number to typename.
GNUNET_RECLAIM_PresentationGetIssuerFunction get_issuer_p
Attesation issuer.
GNUNET_RECLAIM_CredentialValueToStringFunction value_to_string
Conversion to string.
GNUNET_RECLAIM_CredentialGetExpirationFunction get_expiration
Expiration.
A list of GNUNET_RECLAIM_Attribute structures.
static struct @54 jwt_cred_name_map[]
Mapping of credential type numbers to human-readable credential type names.
const void * data
Binary value stored as credential value.
#define GNUNET_new(type)
Allocate a struct or union of the given type.
#define GNUNET_strdup(a)
Wrapper around GNUNET_xstrdup_.
uint64_t abs_value_us
The actual value.
GNUNET_RECLAIM_PresentationValueToStringFunction value_to_string_p
Conversion to string.
static char * value
Value of the record to add/remove.
static uint32_t jwt_typename_to_number(void *cls, const char *jwt_typename)
Convert a type name to the corresponding number.
struct GNUNET_RECLAIM_AttributeList * jwt_parse_attributes_p(void *cls, const struct GNUNET_RECLAIM_Presentation *cred)
Parse a JWT and return the respective claim value as Attribute.
char * jwt_get_issuer(void *cls, const char *data, size_t data_size)
Parse a JWT and return the issuer.
const char * name
GNUNET_RECLAIM_CredentialGetIssuerFunction get_issuer
Attesation issuer.
int jwt_create_presentation(void *cls, const struct GNUNET_RECLAIM_Credential *cred, const struct GNUNET_RECLAIM_AttributeList *attrs, struct GNUNET_RECLAIM_Presentation **pres)
const void * data
Binary value stored as presentation value.
GNUNET_RECLAIM_CredentialToPresentation create_presentation
Get presentation.
int jwt_get_expiration(void *cls, const char *data, size_t data_size, struct GNUNET_TIME_Absolute *exp)
Parse a JWT and return the expiration.
int jwt_get_expiration_c(void *cls, const struct GNUNET_RECLAIM_Credential *cred, struct GNUNET_TIME_Absolute *exp)
Parse a JWT and return the expiration.
void * cls
Closure for all of the callbacks.
GNUNET_RECLAIM_PresentationGetAttributesFunction get_attributes_p
Attesation attributes.
GNUNET_RECLAIM_PresentationGetExpirationFunction get_expiration_p
Expiration.
A credential presentation.
struct GNUNET_HashCode key
The key used in the DHT.
size_t data_size
Number of bytes in data.
static int jwt_string_to_value(void *cls, uint32_t type, const char *s, void **data, size_t *data_size)
Convert human-readable version of a &#39;value&#39; of an credential to the binary representation.
Each plugin is required to return a pointer to a struct of this type as the return value from its ent...
static char * jwt_value_to_string(void *cls, uint32_t type, const void *data, size_t data_size)
Convert the &#39;value&#39; of an credential to a string.
GNUNET_RECLAIM_CredentialTypenameToNumberFunction typename_to_number
Typename to number.
#define GNUNET_strndup(a, length)
Wrapper around GNUNET_xstrndup_.
struct GNUNET_RECLAIM_Presentation * GNUNET_RECLAIM_presentation_new(uint32_t type, const void *data, size_t data_size)
#define GNUNET_log(kind,...)
struct GNUNET_RECLAIM_AttributeList * jwt_parse_attributes_c(void *cls, const struct GNUNET_RECLAIM_Credential *cred)
Parse a JWT and return the respective claim value as Attribute.
GNUNET_RECLAIM_CredentialNumberToTypenameFunction number_to_typename
Number to typename.
void GNUNET_RECLAIM_attribute_list_add(struct GNUNET_RECLAIM_AttributeList *attrs, const char *attr_name, const struct GNUNET_RECLAIM_Identifier *credential, uint32_t type, const void *data, size_t data_size)
Add a new attribute to a claim list.
GNUNET_RECLAIM_CredentialStringToValueFunction string_to_value
Conversion to binary.
GNUNET_RECLAIM_PresentationStringToValueFunction string_to_value_p
Conversion to binary.
enum GNUNET_TESTBED_UnderlayLinkModelType type
the type of this model
char * jwt_get_issuer_p(void *cls, const struct GNUNET_RECLAIM_Presentation *cred)
Parse a JWT and return the issuer.
Time for absolute times used by GNUnet, in microseconds.
void * libgnunet_plugin_reclaim_credential_jwt_done(void *cls)
Exit point from the plugin.
void * libgnunet_plugin_reclaim_credential_jwt_init(void *cls)
Entry point for the plugin.
uint32_t data
The data value.
char * jwt_get_issuer_c(void *cls, const struct GNUNET_RECLAIM_Credential *cred)
Parse a JWT and return the issuer.
size_t GNUNET_STRINGS_base64url_decode(const char *data, size_t len, void **out)
Decode from Base64url.
Definition: strings.c:2050
void * cls
Closure for all of the callbacks.
A JSON Web Token credential.
#define GNUNET_free(ptr)
Wrapper around free.
GNUNET_RECLAIM_CredentialGetAttributesFunction get_attributes
Attesation attributes.