GNUnet  0.11.x
plugin_reclaim_credential_jwt.c
Go to the documentation of this file.
1 /*
2  This file is part of GNUnet
3  Copyright (C) 2013, 2014, 2016 GNUnet e.V.
4 
5  GNUnet is free software: you can redistribute it and/or modify it
6  under the terms of the GNU Affero General Public License as published
7  by the Free Software Foundation, either version 3 of the License,
8  or (at your option) any later version.
9 
10  GNUnet is distributed in the hope that it will be useful, but
11  WITHOUT ANY WARRANTY; without even the implied warranty of
12  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  Affero General Public License for more details.
14 
15  You should have received a copy of the GNU Affero General Public License
16  along with this program. If not, see <http://www.gnu.org/licenses/>.
17 
18  SPDX-License-Identifier: AGPL3.0-or-later
19  */
20 
28 #include "platform.h"
29 #include "gnunet_util_lib.h"
30 #include "gnunet_reclaim_plugin.h"
31 #include <inttypes.h>
32 #include <jansson.h>
33 
43 static char *
45  uint32_t type,
46  const void *data,
47  size_t data_size)
48 {
49  switch (type)
50  {
52  return GNUNET_strndup (data, data_size);
53 
54  default:
55  return NULL;
56  }
57 }
58 
59 
71 static int
73  uint32_t type,
74  const char *s,
75  void **data,
76  size_t *data_size)
77 {
78  if (NULL == s)
79  return GNUNET_SYSERR;
80  switch (type)
81  {
83  *data = GNUNET_strdup (s);
84  *data_size = strlen (s) + 1;
85  return GNUNET_OK;
86 
87  default:
88  return GNUNET_SYSERR;
89  }
90 }
91 
92 
97 static struct
98 {
99  const char *name;
100  uint32_t number;
102  { NULL, UINT32_MAX } };
103 
111 static uint32_t
112 jwt_typename_to_number (void *cls, const char *jwt_typename)
113 {
114  unsigned int i;
115 
116  i = 0;
117  while ((NULL != jwt_cred_name_map[i].name) &&
118  (0 != strcasecmp (jwt_typename, jwt_cred_name_map[i].name)))
119  i++;
120  return jwt_cred_name_map[i].number;
121 }
122 
123 
131 static const char *
132 jwt_number_to_typename (void *cls, uint32_t type)
133 {
134  unsigned int i;
135 
136  i = 0;
137  while ((NULL != jwt_cred_name_map[i].name) && (type !=
139  number))
140  i++;
141  return jwt_cred_name_map[i].name;
142 }
143 
144 
154  const char *data,
155  size_t data_size)
156 {
157  char *jwt_string;
158  struct GNUNET_RECLAIM_AttributeList *attrs;
159  char delim[] = ".";
160  char *val_str = NULL;
161  char *decoded_jwt;
162  char *tmp;
163  json_t *json_val;
164  json_error_t json_err;
165 
166  attrs = GNUNET_new (struct GNUNET_RECLAIM_AttributeList);
167 
168  jwt_string = GNUNET_strndup (data, data_size);
169  const char *jwt_body = strtok (jwt_string, delim);
170  jwt_body = strtok (NULL, delim);
171  GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body),
172  (void **) &decoded_jwt);
173  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Decoded JWT: %s\n", decoded_jwt);
174  GNUNET_assert (NULL != decoded_jwt);
175  json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, &json_err);
176  GNUNET_free (decoded_jwt);
177  const char *key;
178  const char *addr_key;
179  json_t *value;
180  json_t *addr_value;
181 
182  json_object_foreach (json_val, key, value) {
183  if (0 == strcmp ("iss", key))
184  continue;
185  if (0 == strcmp ("jti", key))
186  continue;
187  if (0 == strcmp ("exp", key))
188  continue;
189  if (0 == strcmp ("iat", key))
190  continue;
191  if (0 == strcmp ("nbf", key))
192  continue;
193  if (0 == strcmp ("aud", key))
194  continue;
195  if (0 == strcmp ("address", key))
196  {
197  if (! json_is_object (value))
198  {
200  "address claim in wrong format!");
201  continue;
202  }
203  json_object_foreach (value, addr_key, addr_value) {
204  val_str = json_dumps (addr_value, JSON_ENCODE_ANY);
205  tmp = val_str;
206  // Remove leading " from jasson conversion
207  if (tmp[0] == '"')
208  tmp++;
209  // Remove trailing " from jansson conversion
210  if (tmp[strlen (tmp) - 1] == '"')
211  tmp[strlen (tmp) - 1] = '\0';
213  addr_key,
214  NULL,
216  tmp,
217  strlen (val_str));
218  GNUNET_free (val_str);
219  }
220  continue;
221  }
222  val_str = json_dumps (value, JSON_ENCODE_ANY);
223  tmp = val_str;
224  // Remove leading " from jasson conversion
225  if (tmp[0] == '"')
226  tmp++;
227  // Remove trailing " from jansson conversion
228  if (tmp[strlen (tmp) - 1] == '"')
229  tmp[strlen (tmp) - 1] = '\0';
231  key,
232  NULL,
234  tmp,
235  strlen (val_str));
236  GNUNET_free (val_str);
237  }
238  json_decref (json_val);
239  GNUNET_free (jwt_string);
240  return attrs;
241 }
242 
243 
253  const struct GNUNET_RECLAIM_Credential *cred)
254 {
256  return NULL;
257  return jwt_parse_attributes (cls, cred->data, cred->data_size);
258 }
259 
260 
270  const struct GNUNET_RECLAIM_Presentation *cred)
271 {
273  return NULL;
274  return jwt_parse_attributes (cls, cred->data, cred->data_size);
275 }
276 
277 
285 char *
286 jwt_get_issuer (void *cls,
287  const char *data,
288  size_t data_size)
289 {
290  const char *jwt_body;
291  char *jwt_string;
292  char delim[] = ".";
293  char *issuer = NULL;
294  char *decoded_jwt;
295  json_t *issuer_json;
296  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n");
297  json_t *json_val;
298  json_error_t json_err;
299 
300  jwt_string = GNUNET_strndup (data, data_size);
301  jwt_body = strtok (jwt_string, delim);
302  jwt_body = strtok (NULL, delim);
303  GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body),
304  (void **) &decoded_jwt);
305  json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, &json_err);
306  GNUNET_free (decoded_jwt);
307  GNUNET_free (jwt_string);
308  if (NULL == json_val)
309  return NULL;
310  issuer_json = json_object_get (json_val, "iss");
311  if ((NULL == issuer_json) || (! json_is_string (issuer_json)))
312  {
313  json_decref (json_val);
314  return NULL;
315  }
316  issuer = GNUNET_strdup (json_string_value (issuer_json));
317  json_decref (json_val);
318  return issuer;
319 }
320 
321 
329 char *
330 jwt_get_issuer_c (void *cls,
331  const struct GNUNET_RECLAIM_Credential *cred)
332 {
334  return NULL;
335  return jwt_get_issuer (cls, cred->data, cred->data_size);
336 }
337 
338 
346 char *
347 jwt_get_issuer_p (void *cls,
348  const struct GNUNET_RECLAIM_Presentation *cred)
349 {
351  return NULL;
352  return jwt_get_issuer (cls, cred->data, cred->data_size);
353 }
354 
355 
364 jwt_get_expiration (void *cls,
365  const char *data,
366  size_t data_size,
367  struct GNUNET_TIME_Absolute *exp)
368 {
369  const char *jwt_body;
370  char *jwt_string;
371  char delim[] = ".";
372  char *decoded_jwt;
373  json_t *exp_json;
374  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n");
375  json_t *json_val;
376  json_error_t json_err;
377 
378  jwt_string = GNUNET_strndup (data, data_size);
379  jwt_body = strtok (jwt_string, delim);
380  jwt_body = strtok (NULL, delim);
381  GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body),
382  (void **) &decoded_jwt);
383  json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, &json_err);
384  GNUNET_free (decoded_jwt);
385  GNUNET_free (jwt_string);
386  if (NULL == json_val)
387  return GNUNET_SYSERR;
388  exp_json = json_object_get (json_val, "exp");
389  if ((NULL == exp_json) || (! json_is_integer (exp_json)))
390  {
391  json_decref (json_val);
392  return GNUNET_SYSERR;
393  }
394  exp->abs_value_us = json_integer_value (exp_json) * 1000 * 1000;
395  json_decref (json_val);
396  return GNUNET_OK;
397 }
398 
399 
408 jwt_get_expiration_c (void *cls,
409  const struct GNUNET_RECLAIM_Credential *cred,
410  struct GNUNET_TIME_Absolute *exp)
411 {
413  return GNUNET_NO;
414  return jwt_get_expiration (cls, cred->data, cred->data_size, exp);
415 }
416 
417 
426 jwt_get_expiration_p (void *cls,
427  const struct GNUNET_RECLAIM_Presentation *cred,
428  struct GNUNET_TIME_Absolute *exp)
429 {
431  return GNUNET_NO;
432  return jwt_get_expiration (cls, cred->data, cred->data_size, exp);
433 }
434 
435 
437 jwt_create_presentation (void *cls,
438  const struct GNUNET_RECLAIM_Credential *cred,
439  const struct GNUNET_RECLAIM_AttributeList *attrs,
440  struct GNUNET_RECLAIM_Presentation **presentation)
441 {
443  return GNUNET_NO;
444  *presentation = GNUNET_RECLAIM_presentation_new (
446  cred->data,
447  cred->data_size);
448  return GNUNET_OK;
449 }
450 
451 
458 void *
460 {
462 
479  return api;
480 }
481 
482 
489 void *
491 {
493 
494  GNUNET_free (api);
495  return NULL;
496 }
497 
498 
499 /* end of plugin_reclaim_credential_type_jwt.c */
static size_t data_size
Number of bytes in data.
Definition: gnunet-abd.c:187
struct GNUNET_HashCode key
The key used in the DHT.
uint32_t data
The data value.
static char * value
Value of the record to add/remove.
#define GNUNET_log(kind,...)
GNUNET_GenericReturnValue
Named constants for return values.
Definition: gnunet_common.h:92
@ GNUNET_OK
Definition: gnunet_common.h:95
@ GNUNET_NO
Definition: gnunet_common.h:94
@ GNUNET_SYSERR
Definition: gnunet_common.h:93
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
@ GNUNET_ERROR_TYPE_WARNING
@ GNUNET_ERROR_TYPE_DEBUG
#define GNUNET_strdup(a)
Wrapper around GNUNET_xstrdup_.
#define GNUNET_strndup(a, length)
Wrapper around GNUNET_xstrndup_.
#define GNUNET_new(type)
Allocate a struct or union of the given type.
#define GNUNET_free(ptr)
Wrapper around free.
void GNUNET_RECLAIM_attribute_list_add(struct GNUNET_RECLAIM_AttributeList *attrs, const char *attr_name, const struct GNUNET_RECLAIM_Identifier *credential, uint32_t type, const void *data, size_t data_size)
Add a new attribute to a claim list.
struct GNUNET_RECLAIM_Presentation * GNUNET_RECLAIM_presentation_new(uint32_t type, const void *data, size_t data_size)
@ GNUNET_RECLAIM_CREDENTIAL_TYPE_JWT
A JSON Web Token credential.
@ GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING
String attribute.
size_t GNUNET_STRINGS_base64url_decode(const char *data, size_t len, void **out)
Decode from Base64url.
Definition: strings.c:1747
enum GNUNET_GenericReturnValue jwt_get_expiration(void *cls, const char *data, size_t data_size, struct GNUNET_TIME_Absolute *exp)
Parse a JWT and return the expiration.
static struct @54 jwt_cred_name_map[]
Mapping of credential type numbers to human-readable credential type names.
enum GNUNET_GenericReturnValue jwt_create_presentation(void *cls, const struct GNUNET_RECLAIM_Credential *cred, const struct GNUNET_RECLAIM_AttributeList *attrs, struct GNUNET_RECLAIM_Presentation **presentation)
struct GNUNET_RECLAIM_AttributeList * jwt_parse_attributes_p(void *cls, const struct GNUNET_RECLAIM_Presentation *cred)
Parse a JWT and return the respective claim value as Attribute.
char * jwt_get_issuer_c(void *cls, const struct GNUNET_RECLAIM_Credential *cred)
Parse a JWT and return the issuer.
char * jwt_get_issuer_p(void *cls, const struct GNUNET_RECLAIM_Presentation *cred)
Parse a JWT and return the issuer.
void * libgnunet_plugin_reclaim_credential_jwt_done(void *cls)
Exit point from the plugin.
struct GNUNET_RECLAIM_AttributeList * jwt_parse_attributes_c(void *cls, const struct GNUNET_RECLAIM_Credential *cred)
Parse a JWT and return the respective claim value as Attribute.
struct GNUNET_RECLAIM_AttributeList * jwt_parse_attributes(void *cls, const char *data, size_t data_size)
Parse a JWT and return the respective claim value as Attribute.
static char * jwt_value_to_string(void *cls, uint32_t type, const void *data, size_t data_size)
Convert the 'value' of an credential to a string.
const char * name
static uint32_t jwt_typename_to_number(void *cls, const char *jwt_typename)
Convert a type name to the corresponding number.
static const char * jwt_number_to_typename(void *cls, uint32_t type)
Convert a type number to the corresponding type string (e.g.
enum GNUNET_GenericReturnValue jwt_get_expiration_c(void *cls, const struct GNUNET_RECLAIM_Credential *cred, struct GNUNET_TIME_Absolute *exp)
Parse a JWT and return the expiration.
static int jwt_string_to_value(void *cls, uint32_t type, const char *s, void **data, size_t *data_size)
Convert human-readable version of a 'value' of an credential to the binary representation.
enum GNUNET_GenericReturnValue jwt_get_expiration_p(void *cls, const struct GNUNET_RECLAIM_Presentation *cred, struct GNUNET_TIME_Absolute *exp)
Parse a JWT and return the expiration.
char * jwt_get_issuer(void *cls, const char *data, size_t data_size)
Parse a JWT and return the issuer.
void * libgnunet_plugin_reclaim_credential_jwt_init(void *cls)
Entry point for the plugin.
A list of GNUNET_RECLAIM_Attribute structures.
Each plugin is required to return a pointer to a struct of this type as the return value from its ent...
GNUNET_RECLAIM_CredentialValueToStringFunction value_to_string
Conversion to string.
GNUNET_RECLAIM_CredentialTypenameToNumberFunction typename_to_number
Typename to number.
GNUNET_RECLAIM_PresentationGetIssuerFunction get_issuer_p
Attesation issuer.
GNUNET_RECLAIM_CredentialNumberToTypenameFunction number_to_typename
Number to typename.
GNUNET_RECLAIM_CredentialGetIssuerFunction get_issuer
Attesation issuer.
GNUNET_RECLAIM_PresentationGetExpirationFunction get_expiration_p
Expiration.
GNUNET_RECLAIM_PresentationValueToStringFunction value_to_string_p
Conversion to string.
GNUNET_RECLAIM_CredentialStringToValueFunction string_to_value
Conversion to binary.
GNUNET_RECLAIM_CredentialGetExpirationFunction get_expiration
Expiration.
void * cls
Closure for all of the callbacks.
GNUNET_RECLAIM_CredentialGetAttributesFunction get_attributes
Attesation attributes.
GNUNET_RECLAIM_PresentationStringToValueFunction string_to_value_p
Conversion to binary.
GNUNET_RECLAIM_PresentationTypenameToNumberFunction typename_to_number_p
Typename to number.
GNUNET_RECLAIM_PresentationNumberToTypenameFunction number_to_typename_p
Number to typename.
GNUNET_RECLAIM_CredentialToPresentation create_presentation
Get presentation.
GNUNET_RECLAIM_PresentationGetAttributesFunction get_attributes_p
Attesation attributes.
uint32_t type
Type/Format of Claim.
const void * data
Binary value stored as credential value.
size_t data_size
Number of bytes in data.
A credential presentation.
const void * data
Binary value stored as presentation value.
uint32_t type
Type/Format of Claim.
size_t data_size
Number of bytes in data.
Time for absolute times used by GNUnet, in microseconds.
uint64_t abs_value_us
The actual value.
enum GNUNET_TESTBED_UnderlayLinkModelType type
the type of this model