Update macaroon lib

Change-Id: I37472f11827b8bf1af28c6f525df85093f5f3a56 Reviewed-on: https://weave-review.googlesource.com/2381 Reviewed-by: Alex Vakulenko <avakulenko@google.com>
author: Vitaly Buka <vitalybuka@google.com> 2016-01-27 18:39:36 -0800
committer: Vitaly Buka <vitalybuka@google.com> 2016-01-28 18:16:36 +0000
commit: d74a732bfae910b08d6d0f83a86cde04c3aa2cd5 (patch)
tree: 56949ba2a2d3554931d6f47f03b4bac19bc6f33e
parent: a821f2ec61873d1ad9eb207d7b760b3aaf21248e (diff)
download: libweave-d74a732bfae910b08d6d0f83a86cde04c3aa2cd5.tar.gz
4 files changed, 63 insertions, 20 deletions
diff --git a/third_party/libuweave/src/macaroon.c b/third_party/libuweave/src/macaroon.c
index 50b2d00..aa775c2 100644
--- a/third_party/libuweave/src/macaroon.c
+++ b/third_party/libuweave/src/macaroon.c
@@ -146,7 +146,7 @@ static void reset_validation_result(UwMacaroonValidationResult* result) {
   for (size_t i = 0; i < MAX_NUM_DELEGATEES; i++) {
     result->delegatees[i].id = NULL;
     result->delegatees[i].id_len = 0;
-    result->delegatees[i].is_app = true;
+    result->delegatees[i].type = kUwMacaroonDelegateeTypeNone;
   }
 }
 
diff --git a/third_party/libuweave/src/macaroon.h b/third_party/libuweave/src/macaroon.h
index dfaaba7..c93bbb2 100644
--- a/third_party/libuweave/src/macaroon.h
+++ b/third_party/libuweave/src/macaroon.h
@@ -25,10 +25,17 @@ typedef struct {
 } UwMacaroon;
 
 // For the delegatee list in the validation result object
+typedef enum {
+  kUwMacaroonDelegateeTypeNone = 0,
+  kUwMacaroonDelegateeTypeUser = 1,
+  kUwMacaroonDelegateeTypeApp = 2,
+  kUwMacaroonDelegateeTypeService = 3,
+} UwMacaroonDelegateeType;
+
 typedef struct {
   const uint8_t* id;
   size_t id_len;
-  bool is_app;
+  UwMacaroonDelegateeType type;
 } UwMacaroonDelegateeInfo;
 
 #define MAX_NUM_DELEGATEES 10
diff --git a/third_party/libuweave/src/macaroon_caveat.c b/third_party/libuweave/src/macaroon_caveat.c
index b8b2183..a2b26dc 100644
--- a/third_party/libuweave/src/macaroon_caveat.c
+++ b/third_party/libuweave/src/macaroon_caveat.c
@@ -12,8 +12,6 @@
 #include "src/macaroon_context.h"
 #include "src/macaroon_encoding.h"
 
-#define MAX_CBOR_STR_LEN_FOR_UINT 5
-
 static bool is_valid_caveat_type_(UwMacaroonCaveatType type) {
   switch (type) {
     case kUwMacaroonCaveatTypeNonce:
@@ -25,6 +23,7 @@ static bool is_valid_caveat_type_(UwMacaroonCaveatType type) {
     case kUwMacaroonCaveatTypeDelegateeUser:
     case kUwMacaroonCaveatTypeDelegateeApp:
     case kUwMacaroonCaveatTypeAppCommandsOnly:
+    case kUwMacaroonCaveatTypeDelegateeService:
     case kUwMacaroonCaveatTypeBleSessionID:
     case kUwMacaroonCaveatTypeLanSessionID:
     case kUwMacaroonCaveatTypeClientAuthorizationTokenV1:
@@ -103,7 +102,7 @@ static bool create_caveat_bstr_value_(UwMacaroonCaveatType type,
                                       uint8_t* buffer,
                                       size_t buffer_size,
                                       UwMacaroonCaveat* new_caveat) {
-  if ((str == NULL && str_len != 0) || buffer == NULL || buffer_size == 0 ||
+  if (str == NULL || str_len == 0 || buffer == NULL || buffer_size == 0 ||
       new_caveat == NULL ||
       uw_macaroon_caveat_creation_get_buffsize_(type, str_len) > buffer_size) {
     return false;
@@ -147,6 +146,7 @@ size_t uw_macaroon_caveat_creation_get_buffsize_(UwMacaroonCaveatType type,
     case kUwMacaroonCaveatTypeNonce:
     case kUwMacaroonCaveatTypeDelegateeUser:
     case kUwMacaroonCaveatTypeDelegateeApp:
+    case kUwMacaroonCaveatTypeDelegateeService:
     case kUwMacaroonCaveatTypeLanSessionID:
     case kUwMacaroonCaveatTypeClientAuthorizationTokenV1:
     case kUwMacaroonCaveatTypeServerAuthenticationTokenV1:
@@ -237,6 +237,17 @@ bool uw_macaroon_caveat_create_app_commands_only_(
                                  buffer_size, new_caveat);
 }
 
+bool uw_macaroon_caveat_create_delegatee_service_(
+    const uint8_t* id_str,
+    size_t id_str_len,
+    uint8_t* buffer,
+    size_t buffer_size,
+    UwMacaroonCaveat* new_caveat) {
+  return create_caveat_bstr_value_(kUwMacaroonCaveatTypeDelegateeService,
+                                   id_str, id_str_len, buffer, buffer_size,
+                                   new_caveat);
+}
+
 bool uw_macaroon_caveat_create_ble_session_id_(uint8_t* buffer,
                                                size_t buffer_size,
                                                UwMacaroonCaveat* new_caveat) {
@@ -393,12 +404,29 @@ static bool update_delegatee_list(UwMacaroonCaveatType caveat_type,
   if (result->num_delegatees >= MAX_NUM_DELEGATEES) {
     return false;
   }
-  bool is_app = (caveat_type == kUwMacaroonCaveatTypeDelegateeApp);
 
-  if (is_app) {
+  UwMacaroonDelegateeType delegatee_type = kUwMacaroonDelegateeTypeNone;
+  switch (caveat_type) {
+    case kUwMacaroonCaveatTypeDelegateeUser:
+      delegatee_type = kUwMacaroonDelegateeTypeUser;
+      break;
+
+    case kUwMacaroonCaveatTypeDelegateeApp:
+      delegatee_type = kUwMacaroonDelegateeTypeApp;
+      break;
+
+    case kUwMacaroonCaveatTypeDelegateeService:
+      delegatee_type = kUwMacaroonDelegateeTypeService;
+      break;
+
+    default:
+      return false;
+  }
+
+  if (caveat_type != kUwMacaroonCaveatTypeDelegateeUser) {
     for (size_t i = 0; i < result->num_delegatees; i++) {
-      // There must have at most one DelegateeApp
-      if (result->delegatees[i].is_app) {
+      // There must have at most one DelegateeApp or DelegateeService
+      if (result->delegatees[i].type == delegatee_type) {
         return false;
       }
     }
@@ -409,7 +437,7 @@ static bool update_delegatee_list(UwMacaroonCaveatType caveat_type,
           &(result->delegatees[result->num_delegatees].id_len))) {
     return false;
   }
-  result->delegatees[result->num_delegatees].is_app = is_app;
+  result->delegatees[result->num_delegatees].type = delegatee_type;
   result->num_delegatees++;
   return true;
 }
@@ -463,9 +491,8 @@ bool uw_macaroon_caveat_validate_(const UwMacaroonCaveat* caveat,
 
     // Need to create a list of delegatees
     case kUwMacaroonCaveatTypeDelegateeUser:
-      return update_delegatee_list(caveat_type, caveat, result);
-
     case kUwMacaroonCaveatTypeDelegateeApp:
+    case kUwMacaroonCaveatTypeDelegateeService:
       return update_delegatee_list(caveat_type, caveat, result);
 
     // Time related caveats
@@ -543,6 +570,7 @@ bool uw_macaroon_caveat_get_value_bstr_(const UwMacaroonCaveat* caveat,
   if (type != kUwMacaroonCaveatTypeNonce &&
       type != kUwMacaroonCaveatTypeDelegateeUser &&
       type != kUwMacaroonCaveatTypeDelegateeApp &&
+      type != kUwMacaroonCaveatTypeDelegateeService &&
       type != kUwMacaroonCaveatTypeLanSessionID &&
       type != kUwMacaroonCaveatTypeClientAuthorizationTokenV1 &&
       type != kUwMacaroonCaveatTypeServerAuthenticationTokenV1) {
diff --git a/third_party/libuweave/src/macaroon_caveat.h b/third_party/libuweave/src/macaroon_caveat.h
index 9baf70d..b6846e8 100644
--- a/third_party/libuweave/src/macaroon_caveat.h
+++ b/third_party/libuweave/src/macaroon_caveat.h
@@ -15,14 +15,17 @@ typedef struct {
 } UwMacaroonCaveat;
 
 typedef enum {
-  kUwMacaroonCaveatTypeNonce = 0,                            // bstr
-  kUwMacaroonCaveatTypeScope = 1,                            // uint
-  kUwMacaroonCaveatTypeExpirationAbsolute = 5,               // uint
-  kUwMacaroonCaveatTypeTTL1Hour = 6,                         // no value
-  kUwMacaroonCaveatTypeTTL24Hour = 7,                        // no value
-  kUwMacaroonCaveatTypeDelegationTimestamp = 8,              // uint
-  kUwMacaroonCaveatTypeDelegateeUser = 9,                    // bstr
-  kUwMacaroonCaveatTypeDelegateeApp = 10,                    // bstr
+  kUwMacaroonCaveatTypeNonce = 0,                // bstr
+  kUwMacaroonCaveatTypeScope = 1,                // uint
+  kUwMacaroonCaveatTypeExpirationAbsolute = 5,   // uint
+  kUwMacaroonCaveatTypeTTL1Hour = 6,             // no value
+  kUwMacaroonCaveatTypeTTL24Hour = 7,            // no value
+  kUwMacaroonCaveatTypeDelegationTimestamp = 8,  // uint
+
+  kUwMacaroonCaveatTypeDelegateeUser = 9,      // bstr
+  kUwMacaroonCaveatTypeDelegateeApp = 10,      // bstr
+  kUwMacaroonCaveatTypeDelegateeService = 12,  // bstr
+
   kUwMacaroonCaveatTypeAppCommandsOnly = 11,                 // no value
   kUwMacaroonCaveatTypeBleSessionID = 16,                    // no value
   kUwMacaroonCaveatTypeLanSessionID = 17,                    // bstr
@@ -81,6 +84,11 @@ bool uw_macaroon_caveat_create_delegatee_app_(const uint8_t* id_str,
                                               uint8_t* buffer,
                                               size_t buffer_size,
                                               UwMacaroonCaveat* new_caveat);
+bool uw_macaroon_caveat_create_delegatee_service_(const uint8_t* id_str,
+                                                  size_t id_str_len,
+                                                  uint8_t* buffer,
+                                                  size_t buffer_size,
+                                                  UwMacaroonCaveat* new_caveat);
 bool uw_macaroon_caveat_create_app_commands_only_(uint8_t* buffer,
                                                   size_t buffer_size,
                                                   UwMacaroonCaveat* new_caveat);
author	Vitaly Buka <vitalybuka@google.com>	2016-01-27 18:39:36 -0800
committer	Vitaly Buka <vitalybuka@google.com>	2016-01-28 18:16:36 +0000
commit	d74a732bfae910b08d6d0f83a86cde04c3aa2cd5 (patch)
tree	56949ba2a2d3554931d6f47f03b4bac19bc6f33e
parent	a821f2ec61873d1ad9eb207d7b760b3aaf21248e (diff)
download	libweave-d74a732bfae910b08d6d0f83a86cde04c3aa2cd5.tar.gz