diff options
author | Vitaly Buka <vitalybuka@google.com> | 2016-01-27 18:39:36 -0800 |
---|---|---|
committer | Vitaly Buka <vitalybuka@google.com> | 2016-01-28 18:16:36 +0000 |
commit | d74a732bfae910b08d6d0f83a86cde04c3aa2cd5 (patch) | |
tree | 56949ba2a2d3554931d6f47f03b4bac19bc6f33e | |
parent | a821f2ec61873d1ad9eb207d7b760b3aaf21248e (diff) | |
download | libweave-d74a732bfae910b08d6d0f83a86cde04c3aa2cd5.tar.gz |
Update macaroon lib
Change-Id: I37472f11827b8bf1af28c6f525df85093f5f3a56
Reviewed-on: https://weave-review.googlesource.com/2381
Reviewed-by: Alex Vakulenko <avakulenko@google.com>
-rw-r--r-- | third_party/libuweave/src/macaroon.c | 2 | ||||
-rw-r--r-- | third_party/libuweave/src/macaroon.h | 9 | ||||
-rw-r--r-- | third_party/libuweave/src/macaroon_caveat.c | 48 | ||||
-rw-r--r-- | third_party/libuweave/src/macaroon_caveat.h | 24 |
4 files changed, 63 insertions, 20 deletions
diff --git a/third_party/libuweave/src/macaroon.c b/third_party/libuweave/src/macaroon.c index 50b2d00..aa775c2 100644 --- a/third_party/libuweave/src/macaroon.c +++ b/third_party/libuweave/src/macaroon.c @@ -146,7 +146,7 @@ static void reset_validation_result(UwMacaroonValidationResult* result) { for (size_t i = 0; i < MAX_NUM_DELEGATEES; i++) { result->delegatees[i].id = NULL; result->delegatees[i].id_len = 0; - result->delegatees[i].is_app = true; + result->delegatees[i].type = kUwMacaroonDelegateeTypeNone; } } diff --git a/third_party/libuweave/src/macaroon.h b/third_party/libuweave/src/macaroon.h index dfaaba7..c93bbb2 100644 --- a/third_party/libuweave/src/macaroon.h +++ b/third_party/libuweave/src/macaroon.h @@ -25,10 +25,17 @@ typedef struct { } UwMacaroon; // For the delegatee list in the validation result object +typedef enum { + kUwMacaroonDelegateeTypeNone = 0, + kUwMacaroonDelegateeTypeUser = 1, + kUwMacaroonDelegateeTypeApp = 2, + kUwMacaroonDelegateeTypeService = 3, +} UwMacaroonDelegateeType; + typedef struct { const uint8_t* id; size_t id_len; - bool is_app; + UwMacaroonDelegateeType type; } UwMacaroonDelegateeInfo; #define MAX_NUM_DELEGATEES 10 diff --git a/third_party/libuweave/src/macaroon_caveat.c b/third_party/libuweave/src/macaroon_caveat.c index b8b2183..a2b26dc 100644 --- a/third_party/libuweave/src/macaroon_caveat.c +++ b/third_party/libuweave/src/macaroon_caveat.c @@ -12,8 +12,6 @@ #include "src/macaroon_context.h" #include "src/macaroon_encoding.h" -#define MAX_CBOR_STR_LEN_FOR_UINT 5 - static bool is_valid_caveat_type_(UwMacaroonCaveatType type) { switch (type) { case kUwMacaroonCaveatTypeNonce: @@ -25,6 +23,7 @@ static bool is_valid_caveat_type_(UwMacaroonCaveatType type) { case kUwMacaroonCaveatTypeDelegateeUser: case kUwMacaroonCaveatTypeDelegateeApp: case kUwMacaroonCaveatTypeAppCommandsOnly: + case kUwMacaroonCaveatTypeDelegateeService: case kUwMacaroonCaveatTypeBleSessionID: case kUwMacaroonCaveatTypeLanSessionID: case kUwMacaroonCaveatTypeClientAuthorizationTokenV1: @@ -103,7 +102,7 @@ static bool create_caveat_bstr_value_(UwMacaroonCaveatType type, uint8_t* buffer, size_t buffer_size, UwMacaroonCaveat* new_caveat) { - if ((str == NULL && str_len != 0) || buffer == NULL || buffer_size == 0 || + if (str == NULL || str_len == 0 || buffer == NULL || buffer_size == 0 || new_caveat == NULL || uw_macaroon_caveat_creation_get_buffsize_(type, str_len) > buffer_size) { return false; @@ -147,6 +146,7 @@ size_t uw_macaroon_caveat_creation_get_buffsize_(UwMacaroonCaveatType type, case kUwMacaroonCaveatTypeNonce: case kUwMacaroonCaveatTypeDelegateeUser: case kUwMacaroonCaveatTypeDelegateeApp: + case kUwMacaroonCaveatTypeDelegateeService: case kUwMacaroonCaveatTypeLanSessionID: case kUwMacaroonCaveatTypeClientAuthorizationTokenV1: case kUwMacaroonCaveatTypeServerAuthenticationTokenV1: @@ -237,6 +237,17 @@ bool uw_macaroon_caveat_create_app_commands_only_( buffer_size, new_caveat); } +bool uw_macaroon_caveat_create_delegatee_service_( + const uint8_t* id_str, + size_t id_str_len, + uint8_t* buffer, + size_t buffer_size, + UwMacaroonCaveat* new_caveat) { + return create_caveat_bstr_value_(kUwMacaroonCaveatTypeDelegateeService, + id_str, id_str_len, buffer, buffer_size, + new_caveat); +} + bool uw_macaroon_caveat_create_ble_session_id_(uint8_t* buffer, size_t buffer_size, UwMacaroonCaveat* new_caveat) { @@ -393,12 +404,29 @@ static bool update_delegatee_list(UwMacaroonCaveatType caveat_type, if (result->num_delegatees >= MAX_NUM_DELEGATEES) { return false; } - bool is_app = (caveat_type == kUwMacaroonCaveatTypeDelegateeApp); - if (is_app) { + UwMacaroonDelegateeType delegatee_type = kUwMacaroonDelegateeTypeNone; + switch (caveat_type) { + case kUwMacaroonCaveatTypeDelegateeUser: + delegatee_type = kUwMacaroonDelegateeTypeUser; + break; + + case kUwMacaroonCaveatTypeDelegateeApp: + delegatee_type = kUwMacaroonDelegateeTypeApp; + break; + + case kUwMacaroonCaveatTypeDelegateeService: + delegatee_type = kUwMacaroonDelegateeTypeService; + break; + + default: + return false; + } + + if (caveat_type != kUwMacaroonCaveatTypeDelegateeUser) { for (size_t i = 0; i < result->num_delegatees; i++) { - // There must have at most one DelegateeApp - if (result->delegatees[i].is_app) { + // There must have at most one DelegateeApp or DelegateeService + if (result->delegatees[i].type == delegatee_type) { return false; } } @@ -409,7 +437,7 @@ static bool update_delegatee_list(UwMacaroonCaveatType caveat_type, &(result->delegatees[result->num_delegatees].id_len))) { return false; } - result->delegatees[result->num_delegatees].is_app = is_app; + result->delegatees[result->num_delegatees].type = delegatee_type; result->num_delegatees++; return true; } @@ -463,9 +491,8 @@ bool uw_macaroon_caveat_validate_(const UwMacaroonCaveat* caveat, // Need to create a list of delegatees case kUwMacaroonCaveatTypeDelegateeUser: - return update_delegatee_list(caveat_type, caveat, result); - case kUwMacaroonCaveatTypeDelegateeApp: + case kUwMacaroonCaveatTypeDelegateeService: return update_delegatee_list(caveat_type, caveat, result); // Time related caveats @@ -543,6 +570,7 @@ bool uw_macaroon_caveat_get_value_bstr_(const UwMacaroonCaveat* caveat, if (type != kUwMacaroonCaveatTypeNonce && type != kUwMacaroonCaveatTypeDelegateeUser && type != kUwMacaroonCaveatTypeDelegateeApp && + type != kUwMacaroonCaveatTypeDelegateeService && type != kUwMacaroonCaveatTypeLanSessionID && type != kUwMacaroonCaveatTypeClientAuthorizationTokenV1 && type != kUwMacaroonCaveatTypeServerAuthenticationTokenV1) { diff --git a/third_party/libuweave/src/macaroon_caveat.h b/third_party/libuweave/src/macaroon_caveat.h index 9baf70d..b6846e8 100644 --- a/third_party/libuweave/src/macaroon_caveat.h +++ b/third_party/libuweave/src/macaroon_caveat.h @@ -15,14 +15,17 @@ typedef struct { } UwMacaroonCaveat; typedef enum { - kUwMacaroonCaveatTypeNonce = 0, // bstr - kUwMacaroonCaveatTypeScope = 1, // uint - kUwMacaroonCaveatTypeExpirationAbsolute = 5, // uint - kUwMacaroonCaveatTypeTTL1Hour = 6, // no value - kUwMacaroonCaveatTypeTTL24Hour = 7, // no value - kUwMacaroonCaveatTypeDelegationTimestamp = 8, // uint - kUwMacaroonCaveatTypeDelegateeUser = 9, // bstr - kUwMacaroonCaveatTypeDelegateeApp = 10, // bstr + kUwMacaroonCaveatTypeNonce = 0, // bstr + kUwMacaroonCaveatTypeScope = 1, // uint + kUwMacaroonCaveatTypeExpirationAbsolute = 5, // uint + kUwMacaroonCaveatTypeTTL1Hour = 6, // no value + kUwMacaroonCaveatTypeTTL24Hour = 7, // no value + kUwMacaroonCaveatTypeDelegationTimestamp = 8, // uint + + kUwMacaroonCaveatTypeDelegateeUser = 9, // bstr + kUwMacaroonCaveatTypeDelegateeApp = 10, // bstr + kUwMacaroonCaveatTypeDelegateeService = 12, // bstr + kUwMacaroonCaveatTypeAppCommandsOnly = 11, // no value kUwMacaroonCaveatTypeBleSessionID = 16, // no value kUwMacaroonCaveatTypeLanSessionID = 17, // bstr @@ -81,6 +84,11 @@ bool uw_macaroon_caveat_create_delegatee_app_(const uint8_t* id_str, uint8_t* buffer, size_t buffer_size, UwMacaroonCaveat* new_caveat); +bool uw_macaroon_caveat_create_delegatee_service_(const uint8_t* id_str, + size_t id_str_len, + uint8_t* buffer, + size_t buffer_size, + UwMacaroonCaveat* new_caveat); bool uw_macaroon_caveat_create_app_commands_only_(uint8_t* buffer, size_t buffer_size, UwMacaroonCaveat* new_caveat); |