Update macaroon lib
Change-Id: I37472f11827b8bf1af28c6f525df85093f5f3a56
Reviewed-on: https://weave-review.googlesource.com/2381
Reviewed-by: Alex Vakulenko <avakulenko@google.com>
diff --git a/third_party/libuweave/src/macaroon.c b/third_party/libuweave/src/macaroon.c
index 50b2d00..aa775c2 100644
--- a/third_party/libuweave/src/macaroon.c
+++ b/third_party/libuweave/src/macaroon.c
@@ -146,7 +146,7 @@
for (size_t i = 0; i < MAX_NUM_DELEGATEES; i++) {
result->delegatees[i].id = NULL;
result->delegatees[i].id_len = 0;
- result->delegatees[i].is_app = true;
+ result->delegatees[i].type = kUwMacaroonDelegateeTypeNone;
}
}
diff --git a/third_party/libuweave/src/macaroon.h b/third_party/libuweave/src/macaroon.h
index dfaaba7..c93bbb2 100644
--- a/third_party/libuweave/src/macaroon.h
+++ b/third_party/libuweave/src/macaroon.h
@@ -25,10 +25,17 @@
} UwMacaroon;
// For the delegatee list in the validation result object
+typedef enum {
+ kUwMacaroonDelegateeTypeNone = 0,
+ kUwMacaroonDelegateeTypeUser = 1,
+ kUwMacaroonDelegateeTypeApp = 2,
+ kUwMacaroonDelegateeTypeService = 3,
+} UwMacaroonDelegateeType;
+
typedef struct {
const uint8_t* id;
size_t id_len;
- bool is_app;
+ UwMacaroonDelegateeType type;
} UwMacaroonDelegateeInfo;
#define MAX_NUM_DELEGATEES 10
diff --git a/third_party/libuweave/src/macaroon_caveat.c b/third_party/libuweave/src/macaroon_caveat.c
index b8b2183..a2b26dc 100644
--- a/third_party/libuweave/src/macaroon_caveat.c
+++ b/third_party/libuweave/src/macaroon_caveat.c
@@ -12,8 +12,6 @@
#include "src/macaroon_context.h"
#include "src/macaroon_encoding.h"
-#define MAX_CBOR_STR_LEN_FOR_UINT 5
-
static bool is_valid_caveat_type_(UwMacaroonCaveatType type) {
switch (type) {
case kUwMacaroonCaveatTypeNonce:
@@ -25,6 +23,7 @@
case kUwMacaroonCaveatTypeDelegateeUser:
case kUwMacaroonCaveatTypeDelegateeApp:
case kUwMacaroonCaveatTypeAppCommandsOnly:
+ case kUwMacaroonCaveatTypeDelegateeService:
case kUwMacaroonCaveatTypeBleSessionID:
case kUwMacaroonCaveatTypeLanSessionID:
case kUwMacaroonCaveatTypeClientAuthorizationTokenV1:
@@ -103,7 +102,7 @@
uint8_t* buffer,
size_t buffer_size,
UwMacaroonCaveat* new_caveat) {
- if ((str == NULL && str_len != 0) || buffer == NULL || buffer_size == 0 ||
+ if (str == NULL || str_len == 0 || buffer == NULL || buffer_size == 0 ||
new_caveat == NULL ||
uw_macaroon_caveat_creation_get_buffsize_(type, str_len) > buffer_size) {
return false;
@@ -147,6 +146,7 @@
case kUwMacaroonCaveatTypeNonce:
case kUwMacaroonCaveatTypeDelegateeUser:
case kUwMacaroonCaveatTypeDelegateeApp:
+ case kUwMacaroonCaveatTypeDelegateeService:
case kUwMacaroonCaveatTypeLanSessionID:
case kUwMacaroonCaveatTypeClientAuthorizationTokenV1:
case kUwMacaroonCaveatTypeServerAuthenticationTokenV1:
@@ -237,6 +237,17 @@
buffer_size, new_caveat);
}
+bool uw_macaroon_caveat_create_delegatee_service_(
+ const uint8_t* id_str,
+ size_t id_str_len,
+ uint8_t* buffer,
+ size_t buffer_size,
+ UwMacaroonCaveat* new_caveat) {
+ return create_caveat_bstr_value_(kUwMacaroonCaveatTypeDelegateeService,
+ id_str, id_str_len, buffer, buffer_size,
+ new_caveat);
+}
+
bool uw_macaroon_caveat_create_ble_session_id_(uint8_t* buffer,
size_t buffer_size,
UwMacaroonCaveat* new_caveat) {
@@ -393,12 +404,29 @@
if (result->num_delegatees >= MAX_NUM_DELEGATEES) {
return false;
}
- bool is_app = (caveat_type == kUwMacaroonCaveatTypeDelegateeApp);
- if (is_app) {
+ UwMacaroonDelegateeType delegatee_type = kUwMacaroonDelegateeTypeNone;
+ switch (caveat_type) {
+ case kUwMacaroonCaveatTypeDelegateeUser:
+ delegatee_type = kUwMacaroonDelegateeTypeUser;
+ break;
+
+ case kUwMacaroonCaveatTypeDelegateeApp:
+ delegatee_type = kUwMacaroonDelegateeTypeApp;
+ break;
+
+ case kUwMacaroonCaveatTypeDelegateeService:
+ delegatee_type = kUwMacaroonDelegateeTypeService;
+ break;
+
+ default:
+ return false;
+ }
+
+ if (caveat_type != kUwMacaroonCaveatTypeDelegateeUser) {
for (size_t i = 0; i < result->num_delegatees; i++) {
- // There must have at most one DelegateeApp
- if (result->delegatees[i].is_app) {
+ // There must have at most one DelegateeApp or DelegateeService
+ if (result->delegatees[i].type == delegatee_type) {
return false;
}
}
@@ -409,7 +437,7 @@
&(result->delegatees[result->num_delegatees].id_len))) {
return false;
}
- result->delegatees[result->num_delegatees].is_app = is_app;
+ result->delegatees[result->num_delegatees].type = delegatee_type;
result->num_delegatees++;
return true;
}
@@ -463,9 +491,8 @@
// Need to create a list of delegatees
case kUwMacaroonCaveatTypeDelegateeUser:
- return update_delegatee_list(caveat_type, caveat, result);
-
case kUwMacaroonCaveatTypeDelegateeApp:
+ case kUwMacaroonCaveatTypeDelegateeService:
return update_delegatee_list(caveat_type, caveat, result);
// Time related caveats
@@ -543,6 +570,7 @@
if (type != kUwMacaroonCaveatTypeNonce &&
type != kUwMacaroonCaveatTypeDelegateeUser &&
type != kUwMacaroonCaveatTypeDelegateeApp &&
+ type != kUwMacaroonCaveatTypeDelegateeService &&
type != kUwMacaroonCaveatTypeLanSessionID &&
type != kUwMacaroonCaveatTypeClientAuthorizationTokenV1 &&
type != kUwMacaroonCaveatTypeServerAuthenticationTokenV1) {
diff --git a/third_party/libuweave/src/macaroon_caveat.h b/third_party/libuweave/src/macaroon_caveat.h
index 9baf70d..b6846e8 100644
--- a/third_party/libuweave/src/macaroon_caveat.h
+++ b/third_party/libuweave/src/macaroon_caveat.h
@@ -15,14 +15,17 @@
} UwMacaroonCaveat;
typedef enum {
- kUwMacaroonCaveatTypeNonce = 0, // bstr
- kUwMacaroonCaveatTypeScope = 1, // uint
- kUwMacaroonCaveatTypeExpirationAbsolute = 5, // uint
- kUwMacaroonCaveatTypeTTL1Hour = 6, // no value
- kUwMacaroonCaveatTypeTTL24Hour = 7, // no value
- kUwMacaroonCaveatTypeDelegationTimestamp = 8, // uint
- kUwMacaroonCaveatTypeDelegateeUser = 9, // bstr
- kUwMacaroonCaveatTypeDelegateeApp = 10, // bstr
+ kUwMacaroonCaveatTypeNonce = 0, // bstr
+ kUwMacaroonCaveatTypeScope = 1, // uint
+ kUwMacaroonCaveatTypeExpirationAbsolute = 5, // uint
+ kUwMacaroonCaveatTypeTTL1Hour = 6, // no value
+ kUwMacaroonCaveatTypeTTL24Hour = 7, // no value
+ kUwMacaroonCaveatTypeDelegationTimestamp = 8, // uint
+
+ kUwMacaroonCaveatTypeDelegateeUser = 9, // bstr
+ kUwMacaroonCaveatTypeDelegateeApp = 10, // bstr
+ kUwMacaroonCaveatTypeDelegateeService = 12, // bstr
+
kUwMacaroonCaveatTypeAppCommandsOnly = 11, // no value
kUwMacaroonCaveatTypeBleSessionID = 16, // no value
kUwMacaroonCaveatTypeLanSessionID = 17, // bstr
@@ -81,6 +84,11 @@
uint8_t* buffer,
size_t buffer_size,
UwMacaroonCaveat* new_caveat);
+bool uw_macaroon_caveat_create_delegatee_service_(const uint8_t* id_str,
+ size_t id_str_len,
+ uint8_t* buffer,
+ size_t buffer_size,
+ UwMacaroonCaveat* new_caveat);
bool uw_macaroon_caveat_create_app_commands_only_(uint8_t* buffer,
size_t buffer_size,
UwMacaroonCaveat* new_caveat);
