manager.go 19.2 KB
Newer Older
1
2
3
package irmago

import (
4
	"crypto/rand"
Sietse Ringers's avatar
Sietse Ringers committed
5
	"math/big"
Sietse Ringers's avatar
Sietse Ringers committed
6
	"sort"
7
	"time"
Sietse Ringers's avatar
Sietse Ringers committed
8

9
	"github.com/credentials/go-go-gadget-paillier"
Sietse Ringers's avatar
Sietse Ringers committed
10
	"github.com/go-errors/errors"
11
12
13
	"github.com/mhe/gabi"
)

Sietse Ringers's avatar
Sietse Ringers committed
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
// This file contains most methods of the CredentialManager (c.f. session.go
// and updates.go).
//
// The storage of credentials is split up in several parts:
//
// - The CL-signature of each credential is stored separately, so that we can
// load it on demand (i.e., during an IRMA session), instead of immediately
// at initialization.
//
// - The attributes of all credentials are stored together, as they all
// immediately need to be available anyway,
//
// - The secret key (the zeroth attribute of every credential), being the same
// across all credentials, is stored only once in a separate file (storing this
// in multiple places would be bad).

// CredentialManager (de)serializes credentials and keyshare server information
// from storage; as well as logs of earlier IRMA sessions; it provides access
// to the attributes and all related information of its credentials;
// it is the starting point for new IRMA sessions; and it computes some
// of the messages in the client side of the IRMA protocol.
35
type CredentialManager struct {
Sietse Ringers's avatar
Sietse Ringers committed
36
	// Stuff we manage on disk
37
	secretkey        *secretKey
38
39
40
	attributes       map[CredentialTypeIdentifier][]*AttributeList
	credentials      map[CredentialTypeIdentifier]map[int]*credential
	keyshareServers  map[SchemeManagerIdentifier]*keyshareServer
41
	paillierKeyCache *paillierPrivateKey
Sietse Ringers's avatar
Sietse Ringers committed
42
	logs             []*LogEntry
Sietse Ringers's avatar
Sietse Ringers committed
43
	updates          []update
44

Sietse Ringers's avatar
Sietse Ringers committed
45
46
47
48
49
	// Where we store/load it to/from
	storage storage

	// Other state
	ConfigurationStore    *ConfigurationStore
50
	irmaConfigurationPath string
51
	androidStoragePath    string
52
	keyshareHandler       KeyshareHandler
Sietse Ringers's avatar
Sietse Ringers committed
53
54
}

55
56
57
58
type secretKey struct {
	Key *big.Int
}

59
60
61
62
63
64
65
66
67
68
// NewCredentialManager creates a new CredentialManager that uses the directory
// specified by storagePath for (de)serializing itself. irmaConfigurationPath
// is the path to a (possibly readonly) folder containing irma_configuration;
// androidStoragePath is an optional path to the files of the old android app
// (specify "" if you do not want to parse the old android app files),
// and keyshareHandler is used for when a registration to a keyshare server needs
// to happen.
// The credential manager returned by this function has been fully deserialized
// and is ready for use.
//
Sietse Ringers's avatar
Sietse Ringers committed
69
70
// NOTE: It is the responsibility of the caller that there exists a (properly
// protected) directory at storagePath!
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
func NewCredentialManager(
	storagePath string,
	irmaConfigurationPath string,
	androidStoragePath string,
	keyshareHandler KeyshareHandler,
) (*CredentialManager, error) {
	var err error
	if err = AssertPathExists(storagePath); err != nil {
		return nil, err
	}
	if err = AssertPathExists(irmaConfigurationPath); err != nil {
		return nil, err
	}

	cm := &CredentialManager{
		credentials:           make(map[CredentialTypeIdentifier]map[int]*credential),
		keyshareServers:       make(map[SchemeManagerIdentifier]*keyshareServer),
		attributes:            make(map[CredentialTypeIdentifier][]*AttributeList),
		irmaConfigurationPath: irmaConfigurationPath,
		androidStoragePath:    androidStoragePath,
91
92
93
94
95
96
97
98
99
		keyshareHandler:       keyshareHandler,
	}

	cm.ConfigurationStore, err = NewConfigurationStore(storagePath+"/irma_configuration", irmaConfigurationPath)
	if err != nil {
		return nil, err
	}
	if err = cm.ConfigurationStore.ParseFolder(); err != nil {
		return nil, err
100
101
102
	}

	// Ensure storage path exists, and populate it with necessary files
103
	cm.storage = storage{storagePath: storagePath, ConfigurationStore: cm.ConfigurationStore}
Sietse Ringers's avatar
Sietse Ringers committed
104
	if err = cm.storage.EnsureStorageExists(); err != nil {
105
106
107
108
109
110
111
112
113
		return nil, err
	}

	// Perform new update functions from credentialManagerUpdates, if any
	if err = cm.update(); err != nil {
		return nil, err
	}

	// Load our stuff
Sietse Ringers's avatar
Sietse Ringers committed
114
	if cm.secretkey, err = cm.storage.LoadSecretKey(); err != nil {
115
116
		return nil, err
	}
Sietse Ringers's avatar
Sietse Ringers committed
117
	if cm.attributes, err = cm.storage.LoadAttributes(); err != nil {
118
119
		return nil, err
	}
Sietse Ringers's avatar
Sietse Ringers committed
120
	if cm.paillierKeyCache, err = cm.storage.LoadPaillierKeys(); err != nil {
121
122
		return nil, err
	}
Sietse Ringers's avatar
Sietse Ringers committed
123
	if cm.keyshareServers, err = cm.storage.LoadKeyshareServers(); err != nil {
124
125
126
127
128
129
130
131
132
133
		return nil, err
	}

	unenrolled := cm.unenrolledKeyshareServers()
	switch len(unenrolled) {
	case 0: // nop
	case 1:
		if keyshareHandler == nil {
			return nil, errors.New("Keyshare server found but no KeyshareHandler was given")
		}
Sietse Ringers's avatar
Sietse Ringers committed
134
135
		keyshareHandler.StartRegistration(unenrolled[0], func(email, pin string) error {
			return cm.KeyshareEnroll(unenrolled[0].Identifier(), email, pin)
136
137
138
139
140
141
142
143
		})
	default:
		return nil, errors.New("Too many keyshare servers")
	}

	return cm, nil
}

144
145
146
// CredentialInfoList returns a list of information of all contained credentials.
func (cm *CredentialManager) CredentialInfoList() CredentialInfoList {
	list := CredentialInfoList([]*CredentialInfo{})
147
148

	for _, attrlistlist := range cm.attributes {
149
150
151
		for index, attrlist := range attrlistlist {
			info := attrlist.Info()
			info.Index = index
152
			list = append(list, info)
Sietse Ringers's avatar
Sietse Ringers committed
153
154
		}
	}
155

Sietse Ringers's avatar
Sietse Ringers committed
156
157
158
159
	sort.Sort(list)
	return list
}

Sietse Ringers's avatar
Sietse Ringers committed
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
// addCredential adds the specified credential to the CredentialManager, saving its signature
// imediately, and optionally cm.attributes as well.
func (cm *CredentialManager) addCredential(cred *credential, storeAttributes bool) (err error) {
	id := cred.CredentialType().Identifier()
	cm.attributes[id] = append(cm.attrs(id), cred.AttributeList())

	if _, exists := cm.credentials[id]; !exists {
		cm.credentials[id] = make(map[int]*credential)
	}
	if cred.CredentialType().IsSingleton {
		cm.credentials[id][0] = cred
	} else {
		counter := len(cm.attributes[id]) - 1
		cm.credentials[id][counter] = cred
	}

	if err = cm.storage.StoreSignature(cred); err != nil {
		return
	}
	if storeAttributes {
		err = cm.storage.StoreAttributes(cm.attributes)
	}
	return
}

func generateSecretKey() (*secretKey, error) {
	key, err := gabi.RandomBigInt(gabi.DefaultSystemParameters[1024].Lm)
	if err != nil {
		return nil, err
	}
	return &secretKey{Key: key}, nil
}

// Removal methods

195
196
197
198
199
200
201
202
203
func (cm *CredentialManager) remove(id CredentialTypeIdentifier, index int, storenow bool) error {
	// Remove attributes
	list, exists := cm.attributes[id]
	if !exists || index >= len(list) {
		return errors.Errorf("Can't remove credential %s-%d: no such credential", id.String(), index)
	}
	attrs := list[index]
	cm.attributes[id] = append(list[:index], list[index+1:]...)
	if storenow {
Sietse Ringers's avatar
Sietse Ringers committed
204
205
206
		if err := cm.storage.StoreAttributes(cm.attributes); err != nil {
			return err
		}
207
208
209
210
211
212
213
214
215
216
217
	}

	// Remove credential
	if creds, exists := cm.credentials[id]; exists {
		if _, exists := creds[index]; exists {
			creds[index] = nil
			cm.credentials[id] = creds
		}
	}

	// Remove signature from storage
Sietse Ringers's avatar
Sietse Ringers committed
218
	if err := cm.storage.DeleteSignature(attrs); err != nil {
219
220
221
		return err
	}

222
223
224
225
226
227
228
229
230
231
232
	removed := map[CredentialTypeIdentifier][]TranslatedString{}
	removed[id] = attrs.Strings()

	if storenow {
		return cm.addLogEntry(&LogEntry{
			Type:    actionRemoval,
			Time:    Timestamp(time.Now()),
			Removed: removed,
		})
	}
	return nil
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
}

func (cm *CredentialManager) RemoveCredential(id CredentialTypeIdentifier, index int) error {
	return cm.remove(id, index, true)
}

func (cm *CredentialManager) RemoveCredentialByHash(hash string) error {
	cred, index, err := cm.credentialByHash(hash)
	if err != nil {
		return err
	}
	return cm.RemoveCredential(cred.CredentialType().Identifier(), index)
}

func (cm *CredentialManager) RemoveAllCredentials() error {
248
	removed := map[CredentialTypeIdentifier][]TranslatedString{}
249
250
	list := cm.CredentialInfoList()
	for _, cred := range list {
251
252
253
		id := NewCredentialTypeIdentifier(cred.ID)
		removed[id] = cred.Attributes
		if err := cm.remove(id, cred.Index, false); err != nil {
254
255
256
			return err
		}
	}
Sietse Ringers's avatar
Sietse Ringers committed
257
	if err := cm.storage.StoreAttributes(cm.attributes); err != nil {
258
259
		return err
	}
260
261
262
263
264
265
266
267
268

	logentry := &LogEntry{
		Type:    actionRemoval,
		Time:    Timestamp(time.Now()),
		Removed: removed,
	}
	if err := cm.addLogEntry(logentry); err != nil {
		return err
	}
Sietse Ringers's avatar
Sietse Ringers committed
269
	return cm.storage.StoreLogs(cm.logs)
270
271
}

272
// Attribute and credential getter methods
Sietse Ringers's avatar
Sietse Ringers committed
273

Sietse Ringers's avatar
Sietse Ringers committed
274
// attrs returns cm.attributes[id], initializing it to an empty slice if neccesary
275
func (cm *CredentialManager) attrs(id CredentialTypeIdentifier) []*AttributeList {
Sietse Ringers's avatar
Sietse Ringers committed
276
277
278
279
280
281
282
283
284
	list, exists := cm.attributes[id]
	if !exists {
		list = make([]*AttributeList, 0, 1)
		cm.attributes[id] = list
	}
	return list
}

// creds returns cm.credentials[id], initializing it to an empty map if neccesary
Sietse Ringers's avatar
Sietse Ringers committed
285
func (cm *CredentialManager) creds(id CredentialTypeIdentifier) map[int]*credential {
Sietse Ringers's avatar
Sietse Ringers committed
286
287
	list, exists := cm.credentials[id]
	if !exists {
Sietse Ringers's avatar
Sietse Ringers committed
288
		list = make(map[int]*credential)
Sietse Ringers's avatar
Sietse Ringers committed
289
290
291
292
293
		cm.credentials[id] = list
	}
	return list
}

Sietse Ringers's avatar
Sietse Ringers committed
294
// Attributes returns the attribute list of the requested credential, or nil if we do not have it.
295
func (cm *CredentialManager) Attributes(id CredentialTypeIdentifier, counter int) (attributes *AttributeList) {
Sietse Ringers's avatar
Sietse Ringers committed
296
297
	list := cm.attrs(id)
	if len(list) <= counter {
Sietse Ringers's avatar
Sietse Ringers committed
298
299
300
301
302
		return
	}
	return list[counter]
}

303
304
305
306
307
308
309
310
311
312
313
314
315
func (cm *CredentialManager) credentialByHash(hash string) (*credential, int, error) {
	for _, attrlistlist := range cm.attributes {
		for index, attrs := range attrlistlist {
			if attrs.hash() == hash {
				cred, err := cm.credential(attrs.CredentialType().Identifier(), index)
				return cred, index, err
			}
		}
	}
	return nil, 0, nil
}

func (cm *CredentialManager) credentialByID(id CredentialIdentifier) (*credential, error) {
Sietse Ringers's avatar
Sietse Ringers committed
316
	return cm.credential(id.Type, id.Index)
317
318
}

Sietse Ringers's avatar
Sietse Ringers committed
319
320
// credential returns the requested credential, or nil if we do not have it.
func (cm *CredentialManager) credential(id CredentialTypeIdentifier, counter int) (cred *credential, err error) {
Sietse Ringers's avatar
Sietse Ringers committed
321
	// If the requested credential is not in credential map, we check if its attributes were
322
	// deserialized during NewCredentialManager(). If so, there should be a corresponding signature file,
Sietse Ringers's avatar
Sietse Ringers committed
323
	// so we read that, construct the credential, and add it to the credential map
Sietse Ringers's avatar
Sietse Ringers committed
324
	if _, exists := cm.creds(id)[counter]; !exists {
Sietse Ringers's avatar
Sietse Ringers committed
325
326
327
328
		attrs := cm.Attributes(id, counter)
		if attrs == nil { // We do not have the requested cred
			return
		}
Sietse Ringers's avatar
Sietse Ringers committed
329
		sig, err := cm.storage.LoadSignature(attrs)
Sietse Ringers's avatar
Sietse Ringers committed
330
331
332
333
334
335
336
		if err != nil {
			return nil, err
		}
		if sig == nil {
			err = errors.New("signature file not found")
			return nil, err
		}
337
		pk, err := attrs.PublicKey()
338
339
340
		if err != nil {
			return nil, err
		}
341
342
343
		if pk == nil {
			return nil, errors.New("unknown public key")
		}
344
		cred, err := newCredential(&gabi.Credential{
345
			Attributes: append([]*big.Int{cm.secretkey.Key}, attrs.Ints...),
346
			Signature:  sig,
347
			Pk:         pk,
348
		}, cm.ConfigurationStore)
349
350
351
		if err != nil {
			return nil, err
		}
Sietse Ringers's avatar
Sietse Ringers committed
352
353
354
355
		cm.credentials[id][counter] = cred
	}

	return cm.credentials[id][counter], nil
356
357
}

Sietse Ringers's avatar
Sietse Ringers committed
358
// Methods used in the IRMA protocol
359

Sietse Ringers's avatar
Sietse Ringers committed
360
361
// Candidates returns a list of attributes present in this credential manager
// that satisfy the specified attribute disjunction.
362
func (cm *CredentialManager) Candidates(disjunction *AttributeDisjunction) []*AttributeIdentifier {
363
	candidates := make([]*AttributeIdentifier, 0, 10)
364
365

	for _, attribute := range disjunction.Attributes {
Sietse Ringers's avatar
Sietse Ringers committed
366
		credID := attribute.CredentialTypeIdentifier()
367
		if !cm.ConfigurationStore.Contains(credID) {
368
369
			continue
		}
Sietse Ringers's avatar
Sietse Ringers committed
370
		creds := cm.credentials[credID]
371
372
373
374
375
376
377
378
379
		count := len(creds)
		if count == 0 {
			continue
		}
		for i, cred := range creds {
			id := &AttributeIdentifier{Type: attribute, Index: i, Count: count}
			if attribute.IsCredential() {
				candidates = append(candidates, id)
			} else {
380
				attrs := cred.AttributeList()
Sietse Ringers's avatar
Sietse Ringers committed
381
				val := attrs.untranslatedAttribute(attribute)
382
				if val == "" { // This won't handle empty attributes correctly
383
384
385
386
387
388
389
390
391
392
393
394
					continue
				}
				if !disjunction.HasValues() || val == disjunction.Values[attribute] {
					candidates = append(candidates, id)
				}
			}
		}
	}

	return candidates
}

Sietse Ringers's avatar
Sietse Ringers committed
395
396
397
// CheckSatisfiability checks if this credential manager has the required attributes
// to satisfy the specifed disjunction list. If not, the unsatisfiable disjunctions
// are returned.
Sietse Ringers's avatar
Sietse Ringers committed
398
func (cm *CredentialManager) CheckSatisfiability(disjunctions AttributeDisjunctionList) AttributeDisjunctionList {
399
	missing := make(AttributeDisjunctionList, 0, 5)
Sietse Ringers's avatar
Sietse Ringers committed
400
	for _, disjunction := range disjunctions {
401
402
403
404
405
406
407
		if len(cm.Candidates(disjunction)) == 0 {
			missing = append(missing, disjunction)
		}
	}

	return missing
}
408

409
func (cm *CredentialManager) groupCredentials(choice *DisclosureChoice) (map[CredentialIdentifier][]int, error) {
410
411
412
413
414
415
416
417
418
	grouped := make(map[CredentialIdentifier][]int)

	for _, attribute := range choice.Attributes {
		identifier := attribute.Type
		ici := attribute.CredentialIdentifier()

		// If this is the first attribute of its credential type that we encounter
		// in the disclosure choice, then there is no slice yet at grouped[ici]
		if _, present := grouped[ici]; !present {
419
420
			indices := make([]int, 1, 1)
			indices[0] = 1 // Always include metadata
421
422
423
424
425
426
			grouped[ici] = indices
		}

		if identifier.IsCredential() {
			continue // In this case we only disclose the metadata attribute, which is already handled
		}
427
		index, err := cm.ConfigurationStore.Credentials[identifier.CredentialTypeIdentifier()].IndexOf(identifier)
428
429
430
431
		if err != nil {
			return nil, err
		}

Sietse Ringers's avatar
Sietse Ringers committed
432
		// These indices will be used in the []*big.Int at gabi.credential.Attributes,
433
		// which doesn't know about the secret key and metadata attribute, so +2
434
		grouped[ici] = append(grouped[ici], index+2)
435
436
437
438
439
	}

	return grouped, nil
}

440
// ProofBuilders constructs a list of proof builders for the specified attribute choice.
441
func (cm *CredentialManager) ProofBuilders(choice *DisclosureChoice) (gabi.ProofBuilderList, error) {
442
443
444
445
446
	todisclose, err := cm.groupCredentials(choice)
	if err != nil {
		return nil, err
	}

447
	builders := gabi.ProofBuilderList([]gabi.ProofBuilder{})
448
	for id, list := range todisclose {
Sietse Ringers's avatar
Sietse Ringers committed
449
		cred, err := cm.credentialByID(id)
450
451
452
453
454
		if err != nil {
			return nil, err
		}
		builders = append(builders, cred.Credential.CreateDisclosureProofBuilder(list))
	}
Sietse Ringers's avatar
Sietse Ringers committed
455
	return builders, nil
456
}
Sietse Ringers's avatar
Sietse Ringers committed
457

Sietse Ringers's avatar
Sietse Ringers committed
458
// Proofs computes disclosure proofs containing the attributes specified by choice.
459
func (cm *CredentialManager) Proofs(choice *DisclosureChoice, request IrmaSession, issig bool) (gabi.ProofList, error) {
Sietse Ringers's avatar
Sietse Ringers committed
460
	builders, err := cm.ProofBuilders(choice)
Sietse Ringers's avatar
Sietse Ringers committed
461
462
463
	if err != nil {
		return nil, err
	}
464
	return builders.BuildProofList(request.GetContext(), request.GetNonce(), issig), nil
Sietse Ringers's avatar
Sietse Ringers committed
465
466
}

467
468
// IssuanceProofBuilders constructs a list of proof builders in the issuance protocol
// for the future credentials as well as possibly any disclosed attributes.
469
func (cm *CredentialManager) IssuanceProofBuilders(request *IssuanceRequest) (gabi.ProofBuilderList, error) {
Sietse Ringers's avatar
Cleanup    
Sietse Ringers committed
470
	state, err := newIssuanceState()
Sietse Ringers's avatar
Sietse Ringers committed
471
472
473
474
475
	if err != nil {
		return nil, err
	}
	request.state = state

476
	proofBuilders := gabi.ProofBuilderList([]gabi.ProofBuilder{})
Sietse Ringers's avatar
Sietse Ringers committed
477
	for _, futurecred := range request.Credentials {
Sietse Ringers's avatar
Sietse Ringers committed
478
479
		var pk *gabi.PublicKey
		pk, err = cm.ConfigurationStore.PublicKey(futurecred.Credential.IssuerIdentifier(), futurecred.KeyCounter)
480
481
482
		if err != nil {
			return nil, err
		}
483
484
		credBuilder := gabi.NewCredentialBuilder(
			pk, request.GetContext(), cm.secretkey.Key, state.nonce2)
Sietse Ringers's avatar
Sietse Ringers committed
485
486
487
		request.state.builders = append(request.state.builders, credBuilder)
		proofBuilders = append(proofBuilders, credBuilder)
	}
Sietse Ringers's avatar
Sietse Ringers committed
488

Sietse Ringers's avatar
Sietse Ringers committed
489
	disclosures, err := cm.ProofBuilders(request.choice)
Sietse Ringers's avatar
Sietse Ringers committed
490
491
492
	if err != nil {
		return nil, err
	}
Sietse Ringers's avatar
Sietse Ringers committed
493
	proofBuilders = append(disclosures, proofBuilders...)
Sietse Ringers's avatar
Sietse Ringers committed
494
495
	return proofBuilders, nil
}
Sietse Ringers's avatar
Sietse Ringers committed
496

Sietse Ringers's avatar
Sietse Ringers committed
497
498
499
500
501
502
503
// IssueCommitments computes issuance commitments, along with disclosure proofs
// specified by choice.
func (cm *CredentialManager) IssueCommitments(request *IssuanceRequest) (*gabi.IssueCommitmentMessage, error) {
	proofBuilders, err := cm.IssuanceProofBuilders(request)
	if err != nil {
		return nil, err
	}
504
	list := proofBuilders.BuildProofList(request.GetContext(), request.GetNonce(), false)
Sietse Ringers's avatar
Sietse Ringers committed
505
	return &gabi.IssueCommitmentMessage{Proofs: list, Nonce2: request.state.nonce2}, nil
Sietse Ringers's avatar
Sietse Ringers committed
506
507
}

Sietse Ringers's avatar
Sietse Ringers committed
508
509
// ConstructCredentials constructs and saves new credentials
// using the specified issuance signature messages.
Sietse Ringers's avatar
Sietse Ringers committed
510
511
512
513
514
func (cm *CredentialManager) ConstructCredentials(msg []*gabi.IssueSignatureMessage, request *IssuanceRequest) error {
	if len(msg) != len(request.state.builders) {
		return errors.New("Received unexpected amount of signatures")
	}

515
516
	// First collect all credentials in a slice, so that if one of them induces an error,
	// we save none of them to fail the session cleanly
517
	gabicreds := []*gabi.Credential{}
Sietse Ringers's avatar
Sietse Ringers committed
518
	for i, sig := range msg {
519
		attrs, err := request.Credentials[i].AttributeList(cm.ConfigurationStore)
Sietse Ringers's avatar
Sietse Ringers committed
520
521
522
523
524
525
526
		if err != nil {
			return err
		}
		cred, err := request.state.builders[i].ConstructCredential(sig, attrs.Ints)
		if err != nil {
			return err
		}
527
		gabicreds = append(gabicreds, cred)
Sietse Ringers's avatar
Sietse Ringers committed
528
529
	}

530
	for _, gabicred := range gabicreds {
531
		newcred, err := newCredential(gabicred, cm.ConfigurationStore)
532
533
534
		if err != nil {
			return err
		}
Sietse Ringers's avatar
Sietse Ringers committed
535
536
537
		if err = cm.addCredential(newcred, true); err != nil {
			return err
		}
Sietse Ringers's avatar
Sietse Ringers committed
538
	}
539

Sietse Ringers's avatar
Sietse Ringers committed
540
	return nil
Sietse Ringers's avatar
Sietse Ringers committed
541
}
542

Sietse Ringers's avatar
Sietse Ringers committed
543
544
// Keyshare server handling

545
// PaillierKey returns a new Paillier key (and generates a new one in a goroutine).
Sietse Ringers's avatar
Sietse Ringers committed
546
func (cm *CredentialManager) paillierKey(wait bool) *paillierPrivateKey {
Sietse Ringers's avatar
Sietse Ringers committed
547
	cached := cm.paillierKeyCache
Sietse Ringers's avatar
Sietse Ringers committed
548
	ch := make(chan bool)
549
550
	go func() {
		newkey, _ := paillier.GenerateKey(rand.Reader, 2048)
Sietse Ringers's avatar
Sietse Ringers committed
551
552
		cm.paillierKeyCache = (*paillierPrivateKey)(newkey)
		if wait && cached == nil {
Sietse Ringers's avatar
Sietse Ringers committed
553
554
			ch <- true
		}
555
	}()
Sietse Ringers's avatar
Sietse Ringers committed
556
	if wait && cached == nil {
Sietse Ringers's avatar
Sietse Ringers committed
557
558
		<-ch
	}
Sietse Ringers's avatar
Sietse Ringers committed
559
	return cm.paillierKeyCache
560
}
Sietse Ringers's avatar
Sietse Ringers committed
561
562
563

func (cm *CredentialManager) unenrolledKeyshareServers() []*SchemeManager {
	list := []*SchemeManager{}
564
	for name, manager := range cm.ConfigurationStore.SchemeManagers {
Sietse Ringers's avatar
Sietse Ringers committed
565
566
567
568
569
570
		if _, contains := cm.keyshareServers[name]; len(manager.KeyshareServer) > 0 && !contains {
			list = append(list, manager)
		}
	}
	return list
}
Sietse Ringers's avatar
Sietse Ringers committed
571

572
573
// KeyshareEnroll attempts to register at the keyshare server of the specified scheme manager.
func (cm *CredentialManager) KeyshareEnroll(managerID SchemeManagerIdentifier, email, pin string) error {
574
	manager, ok := cm.ConfigurationStore.SchemeManagers[managerID]
Sietse Ringers's avatar
Sietse Ringers committed
575
576
577
578
579
580
581
582
583
584
585
	if !ok {
		return errors.New("Unknown scheme manager")
	}
	if len(manager.KeyshareServer) == 0 {
		return errors.New("Scheme manager has no keyshare server")
	}
	if len(pin) < 5 {
		return errors.New("PIN too short, must be at least 5 characters")
	}

	transport := NewHTTPTransport(manager.KeyshareServer)
586
	kss, err := newKeyshareServer(cm.paillierKey(true), manager.KeyshareServer, email)
Sietse Ringers's avatar
Sietse Ringers committed
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
	if err != nil {
		return err
	}
	message := keyshareRegistration{
		Username:  email,
		Pin:       kss.HashedPin(pin),
		PublicKey: (*paillierPublicKey)(&kss.PrivateKey.PublicKey),
	}

	result := &struct{}{}
	err = transport.Post("web/users/selfenroll", result, message)
	if err != nil {
		return err
	}

602
	cm.keyshareServers[managerID] = kss
Sietse Ringers's avatar
Sietse Ringers committed
603
	return cm.storage.StoreKeyshareServers(cm.keyshareServers)
Sietse Ringers's avatar
Sietse Ringers committed
604
605
}

606
// KeyshareRemove unregisters the keyshare server of the specified scheme manager.
Sietse Ringers's avatar
Sietse Ringers committed
607
608
609
610
611
func (cm *CredentialManager) KeyshareRemove(manager SchemeManagerIdentifier) error {
	if _, contains := cm.keyshareServers[manager]; !contains {
		return errors.New("Can't uninstall unknown keyshare server")
	}
	delete(cm.keyshareServers, manager)
Sietse Ringers's avatar
Sietse Ringers committed
612
	return cm.storage.StoreKeyshareServers(cm.keyshareServers)
Sietse Ringers's avatar
Sietse Ringers committed
613
}
Sietse Ringers's avatar
Sietse Ringers committed
614

Sietse Ringers's avatar
Sietse Ringers committed
615
616
// Add, load and store log entries

617
func (cm *CredentialManager) addLogEntry(entry *LogEntry) error {
Sietse Ringers's avatar
Sietse Ringers committed
618
	cm.logs = append(cm.logs, entry)
619
	return cm.storage.StoreLogs(cm.logs)
620
	return nil
Sietse Ringers's avatar
Sietse Ringers committed
621
622
623
624
625
}

func (cm *CredentialManager) Logs() ([]*LogEntry, error) {
	if cm.logs == nil || len(cm.logs) == 0 {
		var err error
Sietse Ringers's avatar
Sietse Ringers committed
626
		cm.logs, err = cm.storage.LoadLogs()
Sietse Ringers's avatar
Sietse Ringers committed
627
628
629
630
631
632
		if err != nil {
			return nil, err
		}
	}
	return cm.logs, nil
}