Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
I
irmago
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Environments
Analytics
Analytics
CI / CD
Repository
Value Stream
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Jobs
Commits
Open sidebar
IRMA
Github mirrors
irmago
Commits
02583d4b
Commit
02583d4b
authored
Dec 11, 2019
by
Sietse Ringers
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
feat: unify server.Configuration and irma.Configuration private key handling
parent
98271b20
Changes
6
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
17 additions
and
19 deletions
+17
-19
internal/servercore/api.go
internal/servercore/api.go
+1
-1
internal/servercore/handle.go
internal/servercore/handle.go
+1
-1
internal/servercore/helpers.go
internal/servercore/helpers.go
+1
-1
irmaconfig.go
irmaconfig.go
+7
-4
server/conf.go
server/conf.go
+6
-11
server/requestorserver/conf.go
server/requestorserver/conf.go
+1
-1
No files found.
internal/servercore/api.go
View file @
02583d4b
...
...
@@ -140,7 +140,7 @@ func (s *Server) CancelSession(token string) error {
}
func
(
s
*
Server
)
Revoke
(
credid
irma
.
CredentialTypeIdentifier
,
key
string
)
error
{
sk
,
err
:=
s
.
conf
.
PrivateKey
(
credid
.
IssuerIdentifier
())
sk
,
err
:=
s
.
conf
.
IrmaConfiguration
.
PrivateKey
(
credid
.
IssuerIdentifier
())
if
err
!=
nil
{
return
err
}
...
...
internal/servercore/handle.go
View file @
02583d4b
...
...
@@ -189,7 +189,7 @@ func (session *session) handlePostCommitments(commitments *irma.IssueCommitmentM
for
i
,
cred
:=
range
request
.
Credentials
{
id
:=
cred
.
CredentialTypeID
.
IssuerIdentifier
()
pk
,
_
:=
session
.
conf
.
IrmaConfiguration
.
PublicKey
(
id
,
cred
.
KeyCounter
)
sk
,
_
:=
session
.
conf
.
PrivateKey
(
id
)
sk
,
_
:=
session
.
conf
.
IrmaConfiguration
.
PrivateKey
(
id
)
issuer
:=
gabi
.
NewIssuer
(
sk
,
pk
,
one
)
proof
,
ok
:=
commitments
.
Proofs
[
i
+
discloseCount
]
.
(
*
gabi
.
ProofU
)
if
!
ok
{
...
...
internal/servercore/helpers.go
View file @
02583d4b
...
...
@@ -130,7 +130,7 @@ func (s *Server) validateIssuanceRequest(request *irma.IssuanceRequest) error {
for
_
,
cred
:=
range
request
.
Credentials
{
// Check that we have the appropriate private key
iss
:=
cred
.
CredentialTypeID
.
IssuerIdentifier
()
privatekey
,
err
:=
s
.
conf
.
PrivateKey
(
iss
)
privatekey
,
err
:=
s
.
conf
.
IrmaConfiguration
.
PrivateKey
(
iss
)
if
err
!=
nil
{
return
err
}
...
...
irmaconfig.go
View file @
02583d4b
...
...
@@ -46,6 +46,10 @@ type Configuration struct {
CredentialTypes
map
[
CredentialTypeIdentifier
]
*
CredentialType
AttributeTypes
map
[
AttributeTypeIdentifier
]
*
AttributeType
// Issuer private keys. If set (after calling ParseFolder()), will use these keys
// instead of keys in irma_configuration/$issuer/PrivateKeys.
PrivateKeys
map
[
IssuerIdentifier
]
*
gabi
.
PrivateKey
Revocation
*
RevocationStorage
// Path to the irma_configuration folder that this instance represents
...
...
@@ -59,7 +63,6 @@ type Configuration struct {
kssPublicKeys
map
[
SchemeManagerIdentifier
]
map
[
int
]
*
rsa
.
PublicKey
publicKeys
map
[
IssuerIdentifier
]
map
[
int
]
*
gabi
.
PublicKey
privateKeys
map
[
IssuerIdentifier
]
*
gabi
.
PrivateKey
reverseHashes
map
[
string
]
CredentialTypeIdentifier
initialized
bool
assets
string
...
...
@@ -163,7 +166,7 @@ func (conf *Configuration) clear() {
conf
.
DisabledSchemeManagers
=
make
(
map
[
SchemeManagerIdentifier
]
*
SchemeManagerError
)
conf
.
kssPublicKeys
=
make
(
map
[
SchemeManagerIdentifier
]
map
[
int
]
*
rsa
.
PublicKey
)
conf
.
publicKeys
=
make
(
map
[
IssuerIdentifier
]
map
[
int
]
*
gabi
.
PublicKey
)
conf
.
p
rivateKeys
=
make
(
map
[
IssuerIdentifier
]
*
gabi
.
PrivateKey
)
conf
.
P
rivateKeys
=
make
(
map
[
IssuerIdentifier
]
*
gabi
.
PrivateKey
)
conf
.
reverseHashes
=
make
(
map
[
string
]
CredentialTypeIdentifier
)
}
...
...
@@ -319,7 +322,7 @@ func (conf *Configuration) ParseSchemeManagerFolder(dir string, manager *SchemeM
// PrivateKey returns the latest private key of the specified issuer, or nil if not present in the Configuration.
func
(
conf
*
Configuration
)
PrivateKey
(
id
IssuerIdentifier
)
(
*
gabi
.
PrivateKey
,
error
)
{
if
sk
:=
conf
.
p
rivateKeys
[
id
];
sk
!=
nil
{
if
sk
:=
conf
.
P
rivateKeys
[
id
];
sk
!=
nil
{
return
sk
,
nil
}
...
...
@@ -355,7 +358,7 @@ func (conf *Configuration) PrivateKey(id IssuerIdentifier) (*gabi.PrivateKey, er
if
int
(
sk
.
Counter
)
!=
counter
{
return
nil
,
errors
.
Errorf
(
"Private key %s of issuer %s has wrong <Counter>"
,
file
,
id
.
String
())
}
conf
.
p
rivateKeys
[
id
]
=
sk
conf
.
P
rivateKeys
[
id
]
=
sk
return
sk
,
nil
}
...
...
server/conf.go
View file @
02583d4b
...
...
@@ -89,21 +89,11 @@ func (conf *Configuration) Check() error {
return
nil
}
func
(
conf
*
Configuration
)
PrivateKey
(
id
irma
.
IssuerIdentifier
)
(
sk
*
gabi
.
PrivateKey
,
err
error
)
{
sk
=
conf
.
IssuerPrivateKeys
[
id
]
if
sk
==
nil
{
if
sk
,
err
=
conf
.
IrmaConfiguration
.
PrivateKey
(
id
);
err
!=
nil
{
return
nil
,
err
}
}
return
sk
,
nil
}
func
(
conf
*
Configuration
)
HavePrivateKeys
()
(
bool
,
error
)
{
var
err
error
var
sk
*
gabi
.
PrivateKey
for
id
:=
range
conf
.
IrmaConfiguration
.
Issuers
{
sk
,
err
=
conf
.
PrivateKey
(
id
)
sk
,
err
=
conf
.
IrmaConfiguration
.
PrivateKey
(
id
)
if
err
!=
nil
{
return
false
,
err
}
...
...
@@ -146,6 +136,11 @@ func (conf *Configuration) verifyIrmaConf() error {
}
}
// Put private keys into conf.IrmaConfiguration so we can use conf.IrmaConfiguration.PrivateKey()
if
len
(
conf
.
IssuerPrivateKeys
)
>
0
{
conf
.
IrmaConfiguration
.
PrivateKeys
=
conf
.
IssuerPrivateKeys
}
if
len
(
conf
.
IrmaConfiguration
.
SchemeManagers
)
==
0
{
conf
.
Logger
.
Infof
(
"No schemes found in %s, downloading default (irma-demo and pbdf)"
,
conf
.
SchemesPath
)
if
err
:=
conf
.
IrmaConfiguration
.
DownloadDefaultSchemes
();
err
!=
nil
{
...
...
server/requestorserver/conf.go
View file @
02583d4b
...
...
@@ -356,7 +356,7 @@ func (conf *Configuration) validatePermissionSet(requestor string, requestorperm
continue
}
if
typ
==
"issuing"
||
typ
==
"revoking"
{
sk
,
err
:=
conf
.
PrivateKey
(
credtype
.
IssuerIdentifier
())
sk
,
err
:=
conf
.
IrmaConfiguration
.
PrivateKey
(
credtype
.
IssuerIdentifier
())
if
err
!=
nil
{
errs
=
append
(
errs
,
fmt
.
Sprintf
(
"%s %s permission '%s': failed to load private key: %s"
,
requestor
,
typ
,
permission
,
err
))
continue
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment