Commit 38cef828 authored by Sietse Ringers's avatar Sietse Ringers
Browse files

feat: bump gabi to rangeproof supporting version

* gabi.PublicKey, gabi.PrivateKey and related methods moved to gabikeys
* handle additional errors returned by gabi
parent 9f023686
......@@ -8,8 +8,8 @@ import (
"github.com/eknkc/basex"
"github.com/go-errors/errors"
"github.com/privacybydesign/gabi"
"github.com/privacybydesign/gabi/big"
"github.com/privacybydesign/gabi/gabikeys"
)
const (
......@@ -38,7 +38,7 @@ type metadataField struct {
// metadataAttribute represents a metadata attribute. Contains the credential type, signing date, validity, and the public key counter.
type MetadataAttribute struct {
Int *big.Int
pk *gabi.PublicKey
pk *gabikeys.PublicKey
Conf *Configuration
}
......@@ -248,7 +248,7 @@ func (attr *MetadataAttribute) Bytes() []byte {
// PublicKey extracts identifier of the Idemix public key with which this instance was signed,
// and returns this public key.
func (attr *MetadataAttribute) PublicKey() (*gabi.PublicKey, error) {
func (attr *MetadataAttribute) PublicKey() (*gabikeys.PublicKey, error) {
if attr.pk == nil {
var err error
attr.pk, err = attr.Conf.PublicKey(attr.CredentialType().IssuerIdentifier(), attr.KeyCounter())
......
......@@ -25,7 +25,7 @@ require (
github.com/mitchellh/mapstructure v1.1.2
github.com/onsi/ginkgo v1.12.0 // indirect
github.com/onsi/gomega v1.9.0 // indirect
github.com/privacybydesign/gabi v0.0.0-20210311130659-b4e094b964d8
github.com/privacybydesign/gabi v0.0.0-20210409092845-6113e0d3ec81
github.com/sietseringers/cobra v1.0.1-0.20200909200314-c50c3838234b
github.com/sietseringers/go-sse v0.0.0-20200801161811-e2cf2c63ca50
github.com/sietseringers/pflag v1.0.4-0.20200909193609-0cde7e893819
......
......@@ -29,7 +29,7 @@ import (
"regexp"
"strconv"
"github.com/privacybydesign/gabi"
"github.com/privacybydesign/gabi/gabikeys"
"github.com/sietseringers/cobra"
"github.com/go-errors/errors"
......@@ -114,11 +114,11 @@ var genkeypairCmd = &cobra.Command{
}
// Now generate the key pair
sysParams, ok := gabi.DefaultSystemParameters[keylength]
sysParams, ok := gabikeys.DefaultSystemParameters[keylength]
if !ok {
return fmt.Errorf("Unsupported key length, should be one of %v", gabi.DefaultKeyLengths)
return fmt.Errorf("Unsupported key length, should be one of %v", gabikeys.DefaultKeyLengths)
}
privk, pubk, err := gabi.GenerateKeyPair(sysParams, numAttributes, counter, expiryDate)
privk, pubk, err := gabikeys.GenerateKeyPair(sysParams, numAttributes, counter, expiryDate)
if err != nil {
return err
}
......
......@@ -9,7 +9,7 @@ import (
"time"
"github.com/go-errors/errors"
"github.com/privacybydesign/gabi"
"github.com/privacybydesign/gabi/gabikeys"
"github.com/privacybydesign/irmago/internal/common"
"github.com/sietseringers/cobra"
)
......@@ -89,11 +89,11 @@ IRMA applications.`,
// Now generate the key pair
fmt.Println("Generating keys (may take several minutes)")
sysParams, ok := gabi.DefaultSystemParameters[keylength]
sysParams, ok := gabikeys.DefaultSystemParameters[keylength]
if !ok {
return errors.Errorf("Unsupported key length, should be one of %v", gabi.DefaultKeyLengths)
return errors.Errorf("Unsupported key length, should be one of %v", gabikeys.DefaultKeyLengths)
}
privk, pubk, err := gabi.GenerateKeyPair(sysParams, numAttributes, counter, expiryDate)
privk, pubk, err := gabikeys.GenerateKeyPair(sysParams, numAttributes, counter, expiryDate)
if err != nil {
return err
}
......
......@@ -10,8 +10,8 @@ import (
"strings"
"time"
"github.com/privacybydesign/gabi"
"github.com/privacybydesign/gabi/big"
"github.com/privacybydesign/gabi/gabikeys"
"github.com/privacybydesign/gabi/keyproof"
"github.com/privacybydesign/irmago/internal/common"
"github.com/sietseringers/cobra"
......@@ -70,13 +70,13 @@ may be used.`,
}
// Try to read public key
pk, err := gabi.NewPublicKeyFromFile(pubkeyfile)
pk, err := gabikeys.NewPublicKeyFromFile(pubkeyfile)
if err != nil {
die("Could not read public key", err)
}
// Try to read private key
sk, err := gabi.NewPrivateKeyFromFile(privkeyfile, false)
sk, err := gabikeys.NewPrivateKeyFromFile(privkeyfile, false)
if err != nil {
die("Could not read private key", err)
}
......
......@@ -9,8 +9,8 @@ import (
"path/filepath"
"strconv"
"github.com/privacybydesign/gabi"
"github.com/privacybydesign/gabi/big"
"github.com/privacybydesign/gabi/gabikeys"
"github.com/privacybydesign/gabi/keyproof"
"github.com/privacybydesign/irmago/internal/common"
"github.com/sietseringers/cobra"
......@@ -66,7 +66,7 @@ On machines of 2 - 3 GHz verification will take some 5 - 15 minutes, during whic
}
// Try to read public key
pk, err := gabi.NewPublicKeyFromFile(pubkeyfile)
pk, err := gabikeys.NewPublicKeyFromFile(pubkeyfile)
if err != nil {
die("Error reading public key", err)
}
......
......@@ -7,8 +7,8 @@ import (
"time"
"github.com/go-errors/errors"
"github.com/privacybydesign/gabi"
"github.com/privacybydesign/gabi/big"
"github.com/privacybydesign/gabi/gabikeys"
irma "github.com/privacybydesign/irmago"
"github.com/privacybydesign/irmago/internal/common"
"github.com/sietseringers/cobra"
......@@ -60,7 +60,7 @@ func printMetadataAttr(metaint *big.Int, confpath string) error {
meta := irma.MetadataFromInt(metaint, conf)
typ := meta.CredentialType()
var key *gabi.PublicKey
var key *gabikeys.PublicKey
if typ == nil {
fmt.Println("Unknown credential type, hash:", base64.StdEncoding.EncodeToString(meta.CredentialTypeHash()))
......
package cmd
import (
"github.com/privacybydesign/gabi"
"github.com/privacybydesign/gabi/gabikeys"
"github.com/sietseringers/cobra"
)
......@@ -13,7 +13,7 @@ This is required before credential types requiring revocation can be issued unde
(New keypairs generated with "irma scheme issuer keygen" already support revocation.)`,
Args: cobra.ExactArgs(2),
Run: func(cmd *cobra.Command, args []string) {
sk, err := gabi.NewPrivateKeyFromFile(args[0], false)
sk, err := gabikeys.NewPrivateKeyFromFile(args[0], false)
if err != nil {
die("failed to read private key", err)
}
......@@ -21,7 +21,7 @@ This is required before credential types requiring revocation can be issued unde
die("private key already supports revocation", nil)
}
pk, err := gabi.NewPublicKeyFromFile(args[1])
pk, err := gabikeys.NewPublicKeyFromFile(args[1])
if err != nil {
die("failed to read public key", err)
}
......@@ -29,7 +29,7 @@ This is required before credential types requiring revocation can be issued unde
die("public key already supports revocation", nil)
}
if err = gabi.GenerateRevocationKeypair(sk, pk); err != nil {
if err = gabikeys.GenerateRevocationKeypair(sk, pk); err != nil {
die("failed to generate revocation keys", err)
}
......
......@@ -10,6 +10,7 @@ import (
"github.com/go-errors/errors"
"github.com/privacybydesign/gabi"
"github.com/privacybydesign/gabi/big"
"github.com/privacybydesign/gabi/gabikeys"
"github.com/privacybydesign/gabi/revocation"
irma "github.com/privacybydesign/irmago"
"github.com/privacybydesign/irmago/internal/common"
......@@ -878,7 +879,7 @@ func (client *Client) ProofBuilders(choice *irma.DisclosureChoice, request irma.
return nil, nil, nil, revocation.ErrorRevoked
}
nonrev := request.Base().RequestsRevocation(cred.CredentialType().Identifier())
builder, err = cred.CreateDisclosureProofBuilder(grp.attrs, nonrev)
builder, err = cred.CreateDisclosureProofBuilder(grp.attrs, nil, nonrev)
if err != nil {
return nil, nil, nil, err
}
......@@ -913,8 +914,12 @@ func (client *Client) Proofs(choice *irma.DisclosureChoice, request irma.Session
}
_, issig := request.(*irma.SignatureRequest)
proofs, err := builders.BuildProofList(request.Base().GetContext(), request.GetNonce(timestamp), issig)
if err != nil {
return nil, nil, err
}
return &irma.Disclosure{
Proofs: builders.BuildProofList(request.Base().GetContext(), request.GetNonce(timestamp), issig),
Proofs: proofs,
Indices: choices,
}, timestamp, nil
}
......@@ -935,14 +940,17 @@ func (client *Client) IssuanceProofBuilders(request *irma.IssuanceRequest, choic
}
builders := gabi.ProofBuilderList([]gabi.ProofBuilder{})
for _, futurecred := range request.Credentials {
var pk *gabi.PublicKey
var pk *gabikeys.PublicKey
pk, err = client.Configuration.PublicKey(futurecred.CredentialTypeID.IssuerIdentifier(), futurecred.KeyCounter)
if err != nil {
return nil, nil, nil, err
}
credtype := client.Configuration.CredentialTypes[futurecred.CredentialTypeID]
credBuilder := gabi.NewCredentialBuilder(pk, request.GetContext(),
credBuilder, err := gabi.NewCredentialBuilder(pk, request.GetContext(),
client.secretkey.Key, issuerProofNonce, credtype.RandomBlindAttributeIndices())
if err != nil {
return nil, nil, nil, err
}
builders = append(builders, credBuilder)
}
......@@ -962,9 +970,13 @@ func (client *Client) IssueCommitments(request *irma.IssuanceRequest, choice *ir
if err != nil {
return nil, nil, err
}
proofs, err := builders.BuildProofList(request.GetContext(), request.GetNonce(nil), false)
if err != nil {
return nil, nil, err
}
return &irma.IssueCommitmentMessage{
IssueCommitmentMessage: &gabi.IssueCommitmentMessage{
Proofs: builders.BuildProofList(request.GetContext(), request.GetNonce(nil), false),
Proofs: proofs,
Nonce2: issuerProofNonce,
},
Indices: choices,
......
......@@ -8,7 +8,7 @@ import (
"path/filepath"
"testing"
"github.com/privacybydesign/gabi"
"github.com/privacybydesign/gabi/gabikeys"
irma "github.com/privacybydesign/irmago"
"github.com/privacybydesign/irmago/internal/common"
"github.com/privacybydesign/irmago/internal/test"
......@@ -74,7 +74,7 @@ func verifyClientIsUnmarshaled(t *testing.T, client *Client) {
}
func verifyCredentials(t *testing.T, client *Client) {
var pk *gabi.PublicKey
var pk *gabikeys.PublicKey
for credtype, credsmap := range client.attributes {
for index, attrs := range credsmap {
cred, err := client.credential(attrs.CredentialType().Identifier(), index)
......
......@@ -15,7 +15,7 @@ import (
"github.com/go-errors/errors"
"github.com/privacybydesign/gabi"
"github.com/privacybydesign/gabi/big"
"github.com/privacybydesign/irmago"
irma "github.com/privacybydesign/irmago"
)
// This file contains an implementation of the client side of the keyshare protocol,
......@@ -129,7 +129,7 @@ const (
func newKeyshareServer(schemeManagerIdentifier irma.SchemeManagerIdentifier) (ks *keyshareServer, err error) {
ks = &keyshareServer{
Nonce: make([]byte, 32),
Nonce: make([]byte, 32),
SchemeManagerIdentifier: schemeManagerIdentifier,
}
_, err = rand.Read(ks.Nonce)
......@@ -407,7 +407,11 @@ func (ks *keyshareSession) GetCommitments() {
// receive their responses (2nd and 3rd message in Schnorr zero-knowledge protocol).
func (ks *keyshareSession) GetProofPs() {
_, issig := ks.session.(*irma.SignatureRequest)
challenge := ks.builders.Challenge(ks.session.Base().GetContext(), ks.session.GetNonce(ks.timestamp), issig)
challenge, err := ks.builders.Challenge(ks.session.Base().GetContext(), ks.session.GetNonce(ks.timestamp), issig)
if err != nil {
ks.sessionHandler.KeyshareError(&ks.keyshareServer.SchemeManagerIdentifier, err)
return
}
// Post the challenge, obtaining JWT's containing the ProofP's
responses := map[irma.SchemeManagerIdentifier]string{}
......@@ -417,7 +421,7 @@ func (ks *keyshareSession) GetProofPs() {
continue
}
var j string
err := transport.Post("prove/getResponse", &j, challenge)
err = transport.Post("prove/getResponse", &j, challenge)
if err != nil {
ks.sessionHandler.KeyshareError(&managerID, err)
return
......
......@@ -17,7 +17,7 @@ import (
"strings"
"time"
"github.com/privacybydesign/gabi"
"github.com/privacybydesign/gabi/gabikeys"
"github.com/privacybydesign/irmago/internal/common"
"github.com/dgrijalva/jwt-go"
......@@ -34,7 +34,7 @@ type Configuration struct {
CredentialTypes map[CredentialTypeIdentifier]*CredentialType
AttributeTypes map[AttributeTypeIdentifier]*AttributeType
kssPublicKeys map[SchemeManagerIdentifier]map[int]*rsa.PublicKey
publicKeys map[IssuerIdentifier]map[uint]*gabi.PublicKey
publicKeys map[IssuerIdentifier]map[uint]*gabikeys.PublicKey
reverseHashes map[string]CredentialTypeIdentifier
// RequestorScheme data of the currently loaded requestorscheme
......@@ -308,7 +308,7 @@ func (conf *Configuration) AddPrivateKeyRing(ring PrivateKeyRing) error {
}
// PublicKey returns the specified public key, or nil if not present in the Configuration.
func (conf *Configuration) PublicKey(id IssuerIdentifier, counter uint) (*gabi.PublicKey, error) {
func (conf *Configuration) PublicKey(id IssuerIdentifier, counter uint) (*gabikeys.PublicKey, error) {
var haveIssuer, haveKey bool
var err error
_, haveIssuer = conf.publicKeys[id]
......@@ -327,7 +327,7 @@ func (conf *Configuration) PublicKey(id IssuerIdentifier, counter uint) (*gabi.P
}
// PublicKeyLatest returns the latest private key of the specified issuer.
func (conf *Configuration) PublicKeyLatest(id IssuerIdentifier) (*gabi.PublicKey, error) {
func (conf *Configuration) PublicKeyLatest(id IssuerIdentifier) (*gabikeys.PublicKey, error) {
indices, err := conf.PublicKeyIndices(id)
if err != nil {
return nil, err
......@@ -468,7 +468,7 @@ func (conf *Configuration) hashToCredentialType(hash []byte) *CredentialType {
// parse $schememanager/$issuer/PublicKeys/$i.xml for $i = 1, ...
func (conf *Configuration) parseKeysFolder(issuerid IssuerIdentifier) error {
scheme := conf.SchemeManagers[issuerid.SchemeManagerIdentifier()]
conf.publicKeys[issuerid] = map[uint]*gabi.PublicKey{}
conf.publicKeys[issuerid] = map[uint]*gabikeys.PublicKey{}
pattern := filepath.Join(scheme.path(), issuerid.Name(), "PublicKeys", "*")
files, err := filepath.Glob(pattern)
if err != nil {
......@@ -490,7 +490,7 @@ func (conf *Configuration) parseKeysFolder(issuerid IssuerIdentifier) error {
if err != nil || !found {
return err
}
pk, err := gabi.NewPublicKeyFromBytes(bts)
pk, err := gabikeys.NewPublicKeyFromBytes(bts)
if err != nil {
return err
}
......@@ -536,7 +536,7 @@ func (conf *Configuration) clear() {
conf.IssueWizards = make(map[IssueWizardIdentifier]*IssueWizard)
conf.DisabledRequestorSchemes = make(map[RequestorSchemeIdentifier]*SchemeManagerError)
conf.kssPublicKeys = make(map[SchemeManagerIdentifier]map[int]*rsa.PublicKey)
conf.publicKeys = make(map[IssuerIdentifier]map[uint]*gabi.PublicKey)
conf.publicKeys = make(map[IssuerIdentifier]map[uint]*gabikeys.PublicKey)
conf.reverseHashes = make(map[string]CredentialTypeIdentifier)
if conf.PrivateKeys == nil { // keep if already populated
conf.PrivateKeys = &privateKeyRingMerge{}
......
......@@ -13,6 +13,7 @@ import (
"github.com/privacybydesign/gabi"
"github.com/privacybydesign/gabi/big"
"github.com/privacybydesign/gabi/gabikeys"
"github.com/privacybydesign/gabi/revocation"
"github.com/privacybydesign/irmago/internal/common"
"github.com/privacybydesign/irmago/internal/test"
......@@ -732,7 +733,7 @@ func TestRevocationMemoryStore(t *testing.T) {
retrieve(t, pk, db, 4, 6)
}
func revokeMultiple(t *testing.T, sk *revocation.PrivateKey, update *revocation.Update) *revocation.Update {
func revokeMultiple(t *testing.T, sk *gabikeys.PrivateKey, update *revocation.Update) *revocation.Update {
acc := update.SignedAccumulator.Accumulator
event := update.Events[len(update.Events)-1]
events := update.Events
......@@ -745,7 +746,7 @@ func revokeMultiple(t *testing.T, sk *revocation.PrivateKey, update *revocation.
return update
}
func retrieve(t *testing.T, pk *revocation.PublicKey, db *memRevStorage, count uint64, expectedIndex uint64) {
func retrieve(t *testing.T, pk *gabikeys.PublicKey, db *memRevStorage, count uint64, expectedIndex uint64) {
var updates map[uint]*revocation.Update
var err error
for i := uint64(0); i <= count; i++ {
......@@ -762,7 +763,7 @@ func retrieve(t *testing.T, pk *revocation.PublicKey, db *memRevStorage, count u
require.Equal(t, expectedIndex, acc.Index)
}
func revoke(t *testing.T, acc *revocation.Accumulator, parent *revocation.Event, sk *revocation.PrivateKey) (*revocation.Accumulator, *revocation.Event) {
func revoke(t *testing.T, acc *revocation.Accumulator, parent *revocation.Event, sk *gabikeys.PrivateKey) (*revocation.Accumulator, *revocation.Event) {
e, err := rand.Prime(rand.Reader, 100)
require.NoError(t, err)
acc, event, err := acc.Remove(sk, big.Convert(e), parent)
......
......@@ -10,8 +10,8 @@ import (
"strconv"
"github.com/go-errors/errors"
"github.com/privacybydesign/gabi"
"github.com/privacybydesign/gabi/big"
"github.com/privacybydesign/gabi/gabikeys"
)
type (
......@@ -19,16 +19,16 @@ type (
PrivateKeyRing interface {
// Latest returns the private key with the highest counter for the specified issuer, if any,
// or an error.
Latest(id IssuerIdentifier) (*gabi.PrivateKey, error)
Latest(id IssuerIdentifier) (*gabikeys.PrivateKey, error)
// Get returns the specified private key, or an error.
Get(id IssuerIdentifier, counter uint) (*gabi.PrivateKey, error)
Get(id IssuerIdentifier, counter uint) (*gabikeys.PrivateKey, error)
// Iterate executes the specified function on each private key of the specified issuer
// present in the ring. The private keys are offered to the function in no particular order,
// and the same key may be offered multiple times. Returns on the first error returned
// by the function.
Iterate(id IssuerIdentifier, f func(sk *gabi.PrivateKey) error) error
Iterate(id IssuerIdentifier, f func(sk *gabikeys.PrivateKey) error) error
}
// PrivateKeyRingFolder represents a folder on disk containing private keys with filenames
......@@ -103,12 +103,12 @@ func (_ *PrivateKeyRingFolder) parseFilename(filename string) (*IssuerIdentifier
return &issuerid, &c, nil
}
func (p *PrivateKeyRingFolder) readFile(filename string, id IssuerIdentifier) (*gabi.PrivateKey, error) {
func (p *PrivateKeyRingFolder) readFile(filename string, id IssuerIdentifier) (*gabikeys.PrivateKey, error) {
scheme := p.conf.SchemeManagers[id.SchemeManagerIdentifier()]
if scheme == nil {
return nil, errors.Errorf("Private key of issuer %s belongs to unknown scheme", id.String())
}
sk, err := gabi.NewPrivateKeyFromFile(filepath.Join(p.path, filename), scheme.Demo)
sk, err := gabikeys.NewPrivateKeyFromFile(filepath.Join(p.path, filename), scheme.Demo)
if err != nil {
return nil, err
}
......@@ -118,7 +118,7 @@ func (p *PrivateKeyRingFolder) readFile(filename string, id IssuerIdentifier) (*
return sk, nil
}
func (p *PrivateKeyRingFolder) Get(id IssuerIdentifier, counter uint) (*gabi.PrivateKey, error) {
func (p *PrivateKeyRingFolder) Get(id IssuerIdentifier, counter uint) (*gabikeys.PrivateKey, error) {
sk, err := p.readFile(fmt.Sprintf("%s.%d.xml", id.String(), counter), id)
if err != nil && !goerrors.Is(err, os.ErrNotExist) {
return nil, err
......@@ -136,9 +136,9 @@ func (p *PrivateKeyRingFolder) Get(id IssuerIdentifier, counter uint) (*gabi.Pri
return sk, nil
}
func (p *PrivateKeyRingFolder) Latest(id IssuerIdentifier) (*gabi.PrivateKey, error) {
var sk *gabi.PrivateKey
if err := p.Iterate(id, func(s *gabi.PrivateKey) error {
func (p *PrivateKeyRingFolder) Latest(id IssuerIdentifier) (*gabikeys.PrivateKey, error) {
var sk *gabikeys.PrivateKey
if err := p.Iterate(id, func(s *gabikeys.PrivateKey) error {
if sk == nil || s.Counter > sk.Counter {
sk = s
}
......@@ -152,7 +152,7 @@ func (p *PrivateKeyRingFolder) Latest(id IssuerIdentifier) (*gabi.PrivateKey, er
return sk, nil
}
func (p *PrivateKeyRingFolder) Iterate(id IssuerIdentifier, f func(sk *gabi.PrivateKey) error) error {
func (p *PrivateKeyRingFolder) Iterate(id IssuerIdentifier, f func(sk *gabikeys.PrivateKey) error) error {
files, err := filepath.Glob(filepath.Join(p.path, fmt.Sprintf("%s*", id.String())))
if err != nil {
return err
......@@ -182,14 +182,14 @@ func (p *privateKeyRingScheme) counters(issuerid IssuerIdentifier) (i []uint, er
return matchKeyPattern(filepath.Join(scheme.path(), issuerid.Name(), "PrivateKeys", "*"))
}
func (p *privateKeyRingScheme) Get(id IssuerIdentifier, counter uint) (*gabi.PrivateKey, error) {
func (p *privateKeyRingScheme) Get(id IssuerIdentifier, counter uint) (*gabikeys.PrivateKey, error) {
schemeID := id.SchemeManagerIdentifier()
scheme := p.conf.SchemeManagers[schemeID]
if scheme == nil {
return nil, errors.Errorf("Private key of issuer %s belongs to unknown scheme", id.String())
}
file := filepath.Join(scheme.path(), id.Name(), "PrivateKeys", strconv.FormatUint(uint64(counter), 10)+".xml")
sk, err := gabi.NewPrivateKeyFromFile(file, scheme.Demo)
sk, err := gabikeys.NewPrivateKeyFromFile(file, scheme.Demo)
if err != nil {
return nil, err
}
......@@ -202,7 +202,7 @@ func (p *privateKeyRingScheme) Get(id IssuerIdentifier, counter uint) (*gabi.Pri
return sk, nil
}
func (p *privateKeyRingScheme) Latest(id IssuerIdentifier) (*gabi.PrivateKey, error) {
func (p *privateKeyRingScheme) Latest(id IssuerIdentifier) (*gabikeys.PrivateKey, error) {
counters, err := p.counters(id)
if err != nil {
return nil, err
......@@ -213,7 +213,7 @@ func (p *privateKeyRingScheme) Latest(id IssuerIdentifier) (*gabi.PrivateKey, er
return p.Get(id, counters[len(counters)-1])
}
func (p *privateKeyRingScheme) Iterate(id IssuerIdentifier, f func(sk *gabi.PrivateKey) error) error {
func (p *privateKeyRingScheme) Iterate(id IssuerIdentifier, f func(sk *gabikeys.PrivateKey) error) error {
indices, err := p.counters(id)
if err != nil {
return err
......@@ -234,7 +234,7 @@ func (p *privateKeyRingMerge) Add(ring PrivateKeyRing) {
p.rings = append(p.rings, ring)
}
func (p *privateKeyRingMerge) Get(id IssuerIdentifier, counter uint) (*gabi.PrivateKey, error) {
func (p *privateKeyRingMerge) Get(id IssuerIdentifier, counter uint) (*gabikeys.PrivateKey, error) {
for _, ring := range p.rings {
sk, err := ring.Get(id, counter)
if err == nil {
......@@ -247,8 +247,8 @@ func (p *privateKeyRingMerge) Get(id IssuerIdentifier, counter uint) (*gabi.Priv
return nil, ErrMissingPrivateKey
}
func (p *privateKeyRingMerge) Latest(id IssuerIdentifier) (*gabi.PrivateKey, error) {
var sk *gabi.PrivateKey
func (p *privateKeyRingMerge) Latest(id IssuerIdentifier) (*gabikeys.PrivateKey, error) {
var sk *gabikeys.PrivateKey
for _, ring := range p.rings {
s, err := ring.Latest(id)
if err != nil && !goerrors.Is(err, os.ErrNotExist) {
......@@ -264,7 +264,7 @@ func (p *privateKeyRingMerge) Latest(id IssuerIdentifier) (*gabi.PrivateKey, err
return sk, nil
}
func (p *privateKeyRingMerge) Iterate(id IssuerIdentifier, f func(sk *gabi.PrivateKey) error) error {
func (p *privateKeyRingMerge) Iterate(id IssuerIdentifier, f func(sk *gabikeys.PrivateKey) error) error {
for _, ring := range p.rings {
if err := ring.Iterate(id, f); err != nil {
return err
......@@ -273,7 +273,7 @@ func (p *privateKeyRingMerge) Iterate(id IssuerIdentifier, f func(sk *gabi.Priva
return nil
}
func validatePrivateKey(issuerid IssuerIdentifier, sk *gabi.PrivateKey, conf *Configuration) error {
func validatePrivateKey(issuerid IssuerIdentifier, sk *gabikeys.PrivateKey, conf *Configuration) error {
if _, ok := conf.Issuers[issuerid]; !ok {
return errors.Errorf("Private key %d of issuer %s belongs to an unknown issuer", sk.Counter, issuerid.String())
}
......@@ -300,7 +300,7 @@ func validatePrivateKey(issuerid IssuerIdentifier, sk *gabi.PrivateKey, conf *Co
func validatePrivateKeyRing(ring PrivateKeyRing, conf *Configuration) error {
for issuerid := range conf.Issuers {
err := ring.Iterate(issuerid, func(sk *gabi.PrivateKey) error {
err := ring.Iterate(issuerid, func(sk *gabikeys.PrivateKey) error {
return validatePrivateKey(issuerid, sk, conf)
})
if err != nil {
......
......@@ -17,8 +17,8 @@ import (
"github.com/go-errors/errors"
"github.com/hashicorp/go-multierror"
"github.com/jinzhu/gorm"
"github.com/privacybydesign/gabi"
"github.com/privacybydesign/gabi/big"
"github.com/privacybydesign/gabi/gabikeys"
"github.com/privacybydesign/gabi/revocation"
"github.com/privacybydesign/gabi/signed"
sseclient "github.com/sietseringers/go-sse"
......@@ -185,7 +185,7 @@ func init() {
// EnableRevocation creates an initial accumulator for a given credential type. This function is the
// only way to create such an initial accumulator and it must be called before anyone can use
// revocation for this credential type. Requires the issuer private key.
func (rs *RevocationStorage) EnableRevocation(id CredentialTypeIdentifier, sk *revocation.PrivateKey) error {
func (rs *RevocationStorage) EnableRevocation(id CredentialTypeIdentifier, sk *gabikeys.PrivateKey) error {
enabled, err := rs.Exists(id, sk.Counter)
if err != nil {
return err
......@@ -622,7 +622,7 @@ func (rs *RevocationStorage) SyncIfOld(id CredentialTypeIdentifier, maxage uint6
// SaveIssuanceRecord either stores the issuance record locally, if we are the revocation server of
// the crecential type, or it signs and sends it to the remote revocation server.
func (rs *RevocationStorage) SaveIssuanceRecord(id CredentialTypeIdentifier, rec *IssuanceRecord, sk *gabi.PrivateKey) error {
func (rs *RevocationStorage) SaveIssuanceRecord(id CredentialTypeIdentifier, rec *IssuanceRecord, sk *gabikeys.PrivateKey) error {
credtype := rs.conf.CredentialTypes[id]
if credtype == nil {
return ErrorUnknownCredentialType
......@@ -641,11 +641,7 @@ func (rs *RevocationStorage) SaveIssuanceRecord(id CredentialTypeIdentifier, rec
if settings.RevocationServerURL == "" {
return errors.New("cannot send issuance record: no server_url configured")
}
rsk, err := sk.RevocationKey()
if err != nil {
return err
}
return rs.client.PostIssuanceRecord(id, rsk, rec, settings.RevocationServerURL)
return rs.client.PostIssuanceRecord(id, sk, rec, settings.RevocationServerURL)
}
// Misscelaneous methods
......@@ -857,7 +853,7 @@ func (rs *RevocationStorage) PostUpdate(id CredentialTypeIdentifier, update *rev
rs.ServerSentEvents.SendMessage("revocation/"+id.String(), sse.SimpleMessage(string(bts)))
}
func (client RevocationClient) PostIssuanceRecord(id CredentialTypeIdentifier, sk *revocation.PrivateKey, rec *IssuanceRecord, url string) error {
func (client RevocationClient) PostIssuanceRecord(id CredentialTypeIdentifier, sk *gabikeys.PrivateKey, rec *IssuanceRecord, url string) error {