Commit 5574c4d6 authored by Sietse Ringers's avatar Sietse Ringers
Browse files

Document code, make lint happy

parent 67f14955
...@@ -127,6 +127,7 @@ func (sm *SchemeManager) Identifier() SchemeManagerIdentifier { ...@@ -127,6 +127,7 @@ func (sm *SchemeManager) Identifier() SchemeManagerIdentifier {
return NewSchemeManagerIdentifier(sm.ID) return NewSchemeManagerIdentifier(sm.ID)
} }
// Distributed indicates if this scheme manager uses a keyshare server.
func (sm *SchemeManager) Distributed() bool { func (sm *SchemeManager) Distributed() bool {
return len(sm.KeyshareServer) > 0 return len(sm.KeyshareServer) > 0
} }
......
...@@ -13,6 +13,7 @@ import ( ...@@ -13,6 +13,7 @@ import (
"github.com/mhe/gabi" "github.com/mhe/gabi"
) )
// KeysharePinRequestor is used to asking the user for his PIN.
type KeysharePinRequestor interface { type KeysharePinRequestor interface {
AskPin(remainingAttempts int, callback func(proceed bool, pin string)) AskPin(remainingAttempts int, callback func(proceed bool, pin string))
} }
...@@ -83,6 +84,8 @@ type proofPCommitmentMap struct { ...@@ -83,6 +84,8 @@ type proofPCommitmentMap struct {
Commitments map[publicKeyIdentifier]*gabi.ProofPCommitment `json:"c"` Commitments map[publicKeyIdentifier]*gabi.ProofPCommitment `json:"c"`
} }
// KeyshareHandler is used for asking the user for his email address and PIN,
// for registering at a keyshare server.
type KeyshareHandler interface { type KeyshareHandler interface {
StartKeyshareRegistration(manager *SchemeManager, registrationCallback func(email, pin string)) StartKeyshareRegistration(manager *SchemeManager, registrationCallback func(email, pin string))
} }
...@@ -125,11 +128,11 @@ func startKeyshareSession( ...@@ -125,11 +128,11 @@ func startKeyshareSession(
pin KeysharePinRequestor, pin KeysharePinRequestor,
) { ) {
ksscount := 0 ksscount := 0
for _, managerId := range session.SchemeManagers() { for _, managerID := range session.SchemeManagers() {
if MetaStore.SchemeManagers[managerId].Distributed() { if MetaStore.SchemeManagers[managerID].Distributed() {
ksscount++ ksscount++
if _, registered := Manager.keyshareServers[managerId]; !registered { if _, registered := Manager.keyshareServers[managerID]; !registered {
err := errors.New("Not registered to keyshare server of scheme manager " + managerId.String()) err := errors.New("Not registered to keyshare server of scheme manager " + managerID.String())
sessionHandler.KeyshareError(err) sessionHandler.KeyshareError(err)
return return
} }
...@@ -151,16 +154,16 @@ func startKeyshareSession( ...@@ -151,16 +154,16 @@ func startKeyshareSession(
askPin := false askPin := false
for _, managerId := range session.SchemeManagers() { for _, managerID := range session.SchemeManagers() {
if !MetaStore.SchemeManagers[managerId].Distributed() { if !MetaStore.SchemeManagers[managerID].Distributed() {
continue continue
} }
ks.keyshareServer = Manager.keyshareServers[managerId] ks.keyshareServer = Manager.keyshareServers[managerID]
transport := NewHTTPTransport(ks.keyshareServer.URL) transport := NewHTTPTransport(ks.keyshareServer.URL)
transport.SetHeader(kssUsernameHeader, ks.keyshareServer.Username) transport.SetHeader(kssUsernameHeader, ks.keyshareServer.Username)
transport.SetHeader(kssAuthHeader, ks.keyshareServer.token) transport.SetHeader(kssAuthHeader, ks.keyshareServer.token)
ks.transports[managerId] = transport ks.transports[managerID] = transport
authstatus := &keyshareAuthorization{} authstatus := &keyshareAuthorization{}
err := transport.Post("users/isAuthorized", authstatus, "") err := transport.Post("users/isAuthorized", authstatus, "")
...@@ -217,13 +220,13 @@ func (ks *keyshareSession) VerifyPin(attempts int) { ...@@ -217,13 +220,13 @@ func (ks *keyshareSession) VerifyPin(attempts int) {
// - If this or anything else (specified in err) goes wrong, success will be false. // - If this or anything else (specified in err) goes wrong, success will be false.
// If all is ok, success will be true. // If all is ok, success will be true.
func (ks *keyshareSession) verifyPinAttempt(pin string) (success bool, tries int, blocked int, err error) { func (ks *keyshareSession) verifyPinAttempt(pin string) (success bool, tries int, blocked int, err error) {
for _, managerId := range ks.session.SchemeManagers() { for _, managerID := range ks.session.SchemeManagers() {
if !MetaStore.SchemeManagers[managerId].Distributed() { if !MetaStore.SchemeManagers[managerID].Distributed() {
continue continue
} }
kss := Manager.keyshareServers[managerId] kss := Manager.keyshareServers[managerID]
transport := ks.transports[managerId] transport := ks.transports[managerID]
pinmsg := keysharePinMessage{Username: kss.Username, Pin: kss.HashedPin(pin)} pinmsg := keysharePinMessage{Username: kss.Username, Pin: kss.HashedPin(pin)}
pinresult := &keysharePinStatus{} pinresult := &keysharePinStatus{}
err = transport.Post("users/verify/pin", pinresult, pinmsg) err = transport.Post("users/verify/pin", pinresult, pinmsg)
...@@ -268,26 +271,26 @@ func (ks *keyshareSession) GetCommitments() { ...@@ -268,26 +271,26 @@ func (ks *keyshareSession) GetCommitments() {
// that we will use in the keyshare protocol with the keyshare server of this manager // that we will use in the keyshare protocol with the keyshare server of this manager
for _, builder := range ks.builders { for _, builder := range ks.builders {
pk := builder.PublicKey() pk := builder.PublicKey()
managerId := NewIssuerIdentifier(pk.Issuer).SchemeManagerIdentifier() managerID := NewIssuerIdentifier(pk.Issuer).SchemeManagerIdentifier()
if !MetaStore.SchemeManagers[managerId].Distributed() { if !MetaStore.SchemeManagers[managerID].Distributed() {
continue continue
} }
if _, contains := pkids[managerId]; !contains { if _, contains := pkids[managerID]; !contains {
pkids[managerId] = []*publicKeyIdentifier{} pkids[managerID] = []*publicKeyIdentifier{}
} }
pkids[managerId] = append(pkids[managerId], &publicKeyIdentifier{Issuer: pk.Issuer, Counter: pk.Counter}) pkids[managerID] = append(pkids[managerID], &publicKeyIdentifier{Issuer: pk.Issuer, Counter: pk.Counter})
} }
// Now inform each keyshare server of with respect to which public keys // Now inform each keyshare server of with respect to which public keys
// we want them to send us commitments // we want them to send us commitments
for _, managerId := range ks.session.SchemeManagers() { for _, managerID := range ks.session.SchemeManagers() {
if !MetaStore.SchemeManagers[managerId].Distributed() { if !MetaStore.SchemeManagers[managerID].Distributed() {
continue continue
} }
transport := ks.transports[managerId] transport := ks.transports[managerID]
comms := &proofPCommitmentMap{} comms := &proofPCommitmentMap{}
err := transport.Post("prove/getCommitments", comms, pkids[managerId]) err := transport.Post("prove/getCommitments", comms, pkids[managerID])
if err != nil { if err != nil {
ks.sessionHandler.KeyshareError(err) ks.sessionHandler.KeyshareError(err)
return return
...@@ -331,8 +334,8 @@ func (ks *keyshareSession) GetProofPs() { ...@@ -331,8 +334,8 @@ func (ks *keyshareSession) GetProofPs() {
// Post the challenge, obtaining JWT's containing the ProofP's // Post the challenge, obtaining JWT's containing the ProofP's
responses := map[SchemeManagerIdentifier]string{} responses := map[SchemeManagerIdentifier]string{}
for _, managerId := range ks.session.SchemeManagers() { for _, managerID := range ks.session.SchemeManagers() {
transport, distributed := ks.transports[managerId] transport, distributed := ks.transports[managerID]
if !distributed { if !distributed {
continue continue
} }
...@@ -342,7 +345,7 @@ func (ks *keyshareSession) GetProofPs() { ...@@ -342,7 +345,7 @@ func (ks *keyshareSession) GetProofPs() {
ks.sessionHandler.KeyshareError(err) ks.sessionHandler.KeyshareError(err)
return return
} }
responses[managerId] = jwt responses[managerID] = jwt
} }
ks.Finish(challenge, responses) ks.Finish(challenge, responses)
...@@ -358,14 +361,14 @@ func (ks *keyshareSession) Finish(challenge *big.Int, responses map[SchemeManage ...@@ -358,14 +361,14 @@ func (ks *keyshareSession) Finish(challenge *big.Int, responses map[SchemeManage
proofPs := make([]*gabi.ProofP, len(ks.builders)) proofPs := make([]*gabi.ProofP, len(ks.builders))
for i, builder := range ks.builders { for i, builder := range ks.builders {
// Parse each received JWT // Parse each received JWT
managerId := NewIssuerIdentifier(builder.PublicKey().Issuer).SchemeManagerIdentifier() managerID := NewIssuerIdentifier(builder.PublicKey().Issuer).SchemeManagerIdentifier()
if !MetaStore.SchemeManagers[managerId].Distributed() { if !MetaStore.SchemeManagers[managerID].Distributed() {
continue continue
} }
msg := struct { msg := struct {
ProofP *gabi.ProofP ProofP *gabi.ProofP
}{} }{}
_, err := jwtDecode(responses[managerId], msg) _, err := jwtDecode(responses[managerID], msg)
if err != nil { if err != nil {
ks.sessionHandler.KeyshareError(err) ks.sessionHandler.KeyshareError(err)
return return
...@@ -417,20 +420,20 @@ func (comms *proofPCommitmentMap) UnmarshalJSON(bytes []byte) error { ...@@ -417,20 +420,20 @@ func (comms *proofPCommitmentMap) UnmarshalJSON(bytes []byte) error {
return err return err
} }
for _, raw := range temp.C { for _, raw := range temp.C {
tempPkId := struct { tempPkID := struct {
Issuer struct { Issuer struct {
Identifier string `json:"identifier"` Identifier string `json:"identifier"`
} `json:"issuer"` } `json:"issuer"`
Counter uint `json:"counter"` Counter uint `json:"counter"`
}{} }{}
comm := gabi.ProofPCommitment{} comm := gabi.ProofPCommitment{}
if err := json.Unmarshal([]byte(*raw[0]), &tempPkId); err != nil { if err := json.Unmarshal([]byte(*raw[0]), &tempPkID); err != nil {
return err return err
} }
if err := json.Unmarshal([]byte(*raw[1]), &comm); err != nil { if err := json.Unmarshal([]byte(*raw[1]), &comm); err != nil {
return err return err
} }
pkid := publicKeyIdentifier{Issuer: tempPkId.Issuer.Identifier, Counter: tempPkId.Counter} pkid := publicKeyIdentifier{Issuer: tempPkID.Issuer.Identifier, Counter: tempPkID.Counter}
comms.Commitments[pkid] = &comm comms.Commitments[pkid] = &comm
} }
return nil return nil
......
...@@ -33,6 +33,7 @@ func newCredentialManager() *CredentialManager { ...@@ -33,6 +33,7 @@ func newCredentialManager() *CredentialManager {
} }
} }
// CredentialList returns a list of information of all contained credentials.
func (cm *CredentialManager) CredentialList() CredentialList { func (cm *CredentialManager) CredentialList() CredentialList {
list := CredentialList([]*Credential{}) list := CredentialList([]*Credential{})
for _, credlist := range cm.credentials { for _, credlist := range cm.credentials {
...@@ -237,6 +238,7 @@ type Session interface { ...@@ -237,6 +238,7 @@ type Session interface {
SchemeManagers() []SchemeManagerIdentifier SchemeManagers() []SchemeManagerIdentifier
} }
// ProofBuilders constructs a list of proof builders for the specified attribute choice.
func (cm *CredentialManager) ProofBuilders(choice *DisclosureChoice) (gabi.ProofBuilderList, error) { func (cm *CredentialManager) ProofBuilders(choice *DisclosureChoice) (gabi.ProofBuilderList, error) {
todisclose, err := cm.groupCredentials(choice) todisclose, err := cm.groupCredentials(choice)
if err != nil { if err != nil {
...@@ -263,6 +265,8 @@ func (cm *CredentialManager) Proofs(choice *DisclosureChoice, request Session, i ...@@ -263,6 +265,8 @@ func (cm *CredentialManager) Proofs(choice *DisclosureChoice, request Session, i
return builders.BuildProofList(request.GetContext(), request.GetNonce(), issig), nil return builders.BuildProofList(request.GetContext(), request.GetNonce(), issig), nil
} }
// IssuanceProofBuilders constructs a list of proof builders in the issuance protocol
// for the future credentials as well as possibly any disclosed attributes.
func (cm *CredentialManager) IssuanceProofBuilders(request *IssuanceRequest) (gabi.ProofBuilderList, error) { func (cm *CredentialManager) IssuanceProofBuilders(request *IssuanceRequest) (gabi.ProofBuilderList, error) {
state, err := newIssuanceState() state, err := newIssuanceState()
if err != nil { if err != nil {
...@@ -355,8 +359,9 @@ func (cm *CredentialManager) unenrolledKeyshareServers() []*SchemeManager { ...@@ -355,8 +359,9 @@ func (cm *CredentialManager) unenrolledKeyshareServers() []*SchemeManager {
return list return list
} }
func (cm *CredentialManager) KeyshareEnroll(managerId SchemeManagerIdentifier, email, pin string) error { // KeyshareEnroll attempts to register at the keyshare server of the specified scheme manager.
manager, ok := MetaStore.SchemeManagers[managerId] func (cm *CredentialManager) KeyshareEnroll(managerID SchemeManagerIdentifier, email, pin string) error {
manager, ok := MetaStore.SchemeManagers[managerID]
if !ok { if !ok {
return errors.New("Unknown scheme manager") return errors.New("Unknown scheme manager")
} }
...@@ -385,10 +390,11 @@ func (cm *CredentialManager) KeyshareEnroll(managerId SchemeManagerIdentifier, e ...@@ -385,10 +390,11 @@ func (cm *CredentialManager) KeyshareEnroll(managerId SchemeManagerIdentifier, e
return err return err
} }
cm.keyshareServers[managerId] = kss cm.keyshareServers[managerID] = kss
return cm.storeKeyshareServers() return cm.storeKeyshareServers()
} }
// KeyshareRemove unregisters the keyshare server of the specified scheme manager.
func (cm *CredentialManager) KeyshareRemove(manager SchemeManagerIdentifier) error { func (cm *CredentialManager) KeyshareRemove(manager SchemeManagerIdentifier) error {
if _, contains := cm.keyshareServers[manager]; !contains { if _, contains := cm.keyshareServers[manager]; !contains {
return errors.New("Can't uninstall unknown keyshare server") return errors.New("Can't uninstall unknown keyshare server")
......
...@@ -17,13 +17,15 @@ import ( ...@@ -17,13 +17,15 @@ import (
type SessionRequest struct { type SessionRequest struct {
Context *big.Int `json:"nonce"` Context *big.Int `json:"nonce"`
Nonce *big.Int `json:"context"` Nonce *big.Int `json:"context"`
choice *DisclosureChoice `json:"-"` choice *DisclosureChoice
} }
// DisclosureChoice returns the attributes to be disclosed in this session.
func (sr *SessionRequest) DisclosureChoice() *DisclosureChoice { func (sr *SessionRequest) DisclosureChoice() *DisclosureChoice {
return sr.choice return sr.choice
} }
// SetDisclosureChoice sets the attributes to be disclosed in this session.
func (sr *SessionRequest) SetDisclosureChoice(choice *DisclosureChoice) { func (sr *SessionRequest) SetDisclosureChoice(choice *DisclosureChoice) {
sr.choice = choice sr.choice = choice
} }
...@@ -151,6 +153,7 @@ func newIssuanceState() (*issuanceState, error) { ...@@ -151,6 +153,7 @@ func newIssuanceState() (*issuanceState, error) {
}, nil }, nil
} }
// Distributed indicates if a keyshare is involved in this session.
func (ir *IssuanceRequest) Distributed() bool { func (ir *IssuanceRequest) Distributed() bool {
for _, manager := range ir.SchemeManagers() { for _, manager := range ir.SchemeManagers() {
if MetaStore.SchemeManagers[manager].Distributed() { if MetaStore.SchemeManagers[manager].Distributed() {
...@@ -160,6 +163,7 @@ func (ir *IssuanceRequest) Distributed() bool { ...@@ -160,6 +163,7 @@ func (ir *IssuanceRequest) Distributed() bool {
return false return false
} }
// SchemeManagers returns a list of all scheme managers involved in this session.
func (ir *IssuanceRequest) SchemeManagers() []SchemeManagerIdentifier { func (ir *IssuanceRequest) SchemeManagers() []SchemeManagerIdentifier {
list := []SchemeManagerIdentifier{} list := []SchemeManagerIdentifier{}
for _, cred := range ir.Credentials { for _, cred := range ir.Credentials {
...@@ -188,6 +192,7 @@ func (ir *IssuanceRequest) GetNonce() *big.Int { return ir.Nonce } ...@@ -188,6 +192,7 @@ func (ir *IssuanceRequest) GetNonce() *big.Int { return ir.Nonce }
// SetNonce sets the nonce of this session. // SetNonce sets the nonce of this session.
func (ir *IssuanceRequest) SetNonce(nonce *big.Int) { ir.Nonce = nonce } func (ir *IssuanceRequest) SetNonce(nonce *big.Int) { ir.Nonce = nonce }
// Distributed indicates if a keyshare is involved in this session.
func (dr *DisclosureRequest) Distributed() bool { func (dr *DisclosureRequest) Distributed() bool {
for _, manager := range dr.SchemeManagers() { for _, manager := range dr.SchemeManagers() {
if MetaStore.SchemeManagers[manager].Distributed() { if MetaStore.SchemeManagers[manager].Distributed() {
...@@ -197,6 +202,7 @@ func (dr *DisclosureRequest) Distributed() bool { ...@@ -197,6 +202,7 @@ func (dr *DisclosureRequest) Distributed() bool {
return false return false
} }
// SchemeManagers returns a list of all scheme managers involved in this session.
func (dr *DisclosureRequest) SchemeManagers() []SchemeManagerIdentifier { func (dr *DisclosureRequest) SchemeManagers() []SchemeManagerIdentifier {
list := []SchemeManagerIdentifier{} list := []SchemeManagerIdentifier{}
for _, disjunction := range dr.Content { for _, disjunction := range dr.Content {
......
...@@ -94,6 +94,9 @@ func (cm *CredentialManager) ParseAndroidStorage() (err error) { ...@@ -94,6 +94,9 @@ func (cm *CredentialManager) ParseAndroidStorage() (err error) {
} }
bytes, err := ioutil.ReadFile(cm.path(cardemuXML)) bytes, err := ioutil.ReadFile(cm.path(cardemuXML))
if err != nil {
return
}
parsedxml := struct { parsedxml := struct {
Strings []struct { Strings []struct {
Name string `xml:"name,attr"` Name string `xml:"name,attr"`
......
...@@ -35,6 +35,7 @@ func NewHTTPTransport(serverURL string) *HTTPTransport { ...@@ -35,6 +35,7 @@ func NewHTTPTransport(serverURL string) *HTTPTransport {
} }
} }
// SetHeader sets a header to be sent in requests.
func (transport *HTTPTransport) SetHeader(name, val string) { func (transport *HTTPTransport) SetHeader(name, val string) {
transport.headers[name] = val transport.headers[name] = val
} }
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment