Commit 5574c4d6 authored by Sietse Ringers's avatar Sietse Ringers
Browse files

Document code, make lint happy

parent 67f14955
......@@ -127,6 +127,7 @@ func (sm *SchemeManager) Identifier() SchemeManagerIdentifier {
return NewSchemeManagerIdentifier(sm.ID)
}
// Distributed indicates if this scheme manager uses a keyshare server.
func (sm *SchemeManager) Distributed() bool {
return len(sm.KeyshareServer) > 0
}
......
......@@ -13,6 +13,7 @@ import (
"github.com/mhe/gabi"
)
// KeysharePinRequestor is used to asking the user for his PIN.
type KeysharePinRequestor interface {
AskPin(remainingAttempts int, callback func(proceed bool, pin string))
}
......@@ -83,6 +84,8 @@ type proofPCommitmentMap struct {
Commitments map[publicKeyIdentifier]*gabi.ProofPCommitment `json:"c"`
}
// KeyshareHandler is used for asking the user for his email address and PIN,
// for registering at a keyshare server.
type KeyshareHandler interface {
StartKeyshareRegistration(manager *SchemeManager, registrationCallback func(email, pin string))
}
......@@ -125,11 +128,11 @@ func startKeyshareSession(
pin KeysharePinRequestor,
) {
ksscount := 0
for _, managerId := range session.SchemeManagers() {
if MetaStore.SchemeManagers[managerId].Distributed() {
for _, managerID := range session.SchemeManagers() {
if MetaStore.SchemeManagers[managerID].Distributed() {
ksscount++
if _, registered := Manager.keyshareServers[managerId]; !registered {
err := errors.New("Not registered to keyshare server of scheme manager " + managerId.String())
if _, registered := Manager.keyshareServers[managerID]; !registered {
err := errors.New("Not registered to keyshare server of scheme manager " + managerID.String())
sessionHandler.KeyshareError(err)
return
}
......@@ -151,16 +154,16 @@ func startKeyshareSession(
askPin := false
for _, managerId := range session.SchemeManagers() {
if !MetaStore.SchemeManagers[managerId].Distributed() {
for _, managerID := range session.SchemeManagers() {
if !MetaStore.SchemeManagers[managerID].Distributed() {
continue
}
ks.keyshareServer = Manager.keyshareServers[managerId]
ks.keyshareServer = Manager.keyshareServers[managerID]
transport := NewHTTPTransport(ks.keyshareServer.URL)
transport.SetHeader(kssUsernameHeader, ks.keyshareServer.Username)
transport.SetHeader(kssAuthHeader, ks.keyshareServer.token)
ks.transports[managerId] = transport
ks.transports[managerID] = transport
authstatus := &keyshareAuthorization{}
err := transport.Post("users/isAuthorized", authstatus, "")
......@@ -217,13 +220,13 @@ func (ks *keyshareSession) VerifyPin(attempts int) {
// - If this or anything else (specified in err) goes wrong, success will be false.
// If all is ok, success will be true.
func (ks *keyshareSession) verifyPinAttempt(pin string) (success bool, tries int, blocked int, err error) {
for _, managerId := range ks.session.SchemeManagers() {
if !MetaStore.SchemeManagers[managerId].Distributed() {
for _, managerID := range ks.session.SchemeManagers() {
if !MetaStore.SchemeManagers[managerID].Distributed() {
continue
}
kss := Manager.keyshareServers[managerId]
transport := ks.transports[managerId]
kss := Manager.keyshareServers[managerID]
transport := ks.transports[managerID]
pinmsg := keysharePinMessage{Username: kss.Username, Pin: kss.HashedPin(pin)}
pinresult := &keysharePinStatus{}
err = transport.Post("users/verify/pin", pinresult, pinmsg)
......@@ -268,26 +271,26 @@ func (ks *keyshareSession) GetCommitments() {
// that we will use in the keyshare protocol with the keyshare server of this manager
for _, builder := range ks.builders {
pk := builder.PublicKey()
managerId := NewIssuerIdentifier(pk.Issuer).SchemeManagerIdentifier()
if !MetaStore.SchemeManagers[managerId].Distributed() {
managerID := NewIssuerIdentifier(pk.Issuer).SchemeManagerIdentifier()
if !MetaStore.SchemeManagers[managerID].Distributed() {
continue
}
if _, contains := pkids[managerId]; !contains {
pkids[managerId] = []*publicKeyIdentifier{}
if _, contains := pkids[managerID]; !contains {
pkids[managerID] = []*publicKeyIdentifier{}
}
pkids[managerId] = append(pkids[managerId], &publicKeyIdentifier{Issuer: pk.Issuer, Counter: pk.Counter})
pkids[managerID] = append(pkids[managerID], &publicKeyIdentifier{Issuer: pk.Issuer, Counter: pk.Counter})
}
// Now inform each keyshare server of with respect to which public keys
// we want them to send us commitments
for _, managerId := range ks.session.SchemeManagers() {
if !MetaStore.SchemeManagers[managerId].Distributed() {
for _, managerID := range ks.session.SchemeManagers() {
if !MetaStore.SchemeManagers[managerID].Distributed() {
continue
}
transport := ks.transports[managerId]
transport := ks.transports[managerID]
comms := &proofPCommitmentMap{}
err := transport.Post("prove/getCommitments", comms, pkids[managerId])
err := transport.Post("prove/getCommitments", comms, pkids[managerID])
if err != nil {
ks.sessionHandler.KeyshareError(err)
return
......@@ -331,8 +334,8 @@ func (ks *keyshareSession) GetProofPs() {
// Post the challenge, obtaining JWT's containing the ProofP's
responses := map[SchemeManagerIdentifier]string{}
for _, managerId := range ks.session.SchemeManagers() {
transport, distributed := ks.transports[managerId]
for _, managerID := range ks.session.SchemeManagers() {
transport, distributed := ks.transports[managerID]
if !distributed {
continue
}
......@@ -342,7 +345,7 @@ func (ks *keyshareSession) GetProofPs() {
ks.sessionHandler.KeyshareError(err)
return
}
responses[managerId] = jwt
responses[managerID] = jwt
}
ks.Finish(challenge, responses)
......@@ -358,14 +361,14 @@ func (ks *keyshareSession) Finish(challenge *big.Int, responses map[SchemeManage
proofPs := make([]*gabi.ProofP, len(ks.builders))
for i, builder := range ks.builders {
// Parse each received JWT
managerId := NewIssuerIdentifier(builder.PublicKey().Issuer).SchemeManagerIdentifier()
if !MetaStore.SchemeManagers[managerId].Distributed() {
managerID := NewIssuerIdentifier(builder.PublicKey().Issuer).SchemeManagerIdentifier()
if !MetaStore.SchemeManagers[managerID].Distributed() {
continue
}
msg := struct {
ProofP *gabi.ProofP
}{}
_, err := jwtDecode(responses[managerId], msg)
_, err := jwtDecode(responses[managerID], msg)
if err != nil {
ks.sessionHandler.KeyshareError(err)
return
......@@ -417,20 +420,20 @@ func (comms *proofPCommitmentMap) UnmarshalJSON(bytes []byte) error {
return err
}
for _, raw := range temp.C {
tempPkId := struct {
tempPkID := struct {
Issuer struct {
Identifier string `json:"identifier"`
} `json:"issuer"`
Counter uint `json:"counter"`
}{}
comm := gabi.ProofPCommitment{}
if err := json.Unmarshal([]byte(*raw[0]), &tempPkId); err != nil {
if err := json.Unmarshal([]byte(*raw[0]), &tempPkID); err != nil {
return err
}
if err := json.Unmarshal([]byte(*raw[1]), &comm); err != nil {
return err
}
pkid := publicKeyIdentifier{Issuer: tempPkId.Issuer.Identifier, Counter: tempPkId.Counter}
pkid := publicKeyIdentifier{Issuer: tempPkID.Issuer.Identifier, Counter: tempPkID.Counter}
comms.Commitments[pkid] = &comm
}
return nil
......
......@@ -33,6 +33,7 @@ func newCredentialManager() *CredentialManager {
}
}
// CredentialList returns a list of information of all contained credentials.
func (cm *CredentialManager) CredentialList() CredentialList {
list := CredentialList([]*Credential{})
for _, credlist := range cm.credentials {
......@@ -237,6 +238,7 @@ type Session interface {
SchemeManagers() []SchemeManagerIdentifier
}
// ProofBuilders constructs a list of proof builders for the specified attribute choice.
func (cm *CredentialManager) ProofBuilders(choice *DisclosureChoice) (gabi.ProofBuilderList, error) {
todisclose, err := cm.groupCredentials(choice)
if err != nil {
......@@ -263,6 +265,8 @@ func (cm *CredentialManager) Proofs(choice *DisclosureChoice, request Session, i
return builders.BuildProofList(request.GetContext(), request.GetNonce(), issig), nil
}
// IssuanceProofBuilders constructs a list of proof builders in the issuance protocol
// for the future credentials as well as possibly any disclosed attributes.
func (cm *CredentialManager) IssuanceProofBuilders(request *IssuanceRequest) (gabi.ProofBuilderList, error) {
state, err := newIssuanceState()
if err != nil {
......@@ -355,8 +359,9 @@ func (cm *CredentialManager) unenrolledKeyshareServers() []*SchemeManager {
return list
}
func (cm *CredentialManager) KeyshareEnroll(managerId SchemeManagerIdentifier, email, pin string) error {
manager, ok := MetaStore.SchemeManagers[managerId]
// KeyshareEnroll attempts to register at the keyshare server of the specified scheme manager.
func (cm *CredentialManager) KeyshareEnroll(managerID SchemeManagerIdentifier, email, pin string) error {
manager, ok := MetaStore.SchemeManagers[managerID]
if !ok {
return errors.New("Unknown scheme manager")
}
......@@ -385,10 +390,11 @@ func (cm *CredentialManager) KeyshareEnroll(managerId SchemeManagerIdentifier, e
return err
}
cm.keyshareServers[managerId] = kss
cm.keyshareServers[managerID] = kss
return cm.storeKeyshareServers()
}
// KeyshareRemove unregisters the keyshare server of the specified scheme manager.
func (cm *CredentialManager) KeyshareRemove(manager SchemeManagerIdentifier) error {
if _, contains := cm.keyshareServers[manager]; !contains {
return errors.New("Can't uninstall unknown keyshare server")
......
......@@ -17,13 +17,15 @@ import (
type SessionRequest struct {
Context *big.Int `json:"nonce"`
Nonce *big.Int `json:"context"`
choice *DisclosureChoice `json:"-"`
choice *DisclosureChoice
}
// DisclosureChoice returns the attributes to be disclosed in this session.
func (sr *SessionRequest) DisclosureChoice() *DisclosureChoice {
return sr.choice
}
// SetDisclosureChoice sets the attributes to be disclosed in this session.
func (sr *SessionRequest) SetDisclosureChoice(choice *DisclosureChoice) {
sr.choice = choice
}
......@@ -151,6 +153,7 @@ func newIssuanceState() (*issuanceState, error) {
}, nil
}
// Distributed indicates if a keyshare is involved in this session.
func (ir *IssuanceRequest) Distributed() bool {
for _, manager := range ir.SchemeManagers() {
if MetaStore.SchemeManagers[manager].Distributed() {
......@@ -160,6 +163,7 @@ func (ir *IssuanceRequest) Distributed() bool {
return false
}
// SchemeManagers returns a list of all scheme managers involved in this session.
func (ir *IssuanceRequest) SchemeManagers() []SchemeManagerIdentifier {
list := []SchemeManagerIdentifier{}
for _, cred := range ir.Credentials {
......@@ -188,6 +192,7 @@ func (ir *IssuanceRequest) GetNonce() *big.Int { return ir.Nonce }
// SetNonce sets the nonce of this session.
func (ir *IssuanceRequest) SetNonce(nonce *big.Int) { ir.Nonce = nonce }
// Distributed indicates if a keyshare is involved in this session.
func (dr *DisclosureRequest) Distributed() bool {
for _, manager := range dr.SchemeManagers() {
if MetaStore.SchemeManagers[manager].Distributed() {
......@@ -197,6 +202,7 @@ func (dr *DisclosureRequest) Distributed() bool {
return false
}
// SchemeManagers returns a list of all scheme managers involved in this session.
func (dr *DisclosureRequest) SchemeManagers() []SchemeManagerIdentifier {
list := []SchemeManagerIdentifier{}
for _, disjunction := range dr.Content {
......
......@@ -94,6 +94,9 @@ func (cm *CredentialManager) ParseAndroidStorage() (err error) {
}
bytes, err := ioutil.ReadFile(cm.path(cardemuXML))
if err != nil {
return
}
parsedxml := struct {
Strings []struct {
Name string `xml:"name,attr"`
......
......@@ -35,6 +35,7 @@ func NewHTTPTransport(serverURL string) *HTTPTransport {
}
}
// SetHeader sets a header to be sent in requests.
func (transport *HTTPTransport) SetHeader(name, val string) {
transport.headers[name] = val
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment