Make some functions that act on SignedMessage instances methods on SignedMessage

irma_signature.go

@@ -20,14 +20,14 @@ type SignedMessage struct {
 	Timestamp *atum.Timestamp `json:"timestamp"`
 }
 
-func (im *SignedMessage) GetNonce() *big.Int {
-	return ASN1ConvertSignatureNonce(im.Message, im.Nonce, im.Timestamp)
+func (sm *SignedMessage) GetNonce() *big.Int {
+	return ASN1ConvertSignatureNonce(sm.Message, sm.Nonce, sm.Timestamp)
 }
 
-func (im *SignedMessage) MatchesNonceAndContext(request *SignatureRequest) bool {
-	return im.Nonce.Cmp(request.Nonce) == 0 &&
-		im.Context.Cmp(request.Context) == 0 &&
-		im.GetNonce().Cmp(request.GetNonce()) == 0
+func (sm *SignedMessage) MatchesNonceAndContext(request *SignatureRequest) bool {
+	return sm.Nonce.Cmp(request.Nonce) == 0 &&
+		sm.Context.Cmp(request.Context) == 0 &&
+		sm.GetNonce().Cmp(request.GetNonce()) == 0
 }
 
 // ASN1ConvertSignatureNonce computes the nonce that is used in the creation of the attribute-based signature:

irmaclient/irmaclient_test.go

@@ -229,7 +229,7 @@ func TestLogging(t *testing.T) {
 	sig, err := entry.GetSignedMessage()
 	require.NoError(t, err)
 	require.NotNil(t, sig)
-	status, list := irma.VerifySigWithoutRequest(client.Configuration, sig)
+	status, list := sig.VerifyWithoutRequest(client.Configuration)
 	require.Equal(t, irma.VALID, status)
 	require.NotEmpty(t, list)
 	require.Contains(t, list[0].Attributes, attrid)

irmaclient/manual_session_test.go

@@ -303,7 +303,7 @@ func (sh *ManualSessionHandler) Success(irmaAction irma.Action, result string) {
 		}
 
 		go func() {
-			sh.resultChannel <- irma.VerifySig(client.Configuration, irmaSignedMessage, sh.sigVerifyRequest)
+			sh.resultChannel <- irmaSignedMessage.Verify(client.Configuration, sh.sigVerifyRequest)
 		}()
 	}
 	sh.errorChannel <- nil

irmago_test.go

@@ -288,7 +288,7 @@ func TestVerifyValidSig(t *testing.T) {
 	require.Equal(t, sigRequest.Context, big.NewInt(1337))
 
 	// Test if we can verify it with the original request
-	sigProofResult := VerifySig(conf, irmaSignedMessage, sigRequest)
+	sigProofResult := irmaSignedMessage.Verify(conf, sigRequest)
 	require.Equal(t, sigProofResult.ProofStatus, VALID)
 	attributeList := sigProofResult.ToAttributeResultList()
 	require.Len(t, attributeList, 1)
@@ -305,7 +305,7 @@ func TestVerifyValidSig(t *testing.T) {
 	require.Equal(t, stringSigRequest.Context, big.NewInt(1337))
 
 	// Test if we can verify it with the original request
-	stringSigProofResult := VerifySig(conf, irmaSignedMessage, sigRequest)
+	stringSigProofResult := irmaSignedMessage.Verify(conf, sigRequest)
 	require.Equal(t, stringSigProofResult.ProofStatus, VALID)
 	stringAttributeList := sigProofResult.ToAttributeResultList()
 	require.Len(t, stringAttributeList, 1)
@@ -317,11 +317,11 @@ func TestVerifyValidSig(t *testing.T) {
 	unmatchedSigRequestJSON := []byte(unmatched)
 	unmatchedSigRequest := &SignatureRequest{}
 	json.Unmarshal(unmatchedSigRequestJSON, unmatchedSigRequest)
-	unmatchedResult := VerifySig(conf, irmaSignedMessage, unmatchedSigRequest)
+	unmatchedResult := irmaSignedMessage.Verify(conf, unmatchedSigRequest)
 	require.Equal(t, unmatchedResult.ProofStatus, UNMATCHED_REQUEST)
 
 	// Test if we can also verify it without using the original request
-	proofStatus, disclosed := VerifySigWithoutRequest(conf, irmaSignedMessage)
+	proofStatus, disclosed := irmaSignedMessage.VerifyWithoutRequest(conf)
 	require.Equal(t, proofStatus, VALID)
 	require.Len(t, disclosed, 1)
 	require.Equal(t, disclosed[0].Attributes[NewAttributeTypeIdentifier("irma-demo.RU.studentCard.studentID")]["en"], "456")
@@ -340,10 +340,10 @@ func TestVerifyInValidSig(t *testing.T) {
 	sigRequest := &SignatureRequest{}
 	json.Unmarshal(sigRequestJSON, sigRequest)
 
-	sigProofResult := VerifySig(conf, irmaSignedMessage, sigRequest)
+	sigProofResult := irmaSignedMessage.Verify(conf, sigRequest)
 	require.Equal(t, sigProofResult.ProofStatus, INVALID_CRYPTO)
 
-	proofStatus, disclosed := VerifySigWithoutRequest(conf, irmaSignedMessage)
+	proofStatus, disclosed := irmaSignedMessage.VerifyWithoutRequest(conf)
 	require.Equal(t, proofStatus, INVALID_CRYPTO)
 	require.Nil(t, disclosed)
 }
@@ -362,10 +362,10 @@ func TestVerifyInValidNonce(t *testing.T) {
 	sigRequest := &SignatureRequest{}
 	json.Unmarshal(sigRequestJSON, sigRequest)
 
-	sigProofResult := VerifySig(conf, irmaSignedMessage, sigRequest)
+	sigProofResult := irmaSignedMessage.Verify(conf, sigRequest)
 	require.Equal(t, sigProofResult.ProofStatus, INVALID_CRYPTO)
 
-	proofStatus, disclosed := VerifySigWithoutRequest(conf, irmaSignedMessage)
+	proofStatus, disclosed := irmaSignedMessage.VerifyWithoutRequest(conf)
 	require.Equal(t, proofStatus, INVALID_CRYPTO)
 	require.Nil(t, disclosed)
 }

timestamp.go

@@ -50,18 +50,18 @@ const TimestampServerURL = "https://metrics.privacybydesign.foundation/atum"
 
 // Given an SignedMessage, verify the timestamp over the signed message, disclosed attributes,
 // and rerandomized CL-signatures.
-func VerifyTimestamp(irmaSignature *SignedMessage, message string, conf *Configuration) error {
-	if irmaSignature.Timestamp.ServerUrl != TimestampServerURL {
+func (sm *SignedMessage) VerifyTimestamp(message string, conf *Configuration) error {
+	if sm.Timestamp.ServerUrl != TimestampServerURL {
 		return errors.New("Untrusted timestamp server")
 	}
 
 	// Extract the disclosed attributes and randomized CL-signatures from the proofs in order to
 	// construct the nonce that should be signed by the timestamp server.
 	zero := big.NewInt(0)
-	size := len(irmaSignature.Signature)
+	size := len(sm.Signature)
 	sigs := make([]*big.Int, size)
 	disclosed := make([][]*big.Int, size)
-	for i, proof := range irmaSignature.Signature {
+	for i, proof := range sm.Signature {
 		proofd := proof.(*gabi.ProofD)
 		sigs[i] = proofd.A
 		ct := MetadataFromInt(proofd.ADisclosed[1], conf).CredentialType()
@@ -84,7 +84,7 @@ func VerifyTimestamp(irmaSignature *SignedMessage, message string, conf *Configu
 	if err != nil {
 		return err
 	}
-	valid, err := irmaSignature.Timestamp.Verify(bts)
+	valid, err := sm.Timestamp.Verify(bts)
 	if err != nil {
 		return err
 	}

verify.go

@@ -237,8 +237,8 @@ func addExtraAttributes(disclosed DisclosedCredentialList, proofResult *ProofRes
 }
 
 // Check an gabi prooflist against a signature proofrequest
-func checkProofWithRequest(configuration *Configuration, irmaSignature *SignedMessage, sigRequest *SignatureRequest) *SignatureProofResult {
-	disclosed, err := ExtractDisclosedCredentials(configuration, irmaSignature.Signature)
+func (sm *SignedMessage) checkWithRequest(configuration *Configuration, sigRequest *SignatureRequest) *SignatureProofResult {
+	disclosed, err := ExtractDisclosedCredentials(configuration, sm.Signature)
 
 	if err != nil {
 		fmt.Println(err)
@@ -258,7 +258,7 @@ func checkProofWithRequest(configuration *Configuration, irmaSignature *SignedMe
 	}
 
 	// If all disjunctions are satisfied, check if a credential is expired
-	if irmaSignature.Timestamp == nil {
+	if sm.Timestamp == nil {
 		if disclosed.IsExpired(time.Now()) {
 			// At least one of the contained attributes has currently expired. We don't know the
 			// creation time of the ABS so we can't ascertain that the attributes were still valid then.
@@ -267,7 +267,7 @@ func checkProofWithRequest(configuration *Configuration, irmaSignature *SignedMe
 			return signatureProofResult
 		}
 	} else {
-		if disclosed.IsExpired(time.Unix(irmaSignature.Timestamp.Time, 0)) {
+		if disclosed.IsExpired(time.Unix(sm.Timestamp.Time, 0)) {
 			// The ABS contains attributes that were expired at the time of creation of the ABS.
 			// This must not happen and in this case the signature is invalid
 			signatureProofResult.ProofStatus = INVALID_CRYPTO
@@ -292,10 +292,10 @@ func verify(configuration *Configuration, proofList gabi.ProofList, context *big
 }
 
 // Verify a signature proof and check if the attributes match the attributes in the original request
-func VerifySig(configuration *Configuration, irmaSignature *SignedMessage, sigRequest *SignatureRequest) *SignatureProofResult {
+func (sm *SignedMessage) Verify(configuration *Configuration, sigRequest *SignatureRequest) *SignatureProofResult {
 	// First check if this signature matches the request
-	sigRequest.Timestamp = irmaSignature.Timestamp
-	if !irmaSignature.MatchesNonceAndContext(sigRequest) {
+	sigRequest.Timestamp = sm.Timestamp
+	if !sm.MatchesNonceAndContext(sigRequest) {
 		return &SignatureProofResult{
 			ProofResult: &ProofResult{
 				ProofStatus: UNMATCHED_REQUEST,
@@ -304,8 +304,8 @@ func VerifySig(configuration *Configuration, irmaSignature *SignedMessage, sigRe
 	}
 
 	// Verify the timestamp
-	if irmaSignature.Timestamp != nil {
-		if err := VerifyTimestamp(irmaSignature, sigRequest.Message, configuration); err != nil {
+	if sm.Timestamp != nil {
+		if err := sm.VerifyTimestamp(sigRequest.Message, configuration); err != nil {
 			return &SignatureProofResult{
 				ProofResult: &ProofResult{
 					ProofStatus: INVALID_TIMESTAMP,
@@ -315,7 +315,7 @@ func VerifySig(configuration *Configuration, irmaSignature *SignedMessage, sigRe
 	}
 
 	// Now, cryptographically verify the signature
-	if !verify(configuration, irmaSignature.Signature, sigRequest.GetContext(), sigRequest.GetNonce(), true) {
+	if !verify(configuration, sm.Signature, sigRequest.GetContext(), sigRequest.GetNonce(), true) {
 		return &SignatureProofResult{
 			ProofResult: &ProofResult{
 				ProofStatus: INVALID_CRYPTO,
@@ -324,37 +324,37 @@ func VerifySig(configuration *Configuration, irmaSignature *SignedMessage, sigRe
 	}
 
 	// Finally, check whether attribute values in proof satisfy the original signature request
-	return checkProofWithRequest(configuration, irmaSignature, sigRequest)
+	return sm.checkWithRequest(configuration, sigRequest)
 }
 
 // Verify a signature cryptographically, but do not check/compare with a signature request
-func VerifySigWithoutRequest(configuration *Configuration, irmaSignature *SignedMessage) (ProofStatus, DisclosedCredentialList) {
+func (sm *SignedMessage) VerifyWithoutRequest(configuration *Configuration) (ProofStatus, DisclosedCredentialList) {
 	// First, verify the timestamp, if any
-	if irmaSignature.Timestamp != nil {
-		if err := VerifyTimestamp(irmaSignature, irmaSignature.Message, configuration); err != nil {
+	if sm.Timestamp != nil {
+		if err := sm.VerifyTimestamp(sm.Message, configuration); err != nil {
 			return INVALID_TIMESTAMP, nil
 		}
 	}
 
 	// Cryptographically verify the signature
-	if !verify(configuration, irmaSignature.Signature, irmaSignature.Context, irmaSignature.GetNonce(), true) {
+	if !verify(configuration, sm.Signature, sm.Context, sm.GetNonce(), true) {
 		return INVALID_CRYPTO, nil
 	}
 
 	// Extract attributes and return result
-	disclosed, err := ExtractDisclosedCredentials(configuration, irmaSignature.Signature)
+	disclosed, err := ExtractDisclosedCredentials(configuration, sm.Signature)
 
 	if err != nil {
 		fmt.Println(err)
 		return INVALID_CRYPTO, nil
 	}
 
-	if irmaSignature.Timestamp == nil {
+	if sm.Timestamp == nil {
 		if disclosed.IsExpired(time.Now()) {
 			return EXPIRED, disclosed
 		}
 	} else {
-		if disclosed.IsExpired(time.Unix(irmaSignature.Timestamp.Time, 0)) {
+		if disclosed.IsExpired(time.Unix(sm.Timestamp.Time, 0)) {
 			return INVALID_CRYPTO, nil
 		}
 	}