Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
IRMA
Github mirrors
irmago
Commits
645b8397
Commit
645b8397
authored
Sep 01, 2017
by
Sietse Ringers
Browse files
Cleanup API
parent
9f8041f8
Changes
11
Hide whitespace changes
Inline
Side-by-side
attributes.go
View file @
645b8397
...
...
@@ -22,15 +22,15 @@ const (
var
(
metadataVersion
=
[]
byte
{
0x02
}
versionField
=
M
etadataField
{
1
,
0
}
signingDateField
=
M
etadataField
{
3
,
1
}
validityField
=
M
etadataField
{
2
,
4
}
keyCounterField
=
M
etadataField
{
2
,
6
}
credentialID
=
M
etadataField
{
16
,
8
}
versionField
=
m
etadataField
{
1
,
0
}
signingDateField
=
m
etadataField
{
3
,
1
}
validityField
=
m
etadataField
{
2
,
4
}
keyCounterField
=
m
etadataField
{
2
,
6
}
credentialID
=
m
etadataField
{
16
,
8
}
)
//
M
etadataField contains the length and offset of a field within a metadata attribute.
type
M
etadataField
struct
{
//
m
etadataField contains the length and offset of a field within a metadata attribute.
type
m
etadataField
struct
{
length
int
offset
int
}
...
...
@@ -199,11 +199,11 @@ func (attr *MetadataAttribute) IsValid() bool {
return
attr
.
IsValidOn
(
time
.
Now
())
}
func
(
attr
*
MetadataAttribute
)
field
(
field
M
etadataField
)
[]
byte
{
func
(
attr
*
MetadataAttribute
)
field
(
field
m
etadataField
)
[]
byte
{
return
attr
.
Bytes
()[
field
.
offset
:
field
.
offset
+
field
.
length
]
}
func
(
attr
*
MetadataAttribute
)
setField
(
field
M
etadataField
,
value
[]
byte
)
{
func
(
attr
*
MetadataAttribute
)
setField
(
field
m
etadataField
,
value
[]
byte
)
{
if
len
(
value
)
>
field
.
length
{
panic
(
"Specified metadata field too large"
)
}
...
...
@@ -252,10 +252,6 @@ type AttributeDisjunction struct {
// An AttributeDisjunctionList is a list of AttributeDisjunctions.
type
AttributeDisjunctionList
[]
*
AttributeDisjunction
type
DisjunctionListContainer
interface
{
DisjunctionList
()
AttributeDisjunctionList
}
// HasValues indicates if the attributes of this disjunction have values
// that should be satisfied.
func
(
disjunction
*
AttributeDisjunction
)
HasValues
()
bool
{
...
...
credential.go
View file @
645b8397
...
...
@@ -2,15 +2,15 @@ package irmago
import
"github.com/mhe/gabi"
//
C
redential represents an IRMA credential, whose zeroth attribute
//
c
redential represents an IRMA credential, whose zeroth attribute
// is always the secret key and the first attribute the metadata attribute.
type
C
redential
struct
{
type
c
redential
struct
{
*
gabi
.
Credential
*
MetadataAttribute
}
func
newCredential
(
gabicred
*
gabi
.
Credential
)
(
cred
*
C
redential
)
{
cred
=
&
C
redential
{}
func
newCredential
(
gabicred
*
gabi
.
Credential
)
(
cred
*
c
redential
)
{
cred
=
&
c
redential
{}
cred
.
Credential
=
gabicred
cred
.
MetadataAttribute
=
MetadataFromInt
(
gabicred
.
Attributes
[
1
])
cred
.
Pk
=
MetaStore
.
PublicKey
(
cred
.
CredentialType
()
.
IssuerIdentifier
(),
cred
.
KeyCounter
())
...
...
doc.go
View file @
645b8397
// Package irmago is work in progress on an IRMA client in Go. It will:
//* (De)serialize credentials from/to storage
//* Be the client (like the IRMA Android app) in the IRMA protocol
// see (https://credentials.github.io/protocols/irma-protocol/).
// Package irmago is work in progress on an IRMA client in Go.
//It will (de)serialize credentials from/to storage,
// and be the client (like the IRMA Android app,
// https://github.com/credentials/irma_android_cardemu) in the IRMA protocol (see
// https://credentials.github.io/protocols/irma-protocol).
package
irmago
irmago_test.go
View file @
645b8397
...
...
@@ -58,7 +58,7 @@ func parseAndroidStorage(t *testing.T) {
}
func
verifyStoreIsUnmarshaled
(
t
*
testing
.
T
)
{
cred
,
err
:=
Manager
.
C
redential
(
NewCredentialTypeIdentifier
(
"irma-demo.RU.studentCard"
),
0
)
cred
,
err
:=
Manager
.
c
redential
(
NewCredentialTypeIdentifier
(
"irma-demo.RU.studentCard"
),
0
)
assert
.
NoError
(
t
,
err
,
"could not fetch credential"
)
assert
.
NotNil
(
t
,
cred
,
"Credential should exist"
)
assert
.
NotNil
(
t
,
cred
.
Attributes
[
0
],
"Metadata attribute of irma-demo.RU.studentCard should not be nil"
)
...
...
manager.go
View file @
645b8397
...
...
@@ -19,12 +19,12 @@ type CredentialManager struct {
secretkey
*
big
.
Int
storagePath
string
attributes
map
[
CredentialTypeIdentifier
][]
*
AttributeList
credentials
map
[
CredentialTypeIdentifier
]
map
[
int
]
*
C
redential
credentials
map
[
CredentialTypeIdentifier
]
map
[
int
]
*
c
redential
}
func
newCredentialManager
()
*
CredentialManager
{
return
&
CredentialManager
{
credentials
:
make
(
map
[
CredentialTypeIdentifier
]
map
[
int
]
*
C
redential
),
credentials
:
make
(
map
[
CredentialTypeIdentifier
]
map
[
int
]
*
c
redential
),
}
}
...
...
@@ -60,10 +60,10 @@ func (cm *CredentialManager) attrs(id CredentialTypeIdentifier) []*AttributeList
}
// creds returns cm.credentials[id], initializing it to an empty map if neccesary
func
(
cm
*
CredentialManager
)
creds
(
id
CredentialTypeIdentifier
)
map
[
int
]
*
C
redential
{
func
(
cm
*
CredentialManager
)
creds
(
id
CredentialTypeIdentifier
)
map
[
int
]
*
c
redential
{
list
,
exists
:=
cm
.
credentials
[
id
]
if
!
exists
{
list
=
make
(
map
[
int
]
*
C
redential
)
list
=
make
(
map
[
int
]
*
c
redential
)
cm
.
credentials
[
id
]
=
list
}
return
list
...
...
@@ -78,12 +78,12 @@ func (cm *CredentialManager) Attributes(id CredentialTypeIdentifier, counter int
return
list
[
counter
]
}
func
(
cm
*
CredentialManager
)
C
redentialByID
(
id
CredentialIdentifier
)
(
cred
*
C
redential
,
err
error
)
{
return
cm
.
C
redential
(
id
.
Type
,
id
.
Index
)
func
(
cm
*
CredentialManager
)
c
redentialByID
(
id
CredentialIdentifier
)
(
cred
*
c
redential
,
err
error
)
{
return
cm
.
c
redential
(
id
.
Type
,
id
.
Index
)
}
//
C
redential returns the requested credential, or nil if we do not have it.
func
(
cm
*
CredentialManager
)
C
redential
(
id
CredentialTypeIdentifier
,
counter
int
)
(
cred
*
C
redential
,
err
error
)
{
//
c
redential returns the requested credential, or nil if we do not have it.
func
(
cm
*
CredentialManager
)
c
redential
(
id
CredentialTypeIdentifier
,
counter
int
)
(
cred
*
c
redential
,
err
error
)
{
// If the requested credential is not in credential map, we check if its attributes were
// deserialized during Init(). If so, there should be a corresponding signature file,
// so we read that, construct the credential, and add it to the credential map
...
...
@@ -176,19 +176,19 @@ func (cm *CredentialManager) ParseAndroidStorage() (err error) {
return
}
func
(
cm
*
CredentialManager
)
addCredential
(
cred
*
C
redential
)
{
func
(
cm
*
CredentialManager
)
addCredential
(
cred
*
c
redential
)
{
id
:=
cred
.
CredentialType
()
.
Identifier
()
cm
.
attributes
[
id
]
=
append
(
cm
.
attrs
(
id
),
NewAttributeListFromInts
(
cred
.
Attributes
[
1
:
]))
if
_
,
exists
:=
cm
.
credentials
[
id
];
!
exists
{
cm
.
credentials
[
id
]
=
make
(
map
[
int
]
*
C
redential
)
cm
.
credentials
[
id
]
=
make
(
map
[
int
]
*
c
redential
)
}
counter
:=
len
(
cm
.
attributes
[
id
])
-
1
cm
.
credentials
[
id
][
counter
]
=
cred
}
//
A
dd adds the specified credential to the CredentialManager.
func
(
cm
*
CredentialManager
)
A
dd
(
cred
*
C
redential
)
(
err
error
)
{
//
a
dd adds the specified credential to the CredentialManager.
func
(
cm
*
CredentialManager
)
a
dd
(
cred
*
c
redential
)
(
err
error
)
{
if
cred
.
CredentialType
()
==
nil
{
return
errors
.
New
(
"cannot add unknown credential type"
)
}
...
...
@@ -237,9 +237,9 @@ func (cm *CredentialManager) Candidates(disjunction *AttributeDisjunction) []*At
return
candidates
}
func
(
cm
*
CredentialManager
)
CheckSatisfiability
(
disjunctions
DisjunctionList
Container
)
AttributeDisjunctionList
{
func
(
cm
*
CredentialManager
)
CheckSatisfiability
(
disjunctions
Attribute
DisjunctionList
)
AttributeDisjunctionList
{
missing
:=
make
(
AttributeDisjunctionList
,
0
,
5
)
for
_
,
disjunction
:=
range
disjunctions
.
DisjunctionList
()
{
for
_
,
disjunction
:=
range
disjunctions
{
if
len
(
cm
.
Candidates
(
disjunction
))
==
0
{
missing
=
append
(
missing
,
disjunction
)
}
...
...
@@ -271,7 +271,7 @@ func (cm *CredentialManager) groupCredentials(choice *DisclosureChoice) (map[Cre
return
nil
,
err
}
// These indices will be used in the []*big.Int at gabi.
C
redential.Attributes,
// These indices will be used in the []*big.Int at gabi.
c
redential.Attributes,
// which doesn't know about the secret key and metadata attribute, so +2
grouped
[
ici
]
=
append
(
grouped
[
ici
],
index
+
2
)
}
...
...
@@ -281,7 +281,10 @@ func (cm *CredentialManager) groupCredentials(choice *DisclosureChoice) (map[Cre
type
Session
interface
{
GetNonce
()
*
big
.
Int
SetNonce
(
*
big
.
Int
)
GetContext
()
*
big
.
Int
SetContext
(
*
big
.
Int
)
DisjunctionList
()
AttributeDisjunctionList
}
func
(
cm
*
CredentialManager
)
proofsBuilders
(
choice
*
DisclosureChoice
)
([]
gabi
.
ProofBuilder
,
error
)
{
...
...
@@ -292,7 +295,7 @@ func (cm *CredentialManager) proofsBuilders(choice *DisclosureChoice) ([]gabi.Pr
builders
:=
[]
gabi
.
ProofBuilder
{}
for
id
,
list
:=
range
todisclose
{
cred
,
err
:=
cm
.
C
redentialByID
(
id
)
cred
,
err
:=
cm
.
c
redentialByID
(
id
)
if
err
!=
nil
{
return
nil
,
err
}
...
...
@@ -355,7 +358,7 @@ func (cm *CredentialManager) ConstructCredentials(msg []*gabi.IssueSignatureMess
}
for
_
,
cred
:=
range
creds
{
cm
.
A
dd
(
newCredential
(
cred
))
cm
.
a
dd
(
newCredential
(
cred
))
}
return
nil
...
...
protocol/doc.go
0 → 100644
View file @
645b8397
// Package protocol implements the IRMA protocol.
// A new IRMA session is started with the NewSession() method
package
protocol
protocol/requests.go
View file @
645b8397
...
...
@@ -16,7 +16,7 @@ type ServiceProviderRequest struct {
Request
*
irmago
.
DisclosureRequest
`json:"request"`
}
type
Signature
Serve
rRequest
struct
{
type
Signature
Requesto
rRequest
struct
{
Request
*
irmago
.
SignatureRequest
`json:"request"`
}
...
...
@@ -29,9 +29,9 @@ type ServiceProviderJwt struct {
Request
ServiceProviderRequest
`json:"sprequest"`
}
type
Signature
Serve
rJwt
struct
{
type
Signature
Requesto
rJwt
struct
{
ServerJwt
Request
Signature
Serve
rRequest
`json:"absrequest"`
Request
Signature
Requesto
rRequest
`json:"absrequest"`
}
type
IdentityProviderJwt
struct
{
...
...
@@ -50,14 +50,14 @@ func NewServiceProviderJwt(servername string, dr *irmago.DisclosureRequest) *Ser
}
}
func
NewSignature
Serve
rJwt
(
servername
string
,
sr
*
irmago
.
SignatureRequest
)
*
Signature
Serve
rJwt
{
return
&
Signature
Serve
rJwt
{
func
NewSignature
Requesto
rJwt
(
servername
string
,
sr
*
irmago
.
SignatureRequest
)
*
Signature
Requesto
rJwt
{
return
&
Signature
Requesto
rJwt
{
ServerJwt
:
ServerJwt
{
ServerName
:
servername
,
IssuedAt
:
irmago
.
Timestamp
(
time
.
Now
()),
Type
:
"signature_request"
,
},
Request
:
Signature
Serve
rRequest
{
Request
:
sr
},
Request
:
Signature
Requesto
rRequest
{
Request
:
sr
},
}
}
...
...
@@ -72,14 +72,10 @@ func NewIdentityProviderJwt(servername string, ir *irmago.IssuanceRequest) *Iden
}
}
func
(
spr
*
ServiceProviderJwt
)
DisjunctionList
()
irmago
.
AttributeDisjunctionList
{
return
spr
.
Request
.
Request
.
Content
type
RequestorJwt
interface
{
IrmaSession
()
irmago
.
Session
}
func
(
ssr
*
SignatureServerJwt
)
DisjunctionList
()
irmago
.
AttributeDisjunctionList
{
return
ssr
.
Request
.
Request
.
Content
}
func
(
ipr
*
IdentityProviderJwt
)
DisjunctionList
()
irmago
.
AttributeDisjunctionList
{
return
ipr
.
Request
.
Request
.
Disclose
}
func
(
jwt
*
ServiceProviderJwt
)
IrmaSession
()
irmago
.
Session
{
return
jwt
.
Request
.
Request
}
func
(
jwt
*
SignatureRequestorJwt
)
IrmaSession
()
irmago
.
Session
{
return
jwt
.
Request
.
Request
}
func
(
jwt
*
IdentityProviderJwt
)
IrmaSession
()
irmago
.
Session
{
return
jwt
.
Request
.
Request
}
protocol/session.go
View file @
645b8397
package
protocol
import
(
"math/big"
"fmt"
"sort"
"strconv"
"strings"
"sort"
"fmt"
"encoding/json"
"encoding/base64"
"encoding/json"
"github.com/credentials/irmago"
"github.com/mhe/gabi"
...
...
@@ -27,31 +23,26 @@ type Handler interface {
Failure
(
action
Action
,
err
*
Error
)
UnsatisfiableRequest
(
action
Action
,
missing
irmago
.
AttributeDisjunctionList
)
AskIssuancePermission
(
request
irmago
.
IssuanceRequest
,
ServerName
string
,
c
hoice
PermissionHandler
)
AskVerificationPermission
(
request
irmago
.
DisclosureRequest
,
ServerName
string
,
c
hoice
PermissionHandler
)
AskSignaturePermission
(
request
irmago
.
SignatureRequest
,
ServerName
string
,
c
hoice
PermissionHandler
)
AskIssuancePermission
(
request
irmago
.
IssuanceRequest
,
ServerName
string
,
c
allback
PermissionHandler
)
AskVerificationPermission
(
request
irmago
.
DisclosureRequest
,
ServerName
string
,
c
allback
PermissionHandler
)
AskSignaturePermission
(
request
irmago
.
SignatureRequest
,
ServerName
string
,
c
allback
PermissionHandler
)
}
// A
S
ession is an IRMA session.
type
S
ession
struct
{
// A
s
ession is an IRMA session.
type
s
ession
struct
{
Action
Action
Version
Version
ServerURL
string
Handler
Handler
request
irmago
.
DisjunctionListContainer
spRequest
*
ServiceProviderJwt
ipRequest
*
IdentityProviderJwt
ssRequest
*
SignatureServerJwt
transport
*
HTTPTransport
nonce
*
big
.
Int
context
*
big
.
Int
jwt
RequestorJwt
irmaSession
irmago
.
Session
transport
*
HTTPTransport
}
// Supported protocol versions. Minor version numbers should be reverse sorted.
var
supportedVersions
=
map
[
int
][]
int
{
2
:
[]
int
{
2
,
1
},
2
:
{
2
,
1
},
}
func
calcVersion
(
qr
*
Qr
)
(
string
,
error
)
{
...
...
@@ -90,14 +81,14 @@ func calcVersion(qr *Qr) (string, error) {
}
// NewSession creates and starts a new IRMA session.
func
NewSession
(
qr
*
Qr
,
handler
Handler
)
*
Session
{
func
NewSession
(
qr
*
Qr
,
handler
Handler
)
{
version
,
err
:=
calcVersion
(
qr
)
if
err
!=
nil
{
handler
.
Failure
(
ActionUnknown
,
&
Error
{
ErrorCode
:
ErrorProtocolVersionNotSupported
,
error
:
err
})
return
nil
return
}
session
:=
&
S
ession
{
session
:=
&
s
ession
{
Version
:
Version
(
version
),
Action
:
Action
(
qr
.
Type
),
ServerURL
:
qr
.
URL
,
...
...
@@ -114,7 +105,7 @@ func NewSession(qr *Qr, handler Handler) *Session {
fallthrough
default
:
handler
.
Failure
(
ActionUnknown
,
&
Error
{
ErrorCode
:
ErrorUnknownAction
,
error
:
nil
,
info
:
string
(
session
.
Action
)})
return
nil
return
}
if
!
strings
.
HasSuffix
(
session
.
ServerURL
,
"/"
)
{
...
...
@@ -123,41 +114,31 @@ func NewSession(qr *Qr, handler Handler) *Session {
go
session
.
start
()
return
session
return
}
// start retrieves the first message in the IRMA protocol, checks if we can perform
// the request, and informs the user of the outcome.
func
(
session
*
S
ession
)
start
()
{
func
(
session
*
s
ession
)
start
()
{
session
.
Handler
.
StatusUpdate
(
session
.
Action
,
StatusCommunicating
)
// Get the first IRMA protocol message
// Get the first IRMA protocol message
and parse it
info
:=
&
SessionInfo
{}
err
:=
session
.
transport
.
Get
(
"jwt"
,
info
)
if
err
!=
nil
{
session
.
Handler
.
Failure
(
session
.
Action
,
&
Error
{
ErrorCode
:
ErrorTransport
,
ApiError
:
err
.
(
*
TransportError
)
.
ApiErr
})
return
}
session
.
nonce
=
info
.
Nonce
session
.
context
=
info
.
Context
jwtparts
:=
strings
.
Split
(
info
.
Jwt
,
"."
)
if
jwtparts
==
nil
||
len
(
jwtparts
)
<
2
{
session
.
Handler
.
Failure
(
session
.
Action
,
&
Error
{
ErrorCode
:
ErrorInvalidJWT
})
return
}
headerbytes
,
err
:=
base64
.
RawStdEncoding
.
DecodeString
(
jwtparts
[
0
])
if
err
!=
nil
{
session
.
Handler
.
Failure
(
session
.
Action
,
&
Error
{
ErrorCode
:
ErrorInvalidJWT
,
error
:
err
})
return
}
bodybytes
,
err
:=
base64
.
RawStdEncoding
.
DecodeString
(
jwtparts
[
1
])
if
err
!=
nil
{
session
.
Handler
.
Failure
(
session
.
Action
,
&
Error
{
ErrorCode
:
ErrorInvalidJWT
,
error
:
err
})
return
}
var
header
struct
{
Server
string
`json:"iss"`
}
...
...
@@ -167,25 +148,25 @@ func (session *Session) start() {
return
}
// Deserialize JWT, and set session state
bodybytes
,
err
:=
base64
.
RawStdEncoding
.
DecodeString
(
jwtparts
[
1
])
if
err
!=
nil
{
session
.
Handler
.
Failure
(
session
.
Action
,
&
Error
{
ErrorCode
:
ErrorInvalidJWT
,
error
:
err
})
return
}
switch
session
.
Action
{
case
ActionDisclosing
:
session
.
spRequest
=
&
ServiceProviderJwt
{}
err
=
json
.
Unmarshal
([]
byte
(
bodybytes
),
session
.
spRequest
)
session
.
spRequest
.
Request
.
Request
.
Context
=
session
.
context
session
.
spRequest
.
Request
.
Request
.
Nonce
=
session
.
nonce
session
.
request
=
session
.
spRequest
jwt
:=
&
ServiceProviderJwt
{}
err
=
json
.
Unmarshal
([]
byte
(
bodybytes
),
jwt
)
session
.
jwt
=
jwt
case
ActionSigning
:
session
.
ssRequest
=
&
SignatureServerJwt
{}
err
=
json
.
Unmarshal
([]
byte
(
bodybytes
),
session
.
ssRequest
)
session
.
ssRequest
.
Request
.
Request
.
Context
=
session
.
context
session
.
ssRequest
.
Request
.
Request
.
Nonce
=
session
.
nonce
session
.
request
=
session
.
ssRequest
jwt
:=
&
SignatureRequestorJwt
{}
err
=
json
.
Unmarshal
([]
byte
(
bodybytes
),
jwt
)
session
.
jwt
=
jwt
case
ActionIssuing
:
session
.
ipRequest
=
&
IdentityProviderJwt
{}
err
=
json
.
Unmarshal
([]
byte
(
bodybytes
),
session
.
ipRequest
)
session
.
ipRequest
.
Request
.
Request
.
Context
=
session
.
context
session
.
ipRequest
.
Request
.
Request
.
Nonce
=
session
.
nonce
session
.
request
=
session
.
ipRequest
jwt
:=
&
IdentityProviderJwt
{}
err
=
json
.
Unmarshal
([]
byte
(
bodybytes
),
jwt
)
session
.
jwt
=
jwt
default
:
panic
(
"Invalid session type"
)
// does not happen, session.Action has been checked earlier
}
...
...
@@ -193,38 +174,40 @@ func (session *Session) start() {
session
.
Handler
.
Failure
(
session
.
Action
,
&
Error
{
ErrorCode
:
ErrorInvalidJWT
,
error
:
err
})
return
}
session
.
irmaSession
=
session
.
jwt
.
IrmaSession
()
session
.
irmaSession
.
SetContext
(
info
.
Context
)
session
.
irmaSession
.
SetNonce
(
info
.
Nonce
)
if
session
.
Action
==
ActionIssuing
{
// Store which public keys the server will use
for
_
,
credreq
:=
range
session
.
i
pRequest
.
Request
.
Request
.
Credentials
{
for
_
,
credreq
:=
range
session
.
i
rmaSession
.
(
*
irmago
.
Issuance
Request
)
.
Credentials
{
credreq
.
KeyCounter
=
info
.
Keys
[
credreq
.
Credential
.
IssuerIdentifier
()]
}
}
missing
:=
irmago
.
Manager
.
CheckSatisfiability
(
session
.
request
)
missing
:=
irmago
.
Manager
.
CheckSatisfiability
(
session
.
irmaSession
.
DisjunctionList
()
)
if
len
(
missing
)
>
0
{
session
.
Handler
.
UnsatisfiableRequest
(
session
.
Action
,
missing
)
return
}
// Ask for permission to execute the session
callback
:=
PermissionHandler
(
func
(
proceed
bool
,
choice
*
irmago
.
DisclosureChoice
)
{
go
session
.
do
(
proceed
,
choice
)
})
session
.
Handler
.
StatusUpdate
(
session
.
Action
,
StatusConnected
)
switch
session
.
Action
{
case
ActionDisclosing
:
session
.
Handler
.
AskVerificationPermission
(
*
session
.
spRequest
.
Request
.
Request
,
header
.
Server
,
callback
)
session
.
Handler
.
AskVerificationPermission
(
*
session
.
irmaSession
.
(
*
irmago
.
Disclosure
Request
)
,
header
.
Server
,
callback
)
case
ActionSigning
:
session
.
Handler
.
AskSignaturePermission
(
*
session
.
ssRequest
.
Request
.
Request
,
header
.
Server
,
callback
)
session
.
Handler
.
AskSignaturePermission
(
*
session
.
irmaSession
.
(
*
irmago
.
Signature
Request
)
,
header
.
Server
,
callback
)
case
ActionIssuing
:
session
.
Handler
.
AskIssuancePermission
(
*
session
.
i
pRequest
.
Request
.
Request
,
header
.
Server
,
callback
)
session
.
Handler
.
AskIssuancePermission
(
*
session
.
i
rmaSession
.
(
*
irmago
.
Issuance
Request
)
,
header
.
Server
,
callback
)
default
:
panic
(
"Invalid session type"
)
// does not happen, session.Action has been checked earlier
}
}
func
(
session
*
S
ession
)
do
(
proceed
bool
,
choice
*
irmago
.
DisclosureChoice
)
{
func
(
session
*
s
ession
)
do
(
proceed
bool
,
choice
*
irmago
.
DisclosureChoice
)
{
if
!
proceed
{
session
.
Handler
.
Cancelled
(
session
.
Action
)
return
...
...
@@ -235,11 +218,11 @@ func (session *Session) do(proceed bool, choice *irmago.DisclosureChoice) {
var
err
error
switch
session
.
Action
{
case
ActionSigning
:
message
,
err
=
irmago
.
Manager
.
Proofs
(
choice
,
session
.
ssRequest
.
Request
.
Request
,
true
)
message
,
err
=
irmago
.
Manager
.
Proofs
(
choice
,
session
.
irmaSession
,
true
)
case
ActionDisclosing
:
message
,
err
=
irmago
.
Manager
.
Proofs
(
choice
,
session
.
spRequest
.
Request
.
Request
,
false
)
message
,
err
=
irmago
.
Manager
.
Proofs
(
choice
,
session
.
irmaSession
,
false
)
case
ActionIssuing
:
message
,
err
=
irmago
.
Manager
.
IssueCommitments
(
choice
,
session
.
i
pRequest
.
Request
.
Request
)
message
,
err
=
irmago
.
Manager
.
IssueCommitments
(
choice
,
session
.
i
rmaSession
.
(
*
irmago
.
Issuance
Request
)
)
}
if
err
!=
nil
{
session
.
Handler
.
Failure
(
session
.
Action
,
&
Error
{
ErrorCode
:
ErrorCrypto
,
error
:
err
})
...
...
@@ -270,7 +253,7 @@ func (session *Session) do(proceed bool, choice *irmago.DisclosureChoice) {
return
}
err
=
irmago
.
Manager
.
ConstructCredentials
(
response
,
session
.
i
pRequest
.
Request
.
Request
)
err
=
irmago
.
Manager
.
ConstructCredentials
(
response
,
session
.
i
rmaSession
.
(
*
irmago
.
Issuance
Request
)
)
if
err
!=
nil
{
session
.
Handler
.
Failure
(
session
.
Action
,
&
Error
{
ErrorCode
:
ErrorCrypto
,
error
:
err
})
return
...
...
protocol/session_test.go
View file @
645b8397
...
...
@@ -101,7 +101,7 @@ func getDisclosureJwt(name string, id irmago.AttributeTypeIdentifier) interface{
}
func
getSigningJwt
(
name
string
,
id
irmago
.
AttributeTypeIdentifier
)
interface
{}
{
return
NewSignature
Serve
rJwt
(
name
,
&
irmago
.
SignatureRequest
{
return
NewSignature
Requesto
rJwt
(
name
,
&
irmago
.
SignatureRequest
{
Message
:
"test"
,
MessageType
:
"STRING"
,
DisclosureRequest
:
irmago
.
DisclosureRequest
{
...
...
requests.go
View file @
645b8397
...
...
@@ -94,26 +94,20 @@ func newIssuanceState(request *IssuanceRequest) (*issuanceState, error) {
},
nil
}
func
(
ir
*
IssuanceRequest
)
GetContext
()
*
big
.
Int
{
return
ir
.
Context
}
func
(
ir
*
IssuanceRequest
)
GetNonce
()
*
big
.
Int
{
return
ir
.
Nonce
}
func
(
dr
*
DisclosureRequest
)
GetContext
()
*
big
.
Int
{
return
dr
.
Context
}
func
(
dr
*
DisclosureRequest
)
GetNonce
()
*
big
.
Int
{
return
dr
.
Nonce
}
func
(
sr
*
SignatureRequest
)
GetContext
()
*
big
.
Int
{
return
sr
.
Context
}
func
(
ir
*
IssuanceRequest
)
DisjunctionList
()
AttributeDisjunctionList
{
return
ir
.
Disclose
}
func
(
ir
*
IssuanceRequest
)
GetContext
()
*
big
.
Int
{
return
ir
.
Context
}
func
(
ir
*
IssuanceRequest
)
SetContext
(
context
*
big
.
Int
)
{
ir
.
Context
=
context
}
func
(
ir
*
IssuanceRequest
)
GetNonce
()
*
big
.
Int
{
return
ir
.
Nonce
}
func
(
ir
*
IssuanceRequest
)
SetNonce
(
nonce
*
big
.
Int
)
{
ir
.
Nonce
=
nonce
}
func
(
dr
*
DisclosureRequest
)
DisjunctionList
()
AttributeDisjunctionList
{
return
dr
.
Content
}
func
(
dr
*
DisclosureRequest
)
GetContext
()
*
big
.
Int
{
return
dr
.
Context
}
func
(
dr
*
DisclosureRequest
)
SetContext
(
context
*
big
.
Int
)
{
dr
.
Context
=
context
}
func
(
dr
*
DisclosureRequest
)
GetNonce
()
*
big
.
Int
{
return
dr
.
Nonce
}
func
(
dr
*
DisclosureRequest
)
SetNonce
(
nonce
*
big
.
Int
)
{
dr
.
Nonce
=
nonce
}
func
(
sr
*
SignatureRequest
)
DisjunctionList
()
AttributeDisjunctionList
{
return
sr
.
Content
}
func
(
sr
*
SignatureRequest
)
GetContext
()
*
big
.
Int
{
return
sr
.
Context
}
func
(
sr
*
SessionRequest
)
SetContext
(
context
*
big
.
Int
)
{
sr
.
Context
=
context
}
func
(
sr
*
SessionRequest
)
SetNonce
(
nonce
*
big
.
Int
)
{
sr
.
Nonce
=
nonce
}
func
(
sr
*
SignatureRequest
)
GetNonce
()
*
big
.
Int
{
hashbytes
:=
sha256
.
Sum256
([]
byte
(
sr
.
Message
))
hashint
:=
new
(
big
.
Int
)
.
SetBytes
(
hashbytes
[
:
])
...
...
storage.go
View file @
645b8397
...
...
@@ -95,7 +95,7 @@ func (cm *CredentialManager) saveFile(filepath string, content []byte) (err erro
return
os
.
Rename
(
dir
+
"/"
+
tempfilename
,
filepath
)
}
func
(
cm
*
CredentialManager
)
storeSignature
(
cred
*
C
redential
,
counter
int
)
(
err
error
)
{
func
(
cm
*
CredentialManager
)
storeSignature
(
cred
*
c
redential
,
counter
int
)
(
err
error
)
{
if
cred
.
CredentialType
()
==
nil
{
return
errors
.
New
(
"cannot add unknown credential type"
)
}
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment