Commit 6784df96 authored by Sietse Ringers's avatar Sietse Ringers
Browse files

Add new struct for keeping track of any kind of identifier

parent c3cbc0bf
......@@ -38,6 +38,15 @@ type AttributeIdentifier struct {
Count int
}
// IrmaIdentifierSet contains a set (ensured by using map[...]struct{}) of all scheme managers,
// all issuers, all credential types and all public keys that are involved in an IRMA session.
type IrmaIdentifierSet struct {
SchemeManagers map[SchemeManagerIdentifier]struct{}
Issuers map[IssuerIdentifier]struct{}
CredentialTypes map[CredentialTypeIdentifier]struct{}
PublicKeys map[IssuerIdentifier][]int
}
// Parent returns the parent object of this identifier.
func (oi metaObjectIdentifier) Parent() string {
str := string(oi)
......@@ -145,3 +154,12 @@ func (id *AttributeTypeIdentifier) UnmarshalText(text []byte) error {
*id = NewAttributeTypeIdentifier(string(text))
return nil
}
func (set *IrmaIdentifierSet) Distributed(store *ConfigurationStore) bool {
for id := range set.SchemeManagers {
if store.SchemeManagers[id].Distributed() {
return true
}
}
return false
}
......@@ -36,7 +36,6 @@ type keyshareSession struct {
keyshareServers map[SchemeManagerIdentifier]*keyshareServer
keyshareServer *keyshareServer // The one keyshare server in use in case of issuance
transports map[SchemeManagerIdentifier]*HTTPTransport
schemeManagers []SchemeManagerIdentifier
}
type keyshareServer struct {
......@@ -144,9 +143,8 @@ func startKeyshareSession(
store *ConfigurationStore,
keyshareServers map[SchemeManagerIdentifier]*keyshareServer,
) {
schemeManagers := session.SchemeManagers()
ksscount := 0
for _, managerID := range schemeManagers {
for managerID := range session.Identifiers().SchemeManagers {
if store.SchemeManagers[managerID].Distributed() {
ksscount++
if _, registered := keyshareServers[managerID]; !registered {
......@@ -170,12 +168,11 @@ func startKeyshareSession(
pinRequestor: pin,
store: store,
keyshareServers: keyshareServers,
schemeManagers: schemeManagers,
}
askPin := false
for _, managerID := range schemeManagers {
for managerID := range session.Identifiers().SchemeManagers {
if !ks.store.SchemeManagers[managerID].Distributed() {
continue
}
......@@ -243,7 +240,7 @@ func (ks *keyshareSession) VerifyPin(attempts int) {
// - If this or anything else (specified in err) goes wrong, success will be false.
// If all is ok, success will be true.
func (ks *keyshareSession) verifyPinAttempt(pin string) (success bool, tries int, blocked int, err error) {
for _, managerID := range ks.schemeManagers {
for managerID := range ks.session.Identifiers().SchemeManagers {
if !ks.store.SchemeManagers[managerID].Distributed() {
continue
}
......@@ -306,7 +303,7 @@ func (ks *keyshareSession) GetCommitments() {
// Now inform each keyshare server of with respect to which public keys
// we want them to send us commitments
for _, managerID := range ks.schemeManagers {
for managerID := range ks.session.Identifiers().SchemeManagers {
if !ks.store.SchemeManagers[managerID].Distributed() {
continue
}
......@@ -357,7 +354,7 @@ func (ks *keyshareSession) GetProofPs() {
// Post the challenge, obtaining JWT's containing the ProofP's
responses := map[SchemeManagerIdentifier]string{}
for _, managerID := range ks.schemeManagers {
for managerID := range ks.session.Identifiers().SchemeManagers {
transport, distributed := ks.transports[managerID]
if !distributed {
continue
......
......@@ -55,19 +55,6 @@ type secretKey struct {
Key *big.Int
}
// IrmaSession is an IRMA session.
type IrmaSession interface {
GetNonce() *big.Int
SetNonce(*big.Int)
GetContext() *big.Int
SetContext(*big.Int)
DisjunctionList() AttributeDisjunctionList
DisclosureChoice() *DisclosureChoice
SetDisclosureChoice(choice *DisclosureChoice)
Distributed(store *ConfigurationStore) bool
SchemeManagers() []SchemeManagerIdentifier
}
// NewCredentialManager creates a new CredentialManager that uses the directory
// specified by storagePath for (de)serializing itself. irmaConfigurationPath
// is the path to a (possibly readonly) folder containing irma_configuration;
......
......@@ -15,9 +15,10 @@ import (
// SessionRequest contains the context and nonce for an IRMA session.
type SessionRequest struct {
Context *big.Int `json:"nonce"`
Nonce *big.Int `json:"context"`
choice *DisclosureChoice
Context *big.Int `json:"nonce"`
Nonce *big.Int `json:"context"`
choice *DisclosureChoice
identifiers *IrmaIdentifierSet
}
// DisclosureChoice returns the attributes to be disclosed in this session.
......@@ -102,6 +103,18 @@ type IdentityProviderJwt struct {
Request IdentityProviderRequest `json:"iprequest"`
}
// IrmaSession is an IRMA session.
type IrmaSession interface {
GetNonce() *big.Int
SetNonce(*big.Int)
GetContext() *big.Int
SetContext(*big.Int)
DisjunctionList() AttributeDisjunctionList
DisclosureChoice() *DisclosureChoice
SetDisclosureChoice(choice *DisclosureChoice)
Identifiers() *IrmaIdentifierSet
}
// Timestamp is a time.Time that marshals to Unix timestamps.
type Timestamp time.Time
......@@ -153,28 +166,35 @@ func newIssuanceState() (*issuanceState, error) {
}, nil
}
// Distributed indicates if a keyshare is involved in this session.
func (ir *IssuanceRequest) Distributed(store *ConfigurationStore) bool {
for _, manager := range ir.SchemeManagers() {
if store.SchemeManagers[manager].Distributed() {
return true
func (dr *IssuanceRequest) Identifiers() *IrmaIdentifierSet {
if dr.identifiers == nil {
dr.identifiers = &IrmaIdentifierSet{
SchemeManagers: map[SchemeManagerIdentifier]struct{}{},
Issuers: map[IssuerIdentifier]struct{}{},
CredentialTypes: map[CredentialTypeIdentifier]struct{}{},
PublicKeys: map[IssuerIdentifier][]int{},
}
}
return false
}
// SchemeManagers returns a list of all scheme managers involved in this session.
func (ir *IssuanceRequest) SchemeManagers() []SchemeManagerIdentifier {
list := []SchemeManagerIdentifier{}
for _, cred := range ir.Credentials {
list = append(list, cred.Credential.IssuerIdentifier().SchemeManagerIdentifier())
}
for _, disjunctions := range ir.Disclose {
for _, attr := range disjunctions.Attributes {
list = append(list, attr.CredentialTypeIdentifier().IssuerIdentifier().SchemeManagerIdentifier())
for _, credreq := range dr.Credentials {
issuer := credreq.Credential.IssuerIdentifier()
dr.identifiers.SchemeManagers[issuer.SchemeManagerIdentifier()] = struct{}{}
dr.identifiers.Issuers[issuer] = struct{}{}
dr.identifiers.CredentialTypes[*credreq.Credential] = struct{}{}
if dr.identifiers.PublicKeys[issuer] == nil {
dr.identifiers.PublicKeys[issuer] = []int{}
}
dr.identifiers.PublicKeys[issuer] = append(dr.identifiers.PublicKeys[issuer], credreq.KeyCounter)
}
for _, disjunction := range dr.Disclose {
for _, attr := range disjunction.Attributes {
dr.identifiers.SchemeManagers[attr.CredentialTypeIdentifier().IssuerIdentifier().SchemeManagerIdentifier()] = struct{}{}
dr.identifiers.Issuers[attr.CredentialTypeIdentifier().IssuerIdentifier()] = struct{}{}
dr.identifiers.CredentialTypes[attr.CredentialTypeIdentifier()] = struct{}{}
}
}
}
return list
return dr.identifiers
}
// DisjunctionList returns the attributes that must be disclosed in this issuance session.
......@@ -192,25 +212,23 @@ func (ir *IssuanceRequest) GetNonce() *big.Int { return ir.Nonce }
// SetNonce sets the nonce of this session.
func (ir *IssuanceRequest) SetNonce(nonce *big.Int) { ir.Nonce = nonce }
// Distributed indicates if a keyshare is involved in this session.
func (dr *DisclosureRequest) Distributed(store *ConfigurationStore) bool {
for _, manager := range dr.SchemeManagers() {
if store.SchemeManagers[manager].Distributed() {
return true
func (dr *DisclosureRequest) Identifiers() *IrmaIdentifierSet {
if dr.identifiers == nil {
dr.identifiers = &IrmaIdentifierSet{
SchemeManagers: map[SchemeManagerIdentifier]struct{}{},
Issuers: map[IssuerIdentifier]struct{}{},
CredentialTypes: map[CredentialTypeIdentifier]struct{}{},
PublicKeys: map[IssuerIdentifier][]int{},
}
}
return false
}
// SchemeManagers returns a list of all scheme managers involved in this session.
func (dr *DisclosureRequest) SchemeManagers() []SchemeManagerIdentifier {
list := []SchemeManagerIdentifier{}
for _, disjunction := range dr.Content {
for _, attr := range disjunction.Attributes {
list = append(list, attr.CredentialTypeIdentifier().IssuerIdentifier().SchemeManagerIdentifier())
for _, disjunction := range dr.Content {
for _, attr := range disjunction.Attributes {
dr.identifiers.SchemeManagers[attr.CredentialTypeIdentifier().IssuerIdentifier().SchemeManagerIdentifier()] = struct{}{}
dr.identifiers.Issuers[attr.CredentialTypeIdentifier().IssuerIdentifier()] = struct{}{}
dr.identifiers.CredentialTypes[attr.CredentialTypeIdentifier()] = struct{}{}
}
}
}
return list
return dr.identifiers
}
// DisjunctionList returns the attributes to be disclosed in this session.
......
......@@ -197,7 +197,7 @@ func (session *session) do(proceed bool) {
}
session.Handler.StatusUpdate(session.Action, StatusCommunicating)
if !session.irmaSession.Distributed(session.credManager.ConfigurationStore) {
if !session.irmaSession.Identifiers().Distributed(session.credManager.ConfigurationStore) {
var message interface{}
var err error
switch session.Action {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment