Commit 8338f81d authored by Sietse Ringers's avatar Sietse Ringers
Browse files

refactor: consistently use uint counter for key counters

parent 8e573885
......@@ -4,6 +4,7 @@ import (
"crypto/sha256"
"encoding/binary"
"encoding/hex"
"errors"
"time"
"github.com/privacybydesign/gabi"
......@@ -235,15 +236,15 @@ func (attr *MetadataAttribute) SigningDate() time.Time {
}
func (attr *MetadataAttribute) setSigningDate() {
attr.setField(signingDateField, shortToByte(int(time.Now().Unix()/ExpiryFactor)))
attr.setField(signingDateField, shortToByte(uint(time.Now().Unix()/ExpiryFactor)))
}
// KeyCounter return the public key counter of the metadata attribute
func (attr *MetadataAttribute) KeyCounter() int {
return int(binary.BigEndian.Uint16(attr.field(keyCounterField)))
func (attr *MetadataAttribute) KeyCounter() uint {
return uint(binary.BigEndian.Uint16(attr.field(keyCounterField)))
}
func (attr *MetadataAttribute) setKeyCounter(i int) {
func (attr *MetadataAttribute) setKeyCounter(i uint) {
attr.setField(keyCounterField, shortToByte(i))
}
......@@ -252,7 +253,7 @@ func (attr *MetadataAttribute) ValidityDuration() int {
return int(binary.BigEndian.Uint16(attr.field(validityField)))
}
func (attr *MetadataAttribute) setValidityDuration(weeks int) {
func (attr *MetadataAttribute) setValidityDuration(weeks uint) {
attr.setField(validityField, shortToByte(weeks))
}
......@@ -268,7 +269,10 @@ func (attr *MetadataAttribute) setExpiryDate(timestamp *Timestamp) error {
expiry = time.Time(*timestamp).Unix()
}
signing := attr.SigningDate().Unix()
attr.setValidityDuration(int((expiry - signing) / ExpiryFactor))
if expiry-signing < 0 {
return errors.New("cannot set expired date")
}
attr.setValidityDuration(uint((expiry - signing) / ExpiryFactor))
return nil
}
......@@ -339,8 +343,11 @@ func (attr *MetadataAttribute) setField(field metadataField, value []byte) {
attr.Int.SetBytes(bytes)
}
func shortToByte(x int) []byte {
func shortToByte(x uint) []byte {
bytes := make([]byte, 2)
if x > 1<<16 {
panic("overflow uint16")
}
binary.BigEndian.PutUint16(bytes, uint16(x))
return bytes
}
......@@ -58,7 +58,7 @@ type IrmaIdentifierSet struct {
SchemeManagers map[SchemeManagerIdentifier]struct{}
Issuers map[IssuerIdentifier]struct{}
CredentialTypes map[CredentialTypeIdentifier]struct{}
PublicKeys map[IssuerIdentifier][]int
PublicKeys map[IssuerIdentifier][]uint
AttributeTypes map[AttributeTypeIdentifier]struct{}
}
......@@ -67,7 +67,7 @@ func newIrmaIdentifierSet() *IrmaIdentifierSet {
SchemeManagers: map[SchemeManagerIdentifier]struct{}{},
Issuers: map[IssuerIdentifier]struct{}{},
CredentialTypes: map[CredentialTypeIdentifier]struct{}{},
PublicKeys: map[IssuerIdentifier][]int{},
PublicKeys: map[IssuerIdentifier][]uint{},
AttributeTypes: map[AttributeTypeIdentifier]struct{}{},
}
}
......@@ -214,7 +214,7 @@ func (set *IrmaIdentifierSet) join(other *IrmaIdentifierSet) {
}
for issuer := range other.PublicKeys {
if len(set.PublicKeys[issuer]) == 0 {
set.PublicKeys[issuer] = make([]int, 0, len(other.PublicKeys[issuer]))
set.PublicKeys[issuer] = make([]uint, 0, len(other.PublicKeys[issuer]))
}
set.PublicKeys[issuer] = append(set.PublicKeys[issuer], other.PublicKeys[issuer]...)
}
......
......@@ -379,12 +379,12 @@ func (s *Server) handleRevocationMessage(
if err != nil {
return server.BinaryResponse(nil, server.RemoteError(server.ErrorMalformedInput, err.Error()))
}
pkindex, err := strconv.ParseUint(args[2], 10, 32)
pkcounter, err := strconv.ParseUint(args[2], 10, 32)
if err != nil {
return server.BinaryResponse(nil, server.RemoteError(server.ErrorMalformedInput, err.Error()))
}
cred := irma.NewCredentialTypeIdentifier(args[0])
return server.BinaryResponse(s.handleGetUpdateFrom(cred, uint(pkindex), i))
return server.BinaryResponse(s.handleGetUpdateFrom(cred, uint(pkcounter), i))
}
if noun == "updatelatest" && method == http.MethodGet {
if len(args) != 2 {
......@@ -413,11 +413,11 @@ func (s *Server) handleRevocationMessage(
return server.BinaryResponse(nil, server.RemoteError(server.ErrorInvalidRequest, "POST issuancercord expects 2 url arguments"))
}
cred := irma.NewCredentialTypeIdentifier(args[0])
counter, err := strconv.ParseUint(args[1], 10, 64)
counter, err := strconv.ParseUint(args[1], 10, 32)
if err != nil {
return server.BinaryResponse(nil, server.RemoteError(server.ErrorMalformedInput, err.Error()))
}
return server.BinaryResponse(s.handlePostIssuanceRecord(cred, counter, message))
return server.BinaryResponse(s.handlePostIssuanceRecord(cred, uint(counter), message))
}
return server.BinaryResponse(nil, server.RemoteError(server.ErrorInvalidRequest, ""))
......
......@@ -223,15 +223,15 @@ func (s *Server) handlePostUpdate(typ irma.CredentialTypeIdentifier, update *rev
return nil, nil
}
// GET revocation/updatefrom/{credtype}/{pkindex}/{index}
// GET revocation/updatefrom/{credtype}/{pkcounter}/{index}
func (s *Server) handleGetUpdateFrom(
cred irma.CredentialTypeIdentifier, pkindex uint, index uint64,
cred irma.CredentialTypeIdentifier, pkcounter uint, index uint64,
) (*revocation.Update, *irma.RemoteError) {
if settings := s.conf.RevocationSettings[cred]; settings == nil ||
!(settings.Mode == irma.RevocationModeProxy || settings.Mode == irma.RevocationModeServer) {
return nil, server.RemoteError(server.ErrorInvalidRequest, "not supported by this server")
}
update, err := s.conf.IrmaConfiguration.Revocation.UpdateFrom(cred, pkindex, index)
update, err := s.conf.IrmaConfiguration.Revocation.UpdateFrom(cred, pkcounter, index)
if err != nil {
return nil, server.RemoteError(server.ErrorUnknown, err.Error()) // TODO error type
}
......@@ -255,7 +255,7 @@ func (s *Server) handleGetUpdateLatest(
// POST revocation/issuancerecord/{credtype}/{keycounter}
func (s *Server) handlePostIssuanceRecord(
cred irma.CredentialTypeIdentifier, counter uint64, message []byte,
cred irma.CredentialTypeIdentifier, counter uint, message []byte,
) (string, *irma.RemoteError) {
if settings := s.conf.RevocationSettings[cred]; settings == nil || settings.Mode != irma.RevocationModeServer {
return "", server.RemoteError(server.ErrorInvalidRequest, "not supported by this server")
......@@ -263,7 +263,7 @@ func (s *Server) handlePostIssuanceRecord(
// Grab the counter-th issuer public key, with which the message should be signed,
// and verify and unmarshal the issuance record
pk, err := s.conf.IrmaConfiguration.Revocation.Keys.PublicKey(cred.IssuerIdentifier(), uint(counter))
pk, err := s.conf.IrmaConfiguration.Revocation.Keys.PublicKey(cred.IssuerIdentifier(), counter)
if err != nil {
return "", server.RemoteError(server.ErrorUnknown, err.Error())
}
......
......@@ -104,7 +104,7 @@ func (session *session) issuanceHandleRevocation(
return nil, nil, errors.Errorf("no revocation updates found for key %d", cred.KeyCounter)
}
sig := u.SignedAccumulator
pk, err := rs.Keys.PublicKey(id.IssuerIdentifier(), sig.PKIndex)
pk, err := rs.Keys.PublicKey(id.IssuerIdentifier(), sig.PKCounter)
if err != nil {
return nil, nil, err
}
......@@ -121,7 +121,7 @@ func (session *session) issuanceHandleRevocation(
nonrevAttr = witness.E
issrecord := &irma.IssuanceRecord{
CredType: id,
PKIndex: sk.Counter,
PKCounter: sk.Counter,
Key: cred.RevocationKey,
Attr: (*irma.RevocationAttribute)(nonrevAttr),
Issued: time.Now().UnixNano(), // or (floored) cred issuance time?
......@@ -142,14 +142,14 @@ func (s *Server) validateIssuanceRequest(request *irma.IssuanceRequest) error {
if privatekey == nil {
return errors.Errorf("missing private key of issuer %s", iss.String())
}
pubkey, err := s.conf.IrmaConfiguration.PublicKey(iss, int(privatekey.Counter))
pubkey, err := s.conf.IrmaConfiguration.PublicKey(iss, privatekey.Counter)
if err != nil {
return err
}
if pubkey == nil {
return errors.Errorf("missing public key of issuer %s", iss.String())
}
cred.KeyCounter = int(privatekey.Counter)
cred.KeyCounter = privatekey.Counter
// Check that the credential is consistent with irma_configuration
if err := cred.Validate(s.conf.IrmaConfiguration); err != nil {
......
......@@ -387,7 +387,7 @@ func TestDisclosureNonexistingCredTypeUpdateSchemeManager(t *testing.T) {
ErrorType: irma.ErrorUnknownIdentifier,
Missing: &irma.IrmaIdentifierSet{
SchemeManagers: map[irma.SchemeManagerIdentifier]struct{}{},
PublicKeys: map[irma.IssuerIdentifier][]int{},
PublicKeys: map[irma.IssuerIdentifier][]uint{},
Issuers: map[irma.IssuerIdentifier]struct{}{
irma.NewIssuerIdentifier("irma-demo.baz"): struct{}{},
},
......
......@@ -91,7 +91,7 @@ func (cred *credential) NonrevPrepare(conf *irma.Configuration, request irma.Ses
func (cred *credential) NonrevApplyUpdates(update *revocation.Update, keys irma.RevocationKeys) (bool, error) {
oldindex := cred.NonRevocationWitness.Accumulator.Index
pk, err := keys.PublicKey(cred.CredentialType().IssuerIdentifier(), update.SignedAccumulator.PKIndex)
pk, err := keys.PublicKey(cred.CredentialType().IssuerIdentifier(), update.SignedAccumulator.PKCounter)
if err != nil {
return false, err
}
......
......@@ -254,7 +254,7 @@ func (s *storage) LoadSignature(attrs *irma.AttributeList) (*gabi.CLSignature, *
if sig.Witness != nil {
pk, err := s.Configuration.Revocation.Keys.PublicKey(
attrs.CredentialType().IssuerIdentifier(),
sig.Witness.SignedAccumulator.PKIndex,
sig.Witness.SignedAccumulator.PKCounter,
)
if err != nil {
return nil, nil, err
......
......@@ -48,7 +48,7 @@ type Configuration struct {
// Issuer private keys. If set (after calling ParseFolder()), will use these keys
// instead of keys in irma_configuration/$issuer/PrivateKeys.
PrivateKeys map[IssuerIdentifier]map[int]*gabi.PrivateKey
PrivateKeys map[IssuerIdentifier]map[uint]*gabi.PrivateKey
Revocation *RevocationStorage
......@@ -62,7 +62,7 @@ type Configuration struct {
Warnings []string
kssPublicKeys map[SchemeManagerIdentifier]map[int]*rsa.PublicKey
publicKeys map[IssuerIdentifier]map[int]*gabi.PublicKey
publicKeys map[IssuerIdentifier]map[uint]*gabi.PublicKey
reverseHashes map[string]CredentialTypeIdentifier
initialized bool
assets string
......@@ -165,8 +165,8 @@ func (conf *Configuration) clear() {
conf.AttributeTypes = make(map[AttributeTypeIdentifier]*AttributeType)
conf.DisabledSchemeManagers = make(map[SchemeManagerIdentifier]*SchemeManagerError)
conf.kssPublicKeys = make(map[SchemeManagerIdentifier]map[int]*rsa.PublicKey)
conf.publicKeys = make(map[IssuerIdentifier]map[int]*gabi.PublicKey)
conf.PrivateKeys = make(map[IssuerIdentifier]map[int]*gabi.PrivateKey)
conf.publicKeys = make(map[IssuerIdentifier]map[uint]*gabi.PublicKey)
conf.PrivateKeys = make(map[IssuerIdentifier]map[uint]*gabi.PrivateKey)
conf.reverseHashes = make(map[string]CredentialTypeIdentifier)
}
......@@ -321,7 +321,7 @@ func (conf *Configuration) ParseSchemeManagerFolder(dir string, manager *SchemeM
}
// PrivateKey returns the specified private key of the specified issuer if present; an error otherwise.
func (conf *Configuration) PrivateKey(id IssuerIdentifier, counter int) (*gabi.PrivateKey, error) {
func (conf *Configuration) PrivateKey(id IssuerIdentifier, counter uint) (*gabi.PrivateKey, error) {
if _, haveIssuer := conf.PrivateKeys[id]; haveIssuer {
if sk := conf.PrivateKeys[id][counter]; sk != nil {
return sk, nil
......@@ -329,17 +329,17 @@ func (conf *Configuration) PrivateKey(id IssuerIdentifier, counter int) (*gabi.P
}
path := fmt.Sprintf(privkeyPattern, conf.Path, id.SchemeManagerIdentifier().Name(), id.Name())
file := strings.Replace(path, "*", strconv.Itoa(counter), 1)
file := strings.Replace(path, "*", strconv.FormatUint(uint64(counter), 10), 1)
sk, err := gabi.NewPrivateKeyFromFile(file)
if err != nil {
return nil, err
}
if int(sk.Counter) != counter {
if sk.Counter != counter {
return nil, errors.Errorf("Private key %s of issuer %s has wrong <Counter>", file, id.String())
}
if conf.PrivateKeys[id] == nil {
conf.PrivateKeys[id] = make(map[int]*gabi.PrivateKey)
conf.PrivateKeys[id] = make(map[uint]*gabi.PrivateKey)
}
conf.PrivateKeys[id][counter] = sk
......@@ -359,7 +359,7 @@ func (conf *Configuration) PrivateKeyLatest(id IssuerIdentifier) (*gabi.PrivateK
}
// PublicKey returns the specified public key, or nil if not present in the Configuration.
func (conf *Configuration) PublicKey(id IssuerIdentifier, counter int) (*gabi.PublicKey, error) {
func (conf *Configuration) PublicKey(id IssuerIdentifier, counter uint) (*gabi.PublicKey, error) {
var haveIssuer, haveKey bool
var err error
_, haveIssuer = conf.publicKeys[id]
......@@ -494,7 +494,7 @@ func (conf *Configuration) DeleteSchemeManager(id SchemeManagerIdentifier) error
// parse $schememanager/$issuer/PublicKeys/$i.xml for $i = 1, ...
func (conf *Configuration) parseKeysFolder(issuerid IssuerIdentifier) error {
manager := conf.SchemeManagers[issuerid.SchemeManagerIdentifier()]
conf.publicKeys[issuerid] = map[int]*gabi.PublicKey{}
conf.publicKeys[issuerid] = map[uint]*gabi.PublicKey{}
path := fmt.Sprintf(pubkeyPattern, conf.Path, issuerid.SchemeManagerIdentifier().Name(), issuerid.Name())
files, err := filepath.Glob(path)
if err != nil {
......@@ -504,7 +504,7 @@ func (conf *Configuration) parseKeysFolder(issuerid IssuerIdentifier) error {
for _, file := range files {
filename := filepath.Base(file)
count := filename[:len(filename)-4]
i, err := strconv.Atoi(count)
i, err := strconv.ParseUint(count, 10, 32)
if err != nil {
return err
}
......@@ -520,39 +520,39 @@ func (conf *Configuration) parseKeysFolder(issuerid IssuerIdentifier) error {
if err != nil {
return err
}
if int(pk.Counter) != i {
if pk.Counter != uint(i) {
return errors.Errorf("Public key %s of issuer %s has wrong <Counter>", file, issuerid.String())
}
pk.Issuer = issuerid.String()
conf.publicKeys[issuerid][i] = pk
conf.publicKeys[issuerid][uint(i)] = pk
}
return nil
}
func (conf *Configuration) PrivateKeyIndices(issuerid IssuerIdentifier) (i []int, err error) {
func (conf *Configuration) PrivateKeyIndices(issuerid IssuerIdentifier) (i []uint, err error) {
return conf.matchKeyPattern(issuerid, privkeyPattern)
}
func (conf *Configuration) PublicKeyIndices(issuerid IssuerIdentifier) (i []int, err error) {
func (conf *Configuration) PublicKeyIndices(issuerid IssuerIdentifier) (i []uint, err error) {
return conf.matchKeyPattern(issuerid, pubkeyPattern)
}
func (conf *Configuration) matchKeyPattern(issuerid IssuerIdentifier, pattern string) (i []int, err error) {
func (conf *Configuration) matchKeyPattern(issuerid IssuerIdentifier, pattern string) (ints []uint, err error) {
pkpath := fmt.Sprintf(pattern, conf.Path, issuerid.SchemeManagerIdentifier().Name(), issuerid.Name())
files, err := filepath.Glob(pkpath)
if err != nil {
return
}
for _, file := range files {
var count int
var count uint64
base := filepath.Base(file)
if count, err = strconv.Atoi(base[:len(base)-4]); err != nil {
if count, err = strconv.ParseUint(base[:len(base)-4], 10, 32); err != nil {
return
}
i = append(i, count)
ints = append(ints, uint(count))
}
sort.Ints(i)
sort.Slice(ints, func(i, j int) bool { return ints[i] < ints[j] })
return
}
......@@ -1467,7 +1467,7 @@ func (conf *Configuration) ValidateKeys() error {
}
for _, privkey := range privkeys {
filename := filepath.Base(privkey)
count, err := strconv.Atoi(filename[:len(filename)-4])
count, err := strconv.ParseUint(filename[:len(filename)-4], 10, 32)
if err != nil {
return err
}
......@@ -1475,10 +1475,10 @@ func (conf *Configuration) ValidateKeys() error {
if err != nil {
return err
}
if int(sk.Counter) != count {
if sk.Counter != uint(count) {
return errors.Errorf("Private key %s of issuer %s has wrong <Counter>", filename, issuerid.String())
}
pk, err := conf.PublicKey(issuerid, count)
pk, err := conf.PublicKey(issuerid, uint(count))
if err != nil {
return err
}
......
......@@ -90,7 +90,7 @@ type IssuanceRequest struct {
// that will be issued in an IssuanceRequest.
type CredentialRequest struct {
Validity *Timestamp `json:"validity,omitempty"`
KeyCounter int `json:"keyCounter,omitempty"`
KeyCounter uint `json:"keyCounter,omitempty"`
CredentialTypeID CredentialTypeIdentifier `json:"credential"`
Attributes map[string]string `json:"attributes"`
RevocationKey string `json:"revocationKey,omitempty"`
......@@ -464,7 +464,7 @@ func (dr *DisclosureRequest) identifiers() *IrmaIdentifierSet {
SchemeManagers: map[SchemeManagerIdentifier]struct{}{},
Issuers: map[IssuerIdentifier]struct{}{},
CredentialTypes: map[CredentialTypeIdentifier]struct{}{},
PublicKeys: map[IssuerIdentifier][]int{},
PublicKeys: map[IssuerIdentifier][]uint{},
AttributeTypes: map[AttributeTypeIdentifier]struct{}{},
}
......@@ -591,7 +591,7 @@ func (ir *IssuanceRequest) Identifiers() *IrmaIdentifierSet {
Issuers: map[IssuerIdentifier]struct{}{},
CredentialTypes: map[CredentialTypeIdentifier]struct{}{},
AttributeTypes: map[AttributeTypeIdentifier]struct{}{},
PublicKeys: map[IssuerIdentifier][]int{},
PublicKeys: map[IssuerIdentifier][]uint{},
}
for _, credreq := range ir.Credentials {
......@@ -604,7 +604,7 @@ func (ir *IssuanceRequest) Identifiers() *IrmaIdentifierSet {
ir.ids.AttributeTypes[NewAttributeTypeIdentifier(credID.String()+"."+attr)] = struct{}{}
}
if ir.ids.PublicKeys[issuer] == nil {
ir.ids.PublicKeys[issuer] = []int{}
ir.ids.PublicKeys[issuer] = []uint{}
}
ir.ids.PublicKeys[issuer] = append(ir.ids.PublicKeys[issuer], credreq.KeyCounter)
}
......
......@@ -72,15 +72,15 @@ type (
eventHash revocation.Hash
AccumulatorRecord struct {
CredType CredentialTypeIdentifier `gorm:"primary_key"`
Data signedMessage
PKIndex uint `gorm:"primary_key;auto_increment:false"`
CredType CredentialTypeIdentifier `gorm:"primary_key"`
Data signedMessage
PKCounter uint `gorm:"primary_key;auto_increment:false"`
}
EventRecord struct {
Index uint64 `gorm:"primary_key;column:eventindex"`
CredType CredentialTypeIdentifier `gorm:"primary_key"`
PKIndex uint `gorm:"primary_key;auto_increment:false"`
PKCounter uint `gorm:"primary_key;auto_increment:false"`
E *RevocationAttribute
ParentHash eventHash
}
......@@ -89,7 +89,7 @@ type (
IssuanceRecord struct {
Key string `gorm:"primary_key;column:revocationkey"`
CredType CredentialTypeIdentifier `gorm:"primary_key"`
PKIndex uint
PKCounter uint
Attr *RevocationAttribute
Issued int64
ValidUntil int64
......@@ -172,16 +172,16 @@ func (rs *RevocationStorage) RevocationEnabled(typ CredentialTypeIdentifier) (bo
// UpdateFrom returns all records that a client requires to update its revocation state if it is currently
// at the specified index, that is, all records whose end index is greater than or equal to
// the specified index.
func (rs *RevocationStorage) UpdateFrom(typ CredentialTypeIdentifier, pkindex uint, index uint64) (*revocation.Update, error) {
func (rs *RevocationStorage) UpdateFrom(typ CredentialTypeIdentifier, pkcounter uint, index uint64) (*revocation.Update, error) {
// Only requires SQL implementation
var update *revocation.Update
if err := rs.db.Transaction(func(tx revStorage) error {
acc, _, err := rs.accumulator(tx, typ, pkindex)
acc, _, err := rs.accumulator(tx, typ, pkcounter)
if err != nil {
return err
}
var events []*EventRecord
if err := tx.From(&events, "cred_type = ? and pk_index = ? and index >= ?", typ, pkindex, index); err != nil {
if err := tx.From(&events, "cred_type = ? and pk_counter = ? and index >= ?", typ, pkcounter, index); err != nil {
return err
}
update = rs.newUpdate(acc, events)
......@@ -221,11 +221,11 @@ func (rs *RevocationStorage) UpdateLatest(typ CredentialTypeIdentifier, count ui
func (*RevocationStorage) newUpdates(records []*AccumulatorRecord, events []*EventRecord) map[uint]*revocation.Update {
accs := map[uint]*revocation.SignedAccumulator{}
for _, r := range records {
accs[r.PKIndex] = r.SignedAccumulator()
accs[r.PKCounter] = r.SignedAccumulator()
}
updates := make(map[uint]*revocation.Update, len(accs))
for _, e := range events {
i := e.PKIndex
i := e.PKCounter
if accs[i] == nil {
continue
}
......@@ -256,7 +256,7 @@ func (rs *RevocationStorage) AddUpdate(typ CredentialTypeIdentifier, record *rev
func (rs *RevocationStorage) addUpdate(tx revStorage, typ CredentialTypeIdentifier, update *revocation.Update, create bool) error {
// Unmarshal and verify the record against the appropriate public key
pk, err := rs.Keys.PublicKey(typ.IssuerIdentifier(), update.SignedAccumulator.PKIndex)
pk, err := rs.Keys.PublicKey(typ.IssuerIdentifier(), update.SignedAccumulator.PKCounter)
if err != nil {
return err
}
......@@ -274,7 +274,7 @@ func (rs *RevocationStorage) addUpdate(tx revStorage, typ CredentialTypeIdentifi
return err
}
for _, event := range update.Events {
if err = tx.Insert(new(EventRecord).Convert(typ, update.SignedAccumulator.PKIndex, event)); err != nil {
if err = tx.Insert(new(EventRecord).Convert(typ, update.SignedAccumulator.PKCounter, event)); err != nil {
return err
}
}
......@@ -329,7 +329,7 @@ func (rs *RevocationStorage) Revoke(typ CredentialTypeIdentifier, key string) er
if err = tx.Save(&issrecord); err != nil {
return err
}
sk, err := rs.Keys.PrivateKey(typ.IssuerIdentifier(), issrecord.PKIndex)
sk, err := rs.Keys.PrivateKey(typ.IssuerIdentifier(), issrecord.PKCounter)
if err != nil {
return err
}
......@@ -346,7 +346,7 @@ func (rs *RevocationStorage) revokeAttr(tx revStorage, typ CredentialTypeIdentif
return errors.Errorf("cannot revoke for type %s, not enabled yet", typ)
}
var parent EventRecord
if err = rs.db.Last(&parent, map[string]interface{}{"cred_type": typ, "pk_index": sk.Counter}); err != nil {
if err = rs.db.Last(&parent, map[string]interface{}{"cred_type": typ, "pk_counter": sk.Counter}); err != nil {
return err
}
......@@ -363,27 +363,27 @@ func (rs *RevocationStorage) revokeAttr(tx revStorage, typ CredentialTypeIdentif
// Accumulator methods
// accumulator retrieves, verifies and deserializes the accumulator of the given type and key.
func (rs *RevocationStorage) accumulator(tx revStorage, typ CredentialTypeIdentifier, pkindex uint) (
func (rs *RevocationStorage) accumulator(tx revStorage, typ CredentialTypeIdentifier, pkcounter uint) (
*revocation.SignedAccumulator, *revocation.Accumulator, error,
) {
var err error
var sacc *revocation.SignedAccumulator
if rs.sqlMode {
record := &AccumulatorRecord{}
if err = tx.Last(record, map[string]interface{}{"cred_type": typ, "pk_index": pkindex}); err != nil {
if err = tx.Last(record, map[string]interface{}{"cred_type": typ, "pk_counter": pkcounter}); err != nil {
if gorm.IsRecordNotFoundError(err) {
return nil, nil, nil
}
}
sacc = record.SignedAccumulator()
} else {
sacc = rs.memdb.SignedAccumulator(typ, pkindex)
sacc = rs.memdb.SignedAccumulator(typ, pkcounter)
if sacc == nil {
return nil, nil, nil
}
}
pk, err := rs.Keys.PublicKey(typ.IssuerIdentifier(), sacc.PKIndex)
pk, err := rs.Keys.PublicKey(typ.IssuerIdentifier(), sacc.PKCounter)
if err != nil {
return nil, nil, err
}
......@@ -578,11 +578,11 @@ func (client RevocationClient) PostIssuanceRecord(typ CredentialTypeIdentifier,
}
// FetchRevocationRecords gets revocation update messages from the revocation server, of the specified index and greater.
func (client RevocationClient) FetchUpdateFrom(typ CredentialTypeIdentifier, pkindex uint, index uint64) (*revocation.Update, error) {
func (client RevocationClient) FetchUpdateFrom(typ CredentialTypeIdentifier, pkcounter uint, index uint64) (*revocation.Update, error) {
update := &revocation.Update{}
return update, client.getMultiple(
client.Conf.CredentialTypes[typ].RevocationServers,
fmt.Sprintf("revocation/updatefrom/%s/%d/%d", typ, pkindex, index),
fmt.Sprintf("revocation/updatefrom/%s/%d/%d", typ, pkcounter, index),
&update,
)
}
......@@ -630,7 +630,7 @@ func (rs RevocationKeys) PrivateKeyLatest(issid IssuerIdentifier) (*revocation.P
}
func (rs RevocationKeys) PrivateKey(issid IssuerIdentifier, counter uint) (*revocation.PrivateKey, error) {
sk, err := rs.Conf.PrivateKey(issid, int(counter))
sk, err := rs.Conf.PrivateKey(issid, counter)
if err != nil {
return nil, err
}
......@@ -645,7 +645,7 @@ func (rs RevocationKeys) PrivateKey(issid IssuerIdentifier, counter uint) (*revo
}
func (rs RevocationKeys) PublicKey(issid IssuerIdentifier, counter uint) (*revocation.PublicKey, error) {
pk, err := rs.Conf.PublicKey(issid, int(counter))
pk, err := rs.Conf.PublicKey(issid, counter)
if err != nil {
return nil, err
}
......@@ -669,29 +669,29 @@ func (e *EventRecord) Event() *revocation.Event {
}
}
func (e *EventRecord) Convert(typ CredentialTypeIdentifier, pkindex uint, event *revocation.Event) *EventRecord {
func (e *EventRecord) Convert(typ CredentialTypeIdentifier, pkcounter uint, event *revocation.Event) *EventRecord {
*e = EventRecord{
Index: event.Index,
E: (*RevocationAttribute)(event.E),
ParentHash: eventHash(event.ParentHash),
CredType: typ,
PKIndex: pkindex,
PKCounter: pkcounter,
}
return e
}
func (a *AccumulatorRecord) SignedAccumulator() *revocation.SignedAccumulator {
return &revocation.SignedAccumulator{
PKIndex: a.PKIndex,
Data: signed.Message(a.Data),
PKCounter: a.PKCounter,
Data: signed.Message(a.Data),
}
}
func (a *AccumulatorRecord) Convert(typ CredentialTypeIdentifier, sacc *revocation.SignedAccumulator) *AccumulatorRecord {
*a = AccumulatorRecord{
Data: signedMessage(sacc.Data),
PKIndex: sacc.PKIndex,
CredType: typ,
Data: signedMessage(sacc.Data),
PKCounter: sacc.PKCounter,
CredType: typ,
}
return a
}
......