Commit 96d12393 authored by Sietse Ringers's avatar Sietse Ringers
Browse files

Signature filename is now hash of attributes

parent d1f72f93
......@@ -8,6 +8,8 @@ import (
"math/big"
"time"
"encoding/hex"
"github.com/mhe/gabi"
)
......@@ -66,6 +68,15 @@ func (al *AttributeList) Info() *CredentialInfo {
return al.info
}
func (al *AttributeList) hash() string {
bytes := []byte{}
for _, i := range al.Ints {
bytes = append(bytes, i.Bytes()...)
}
shasum := sha256.Sum256(bytes)
return hex.EncodeToString(shasum[:])
}
// Strings converts the current instance to human-readable strings.
func (al *AttributeList) Strings() []string {
if al.strings == nil {
......
......@@ -13,6 +13,7 @@ import (
type credential struct {
*gabi.Credential
*MetadataAttribute
attrs *AttributeList
}
// CredentialInfo contains all information of an IRMA credential.
......@@ -67,6 +68,13 @@ func newCredential(gabicred *gabi.Credential, store *ConfigurationStore) (*crede
return cred, nil
}
func (cred *credential) AttributeList() *AttributeList {
if cred.attrs == nil {
cred.attrs = NewAttributeListFromInts(cred.Credential.Attributes[1:], cred.MetadataAttribute.store)
}
return cred.attrs
}
// Len implements sort.Interface.
func (cl CredentialInfoList) Len() int {
return len(cl)
......
......@@ -88,8 +88,7 @@ func (cm *CredentialManager) credential(id CredentialTypeIdentifier, counter int
if attrs == nil { // We do not have the requested cred
return
}
ints := append([]*big.Int{cm.secretkey}, attrs.Ints...)
sig, err := cm.loadSignature(id, counter)
sig, err := cm.loadSignature(attrs)
if err != nil {
return nil, err
}
......@@ -97,8 +96,7 @@ func (cm *CredentialManager) credential(id CredentialTypeIdentifier, counter int
err = errors.New("signature file not found")
return nil, err
}
meta := MetadataFromInt(ints[1], cm.Store)
pk, err := meta.PublicKey()
pk, err := attrs.PublicKey()
if err != nil {
return nil, err
}
......@@ -106,7 +104,7 @@ func (cm *CredentialManager) credential(id CredentialTypeIdentifier, counter int
return nil, errors.New("unknown public key")
}
cred, err := newCredential(&gabi.Credential{
Attributes: ints,
Attributes: append([]*big.Int{cm.secretkey}, attrs.Ints...),
Signature: sig,
Pk: pk,
}, cm.Store)
......@@ -122,9 +120,8 @@ func (cm *CredentialManager) credential(id CredentialTypeIdentifier, counter int
// addCredential adds the specified credential to the CredentialManager, saving its signature
// imediately, and optionally cm.attributes as well.
func (cm *CredentialManager) addCredential(cred *credential, storeAttributes bool) (err error) {
attrs := NewAttributeListFromInts(cred.Attributes[1:], cm.Store)
id := cred.CredentialType().Identifier()
cm.attributes[id] = append(cm.attrs(id), attrs)
cm.attributes[id] = append(cm.attrs(id), cred.AttributeList())
if _, exists := cm.credentials[id]; !exists {
cm.credentials[id] = make(map[int]*credential)
......@@ -161,7 +158,7 @@ func (cm *CredentialManager) Candidates(disjunction *AttributeDisjunction) []*At
if attribute.IsCredential() {
candidates = append(candidates, id)
} else {
attrs := NewAttributeListFromInts(cred.Attributes[1:], cm.Store)
attrs := cred.AttributeList()
val := attrs.Attribute(attribute)
if val == "" { // This won't handle empty attributes correctly
continue
......
......@@ -6,7 +6,6 @@ import (
"io"
"io/ioutil"
"os"
"strconv"
"crypto/rand"
"encoding/hex"
......@@ -185,8 +184,8 @@ func (cm *CredentialManager) path(file string) string {
return cm.storagePath + "/" + file
}
func (cm *CredentialManager) signatureFilename(id string, counter int) string {
return cm.path(signaturesDir) + "/" + id + "-" + strconv.Itoa(counter)
func (cm *CredentialManager) signatureFilename(attrs *AttributeList) string {
return cm.path(signaturesDir) + "/" + attrs.hash()
}
// ensureStorageExists initializes the credential storage folder,
......@@ -257,7 +256,7 @@ func (cm *CredentialManager) storeSignature(cred *credential, counter int) (err
}
// TODO existence check
filename := cm.signatureFilename(cred.CredentialType().Identifier().String(), counter)
filename := cm.signatureFilename(cred.AttributeList())
err = ioutil.WriteFile(filename, credbytes, 0600)
return
}
......@@ -291,8 +290,8 @@ func (cm *CredentialManager) storePaillierKeys() (err error) {
return
}
func (cm *CredentialManager) loadSignature(id CredentialTypeIdentifier, counter int) (signature *gabi.CLSignature, err error) {
sigpath := cm.signatureFilename(id.String(), counter)
func (cm *CredentialManager) loadSignature(attrs *AttributeList) (signature *gabi.CLSignature, err error) {
sigpath := cm.signatureFilename(attrs)
exists, err := PathExists(sigpath)
if err != nil {
return
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment