Commit a0660056 authored by Sietse Ringers's avatar Sietse Ringers
Browse files

refactor: use JSON-LD @context in session request messages

parent a23c555d
......@@ -11,7 +11,7 @@ import (
"github.com/privacybydesign/gabi/big"
)
const SignedMessageLDContext = "https://irma.app/ld/signature/v2"
const LDContextSignedMessage = "https://irma.app/ld/signature/v2"
// SignedMessage is a message signed with an attribute-based signature
// The 'realnonce' will be calculated as: SigRequest.GetNonce() = ASN1(nonce, SHA256(message), timestampSignature)
......
......@@ -135,7 +135,7 @@ func (session *session) createLogEntry(response interface{}) (*LogEntry, error)
request := session.request.(*irma.SignatureRequest)
entry.SignedMessage = []byte(request.Message)
entry.Timestamp = session.timestamp
entry.SignedMessageLDContext = irma.SignedMessageLDContext
entry.SignedMessageLDContext = irma.LDContextSignedMessage
fallthrough
case irma.ActionDisclosing:
......
......@@ -261,7 +261,7 @@ func TestSessionRequests(t *testing.T) {
sigMessage := "message to be signed"
base := &DisclosureRequest{
BaseRequest: BaseRequest{Type: ActionDisclosing, Version: 2},
BaseRequest: BaseRequest{LDContext: LDContextDisclosureRequest},
Disclose: AttributeConDisCon{
AttributeDisCon{
AttributeCon{NewAttributeRequest("irma-demo.MijnOverheid.ageLimits.over18")},
......@@ -299,8 +299,7 @@ func TestSessionRequests(t *testing.T) {
}`,
current: &DisclosureRequest{},
currentJson: `{
"type": "disclosing",
"v": 2,
"@context": "https://irma.app/ld/request/disclosure/v2",
"disclose": [
[
[
......@@ -331,7 +330,7 @@ func TestSessionRequests(t *testing.T) {
{
expected: &SignatureRequest{
DisclosureRequest{BaseRequest{Type: ActionSigning, Version: 2}, base.Disclose, base.Labels},
DisclosureRequest{BaseRequest{LDContext: LDContextSignatureRequest}, base.Disclose, base.Labels},
sigMessage,
},
old: &SignatureRequest{},
......@@ -354,8 +353,7 @@ func TestSessionRequests(t *testing.T) {
}`,
current: &SignatureRequest{},
currentJson: `{
"type": "signing",
"v": 2,
"@context": "https://irma.app/ld/request/signature/v2",
"disclose": [
[
[
......@@ -387,7 +385,7 @@ func TestSessionRequests(t *testing.T) {
{
expected: &IssuanceRequest{
DisclosureRequest: DisclosureRequest{BaseRequest{Type: ActionIssuing, Version: 2}, base.Disclose, base.Labels},
DisclosureRequest: DisclosureRequest{BaseRequest{LDContext: LDContextIssuanceRequest}, base.Disclose, base.Labels},
Credentials: []*CredentialRequest{
{
CredentialTypeID: NewCredentialTypeIdentifier("irma-demo.MijnOverheid.root"),
......@@ -418,8 +416,7 @@ func TestSessionRequests(t *testing.T) {
}`,
current: &IssuanceRequest{},
currentJson: `{
"type": "issuing",
"v": 2,
"@context": "https://irma.app/ld/request/issuance/v2",
"credentials": [
{
"credential": "irma-demo.MijnOverheid.root",
......@@ -460,7 +457,8 @@ func TestSessionRequests(t *testing.T) {
for _, tst := range tests {
require.NoError(t, json.Unmarshal([]byte(tst.oldJson), tst.old))
require.NoError(t, json.Unmarshal([]byte(tst.currentJson), tst.current))
tst.old.Base().legacy = false
tst.old.Base().legacy = false // We don't care about this field differing, override it
tst.old.Base().Type = "" // same
require.True(t, reflect.DeepEqual(tst.old, tst.expected), "Legacy %s did not unmarshal to expected value", reflect.TypeOf(tst.old).String())
require.True(t, reflect.DeepEqual(tst.current, tst.expected), "%s did not unmarshal to expected value", reflect.TypeOf(tst.old).String())
......
......@@ -39,7 +39,7 @@ func (dr *LegacyDisclosureRequest) Validate() error { panic("not
func (dr *LegacyDisclosureRequest) Disclosure() *DisclosureRequest { panic("not implemented") }
func (dr *LegacyDisclosureRequest) Identifiers() *IrmaIdentifierSet { panic("not implemented") }
func (dr *LegacyDisclosureRequest) Base() *BaseRequest { return &dr.BaseRequest }
func (dr *LegacyDisclosureRequest) Action() Action { return dr.Type }
func (dr *LegacyDisclosureRequest) Action() Action { return ActionDisclosing }
func (dr *LegacyDisclosureRequest) Legacy() (SessionRequest, error) { return dr, nil }
type LegacySignatureRequest struct {
......@@ -47,6 +47,8 @@ type LegacySignatureRequest struct {
Message string `json:"message"`
}
func (ir *LegacySignatureRequest) Action() Action { return ActionIssuing }
type LegacyIssuanceRequest struct {
BaseRequest
Credentials []*CredentialRequest `json:"credentials"`
......@@ -57,7 +59,7 @@ func (ir *LegacyIssuanceRequest) Validate() error { panic("not i
func (ir *LegacyIssuanceRequest) Disclosure() *DisclosureRequest { panic("not implemented") }
func (ir *LegacyIssuanceRequest) Identifiers() *IrmaIdentifierSet { panic("not implemented") }
func (ir *LegacyIssuanceRequest) Base() *BaseRequest { return &ir.BaseRequest }
func (ir *LegacyIssuanceRequest) Action() Action { return ir.Type }
func (ir *LegacyIssuanceRequest) Action() Action { return ActionIssuing }
func (ir *LegacyIssuanceRequest) Legacy() (SessionRequest, error) { return ir, nil }
func convertConDisCon(cdc AttributeConDisCon, labels map[int]TranslatedString) ([]LegacyLabeledDisjunction, error) {
......@@ -96,14 +98,14 @@ func convertDisjunctions(disjunctions []LegacyLabeledDisjunction) (
return
}
func parseVersion(bts []byte) (int, error) {
func parseLDContext(bts []byte) (string, error) {
var v struct {
Version int `json:"v"`
LDContext string `json:"@context"`
}
if err := json.Unmarshal(bts, &v); err != nil {
return 0, err
return "", err
}
return v.Version, nil
return v.LDContext, nil
}
func checkType(typ, expected Action) error {
......@@ -168,7 +170,7 @@ func (dr *DisclosureRequest) Legacy() (SessionRequest, error) {
}
return &LegacyDisclosureRequest{
BaseRequest: BaseRequest{
Type: dr.Type,
Type: ActionDisclosing,
Context: dr.Context,
Nonce: dr.Nonce,
ProtocolVersion: dr.ProtocolVersion,
......@@ -178,12 +180,12 @@ func (dr *DisclosureRequest) Legacy() (SessionRequest, error) {
}
func (dr *DisclosureRequest) UnmarshalJSON(bts []byte) (err error) {
var version int
if version, err = parseVersion(bts); err != nil {
var ldContext string
if ldContext, err = parseLDContext(bts); err != nil {
return err
}
if version >= 2 {
if ldContext != "" {
type newDisclosureRequest DisclosureRequest // Same type with default JSON unmarshaler
var req newDisclosureRequest
if err = json.Unmarshal(bts, &req); err != nil {
......@@ -199,7 +201,7 @@ func (dr *DisclosureRequest) UnmarshalJSON(bts []byte) (err error) {
}
dr.BaseRequest = legacy.BaseRequest
dr.legacy = true
dr.Version = 2
dr.LDContext = LDContextDisclosureRequest
dr.Disclose, dr.Labels = convertDisjunctions(legacy.Content)
return checkType(legacy.Type, ActionDisclosing)
......@@ -214,7 +216,7 @@ func (sr *SignatureRequest) Legacy() (SessionRequest, error) {
Message: sr.Message,
LegacyDisclosureRequest: LegacyDisclosureRequest{
BaseRequest: BaseRequest{
Type: sr.Type,
Type: ActionSigning,
Context: sr.Context,
Nonce: sr.Nonce,
ProtocolVersion: sr.ProtocolVersion,
......@@ -225,12 +227,12 @@ func (sr *SignatureRequest) Legacy() (SessionRequest, error) {
}
func (sr *SignatureRequest) UnmarshalJSON(bts []byte) (err error) {
var version int
if version, err = parseVersion(bts); err != nil {
var ldContext string
if ldContext, err = parseLDContext(bts); err != nil {
return err
}
if version >= 2 {
if ldContext != "" {
var req struct { // Identical type with default JSON unmarshaler
BaseRequest
Disclose AttributeConDisCon `json:"disclose"`
......@@ -257,7 +259,7 @@ func (sr *SignatureRequest) UnmarshalJSON(bts []byte) (err error) {
}
sr.BaseRequest = legacy.BaseRequest
sr.legacy = true
sr.Version = 2
sr.LDContext = LDContextSignatureRequest
sr.Disclose, sr.Labels = convertDisjunctions(legacy.Content)
sr.Message = legacy.Message
......@@ -271,7 +273,7 @@ func (ir *IssuanceRequest) Legacy() (SessionRequest, error) {
}
return &LegacyIssuanceRequest{
BaseRequest: BaseRequest{
Type: ir.Type,
Type: ActionIssuing,
Context: ir.Context,
Nonce: ir.Nonce,
ProtocolVersion: ir.ProtocolVersion,
......@@ -282,12 +284,12 @@ func (ir *IssuanceRequest) Legacy() (SessionRequest, error) {
}
func (ir *IssuanceRequest) UnmarshalJSON(bts []byte) (err error) {
var version int
if version, err = parseVersion(bts); err != nil {
var ldContext string
if ldContext, err = parseLDContext(bts); err != nil {
return err
}
if version >= 2 {
if ldContext != "" {
var req struct { // Identical type with default JSON unmarshaler
BaseRequest
Disclose AttributeConDisCon `json:"disclose"`
......@@ -310,7 +312,7 @@ func (ir *IssuanceRequest) UnmarshalJSON(bts []byte) (err error) {
}
ir.BaseRequest = legacy.BaseRequest
ir.legacy = true
ir.Version = 2
ir.LDContext = LDContextIssuanceRequest
ir.Credentials = legacy.Credentials
ir.Disclose, ir.Labels = convertDisjunctions(legacy.Disclose)
......
......@@ -15,20 +15,25 @@ import (
"github.com/privacybydesign/irmago/internal/fs"
)
const (
LDContextDisclosureRequest = "https://irma.app/ld/request/disclosure/v2"
LDContextSignatureRequest = "https://irma.app/ld/request/signature/v2"
LDContextIssuanceRequest = "https://irma.app/ld/request/issuance/v2"
)
// BaseRequest contains the context and nonce for an IRMA session.
type BaseRequest struct {
// Denotes session type, must be "disclosing", "signing" or "issuing"
Type Action `json:"type"`
// Message version. Current version is 2.
Version int `json:"v,omitempty"`
LDContext string `json:"@context,omitempty"`
// Chosen by the IRMA server during the session
Context *big.Int `json:"context,omitempty"`
Nonce *big.Int `json:"nonce,omitempty"`
ProtocolVersion *ProtocolVersion `json:"protocolVersion,omitempty"`
ids *IrmaIdentifierSet // cache for Identifiers() method
legacy bool
ids *IrmaIdentifierSet // cache for Identifiers() method
legacy bool // Whether or not this was deserialized from a legacy (pre-condiscon) request
Type Action `json:"type,omitempty"` // Session type, only used in legacy code
}
// An AttributeCon is only satisfied if all of its containing attribute requests are satisfied.
......@@ -384,7 +389,7 @@ func (dr *DisclosureRequest) AddSingle(attr AttributeTypeIdentifier, value *stri
func NewDisclosureRequest(attrs ...AttributeTypeIdentifier) *DisclosureRequest {
request := &DisclosureRequest{
BaseRequest: BaseRequest{Type: ActionDisclosing, Version: 2},
BaseRequest: BaseRequest{LDContext: LDContextDisclosureRequest},
Labels: map[int]TranslatedString{},
}
for _, attr := range attrs {
......@@ -395,7 +400,7 @@ func NewDisclosureRequest(attrs ...AttributeTypeIdentifier) *DisclosureRequest {
func NewSignatureRequest(message string, attrs ...AttributeTypeIdentifier) *SignatureRequest {
dr := NewDisclosureRequest(attrs...)
dr.Type = ActionSigning
dr.LDContext = LDContextSignatureRequest
return &SignatureRequest{
DisclosureRequest: *dr,
Message: message,
......@@ -404,7 +409,7 @@ func NewSignatureRequest(message string, attrs ...AttributeTypeIdentifier) *Sign
func NewIssuanceRequest(creds []*CredentialRequest, attrs ...AttributeTypeIdentifier) *IssuanceRequest {
dr := NewDisclosureRequest(attrs...)
dr.Type = ActionIssuing
dr.LDContext = LDContextIssuanceRequest
return &IssuanceRequest{
DisclosureRequest: *dr,
Credentials: creds,
......@@ -442,7 +447,7 @@ func (dr *DisclosureRequest) Base() *BaseRequest {
func (dr *DisclosureRequest) Action() Action { return ActionDisclosing }
func (dr *DisclosureRequest) Validate() error {
if dr.Type != ActionDisclosing {
if dr.LDContext != LDContextDisclosureRequest {
return errors.New("Not a disclosure request")
}
if len(dr.Disclose) == 0 {
......@@ -573,7 +578,7 @@ func (ir *IssuanceRequest) GetCredentialInfoList(conf *Configuration, version *P
func (ir *IssuanceRequest) Action() Action { return ActionIssuing }
func (ir *IssuanceRequest) Validate() error {
if ir.Type != ActionIssuing {
if ir.LDContext != LDContextIssuanceRequest {
return errors.New("Not an issuance request")
}
if len(ir.Credentials) == 0 {
......@@ -611,7 +616,7 @@ func (sr *SignatureRequest) SignatureFromMessage(message interface{}, timestamp
nonce = bigZero
}
return &SignedMessage{
LDContext: SignedMessageLDContext,
LDContext: LDContextSignedMessage,
Signature: signature.Proofs,
Indices: signature.Indices,
Nonce: nonce,
......@@ -624,7 +629,7 @@ func (sr *SignatureRequest) SignatureFromMessage(message interface{}, timestamp
func (sr *SignatureRequest) Action() Action { return ActionSigning }
func (sr *SignatureRequest) Validate() error {
if sr.Type != ActionSigning {
if sr.LDContext != LDContextSignatureRequest {
return errors.New("Not a signature request")
}
if sr.Message == "" {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment