Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
IRMA
Github mirrors
irmago
Commits
a2f3c61d
Commit
a2f3c61d
authored
Oct 24, 2017
by
Sietse Ringers
Browse files
Renaming, 1: CredentialManager -> Client
parent
9c35e6d7
Changes
8
Expand all
Hide whitespace changes
Inline
Side-by-side
manager
.go
→
client
.go
View file @
a2f3c61d
This diff is collapsed.
Click to expand it.
irmago_test.go
View file @
a2f3c61d
...
...
@@ -34,13 +34,13 @@ func (i *IgnoringClientHandler) UpdateAttributes()
func
(
i
*
IgnoringClientHandler
)
EnrollmentError
(
manager
SchemeManagerIdentifier
,
err
error
)
{}
func
(
i
*
IgnoringClientHandler
)
EnrollmentSuccess
(
manager
SchemeManagerIdentifier
)
{}
func
parseStorage
(
t
*
testing
.
T
)
*
C
redentialManager
{
func
parseStorage
(
t
*
testing
.
T
)
*
C
lient
{
exists
,
err
:=
PathExists
(
"testdata/storage/test"
)
require
.
NoError
(
t
,
err
,
"pathexists() failed"
)
if
!
exists
{
require
.
NoError
(
t
,
os
.
Mkdir
(
"testdata/storage/test"
,
0755
),
"Could not create test storage"
)
}
manager
,
err
:=
NewC
redentialManager
(
manager
,
err
:=
NewC
lient
(
"testdata/storage/test"
,
"testdata/irma_configuration"
,
"testdata/oldstorage"
,
...
...
@@ -61,18 +61,18 @@ func s2big(s string) (r *big.Int) {
return
}
func
verifyManagerIsUnmarshaled
(
t
*
testing
.
T
,
manager
*
CredentialManager
)
{
cred
,
err
:=
manager
.
credential
(
NewCredentialTypeIdentifier
(
"irma-demo.RU.studentCard"
),
0
)
func
verifyManagerIsUnmarshaled
(
t
*
testing
.
T
,
client
*
Client
)
{
cred
,
err
:=
client
.
credential
(
NewCredentialTypeIdentifier
(
"irma-demo.RU.studentCard"
),
0
)
require
.
NoError
(
t
,
err
,
"could not fetch credential"
)
require
.
NotNil
(
t
,
cred
,
"Credential should exist"
)
require
.
NotNil
(
t
,
cred
.
Attributes
[
0
],
"Metadata attribute of irma-demo.RU.studentCard should not be nil"
)
cred
,
err
=
manager
.
credential
(
NewCredentialTypeIdentifier
(
"test.test.mijnirma"
),
0
)
cred
,
err
=
client
.
credential
(
NewCredentialTypeIdentifier
(
"test.test.mijnirma"
),
0
)
require
.
NoError
(
t
,
err
,
"could not fetch credential"
)
require
.
NotNil
(
t
,
cred
,
"Credential should exist"
)
require
.
NotNil
(
t
,
cred
.
Signature
.
KeyshareP
)
require
.
NotEmpty
(
t
,
manager
.
CredentialInfoList
())
require
.
NotEmpty
(
t
,
client
.
CredentialInfoList
())
pk
,
err
:=
cred
.
PublicKey
()
require
.
NoError
(
t
,
err
)
...
...
@@ -82,10 +82,10 @@ func verifyManagerIsUnmarshaled(t *testing.T, manager *CredentialManager) {
)
}
func
verifyCredentials
(
t
*
testing
.
T
,
manager
*
CredentialManager
)
{
func
verifyCredentials
(
t
*
testing
.
T
,
client
*
Client
)
{
var
pk
*
gabi
.
PublicKey
var
err
error
for
credtype
,
credsmap
:=
range
manager
.
credentials
{
for
credtype
,
credsmap
:=
range
client
.
credentials
{
for
index
,
cred
:=
range
credsmap
{
pk
,
err
=
cred
.
PublicKey
()
require
.
NoError
(
t
,
err
)
...
...
@@ -93,7 +93,7 @@ func verifyCredentials(t *testing.T, manager *CredentialManager) {
cred
.
Credential
.
Signature
.
Verify
(
pk
,
cred
.
Attributes
),
"Credential %s-%d was invalid"
,
credtype
.
String
(),
index
,
)
require
.
Equal
(
t
,
cred
.
Attributes
[
0
],
manager
.
secretkey
.
Key
,
require
.
Equal
(
t
,
cred
.
Attributes
[
0
],
client
.
secretkey
.
Key
,
"Secret key of credential %s-%d unequal to main secret key"
,
cred
.
CredentialType
()
.
Identifier
()
.
String
(),
index
,
)
...
...
@@ -118,16 +118,16 @@ func verifyPaillierKey(t *testing.T, PrivateKey *paillierPrivateKey) {
require
.
Equal
(
t
,
plaintext
,
string
(
decrypted
))
}
func
verifyKeyshareIsUnmarshaled
(
t
*
testing
.
T
,
manager
*
CredentialManager
)
{
require
.
NotNil
(
t
,
manager
.
paillierKeyCache
)
require
.
NotNil
(
t
,
manager
.
keyshareServers
)
func
verifyKeyshareIsUnmarshaled
(
t
*
testing
.
T
,
client
*
Client
)
{
require
.
NotNil
(
t
,
client
.
paillierKeyCache
)
require
.
NotNil
(
t
,
client
.
keyshareServers
)
test
:=
NewSchemeManagerIdentifier
(
"test"
)
require
.
Contains
(
t
,
manager
.
keyshareServers
,
test
)
kss
:=
manager
.
keyshareServers
[
test
]
require
.
Contains
(
t
,
client
.
keyshareServers
,
test
)
kss
:=
client
.
keyshareServers
[
test
]
require
.
NotEmpty
(
t
,
kss
.
Nonce
)
verifyPaillierKey
(
t
,
kss
.
PrivateKey
)
verifyPaillierKey
(
t
,
manager
.
paillierKeyCache
)
verifyPaillierKey
(
t
,
client
.
paillierKeyCache
)
}
func
verifyStoreIsLoaded
(
t
*
testing
.
T
,
store
*
ConfigurationStore
,
android
bool
)
{
...
...
@@ -168,31 +168,31 @@ func verifyStoreIsLoaded(t *testing.T, store *ConfigurationStore, android bool)
}
func
TestAndroidParse
(
t
*
testing
.
T
)
{
manager
:=
parseStorage
(
t
)
verifyStoreIsLoaded
(
t
,
manager
.
ConfigurationStore
,
true
)
verifyManagerIsUnmarshaled
(
t
,
manager
)
verifyCredentials
(
t
,
manager
)
verifyKeyshareIsUnmarshaled
(
t
,
manager
)
client
:=
parseStorage
(
t
)
verifyStoreIsLoaded
(
t
,
client
.
ConfigurationStore
,
true
)
verifyManagerIsUnmarshaled
(
t
,
client
)
verifyCredentials
(
t
,
client
)
verifyKeyshareIsUnmarshaled
(
t
,
client
)
teardown
(
t
)
}
func
TestUnmarshaling
(
t
*
testing
.
T
)
{
manager
:=
parseStorage
(
t
)
client
:=
parseStorage
(
t
)
// Do session so we can examine its log item later
logs
,
err
:=
manager
.
Logs
()
logs
,
err
:=
client
.
Logs
()
require
.
NoError
(
t
,
err
)
jwt
:=
getIssuanceJwt
(
"testip"
,
NewAttributeTypeIdentifier
(
"irma-demo.RU.studentCard.studentID"
))
sessionHelper
(
t
,
jwt
,
"issue"
,
manager
)
sessionHelper
(
t
,
jwt
,
"issue"
,
client
)
new
manager
,
err
:=
NewC
redentialManager
(
"testdata/storage/test"
,
"testdata/irma_configuration"
,
"testdata/oldstorage"
,
nil
)
new
client
,
err
:=
NewC
lient
(
"testdata/storage/test"
,
"testdata/irma_configuration"
,
"testdata/oldstorage"
,
nil
)
require
.
NoError
(
t
,
err
)
verifyManagerIsUnmarshaled
(
t
,
new
manager
)
verifyCredentials
(
t
,
new
manager
)
verifyKeyshareIsUnmarshaled
(
t
,
new
manager
)
verifyManagerIsUnmarshaled
(
t
,
new
client
)
verifyCredentials
(
t
,
new
client
)
verifyKeyshareIsUnmarshaled
(
t
,
new
client
)
newlogs
,
err
:=
new
manager
.
Logs
()
newlogs
,
err
:=
new
client
.
Logs
()
require
.
NoError
(
t
,
err
)
require
.
True
(
t
,
len
(
newlogs
)
==
len
(
logs
)
+
1
)
...
...
@@ -296,13 +296,13 @@ func TestAttributeDisjunctionMarshaling(t *testing.T) {
}
func
TestCandidates
(
t
*
testing
.
T
)
{
manager
:=
parseStorage
(
t
)
client
:=
parseStorage
(
t
)
attrtype
:=
NewAttributeTypeIdentifier
(
"irma-demo.RU.studentCard.studentID"
)
disjunction
:=
&
AttributeDisjunction
{
Attributes
:
[]
AttributeTypeIdentifier
{
attrtype
},
}
attrs
:=
manager
.
Candidates
(
disjunction
)
attrs
:=
client
.
Candidates
(
disjunction
)
require
.
NotNil
(
t
,
attrs
)
require
.
Len
(
t
,
attrs
,
1
)
...
...
@@ -314,7 +314,7 @@ func TestCandidates(t *testing.T) {
Attributes
:
[]
AttributeTypeIdentifier
{
attrtype
},
Values
:
map
[
AttributeTypeIdentifier
]
string
{
attrtype
:
"456"
},
}
attrs
=
manager
.
Candidates
(
disjunction
)
attrs
=
client
.
Candidates
(
disjunction
)
require
.
NotNil
(
t
,
attrs
)
require
.
Len
(
t
,
attrs
,
1
)
...
...
@@ -322,7 +322,7 @@ func TestCandidates(t *testing.T) {
Attributes
:
[]
AttributeTypeIdentifier
{
attrtype
},
Values
:
map
[
AttributeTypeIdentifier
]
string
{
attrtype
:
"foobarbaz"
},
}
attrs
=
manager
.
Candidates
(
disjunction
)
attrs
=
client
.
Candidates
(
disjunction
)
require
.
NotNil
(
t
,
attrs
)
require
.
Empty
(
t
,
attrs
)
...
...
@@ -385,13 +385,13 @@ func TestTransport(t *testing.T) {
}
func
TestPaillier
(
t
*
testing
.
T
)
{
manager
:=
parseStorage
(
t
)
client
:=
parseStorage
(
t
)
challenge
,
_
:=
gabi
.
RandomBigInt
(
256
)
comm
,
_
:=
gabi
.
RandomBigInt
(
1000
)
resp
,
_
:=
gabi
.
RandomBigInt
(
1000
)
sk
:=
manager
.
paillierKey
(
true
)
sk
:=
client
.
paillierKey
(
true
)
bytes
,
err
:=
sk
.
Encrypt
(
challenge
.
Bytes
())
require
.
NoError
(
t
,
err
)
cipher
:=
new
(
big
.
Int
)
.
SetBytes
(
bytes
)
...
...
@@ -415,25 +415,25 @@ func TestPaillier(t *testing.T) {
}
func
TestCredentialRemoval
(
t
*
testing
.
T
)
{
manager
:=
parseStorage
(
t
)
client
:=
parseStorage
(
t
)
id
:=
NewCredentialTypeIdentifier
(
"irma-demo.RU.studentCard"
)
id2
:=
NewCredentialTypeIdentifier
(
"test.test.mijnirma"
)
cred
,
err
:=
manager
.
credential
(
id
,
0
)
cred
,
err
:=
client
.
credential
(
id
,
0
)
require
.
NoError
(
t
,
err
)
require
.
NotNil
(
t
,
cred
)
err
=
manager
.
RemoveCredentialByHash
(
cred
.
AttributeList
()
.
hash
())
err
=
client
.
RemoveCredentialByHash
(
cred
.
AttributeList
()
.
hash
())
require
.
NoError
(
t
,
err
)
cred
,
err
=
manager
.
credential
(
id
,
0
)
cred
,
err
=
client
.
credential
(
id
,
0
)
require
.
NoError
(
t
,
err
)
require
.
Nil
(
t
,
cred
)
cred
,
err
=
manager
.
credential
(
id2
,
0
)
cred
,
err
=
client
.
credential
(
id2
,
0
)
require
.
NoError
(
t
,
err
)
require
.
NotNil
(
t
,
cred
)
err
=
manager
.
RemoveCredential
(
id2
,
0
)
err
=
client
.
RemoveCredential
(
id2
,
0
)
require
.
NoError
(
t
,
err
)
cred
,
err
=
manager
.
credential
(
id2
,
0
)
cred
,
err
=
client
.
credential
(
id2
,
0
)
require
.
NoError
(
t
,
err
)
require
.
Nil
(
t
,
cred
)
...
...
@@ -441,17 +441,17 @@ func TestCredentialRemoval(t *testing.T) {
}
func
TestDownloadSchemeManager
(
t
*
testing
.
T
)
{
manager
:=
parseStorage
(
t
)
require
.
NoError
(
t
,
manager
.
ConfigurationStore
.
RemoveSchemeManager
(
NewSchemeManagerIdentifier
(
"irma-demo"
)))
client
:=
parseStorage
(
t
)
require
.
NoError
(
t
,
client
.
ConfigurationStore
.
RemoveSchemeManager
(
NewSchemeManagerIdentifier
(
"irma-demo"
)))
url
:=
"https://raw.githubusercontent.com/credentials/irma_configuration/translate/irma-demo"
sm
,
err
:=
manager
.
ConfigurationStore
.
DownloadSchemeManager
(
url
)
sm
,
err
:=
client
.
ConfigurationStore
.
DownloadSchemeManager
(
url
)
require
.
NoError
(
t
,
err
)
require
.
NotNil
(
t
,
sm
)
require
.
NoError
(
t
,
manager
.
ConfigurationStore
.
AddSchemeManager
(
sm
))
require
.
NoError
(
t
,
client
.
ConfigurationStore
.
AddSchemeManager
(
sm
))
jwt
:=
getIssuanceJwt
(
"testip"
,
NewAttributeTypeIdentifier
(
"irma-demo.RU.studentCard.studentID"
))
sessionHelper
(
t
,
jwt
,
"issue"
,
manager
)
sessionHelper
(
t
,
jwt
,
"issue"
,
client
)
teardown
(
t
)
}
keyshare.go
View file @
a2f3c61d
...
...
@@ -13,7 +13,7 @@ import (
// This file contains an implementation of the client side of the keyshare protocol,
// as well as the keyshareSessionHandler which is used to communicate with the user
// (currently only C
redentialManager
).
// (currently only C
lient
).
// KeysharePinRequestor is used to asking the user for his PIN.
type
KeysharePinRequestor
interface
{
...
...
logs.go
View file @
a2f3c61d
...
...
@@ -52,7 +52,7 @@ func (session *session) createLogEntry(response interface{}) (*LogEntry, error)
entry
.
Received
=
map
[
CredentialTypeIdentifier
][]
TranslatedString
{}
}
for
_
,
req
:=
range
session
.
jwt
.
(
*
IdentityProviderJwt
)
.
Request
.
Request
.
Credentials
{
list
,
err
:=
req
.
AttributeList
(
session
.
c
redManager
.
ConfigurationStore
)
list
,
err
:=
req
.
AttributeList
(
session
.
c
lient
.
ConfigurationStore
)
if
err
!=
nil
{
continue
// TODO?
}
...
...
@@ -74,7 +74,7 @@ func (session *session) createLogEntry(response interface{}) (*LogEntry, error)
if
entry
.
Disclosed
==
nil
{
entry
.
Disclosed
=
map
[
CredentialTypeIdentifier
]
map
[
int
]
TranslatedString
{}
}
meta
:=
MetadataFromInt
(
proofd
.
ADisclosed
[
1
],
session
.
c
redManager
.
ConfigurationStore
)
meta
:=
MetadataFromInt
(
proofd
.
ADisclosed
[
1
],
session
.
c
lient
.
ConfigurationStore
)
id
:=
meta
.
CredentialType
()
.
Identifier
()
entry
.
Disclosed
[
id
]
=
map
[
int
]
TranslatedString
{}
for
i
,
attr
:=
range
proofd
.
ADisclosed
{
...
...
session.go
View file @
a2f3c61d
...
...
@@ -48,7 +48,7 @@ type session struct {
Handler
Handler
info
*
SessionInfo
c
redManager
*
CredentialManager
c
lient
*
Client
jwt
RequestorJwt
irmaSession
IrmaSession
transport
*
HTTPTransport
...
...
@@ -101,13 +101,13 @@ func calcVersion(qr *Qr) (string, error) {
}
// NewSession creates and starts a new IRMA session.
func
(
c
m
*
CredentialManager
)
NewSession
(
qr
*
Qr
,
handler
Handler
)
SessionDismisser
{
func
(
c
lient
*
Client
)
NewSession
(
qr
*
Qr
,
handler
Handler
)
SessionDismisser
{
session
:=
&
session
{
Action
:
Action
(
qr
.
Type
),
ServerURL
:
qr
.
URL
,
Handler
:
handler
,
transport
:
NewHTTPTransport
(
qr
.
URL
),
c
redManager
:
cm
,
Action
:
Action
(
qr
.
Type
),
ServerURL
:
qr
.
URL
,
Handler
:
handler
,
transport
:
NewHTTPTransport
(
qr
.
URL
),
c
lient
:
client
,
}
version
,
err
:=
calcVersion
(
qr
)
if
err
!=
nil
{
...
...
@@ -183,13 +183,13 @@ func (session *session) start() {
// Check if we are enrolled into all involved keyshare servers
for
id
:=
range
session
.
irmaSession
.
Identifiers
()
.
SchemeManagers
{
manager
,
ok
:=
session
.
c
redManager
.
ConfigurationStore
.
SchemeManagers
[
id
]
manager
,
ok
:=
session
.
c
lient
.
ConfigurationStore
.
SchemeManagers
[
id
]
if
!
ok
{
session
.
fail
(
&
SessionError
{
ErrorType
:
ErrorUnknownSchemeManager
,
Info
:
id
.
String
()})
return
}
distributed
:=
manager
.
Distributed
()
_
,
enrolled
:=
session
.
c
redManager
.
keyshareServers
[
id
]
_
,
enrolled
:=
session
.
c
lient
.
keyshareServers
[
id
]
if
distributed
&&
!
enrolled
{
session
.
delete
()
session
.
Handler
.
MissingKeyshareEnrollment
(
id
)
...
...
@@ -198,7 +198,7 @@ func (session *session) start() {
}
// Download missing credential types/issuers/public keys from the scheme manager
if
session
.
downloaded
,
err
=
session
.
c
redManager
.
ConfigurationStore
.
Download
(
session
.
irmaSession
.
Identifiers
());
err
!=
nil
{
if
session
.
downloaded
,
err
=
session
.
c
lient
.
ConfigurationStore
.
Download
(
session
.
irmaSession
.
Identifiers
());
err
!=
nil
{
session
.
Handler
.
Failure
(
session
.
Action
,
&
SessionError
{
ErrorType
:
ErrorConfigurationStoreDownload
,
Err
:
err
},
...
...
@@ -209,7 +209,7 @@ func (session *session) start() {
if
session
.
Action
==
ActionIssuing
{
ir
:=
session
.
irmaSession
.
(
*
IssuanceRequest
)
for
_
,
credreq
:=
range
ir
.
Credentials
{
info
,
err
:=
credreq
.
Info
(
session
.
c
redManager
.
ConfigurationStore
)
info
,
err
:=
credreq
.
Info
(
session
.
c
lient
.
ConfigurationStore
)
if
err
!=
nil
{
session
.
fail
(
&
SessionError
{
ErrorType
:
ErrorUnknownCredentialType
,
Err
:
err
})
return
...
...
@@ -218,7 +218,7 @@ func (session *session) start() {
}
}
candidates
,
missing
:=
session
.
c
redManager
.
CheckSatisfiability
(
session
.
irmaSession
.
ToDisclose
())
candidates
,
missing
:=
session
.
c
lient
.
CheckSatisfiability
(
session
.
irmaSession
.
ToDisclose
())
if
len
(
missing
)
>
0
{
session
.
Handler
.
UnsatisfiableRequest
(
session
.
Action
,
missing
)
// TODO: session.transport.Delete() on dialog cancel
...
...
@@ -263,16 +263,16 @@ func (session *session) do(proceed bool) {
}
session
.
Handler
.
StatusUpdate
(
session
.
Action
,
StatusCommunicating
)
if
!
session
.
irmaSession
.
Identifiers
()
.
Distributed
(
session
.
c
redManager
.
ConfigurationStore
)
{
if
!
session
.
irmaSession
.
Identifiers
()
.
Distributed
(
session
.
c
lient
.
ConfigurationStore
)
{
var
message
interface
{}
var
err
error
switch
session
.
Action
{
case
ActionSigning
:
message
,
err
=
session
.
c
redManager
.
Proofs
(
session
.
choice
,
session
.
irmaSession
,
true
)
message
,
err
=
session
.
c
lient
.
Proofs
(
session
.
choice
,
session
.
irmaSession
,
true
)
case
ActionDisclosing
:
message
,
err
=
session
.
c
redManager
.
Proofs
(
session
.
choice
,
session
.
irmaSession
,
false
)
message
,
err
=
session
.
c
lient
.
Proofs
(
session
.
choice
,
session
.
irmaSession
,
false
)
case
ActionIssuing
:
message
,
err
=
session
.
c
redManager
.
IssueCommitments
(
session
.
irmaSession
.
(
*
IssuanceRequest
))
message
,
err
=
session
.
c
lient
.
IssueCommitments
(
session
.
irmaSession
.
(
*
IssuanceRequest
))
}
if
err
!=
nil
{
session
.
fail
(
&
SessionError
{
ErrorType
:
ErrorCrypto
,
Err
:
err
})
...
...
@@ -286,9 +286,9 @@ func (session *session) do(proceed bool) {
case
ActionSigning
:
fallthrough
case
ActionDisclosing
:
builders
,
err
=
session
.
c
redManager
.
ProofBuilders
(
session
.
choice
)
builders
,
err
=
session
.
c
lient
.
ProofBuilders
(
session
.
choice
)
case
ActionIssuing
:
builders
,
err
=
session
.
c
redManager
.
IssuanceProofBuilders
(
session
.
irmaSession
.
(
*
IssuanceRequest
))
builders
,
err
=
session
.
c
lient
.
IssuanceProofBuilders
(
session
.
irmaSession
.
(
*
IssuanceRequest
))
}
if
err
!=
nil
{
session
.
fail
(
&
SessionError
{
ErrorType
:
ErrorCrypto
,
Err
:
err
})
...
...
@@ -299,8 +299,8 @@ func (session *session) do(proceed bool) {
session
.
Handler
,
builders
,
session
.
irmaSession
,
session
.
c
redManager
.
ConfigurationStore
,
session
.
c
redManager
.
keyshareServers
,
session
.
c
lient
.
ConfigurationStore
,
session
.
c
lient
.
keyshareServers
,
)
}
}
...
...
@@ -347,26 +347,26 @@ func (session *session) sendResponse(message interface{}) {
session
.
fail
(
err
.
(
*
SessionError
))
return
}
if
err
=
session
.
c
redManager
.
ConstructCredentials
(
response
,
session
.
irmaSession
.
(
*
IssuanceRequest
));
err
!=
nil
{
if
err
=
session
.
c
lient
.
ConstructCredentials
(
response
,
session
.
irmaSession
.
(
*
IssuanceRequest
));
err
!=
nil
{
session
.
fail
(
&
SessionError
{
ErrorType
:
ErrorCrypto
,
Err
:
err
})
return
}
log
,
_
=
session
.
createLogEntry
(
message
)
// TODO err
}
_
=
session
.
c
redManager
.
addLogEntry
(
log
)
// TODO err
_
=
session
.
c
lient
.
addLogEntry
(
log
)
// TODO err
if
!
session
.
downloaded
.
Empty
()
{
session
.
c
redManager
.
handler
.
UpdateConfigurationStore
(
session
.
downloaded
)
session
.
c
lient
.
handler
.
UpdateConfigurationStore
(
session
.
downloaded
)
}
if
session
.
Action
==
ActionIssuing
{
session
.
c
redManager
.
handler
.
UpdateAttributes
()
session
.
c
lient
.
handler
.
UpdateAttributes
()
}
session
.
done
=
true
session
.
Handler
.
Success
(
session
.
Action
)
}
func
(
session
*
session
)
managerSession
()
{
manager
,
err
:=
session
.
c
redManager
.
ConfigurationStore
.
DownloadSchemeManager
(
session
.
ServerURL
)
manager
,
err
:=
session
.
c
lient
.
ConfigurationStore
.
DownloadSchemeManager
(
session
.
ServerURL
)
if
err
!=
nil
{
session
.
Handler
.
Failure
(
session
.
Action
,
&
SessionError
{
Err
:
err
})
// TODO
return
...
...
@@ -376,14 +376,14 @@ func (session *session) managerSession() {
session
.
Handler
.
Cancelled
(
session
.
Action
)
// No need to DELETE session here
return
}
if
err
:=
session
.
c
redManager
.
ConfigurationStore
.
AddSchemeManager
(
manager
);
err
!=
nil
{
if
err
:=
session
.
c
lient
.
ConfigurationStore
.
AddSchemeManager
(
manager
);
err
!=
nil
{
session
.
Handler
.
Failure
(
session
.
Action
,
&
SessionError
{})
return
}
if
manager
.
Distributed
()
{
session
.
c
redManager
.
UnenrolledSchemeManagers
=
session
.
c
redManager
.
unenrolledSchemeManagers
()
session
.
c
lient
.
UnenrolledSchemeManagers
=
session
.
c
lient
.
unenrolledSchemeManagers
()
}
session
.
c
redManager
.
handler
.
UpdateConfigurationStore
(
session
.
c
lient
.
handler
.
UpdateConfigurationStore
(
&
IrmaIdentifierSet
{
SchemeManagers
:
map
[
SchemeManagerIdentifier
]
struct
{}{
manager
.
Identifier
()
:
{}},
Issuers
:
map
[
IssuerIdentifier
]
struct
{}{},
...
...
@@ -430,7 +430,7 @@ func (session *session) fail(err *SessionError) {
if
session
.
delete
()
{
err
.
Err
=
errors
.
Wrap
(
err
.
Err
,
0
)
if
session
.
downloaded
!=
nil
&&
!
session
.
downloaded
.
Empty
()
{
session
.
c
redManager
.
handler
.
UpdateConfigurationStore
(
session
.
downloaded
)
session
.
c
lient
.
handler
.
UpdateConfigurationStore
(
session
.
downloaded
)
}
session
.
Handler
.
Failure
(
session
.
Action
,
err
)
}
...
...
@@ -439,7 +439,7 @@ func (session *session) fail(err *SessionError) {
func
(
session
*
session
)
cancel
()
{
if
session
.
delete
()
{
if
session
.
downloaded
!=
nil
&&
!
session
.
downloaded
.
Empty
()
{
session
.
c
redManager
.
handler
.
UpdateConfigurationStore
(
session
.
downloaded
)
session
.
c
lient
.
handler
.
UpdateConfigurationStore
(
session
.
downloaded
)
}
session
.
Handler
.
Cancelled
(
session
.
Action
)
}
...
...
session_test.go
View file @
a2f3c61d
...
...
@@ -15,9 +15,9 @@ import (
)
type
TestHandler
struct
{
t
*
testing
.
T
c
chan
*
SessionError
manager
*
CredentialManager
t
*
testing
.
T
c
chan
*
SessionError
client
*
Client
}
func
(
th
TestHandler
)
MissingKeyshareEnrollment
(
manager
SchemeManagerIdentifier
)
{
...
...
@@ -49,7 +49,7 @@ func (th TestHandler) RequestVerificationPermission(request DisclosureRequest, S
}
var
candidates
[]
*
AttributeIdentifier
for
_
,
disjunction
:=
range
request
.
Content
{
candidates
=
th
.
manager
.
Candidates
(
disjunction
)
candidates
=
th
.
client
.
Candidates
(
disjunction
)
require
.
NotNil
(
th
.
t
,
candidates
)
require
.
NotEmpty
(
th
.
t
,
candidates
,
1
)
choice
.
Attributes
=
append
(
choice
.
Attributes
,
candidates
[
0
])
...
...
@@ -160,10 +160,10 @@ func TestIssuanceSession(t *testing.T) {
sessionHelper
(
t
,
jwtcontents
,
"issue"
,
nil
)
}
func
sessionHelper
(
t
*
testing
.
T
,
jwtcontents
interface
{},
url
string
,
manager
*
CredentialManager
)
{
init
:=
manager
==
nil
func
sessionHelper
(
t
*
testing
.
T
,
jwtcontents
interface
{},
url
string
,
client
*
Client
)
{
init
:=
client
==
nil
if
init
{
manager
=
parseStorage
(
t
)
client
=
parseStorage
(
t
)
}
url
=
"http://localhost:8081/irma_api_server/api/v2/"
+
url
...
...
@@ -183,7 +183,7 @@ func sessionHelper(t *testing.T, jwtcontents interface{}, url string, manager *C
qr
.
URL
=
url
+
"/"
+
qr
.
URL
c
:=
make
(
chan
*
SessionError
)
manager
.
NewSession
(
qr
,
TestHandler
{
t
,
c
,
manager
})
client
.
NewSession
(
qr
,
TestHandler
{
t
,
c
,
client
})
if
err
:=
<-
c
;
err
!=
nil
{
t
.
Fatal
(
*
err
)
...
...
@@ -194,23 +194,23 @@ func sessionHelper(t *testing.T, jwtcontents interface{}, url string, manager *C
}
}
func
enrollKeyshareServer
(
t
*
testing
.
T
,
manager
*
CredentialManager
)
{
func
enrollKeyshareServer
(
t
*
testing
.
T
,
client
*
Client
)
{
bytes
:=
make
([]
byte
,
8
,
8
)
rand
.
Read
(
bytes
)
email
:=
fmt
.
Sprintf
(
"%s@example.com"
,
hex
.
EncodeToString
(
bytes
))
require
.
NoError
(
t
,
manager
.
keyshareEnrollWorker
(
NewSchemeManagerIdentifier
(
"test"
),
email
,
"12345"
))
require
.
NoError
(
t
,
client
.
keyshareEnrollWorker
(
NewSchemeManagerIdentifier
(
"test"
),
email
,
"12345"
))
}
// Enroll at a keyshare server and do an issuance, disclosure,
// and issuance session, also using irma-demo credentials deserialized from Android storage
func
TestKeyshareEnrollmentAndSessions
(
t
*
testing
.
T
)
{
manager
:=
parseStorage
(
t
)
client
:=
parseStorage
(
t
)
manager
.
credentials
[
NewCredentialTypeIdentifier
(
"test.test.mijnirma"
)]
=
map
[
int
]
*
credential
{}
client
.
credentials
[
NewCredentialTypeIdentifier
(
"test.test.mijnirma"
)]
=
map
[
int
]
*
credential
{}
test
:=
NewSchemeManagerIdentifier
(
"test"
)
err
:=
manager
.
KeyshareRemove
(
test
)
err
:=
client
.
KeyshareRemove
(
test
)
require
.
NoError
(
t
,
err
)
enrollKeyshareServer
(
t
,
manager
)
enrollKeyshareServer
(
t
,
client
)
id
:=
NewAttributeTypeIdentifier
(
"irma-demo.RU.studentCard.studentID"
)
expiry
:=
Timestamp
(
NewMetadataAttribute
()
.
Expiry
())
...
...
@@ -224,7 +224,7 @@ func TestKeyshareEnrollmentAndSessions(t *testing.T) {
Attributes
:
map
[
string
]
string
{
"email"
:
"example@example.com"
},
},
)
sessionHelper
(
t
,
jwt
,
"issue"
,
manager
)
sessionHelper
(
t
,
jwt
,
"issue"
,
client
)
jwt
=
getDisclosureJwt
(
"testsp"
,
id
)
jwt
.
(
*
ServiceProviderJwt
)
.
Request
.
Request
.
Content
=
append
(
...
...
@@ -234,7 +234,7 @@ func TestKeyshareEnrollmentAndSessions(t *testing.T) {
Attributes
:
[]
AttributeTypeIdentifier
{
NewAttributeTypeIdentifier
(
"test.test.mijnirma.email"
)},
},
)
sessionHelper
(
t
,
jwt
,
"verification"
,
manager
)
sessionHelper
(
t
,
jwt
,
"verification"
,
client
)
jwt
=
getSigningJwt
(
"testsigclient"
,
id
)
jwt
.
(
*
SignatureRequestorJwt
)
.
Request
.
Request
.
Content
=
append
(
...
...
@@ -244,7 +244,7 @@ func TestKeyshareEnrollmentAndSessions(t *testing.T) {
Attributes
:
[]
AttributeTypeIdentifier
{
NewAttributeTypeIdentifier
(
"test.test.mijnirma.email"
)},
},
)
sessionHelper
(
t
,
jwt
,
"signature"
,
manager
)
sessionHelper
(
t
,
jwt
,
"signature"
,
client
)
teardown
(
t
)
}
...
...
@@ -253,7 +253,7 @@ func TestKeyshareEnrollmentAndSessions(t *testing.T) {
// in a keyshare session of each session type.
// Use keyshareuser.sql to enroll the user at the keyshare server.
func
TestKeyshareSessions
(
t
*
testing
.
T
)
{
manager
:=
parseStorage
(
t
)
client
:=
parseStorage
(
t
)
id
:=
NewAttributeTypeIdentifier
(
"irma-demo.RU.studentCard.studentID"
)
expiry
:=
Timestamp
(
NewMetadataAttribute
()
.
Expiry
())
...
...
@@ -267,7 +267,7 @@ func TestKeyshareSessions(t *testing.T) {
Attributes
:
map
[
string
]
string
{
"email"
:
"example@example.com"
},
},
)
sessionHelper
(
t
,
jwt
,
"issue"
,
manager
)
sessionHelper
(
t
,
jwt
,
"issue"
,
client
)
jwt
=
getDisclosureJwt
(
"testsp"
,
id
)
jwt
.
(
*
ServiceProviderJwt
)
.
Request
.
Request
.
Content
=
append
(
...
...
@@ -277,7 +277,7 @@ func TestKeyshareSessions(t *testing.T) {
Attributes
:
[]
AttributeTypeIdentifier
{
NewAttributeTypeIdentifier
(
"test.test.mijnirma.email"
)},
},
)
sessionHelper
(
t
,
jwt
,
"verification"
,
manager
)
sessionHelper
(
t
,
jwt
,
"verification"
,
client
)
jwt
=
getSigningJwt
(
"testsigclient"
,
id
)
jwt
.
(
*
SignatureRequestorJwt
)
.
Request
.
Request
.
Content
=
append
(
...
...
@@ -287,7 +287,7 @@ func TestKeyshareSessions(t *testing.T) {
Attributes
:
[]
AttributeTypeIdentifier
{
NewAttributeTypeIdentifier
(
"test.test.mijnirma.email"
)},
},
)
sessionHelper
(
t
,
jwt
,
"signature"
,
manager
)
sessionHelper
(
t
,
jwt
,
"signature"
,
client
)
teardown
(
t
)
}
storage.go
View file @
a2f3c61d
...
...
@@ -15,7 +15,7 @@ import (
// This file contains the storage struct and its methods,
// and some general filesystem functions.
// Storage provider for a C
redentialManager
// Storage provider for a C
lient
type
storage
struct
{
storagePath
string
ConfigurationStore
*
ConfigurationStore
...
...
updates.go
View file @
a2f3c61d
...
...
@@ -12,7 +12,7 @@ import (
"github.com/mhe/gabi"
)
// This file contains the update mechanism for C
redentialManager
// This file contains the update mechanism for C
lient
// as well as updates themselves.
type
update
struct
{
...
...
@@ -22,26 +22,26 @@ type update struct {
Error
*
string
}
var
c
redentialManager
Updates
=
[]
func
(
manager
*
CredentialManager
)
error
{
func
(
manager
*
CredentialManager
)
error
{
_
,
err
:=
manager
.
ParseAndroidStorage
()
var
c
lient
Updates
=
[]
func
(
client
*
Client
)
error
{
func
(
client
*
Client
)
error
{
_
,
err
:=
client
.
ParseAndroidStorage
()
return
err
},
}
// update performs any function from c
redentialManager
Updates that has not
// update performs any function from c
lient
Updates that has not
// already been executed in the past, keeping track of previously executed updates
// in the file at updatesFile.
func
(
c
m
*
CredentialManager
)
update
()
error
{
func
(
c
lient
*
Client
)
update
()
error
{