irma scheme verify now errors if an issuer's latest public key does not...

irma scheme verify now errors if an issuer's latest public key does not support sufficient attributes

irma scheme verify now errors if an issuer's latest public key does not...
irma scheme verify now errors if an issuer's latest public key does not support sufficient attributes
b6ed9ad0 · Sietse Ringers · f9e9c536 · b6ed9ad0
Commit b6ed9ad0 authored Mar 15, 2019 by Sietse Ringers
Hide whitespace changes
Inline Side-by-side

Showing with 11 additions and 0 deletions

irmaconfig.go irmaconfig.go +11 -0

No files found.
--- a/irmaconfig.go
+++ b/irmaconfig.go
@@ -1451,6 +1451,17 @@ func (conf *Configuration) CheckKeys() error {
 				return errors.Errorf("Private key %s of issuer %s does not belong to public key %s", filename, issuerid.String(), filename)
 			}
 		}
+
+		// Check that the current public key supports enough attributes for all credential types
+		// issued by this issuer
+		for id, typ := range conf.CredentialTypes {
+			if id.IssuerIdentifier() != issuerid {
+				continue
+			}
+			if len(typ.AttributeTypes)+2 > len(latest.R) {
+				return errors.Errorf("Latest public key of issuer %s does not support the amount of attributes that credential type %s requires (%d, required: %d)", issuerid.String(), id.String(), len(latest.R), len(typ.AttributeTypes)+2)
+			}
+		}
 	}

 	return nil