Commit bbed41ee authored by Sietse Ringers's avatar Sietse Ringers
Browse files

test: --privatekeys option to IRMA server

parent 9530deab
......@@ -50,7 +50,7 @@ func requestorSessionHelper(t *testing.T, request irma.SessionRequest, client *i
opts := processOptions(options...)
if opts&sessionOptionReuseServer == 0 {
StartIrmaServer(t, opts&sessionOptionUpdatedIrmaConfiguration > 0)
StartIrmaServer(t, opts&sessionOptionUpdatedIrmaConfiguration > 0, "")
defer StopIrmaServer()
}
......@@ -108,7 +108,7 @@ func requestorSessionHelper(t *testing.T, request irma.SessionRequest, client *i
// Check that nonexistent IRMA identifiers in the session request fail the session
func TestRequestorInvalidRequest(t *testing.T) {
StartIrmaServer(t, false)
StartIrmaServer(t, false, "")
defer StopIrmaServer()
_, _, err := irmaServer.StartSession(irma.NewDisclosureRequest(
irma.NewAttributeTypeIdentifier("irma-demo.RU.foo.bar"),
......@@ -118,7 +118,7 @@ func TestRequestorInvalidRequest(t *testing.T) {
}
func TestRequestorDoubleGET(t *testing.T) {
StartIrmaServer(t, false)
StartIrmaServer(t, false, "")
defer StopIrmaServer()
qr, _, err := irmaServer.StartSession(irma.NewDisclosureRequest(
irma.NewAttributeTypeIdentifier("irma-demo.RU.studentCard.studentID"),
......@@ -359,7 +359,7 @@ func TestClientDeveloperMode(t *testing.T) {
defer func() { common.ForceHTTPS = false }()
client, handler := parseStorage(t)
defer test.ClearTestStorage(t, handler.storage)
StartIrmaServer(t, false)
StartIrmaServer(t, false, "")
defer StopIrmaServer()
// parseStorage returns a client with developer mode already enabled.
......
......@@ -173,7 +173,7 @@ func TestRevocationAll(t *testing.T) {
t.Run("POSTUpdates", func(t *testing.T) {
startRevocationServer(t, true)
defer stopRevocationServer()
StartIrmaServer(t, false)
StartIrmaServer(t, false, "")
defer StopIrmaServer()
require.NoError(t, irmaServerConfiguration.IrmaConfiguration.Revocation.SyncDB(revocationTestCred))
......@@ -337,7 +337,7 @@ func TestRevocationAll(t *testing.T) {
require.NoError(t, client.NonrevUpdateFromServer(revocationTestCred))
// Start an IRMA server and let it update at revocation server
StartIrmaServer(t, false)
StartIrmaServer(t, false, "")
defer StopIrmaServer()
conf = irmaServerConfiguration.IrmaConfiguration.Revocation
require.NoError(t, conf.SyncDB(revocationTestCred))
......@@ -360,7 +360,7 @@ func TestRevocationAll(t *testing.T) {
})
t.Run("SameIrmaServer", func(t *testing.T) {
StartIrmaServer(t, false)
StartIrmaServer(t, false, "")
defer StopIrmaServer()
// issue a credential, populating irmaServer's revocation memdb
......@@ -554,7 +554,7 @@ func TestRevocationAll(t *testing.T) {
// Start irma server and hackily temporarily disable revocation for our credtype
// by editing its irma.Configuration instance
StartIrmaServer(t, false)
StartIrmaServer(t, false, "")
defer StopIrmaServer()
conf := irmaServerConfiguration.IrmaConfiguration
credtyp := conf.CredentialTypes[revocationTestCred]
......
......@@ -53,24 +53,32 @@ func StopRequestorServer() {
requestorServer.Stop()
}
func StartIrmaServer(t *testing.T, updatedIrmaConf bool) {
func StartIrmaServer(t *testing.T, updatedIrmaConf bool, storage string) {
testdata := test.FindTestdataFolder(t)
irmaconf := "irma_configuration"
if updatedIrmaConf {
irmaconf += "_updated"
}
var err error
var assets string
path := filepath.Join(testdata, irmaconf)
if storage != "" {
assets = path
path = storage
}
irmaServerConfiguration = &server.Configuration{
URL: "http://localhost:48680",
Logger: logger,
DisableSchemesUpdate: true,
SchemesPath: filepath.Join(testdata, irmaconf),
URL: "http://localhost:48680",
Logger: logger,
DisableSchemesUpdate: true,
SchemesPath: path,
SchemesAssetsPath: assets,
IssuerPrivateKeysPath: filepath.Join(testdata, "privatekeys"),
RevocationSettings: irma.RevocationSettings{
revocationTestCred: {RevocationServerURL: "http://localhost:48683", SSE: true},
revKeyshareTestCred: {RevocationServerURL: "http://localhost:48683"},
},
}
var err error
irmaServer, err = irmaserver.New(irmaServerConfiguration)
require.NoError(t, err)
......
......@@ -6,6 +6,7 @@ import (
"encoding/json"
"io/ioutil"
"net/http"
"os"
"reflect"
"testing"
"time"
......@@ -296,6 +297,43 @@ func TestIssueNewAttributeUpdateSchemeManager(t *testing.T) {
require.True(t, client.Configuration.CredentialTypes[credid].ContainsAttribute(attrid))
}
func TestIrmaServerPrivateKeysFolder(t *testing.T) {
storage, err := ioutil.TempDir("", "servertest")
require.NoError(t, err)
defer func() { require.NoError(t, os.RemoveAll(storage)) }()
StartIrmaServer(t, false, storage)
defer StopIrmaServer()
credid := irma.NewCredentialTypeIdentifier("irma-demo.RU.studentCard")
require.NotZero(t, len(irmaServerConfiguration.IrmaConfiguration.PrivateKeys))
sk, err := irmaServerConfiguration.IrmaConfiguration.PrivateKeyLatest(credid.IssuerIdentifier())
require.NoError(t, err)
require.NotNil(t, sk)
issuanceRequest := getIssuanceRequest(true)
delete(issuanceRequest.Credentials[0].Attributes, "level")
conf := irmaServerConfiguration.IrmaConfiguration
conf.SchemeManagers[credid.IssuerIdentifier().SchemeManagerIdentifier()].URL = "http://localhost:48681/irma_configuration_updated/irma-demo"
downloaded, err := conf.Download(issuanceRequest)
require.NoError(t, err)
require.Equal(t, &irma.IrmaIdentifierSet{
SchemeManagers: map[irma.SchemeManagerIdentifier]struct{}{},
Issuers: map[irma.IssuerIdentifier]struct{}{},
CredentialTypes: map[irma.CredentialTypeIdentifier]struct{}{
irma.NewCredentialTypeIdentifier("irma-demo.RU.studentCard"): {},
},
PublicKeys: map[irma.IssuerIdentifier][]uint{},
AttributeTypes: map[irma.AttributeTypeIdentifier]struct{}{},
}, downloaded)
require.NotZero(t, len(irmaServerConfiguration.IrmaConfiguration.PrivateKeys))
sk, err = irmaServerConfiguration.IrmaConfiguration.PrivateKeyLatest(credid.IssuerIdentifier())
require.NoError(t, err)
require.NotNil(t, sk)
}
func TestIssueOptionalAttributeUpdateSchemeManager(t *testing.T) {
client, handler := parseStorage(t)
defer test.ClearTestStorage(t, handler.storage)
......@@ -310,7 +348,7 @@ func TestIssueOptionalAttributeUpdateSchemeManager(t *testing.T) {
serverChan := make(chan *server.SessionResult)
StartIrmaServer(t, false) // Run a server with old configuration (level is non-optional)
StartIrmaServer(t, false, "") // Run a server with old configuration (level is non-optional)
_, _, err := irmaServer.StartSession(issuanceRequest, func(result *server.SessionResult) {
serverChan <- result
})
......@@ -329,7 +367,7 @@ func TestIssueOptionalAttributeUpdateSchemeManager(t *testing.T) {
require.True(t, reflect.DeepEqual(err, expectedError), "Incorrect missing identifierset")
StopIrmaServer()
StartIrmaServer(t, true) // Run a server with updated configuration (level is optional)
StartIrmaServer(t, true, "") // Run a server with updated configuration (level is optional)
_, err = client.Configuration.Download(issuanceRequest)
require.NoError(t, err)
require.True(t, client.Configuration.CredentialTypes[credid].AttributeType(attrid).IsOptional())
......
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<IssuerPrivateKey xmlns="http://www.zurich.ibm.com/security/idemix" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.zurich.ibm.com/security/idemix IssuerPrivateKey.xsd">
<Counter>0</Counter>
<ExpiryDate>1491436800</ExpiryDate>
<References>
<IssuerPublicKey>http://www.irmacard.org/credentials/phase1/RU/ipk.xml</IssuerPublicKey>
</References>
<Elements>
<n>96063359353814070257464989369098573470645843347358957127875426328487326540633303185702306359400766259130239226832166456957259123554826741975265634464478609571816663003684533868318795865194004795637221226902067194633407757767792795252414073029114153019362701793292862118990912516058858923030408920700061749321</n>
<p>10436034022637868273483137633548989700482895839559909621411910579140541345632481969613724849214412062500244238926015929148144084368427474551770487566048119</p>
<pPrime>5218017011318934136741568816774494850241447919779954810705955289570270672816240984806862424607206031250122119463007964574072042184213737275885243783024059</pPrime>
<q>9204968012315139729618449685392284928468933831570080795536662422367142181432679739143882888540883909887054345986640656981843559062844656131133512640733759</q>
<qPrime>4602484006157569864809224842696142464234466915785040397768331211183571090716339869571941444270441954943527172993320328490921779531422328065566756320366879</qPrime>
</Elements>
</IssuerPrivateKey>
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<IssuerPrivateKey xmlns="http://www.zurich.ibm.com/security/idemix" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.zurich.ibm.com/security/idemix IssuerPrivateKey.xsd">
<Counter>1</Counter>
<ExpiryDate>1491436800</ExpiryDate>
<References>
<IssuerPublicKey>http://www.irmacard.org/credentials/phase1/RU/ipk.xml</IssuerPublicKey>
</References>
<Elements>
<n>96063359353814070257464989369098573470645843347358957127875426328487326540633303185702306359400766259130239226832166456957259123554826741975265634464478609571816663003684533868318795865194004795637221226902067194633407757767792795252414073029114153019362701793292862118990912516058858923030408920700061749321</n>
<p>10436034022637868273483137633548989700482895839559909621411910579140541345632481969613724849214412062500244238926015929148144084368427474551770487566048119</p>
<pPrime>5218017011318934136741568816774494850241447919779954810705955289570270672816240984806862424607206031250122119463007964574072042184213737275885243783024059</pPrime>
<q>9204968012315139729618449685392284928468933831570080795536662422367142181432679739143882888540883909887054345986640656981843559062844656131133512640733759</q>
<qPrime>4602484006157569864809224842696142464234466915785040397768331211183571090716339869571941444270441954943527172993320328490921779531422328065566756320366879</qPrime>
</Elements>
</IssuerPrivateKey>
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<IssuerPrivateKey xmlns="http://www.zurich.ibm.com/security/idemix" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.zurich.ibm.com/security/idemix IssuerPrivateKey.xsd">
<Counter>2</Counter>
<ExpiryDate>1893456000</ExpiryDate>
<References>
<IssuerPublicKey>http://www.irmacard.org/credentials/phase1/RU/ipk.xml</IssuerPublicKey>
</References>
<Elements>
<n>96063359353814070257464989369098573470645843347358957127875426328487326540633303185702306359400766259130239226832166456957259123554826741975265634464478609571816663003684533868318795865194004795637221226902067194633407757767792795252414073029114153019362701793292862118990912516058858923030408920700061749321</n>
<p>10436034022637868273483137633548989700482895839559909621411910579140541345632481969613724849214412062500244238926015929148144084368427474551770487566048119</p>
<pPrime>5218017011318934136741568816774494850241447919779954810705955289570270672816240984806862424607206031250122119463007964574072042184213737275885243783024059</pPrime>
<q>9204968012315139729618449685392284928468933831570080795536662422367142181432679739143882888540883909887054345986640656981843559062844656131133512640733759</q>
<qPrime>4602484006157569864809224842696142464234466915785040397768331211183571090716339869571941444270441954943527172993320328490921779531422328065566756320366879</qPrime>
</Elements>
</IssuerPrivateKey>
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<IssuerPrivateKey xmlns="http://www.zurich.ibm.com/security/idemix" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.zurich.ibm.com/security/idemix IssuerPrivateKey.xsd">
<Counter>0</Counter>
<ExpiryDate>1491436800</ExpiryDate>
<References>
<IssuerPublicKey>http://www.irmacard.org/credentials/phase1/RU/ipk.xml</IssuerPublicKey>
</References>
<Elements>
<n>96063359353814070257464989369098573470645843347358957127875426328487326540633303185702306359400766259130239226832166456957259123554826741975265634464478609571816663003684533868318795865194004795637221226902067194633407757767792795252414073029114153019362701793292862118990912516058858923030408920700061749321</n>
<p>10436034022637868273483137633548989700482895839559909621411910579140541345632481969613724849214412062500244238926015929148144084368427474551770487566048119</p>
<pPrime>5218017011318934136741568816774494850241447919779954810705955289570270672816240984806862424607206031250122119463007964574072042184213737275885243783024059</pPrime>
<q>9204968012315139729618449685392284928468933831570080795536662422367142181432679739143882888540883909887054345986640656981843559062844656131133512640733759</q>
<qPrime>4602484006157569864809224842696142464234466915785040397768331211183571090716339869571941444270441954943527172993320328490921779531422328065566756320366879</qPrime>
</Elements>
</IssuerPrivateKey>
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<IssuerPrivateKey xmlns="http://www.zurich.ibm.com/security/idemix" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.zurich.ibm.com/security/idemix IssuerPrivateKey.xsd">
<Counter>1</Counter>
<ExpiryDate>1491436800</ExpiryDate>
<References>
<IssuerPublicKey>http://www.irmacard.org/credentials/phase1/RU/ipk.xml</IssuerPublicKey>
</References>
<Elements>
<n>96063359353814070257464989369098573470645843347358957127875426328487326540633303185702306359400766259130239226832166456957259123554826741975265634464478609571816663003684533868318795865194004795637221226902067194633407757767792795252414073029114153019362701793292862118990912516058858923030408920700061749321</n>
<p>10436034022637868273483137633548989700482895839559909621411910579140541345632481969613724849214412062500244238926015929148144084368427474551770487566048119</p>
<pPrime>5218017011318934136741568816774494850241447919779954810705955289570270672816240984806862424607206031250122119463007964574072042184213737275885243783024059</pPrime>
<q>9204968012315139729618449685392284928468933831570080795536662422367142181432679739143882888540883909887054345986640656981843559062844656131133512640733759</q>
<qPrime>4602484006157569864809224842696142464234466915785040397768331211183571090716339869571941444270441954943527172993320328490921779531422328065566756320366879</qPrime>
</Elements>
</IssuerPrivateKey>
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<IssuerPrivateKey xmlns="http://www.zurich.ibm.com/security/idemix" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.zurich.ibm.com/security/idemix IssuerPrivateKey.xsd">
<Counter>2</Counter>
<ExpiryDate>1893456000</ExpiryDate>
<References>
<IssuerPublicKey>http://www.irmacard.org/credentials/phase1/RU/ipk.xml</IssuerPublicKey>
</References>
<Elements>
<n>96063359353814070257464989369098573470645843347358957127875426328487326540633303185702306359400766259130239226832166456957259123554826741975265634464478609571816663003684533868318795865194004795637221226902067194633407757767792795252414073029114153019362701793292862118990912516058858923030408920700061749321</n>
<p>10436034022637868273483137633548989700482895839559909621411910579140541345632481969613724849214412062500244238926015929148144084368427474551770487566048119</p>
<pPrime>5218017011318934136741568816774494850241447919779954810705955289570270672816240984806862424607206031250122119463007964574072042184213737275885243783024059</pPrime>
<q>9204968012315139729618449685392284928468933831570080795536662422367142181432679739143882888540883909887054345986640656981843559062844656131133512640733759</q>
<qPrime>4602484006157569864809224842696142464234466915785040397768331211183571090716339869571941444270441954943527172993320328490921779531422328065566756320366879</qPrime>
</Elements>
</IssuerPrivateKey>
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<IssuerPrivateKey xmlns="http://www.zurich.ibm.com/security/idemix" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.zurich.ibm.com/security/idemix IssuerPrivateKey.xsd">
<Counter>0</Counter>
<ExpiryDate>1491436800</ExpiryDate>
<References>
<IssuerPublicKey>http://www.irmacard.org/credentials/phase1/RU/ipk.xml</IssuerPublicKey>
</References>
<Elements>
<n>96063359353814070257464989369098573470645843347358957127875426328487326540633303185702306359400766259130239226832166456957259123554826741975265634464478609571816663003684533868318795865194004795637221226902067194633407757767792795252414073029114153019362701793292862118990912516058858923030408920700061749321</n>
<p>10436034022637868273483137633548989700482895839559909621411910579140541345632481969613724849214412062500244238926015929148144084368427474551770487566048119</p>
<pPrime>5218017011318934136741568816774494850241447919779954810705955289570270672816240984806862424607206031250122119463007964574072042184213737275885243783024059</pPrime>
<q>9204968012315139729618449685392284928468933831570080795536662422367142181432679739143882888540883909887054345986640656981843559062844656131133512640733759</q>
<qPrime>4602484006157569864809224842696142464234466915785040397768331211183571090716339869571941444270441954943527172993320328490921779531422328065566756320366879</qPrime>
</Elements>
</IssuerPrivateKey>
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<IssuerPrivateKey xmlns="http://www.zurich.ibm.com/security/idemix" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.zurich.ibm.com/security/idemix IssuerPrivateKey.xsd">
<Counter>1</Counter>
<ExpiryDate>1491436800</ExpiryDate>
<References>
<IssuerPublicKey>http://www.irmacard.org/credentials/phase1/RU/ipk.xml</IssuerPublicKey>
</References>
<Elements>
<n>96063359353814070257464989369098573470645843347358957127875426328487326540633303185702306359400766259130239226832166456957259123554826741975265634464478609571816663003684533868318795865194004795637221226902067194633407757767792795252414073029114153019362701793292862118990912516058858923030408920700061749321</n>
<p>10436034022637868273483137633548989700482895839559909621411910579140541345632481969613724849214412062500244238926015929148144084368427474551770487566048119</p>
<pPrime>5218017011318934136741568816774494850241447919779954810705955289570270672816240984806862424607206031250122119463007964574072042184213737275885243783024059</pPrime>
<q>9204968012315139729618449685392284928468933831570080795536662422367142181432679739143882888540883909887054345986640656981843559062844656131133512640733759</q>
<qPrime>4602484006157569864809224842696142464234466915785040397768331211183571090716339869571941444270441954943527172993320328490921779531422328065566756320366879</qPrime>
</Elements>
</IssuerPrivateKey>
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<IssuerPrivateKey xmlns="http://www.zurich.ibm.com/security/idemix" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.zurich.ibm.com/security/idemix IssuerPrivateKey.xsd">
<Counter>2</Counter>
<ExpiryDate>1893456000</ExpiryDate>
<References>
<IssuerPublicKey>http://www.irmacard.org/credentials/phase1/RU/ipk.xml</IssuerPublicKey>
</References>
<Elements>
<n>96063359353814070257464989369098573470645843347358957127875426328487326540633303185702306359400766259130239226832166456957259123554826741975265634464478609571816663003684533868318795865194004795637221226902067194633407757767792795252414073029114153019362701793292862118990912516058858923030408920700061749321</n>
<p>10436034022637868273483137633548989700482895839559909621411910579140541345632481969613724849214412062500244238926015929148144084368427474551770487566048119</p>
<pPrime>5218017011318934136741568816774494850241447919779954810705955289570270672816240984806862424607206031250122119463007964574072042184213737275885243783024059</pPrime>
<q>9204968012315139729618449685392284928468933831570080795536662422367142181432679739143882888540883909887054345986640656981843559062844656131133512640733759</q>
<qPrime>4602484006157569864809224842696142464234466915785040397768331211183571090716339869571941444270441954943527172993320328490921779531422328065566756320366879</qPrime>
</Elements>
</IssuerPrivateKey>
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<IssuerPrivateKey xmlns="http://www.zurich.ibm.com/security/idemix">
<Counter>3</Counter>
<ExpiryDate>1541423265</ExpiryDate>
<ExpiryDate>1881423265</ExpiryDate>
<Elements>
<p>147882317108362961092358686681091117936552132511772431915114531294604719166027241486648384335366329639528405524875840918719545613460930725462211277975294930287950184164010226584865100878900905742220919477940690349851872441550475716312277716199344922783584783719002164510058269408928807971356927464129173683919</p>
<q>157710783700452860004883757022542650602788992241984821716373458277997152152425512424422920245238294361139819651993857286799751712351597434077427924577706245018253951020863671270398285089445524318757855068299706150688288078591463349923367484848318208309240302773312803561594870795643078895291687553669994492443</q>
<pPrime>73941158554181480546179343340545558968276066255886215957557265647302359583013620743324192167683164819764202762437920459359772806730465362731105638987647465143975092082005113292432550439450452871110459738970345174925936220775237858156138858099672461391792391859501082255029134704464403985678463732064586841959</pPrime>
<qPrime>78855391850226430002441878511271325301394496120992410858186729138998576076212756212211460122619147180569909825996928643399875856175798717038713962288853122509126975510431835635199142544722762159378927534149853075344144039295731674961683742424159104154620151386656401780797435397821539447645843776834997246221</qPrime>
</Elements>
<ECDSA>MHcCAQEEIGRlMJL1I2xpSzf58+rX3IC8NCkiEmiyy2l7e7nN4314oAoGCCqGSM49AwEHoUQDQgAEuGpNjRlvlcUvF68gy4s/e6TJJgYKoBe7RaiMWF7H0sG0XEVNi1xYm9tgTvOnQp5HKv88QkYUxht3Zhk32qINoQ==</ECDSA>
</IssuerPrivateKey>
\ No newline at end of file
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment