Skip to content
Snippets Groups Projects
Commit be569e5e authored by Sietse Ringers's avatar Sietse Ringers
Browse files

Save secret key as json object, like the other stored objects

parent 96d12393
No related branches found
No related tags found
No related merge requests found
......@@ -89,8 +89,10 @@ func verifyCredentials(t *testing.T, manager *CredentialManager) {
cred.Credential.Signature.Verify(pk, cred.Attributes),
"Credential %s-%d was invalid", credtype.String(), index,
)
require.Equal(t, cred.Attributes[0], manager.secretkey,
"Secret key of credential %s-%d unequal to main secret key")
require.Equal(t, cred.Attributes[0], manager.secretkey.Key,
"Secret key of credential %s-%d unequal to main secret key",
cred.CredentialType().Identifier().String(), index,
)
}
}
}
......
......@@ -14,7 +14,7 @@ import (
// CredentialManager manages credentials.
type CredentialManager struct {
secretkey *big.Int
secretkey *secretKey
storagePath string
attributes map[CredentialTypeIdentifier][]*AttributeList
credentials map[CredentialTypeIdentifier]map[int]*credential
......@@ -27,6 +27,10 @@ type CredentialManager struct {
updates []update
}
type secretKey struct {
Key *big.Int
}
// CredentialInfoList returns a list of information of all contained credentials.
func (cm *CredentialManager) CredentialInfoList() CredentialInfoList {
list := CredentialInfoList([]*CredentialInfo{})
......@@ -41,8 +45,12 @@ func (cm *CredentialManager) CredentialInfoList() CredentialInfoList {
return list
}
func (cm *CredentialManager) generateSecretKey() (sk *big.Int, err error) {
return gabi.RandomBigInt(gabi.DefaultSystemParameters[1024].Lm)
func (cm *CredentialManager) generateSecretKey() (*secretKey, error) {
key, err := gabi.RandomBigInt(gabi.DefaultSystemParameters[1024].Lm)
if err != nil {
return nil, err
}
return &secretKey{Key: key}, nil
}
// attrs returns cm.attributes[id], initializing it to an empty slice if neccesary
......@@ -104,7 +112,7 @@ func (cm *CredentialManager) credential(id CredentialTypeIdentifier, counter int
return nil, errors.New("unknown public key")
}
cred, err := newCredential(&gabi.Credential{
Attributes: append([]*big.Int{cm.secretkey}, attrs.Ints...),
Attributes: append([]*big.Int{cm.secretkey.Key}, attrs.Ints...),
Signature: sig,
Pk: pk,
}, cm.Store)
......@@ -273,7 +281,8 @@ func (cm *CredentialManager) IssuanceProofBuilders(request *IssuanceRequest) (ga
if err != nil {
return nil, err
}
credBuilder := gabi.NewCredentialBuilder(pk, request.GetContext(), cm.secretkey, state.nonce2)
credBuilder := gabi.NewCredentialBuilder(
pk, request.GetContext(), cm.secretkey.Key, state.nonce2)
request.state.builders = append(request.state.builders, credBuilder)
proofBuilders = append(proofBuilders, credBuilder)
}
......
......@@ -9,7 +9,6 @@ import (
"crypto/rand"
"encoding/hex"
"math/big"
"path"
"time"
......@@ -217,8 +216,12 @@ func (cm *CredentialManager) ensureStorageExists() error {
return ensureDirectoryExists(cm.path(signaturesDir))
}
func (cm *CredentialManager) storeSecretKey(sk *big.Int) error {
return ioutil.WriteFile(cm.path(skFile), sk.Bytes(), 0600)
func (cm *CredentialManager) storeSecretKey(sk *secretKey) error {
bytes, err := json.Marshal(sk)
if err != nil {
return err
}
return ioutil.WriteFile(cm.path(skFile), bytes, 0600)
}
// Save the filecontents at the specified path atomically:
......@@ -310,20 +313,25 @@ func (cm *CredentialManager) loadSignature(attrs *AttributeList) (signature *gab
// loadSecretKey retrieves and returns the secret key from storage, or if no secret key
// was found in storage, it generates, saves, and returns a new secret key.
func (cm *CredentialManager) loadSecretKey() (*big.Int, error) {
func (cm *CredentialManager) loadSecretKey() (*secretKey, error) {
sk := &secretKey{}
var err error
exists, err := PathExists(cm.path(skFile))
if err != nil {
return nil, err
}
if exists {
var bytes []byte
if bytes, err = ioutil.ReadFile(cm.path(skFile)); err == nil {
return new(big.Int).SetBytes(bytes), nil
if bytes, err = ioutil.ReadFile(cm.path(skFile)); err != nil {
return nil, err
}
return nil, err
if err = json.Unmarshal(bytes, sk); err != nil {
return nil, err
}
return sk, err
}
sk, err := cm.generateSecretKey()
sk, err = cm.generateSecretKey()
if err != nil {
return nil, err
}
......
......@@ -82,7 +82,7 @@ func (cm *CredentialManager) ParseAndroidStorage() (present bool, err error) {
}
for _, list := range parsedjson {
cm.secretkey = list[0].Attributes[0]
cm.secretkey = &secretKey{Key: list[0].Attributes[0]}
for _, oldcred := range list {
gabicred := &gabi.Credential{
Attributes: oldcred.Attributes,
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment