Commit eec210bf authored by Sietse Ringers's avatar Sietse Ringers
Browse files

Merge branch 'singleton'

parents 5b99f4b7 465d68ee
......@@ -39,6 +39,7 @@ type metadataField struct {
type MetadataAttribute struct {
Int *big.Int
pk *gabi.PublicKey
store *ConfigurationStore
}
// AttributeList contains attributes, excluding the secret key,
......@@ -68,8 +69,8 @@ func (al *AttributeList) UnmarshalJSON(bytes []byte) error {
}
// NewAttributeListFromInts initializes a new AttributeList from a list of bigints.
func NewAttributeListFromInts(ints []*big.Int) (*AttributeList, error) {
meta := MetadataFromInt(ints[0])
func NewAttributeListFromInts(ints []*big.Int, store *ConfigurationStore) (*AttributeList, error) {
meta := MetadataFromInt(ints[0], store)
if ints[0] == nil || meta.CredentialType() == nil {
return nil, errors.New("Encountered credential of unknown type")
}
......@@ -112,8 +113,8 @@ func (al *AttributeList) Attribute(identifier AttributeTypeIdentifier) string {
}
// MetadataFromInt wraps the given Int
func MetadataFromInt(i *big.Int) *MetadataAttribute {
return &MetadataAttribute{Int: i}
func MetadataFromInt(i *big.Int, store *ConfigurationStore) *MetadataAttribute {
return &MetadataAttribute{Int: i, store: store}
}
// NewMetadataAttribute constructs a new instance containing the default values:
......@@ -122,7 +123,7 @@ func MetadataFromInt(i *big.Int) *MetadataAttribute {
// 0 as keycounter
// ValidityDefault (half a year) as default validity.
func NewMetadataAttribute() *MetadataAttribute {
val := MetadataAttribute{new(big.Int), nil}
val := MetadataAttribute{new(big.Int), nil, nil}
val.setField(versionField, metadataVersion)
val.setSigningDate()
val.setKeyCounter(0)
......@@ -295,9 +296,9 @@ func (disjunction *AttributeDisjunction) Satisfied() bool {
// MatchesStore returns true if all attributes contained in the disjunction are
// present in the MetaStore.
func (disjunction *AttributeDisjunction) MatchesStore() bool {
func (disjunction *AttributeDisjunction) MatchesStore(store *ConfigurationStore) bool {
for ai := range disjunction.Values {
creddescription, exists := MetaStore.Credentials[ai.CredentialTypeIdentifier()]
creddescription, exists := store.Credentials[ai.CredentialTypeIdentifier()]
if !exists {
return false
}
......
......@@ -31,22 +31,23 @@ type IgnoringKeyshareHandler struct{}
func (i *IgnoringKeyshareHandler) StartRegistration(m *SchemeManager, callback func(e, p string)) {
}
func parseStorage(t *testing.T) {
func parseStorage(t *testing.T) *CredentialManager {
exists, err := PathExists("testdata/storage/test")
require.NoError(t, err, "pathexists() failed")
if !exists {
require.NoError(t, os.Mkdir("testdata/storage/test", 0755), "Could not create test storage")
}
require.NoError(t, Manager.Init(
manager, err := NewCredentialManager(
"testdata/storage/test",
"testdata/irma_configuration",
&IgnoringKeyshareHandler{},
), "Manager.Init() failed")
)
require.NoError(t, err)
return manager
}
func teardown(t *testing.T) {
MetaStore = newConfigurationStore()
Manager = newCredentialManager()
assert.NoError(t, os.RemoveAll("testdata/storage/test"))
// TODO first RemoveAll?!
}
......@@ -58,22 +59,22 @@ func s2big(s string) (r *big.Int) {
return
}
func parseAndroidStorage(t *testing.T) {
assert.NoError(t, Manager.ParseAndroidStorage(), "ParseAndroidStorage() failed")
func parseAndroidStorage(t *testing.T, manager *CredentialManager) {
assert.NoError(t, manager.ParseAndroidStorage(), "ParseAndroidStorage() failed")
}
func verifyManagerIsUnmarshaled(t *testing.T) {
cred, err := Manager.credential(NewCredentialTypeIdentifier("irma-demo.RU.studentCard"), 0)
func verifyManagerIsUnmarshaled(t *testing.T, manager *CredentialManager) {
cred, err := manager.credential(NewCredentialTypeIdentifier("irma-demo.RU.studentCard"), 0)
assert.NoError(t, err, "could not fetch credential")
assert.NotNil(t, cred, "Credential should exist")
assert.NotNil(t, cred.Attributes[0], "Metadata attribute of irma-demo.RU.studentCard should not be nil")
cred, err = Manager.credential(NewCredentialTypeIdentifier("test.test.mijnirma"), 0)
cred, err = manager.credential(NewCredentialTypeIdentifier("test.test.mijnirma"), 0)
assert.NoError(t, err, "could not fetch credential")
assert.NotNil(t, cred, "Credential should exist")
assert.NotNil(t, cred.Signature.KeyshareP)
assert.NotEmpty(t, Manager.CredentialInfoList())
assert.NotEmpty(t, manager.CredentialInfoList())
assert.True(t,
cred.Signature.Verify(cred.PublicKey(), cred.Attributes),
......@@ -81,14 +82,14 @@ func verifyManagerIsUnmarshaled(t *testing.T) {
)
}
func verifyCredentials(t *testing.T) {
for credtype, credsmap := range Manager.credentials {
func verifyCredentials(t *testing.T, manager *CredentialManager) {
for credtype, credsmap := range manager.credentials {
for index, cred := range credsmap {
require.True(t,
cred.Credential.Signature.Verify(cred.PublicKey(), cred.Attributes),
"Credential %s-%d was invalid", credtype.String(), index,
)
require.Equal(t, cred.Attributes[0], Manager.secretkey,
require.Equal(t, cred.Attributes[0], manager.secretkey,
"Secret key of credential %s-%d unequal to main secret key")
}
}
......@@ -111,16 +112,16 @@ func verifyPaillierKey(t *testing.T, PrivateKey *paillierPrivateKey) {
require.Equal(t, plaintext, string(decrypted))
}
func verifyKeyshareIsUnmarshaled(t *testing.T) {
require.NotNil(t, Manager.paillierKeyCache)
require.NotNil(t, Manager.keyshareServers)
func verifyKeyshareIsUnmarshaled(t *testing.T, manager *CredentialManager) {
require.NotNil(t, manager.paillierKeyCache)
require.NotNil(t, manager.keyshareServers)
test := NewSchemeManagerIdentifier("test")
require.Contains(t, Manager.keyshareServers, test)
kss := Manager.keyshareServers[test]
require.Contains(t, manager.keyshareServers, test)
kss := manager.keyshareServers[test]
require.NotEmpty(t, kss.Nonce)
verifyPaillierKey(t, kss.PrivateKey)
verifyPaillierKey(t, Manager.paillierKeyCache)
verifyPaillierKey(t, manager.paillierKeyCache)
}
func verifyStoreIsLoaded(t *testing.T) {
......@@ -152,28 +153,27 @@ func verifyStoreIsLoaded(t *testing.T) {
}
func TestAndroidParse(t *testing.T) {
parseStorage(t)
manager := parseStorage(t)
verifyStoreIsLoaded(t)
parseAndroidStorage(t)
verifyManagerIsUnmarshaled(t)
verifyCredentials(t)
verifyKeyshareIsUnmarshaled(t)
parseAndroidStorage(t, manager)
verifyManagerIsUnmarshaled(t, manager)
verifyCredentials(t, manager)
verifyKeyshareIsUnmarshaled(t, manager)
teardown(t)
}
func TestUnmarshaling(t *testing.T) {
parseStorage(t)
parseAndroidStorage(t)
manager := parseStorage(t)
parseAndroidStorage(t, manager)
Manager = newCredentialManager()
err := Manager.Init("testdata/storage/test", "testdata/irma_configuration", nil)
newmanager, err := NewCredentialManager("testdata/storage/test", "testdata/irma_configuration", nil)
require.NoError(t, err)
verifyManagerIsUnmarshaled(t)
verifyCredentials(t)
verifyKeyshareIsUnmarshaled(t)
verifyManagerIsUnmarshaled(t, newmanager)
verifyCredentials(t, newmanager)
verifyKeyshareIsUnmarshaled(t, newmanager)
teardown(t)
}
......@@ -195,10 +195,11 @@ func TestMetadataAttribute(t *testing.T) {
}
func TestMetadataCompatibility(t *testing.T) {
require.NoError(t, MetaStore.ParseFolder("testdata/irma_configuration"))
store := newConfigurationStore()
require.NoError(t, store.ParseFolder("testdata/irma_configuration"))
// An actual metadata attribute of an IRMA credential extracted from the IRMA app
attr := MetadataFromInt(s2big("49043481832371145193140299771658227036446546573739245068"))
attr := MetadataFromInt(s2big("49043481832371145193140299771658227036446546573739245068"), store)
assert.NotNil(t, attr.CredentialType(), "attr.CredentialType() should not be nil")
assert.Equal(t,
......@@ -215,6 +216,8 @@ func TestMetadataCompatibility(t *testing.T) {
}
func TestAttributeDisjunctionMarshaling(t *testing.T) {
store := newConfigurationStore()
store.ParseFolder("testdata/irma_configuration")
disjunction := AttributeDisjunction{}
var _ json.Unmarshaler = &disjunction
......@@ -249,7 +252,7 @@ func TestAttributeDisjunctionMarshaling(t *testing.T) {
require.False(t, disjunction.HasValues())
require.Contains(t, disjunction.Attributes, id)
require.True(t, disjunction.MatchesStore())
require.True(t, disjunction.MatchesStore(store))
require.False(t, disjunction.Satisfied())
disjunction.selected = &disjunction.Attributes[0]
......@@ -257,14 +260,14 @@ func TestAttributeDisjunctionMarshaling(t *testing.T) {
}
func TestCandidates(t *testing.T) {
parseStorage(t)
parseAndroidStorage(t)
manager := parseStorage(t)
parseAndroidStorage(t, manager)
attrtype := NewAttributeTypeIdentifier("irma-demo.RU.studentCard.studentID")
disjunction := &AttributeDisjunction{
Attributes: []AttributeTypeIdentifier{attrtype},
}
attrs := Manager.Candidates(disjunction)
attrs := manager.Candidates(disjunction)
require.NotNil(t, attrs)
require.Len(t, attrs, 1)
......@@ -276,7 +279,7 @@ func TestCandidates(t *testing.T) {
Attributes: []AttributeTypeIdentifier{attrtype},
Values: map[AttributeTypeIdentifier]string{attrtype: "456"},
}
attrs = Manager.Candidates(disjunction)
attrs = manager.Candidates(disjunction)
require.NotNil(t, attrs)
require.Len(t, attrs, 1)
......@@ -284,7 +287,7 @@ func TestCandidates(t *testing.T) {
Attributes: []AttributeTypeIdentifier{attrtype},
Values: map[AttributeTypeIdentifier]string{attrtype: "foobarbaz"},
}
attrs = Manager.Candidates(disjunction)
attrs = manager.Candidates(disjunction)
require.NotNil(t, attrs)
require.Empty(t, attrs)
......@@ -347,14 +350,14 @@ func TestTransport(t *testing.T) {
}
func TestPaillier(t *testing.T) {
parseStorage(t)
parseAndroidStorage(t)
manager := parseStorage(t)
parseAndroidStorage(t, manager)
challenge, _ := gabi.RandomBigInt(256)
comm, _ := gabi.RandomBigInt(1000)
resp, _ := gabi.RandomBigInt(1000)
sk := Manager.paillierKey(true)
sk := manager.paillierKey(true)
bytes, err := sk.Encrypt(challenge.Bytes())
require.NoError(t, err)
cipher := new(big.Int).SetBytes(bytes)
......
......@@ -30,6 +30,7 @@ type keyshareSession struct {
sessionHandler keyshareSessionHandler
pinRequestor KeysharePinRequestor
keyshareServer *keyshareServer
credManager *CredentialManager
}
type keyshareServer struct {
......@@ -130,6 +131,7 @@ func (ks *keyshareServer) HashedPin(pin string) string {
// user cancels; or one of the keyshare servers blocks us.
// Error, blocked or success of the keyshare session is reported back to the keyshareSessionHandler.
func startKeyshareSession(
credManager *CredentialManager,
session IrmaSession,
builders gabi.ProofBuilderList,
sessionHandler keyshareSessionHandler,
......@@ -137,9 +139,9 @@ func startKeyshareSession(
) {
ksscount := 0
for _, managerID := range session.SchemeManagers() {
if MetaStore.SchemeManagers[managerID].Distributed() {
if credManager.store.SchemeManagers[managerID].Distributed() {
ksscount++
if _, registered := Manager.keyshareServers[managerID]; !registered {
if _, registered := credManager.keyshareServers[managerID]; !registered {
err := errors.New("Not registered to keyshare server of scheme manager " + managerID.String())
sessionHandler.KeyshareError(err)
return
......@@ -158,16 +160,17 @@ func startKeyshareSession(
sessionHandler: sessionHandler,
transports: map[SchemeManagerIdentifier]*HTTPTransport{},
pinRequestor: pin,
credManager: credManager,
}
askPin := false
for _, managerID := range session.SchemeManagers() {
if !MetaStore.SchemeManagers[managerID].Distributed() {
if !ks.credManager.store.SchemeManagers[managerID].Distributed() {
continue
}
ks.keyshareServer = Manager.keyshareServers[managerID]
ks.keyshareServer = ks.credManager.keyshareServers[managerID]
transport := NewHTTPTransport(ks.keyshareServer.URL)
transport.SetHeader(kssUsernameHeader, ks.keyshareServer.Username)
transport.SetHeader(kssAuthHeader, ks.keyshareServer.token)
......@@ -231,11 +234,11 @@ func (ks *keyshareSession) VerifyPin(attempts int) {
// If all is ok, success will be true.
func (ks *keyshareSession) verifyPinAttempt(pin string) (success bool, tries int, blocked int, err error) {
for _, managerID := range ks.session.SchemeManagers() {
if !MetaStore.SchemeManagers[managerID].Distributed() {
if !ks.credManager.store.SchemeManagers[managerID].Distributed() {
continue
}
kss := Manager.keyshareServers[managerID]
kss := ks.credManager.keyshareServers[managerID]
transport := ks.transports[managerID]
pinmsg := keysharePinMessage{Username: kss.Username, Pin: kss.HashedPin(pin)}
pinresult := &keysharePinStatus{}
......@@ -282,7 +285,7 @@ func (ks *keyshareSession) GetCommitments() {
for _, builder := range ks.builders {
pk := builder.PublicKey()
managerID := NewIssuerIdentifier(pk.Issuer).SchemeManagerIdentifier()
if !MetaStore.SchemeManagers[managerID].Distributed() {
if !ks.credManager.store.SchemeManagers[managerID].Distributed() {
continue
}
if _, contains := pkids[managerID]; !contains {
......@@ -294,7 +297,7 @@ func (ks *keyshareSession) GetCommitments() {
// Now inform each keyshare server of with respect to which public keys
// we want them to send us commitments
for _, managerID := range ks.session.SchemeManagers() {
if !MetaStore.SchemeManagers[managerID].Distributed() {
if !ks.credManager.store.SchemeManagers[managerID].Distributed() {
continue
}
......@@ -398,7 +401,7 @@ func (ks *keyshareSession) finishDisclosureOrSigning(challenge *big.Int, respons
for i, builder := range ks.builders {
// Parse each received JWT
managerID := NewIssuerIdentifier(builder.PublicKey().Issuer).SchemeManagerIdentifier()
if !MetaStore.SchemeManagers[managerID].Distributed() {
if !ks.credManager.store.SchemeManagers[managerID].Distributed() {
continue
}
msg := struct {
......
......@@ -12,9 +12,6 @@ import (
"github.com/mhe/gabi"
)
// Manager is the global instance of CredentialManager.
var Manager = newCredentialManager()
// CredentialManager manages credentials.
type CredentialManager struct {
secretkey *big.Int
......@@ -22,15 +19,9 @@ type CredentialManager struct {
attributes map[CredentialTypeIdentifier][]*AttributeList
credentials map[CredentialTypeIdentifier]map[int]*credential
keyshareServers map[SchemeManagerIdentifier]*keyshareServer
paillierKeyCache *paillierPrivateKey
}
func newCredentialManager() *CredentialManager {
return &CredentialManager{
credentials: make(map[CredentialTypeIdentifier]map[int]*credential),
keyshareServers: make(map[SchemeManagerIdentifier]*keyshareServer),
}
store *ConfigurationStore
}
// CredentialInfoList returns a list of information of all contained credentials.
......@@ -87,7 +78,7 @@ func (cm *CredentialManager) credentialByID(id CredentialIdentifier) (cred *cred
// credential returns the requested credential, or nil if we do not have it.
func (cm *CredentialManager) credential(id CredentialTypeIdentifier, counter int) (cred *credential, err error) {
// If the requested credential is not in credential map, we check if its attributes were
// deserialized during Init(). If so, there should be a corresponding signature file,
// deserialized during NewCredentialManager(). If so, there should be a corresponding signature file,
// so we read that, construct the credential, and add it to the credential map
if _, exists := cm.creds(id)[counter]; !exists {
attrs := cm.Attributes(id, counter)
......@@ -151,7 +142,7 @@ func (cm *CredentialManager) Candidates(disjunction *AttributeDisjunction) []*At
for _, attribute := range disjunction.Attributes {
credID := attribute.CredentialTypeIdentifier()
if !MetaStore.Contains(credID) {
if !cm.store.Contains(credID) {
continue
}
creds := cm.credentials[credID]
......@@ -212,7 +203,7 @@ func (cm *CredentialManager) groupCredentials(choice *DisclosureChoice) (map[Cre
if identifier.IsCredential() {
continue // In this case we only disclose the metadata attribute, which is already handled
}
index, err := MetaStore.Credentials[identifier.CredentialTypeIdentifier()].IndexOf(identifier)
index, err := cm.store.Credentials[identifier.CredentialTypeIdentifier()].IndexOf(identifier)
if err != nil {
return nil, err
}
......@@ -276,7 +267,7 @@ func (cm *CredentialManager) IssuanceProofBuilders(request *IssuanceRequest) (ga
proofBuilders := gabi.ProofBuilderList([]gabi.ProofBuilder{})
for _, futurecred := range request.Credentials {
pk := MetaStore.PublicKey(futurecred.Credential.IssuerIdentifier(), futurecred.KeyCounter)
pk := cm.store.PublicKey(futurecred.Credential.IssuerIdentifier(), futurecred.KeyCounter)
credBuilder := gabi.NewCredentialBuilder(pk, request.GetContext(), cm.secretkey, state.nonce2)
request.state.builders = append(request.state.builders, credBuilder)
proofBuilders = append(proofBuilders, credBuilder)
......@@ -351,7 +342,7 @@ func (cm *CredentialManager) paillierKey(wait bool) *paillierPrivateKey {
func (cm *CredentialManager) unenrolledKeyshareServers() []*SchemeManager {
list := []*SchemeManager{}
for name, manager := range MetaStore.SchemeManagers {
for name, manager := range cm.store.SchemeManagers {
if _, contains := cm.keyshareServers[name]; len(manager.KeyshareServer) > 0 && !contains {
list = append(list, manager)
}
......@@ -361,7 +352,7 @@ func (cm *CredentialManager) unenrolledKeyshareServers() []*SchemeManager {
// KeyshareEnroll attempts to register at the keyshare server of the specified scheme manager.
func (cm *CredentialManager) KeyshareEnroll(managerID SchemeManagerIdentifier, email, pin string) error {
manager, ok := MetaStore.SchemeManagers[managerID]
manager, ok := cm.store.SchemeManagers[managerID]
if !ok {
return errors.New("Unknown scheme manager")
}
......@@ -373,7 +364,7 @@ func (cm *CredentialManager) KeyshareEnroll(managerID SchemeManagerIdentifier, e
}
transport := NewHTTPTransport(manager.KeyshareServer)
kss, err := newKeyshareServer(Manager.paillierKey(true), manager.KeyshareServer, email)
kss, err := newKeyshareServer(cm.paillierKey(true), manager.KeyshareServer, email)
if err != nil {
return err
}
......
......@@ -35,6 +35,7 @@ type session struct {
ServerURL string
Handler Handler
credManager *CredentialManager
jwt RequestorJwt
irmaSession IrmaSession
transport *HTTPTransport
......@@ -82,7 +83,7 @@ func calcVersion(qr *Qr) (string, error) {
}
// NewSession creates and starts a new IRMA session.
func NewSession(qr *Qr, handler Handler) {
func NewSession(credManager *CredentialManager, qr *Qr, handler Handler) {
version, err := calcVersion(qr)
if err != nil {
handler.Failure(ActionUnknown, &Error{ErrorCode: ErrorProtocolVersionNotSupported, Err: err})
......@@ -95,6 +96,7 @@ func NewSession(qr *Qr, handler Handler) {
ServerURL: qr.URL,
Handler: handler,
transport: NewHTTPTransport(qr.URL),
credManager: credManager,
}
// Check if the action is one of the supported types
......@@ -156,7 +158,7 @@ func (session *session) start() {
}
}
missing := Manager.CheckSatisfiability(session.irmaSession.DisjunctionList())
missing := session.credManager.CheckSatisfiability(session.irmaSession.DisjunctionList())
if len(missing) > 0 {
session.Handler.UnsatisfiableRequest(session.Action, missing)
return
......@@ -193,11 +195,11 @@ func (session *session) do(proceed bool) {
var err error
switch session.Action {
case ActionSigning:
message, err = Manager.Proofs(session.choice, session.irmaSession, true)
message, err = session.credManager.Proofs(session.choice, session.irmaSession, true)
case ActionDisclosing:
message, err = Manager.Proofs(session.choice, session.irmaSession, false)
message, err = session.credManager.Proofs(session.choice, session.irmaSession, false)
case ActionIssuing:
message, err = Manager.IssueCommitments(session.irmaSession.(*IssuanceRequest))
message, err = session.credManager.IssueCommitments(session.irmaSession.(*IssuanceRequest))
}
if err != nil {
session.Handler.Failure(session.Action, &Error{ErrorCode: ErrorCrypto, Err: err})
......@@ -211,15 +213,15 @@ func (session *session) do(proceed bool) {
case ActionSigning:
fallthrough
case ActionDisclosing:
builders, err = Manager.ProofBuilders(session.choice)
builders, err = session.credManager.ProofBuilders(session.choice)
case ActionIssuing:
builders, err = Manager.IssuanceProofBuilders(session.irmaSession.(*IssuanceRequest))
builders, err = session.credManager.IssuanceProofBuilders(session.irmaSession.(*IssuanceRequest))
}
if err != nil {
session.Handler.Failure(session.Action, &Error{ErrorCode: ErrorCrypto, Err: err})
}
startKeyshareSession(session.irmaSession, builders, session, session.Handler)
startKeyshareSession(session.credManager, session.irmaSession, builders, session, session.Handler)
}
}
......@@ -265,7 +267,7 @@ func (session *session) sendResponse(message interface{}) {
session.Handler.Failure(session.Action, err.(*Error))
return
}
if err = Manager.ConstructCredentials(response, session.irmaSession.(*IssuanceRequest)); err != nil {
if err = session.credManager.ConstructCredentials(response, session.irmaSession.(*IssuanceRequest)); err != nil {
session.Handler.Failure(session.Action, &Error{Err: err, ErrorCode: ErrorCrypto})
return
}
......
......@@ -16,6 +16,7 @@ import (
type TestHandler struct {
t *testing.T
c chan *Error
manager *CredentialManager
}
func (th TestHandler) StatusUpdate(action Action, status Status) {}
......@@ -43,7 +44,7 @@ func (th TestHandler) AskVerificationPermission(request DisclosureRequest, Serve
}
var candidates []*AttributeIdentifier
for _, disjunction := range request.Content {
candidates = Manager.Candidates(disjunction)
candidates = th.manager.Candidates(disjunction)
require.NotNil(th.t, candidates)
require.NotEmpty(th.t, candidates, 1)
choice.Attributes = append(choice.Attributes, candidates[0])
......@@ -132,7 +133,7 @@ func TestSigningSession(t *testing.T) {
name := "testsigclient"
jwtcontents := getSigningJwt(name, id)
sessionHelper(t, jwtcontents, "signature", true)
sessionHelper(t, jwtcontents, "signature", nil)
}
func TestDisclosureSession(t *testing.T) {
......@@ -140,7 +141,7 @@ func TestDisclosureSession(t *testing.T) {
name := "testsp"
jwtcontents := getDisclosureJwt(name, id)
sessionHelper(t, jwtcontents, "verification", true)
sessionHelper(t, jwtcontents, "verification", nil)
}
func TestIssuanceSession(t *testing.T) {
......@@ -148,13 +149,14 @@ func TestIssuanceSession(t *testing.T) {
name := "testip"
jwtcontents := getIssuanceJwt(name, id)
sessionHelper(t, jwtcontents, "issue", true)
sessionHelper(t, jwtcontents, "issue", nil)
}
func sessionHelper(t *testing.T, jwtcontents interface{}, url string, init bool) {
func sessionHelper(t *testing.T, jwtcontents interface{}, url string, manager *CredentialManager) {
init := manager == nil
if init {
parseStorage(t)
parseAndroidStorage(t)
manager = parseStorage(t)
parseAndroidStorage(t, manager)
}
url = "http://localhost:8081/irma_api_server/api/v2/" + url
......@@ -174,7 +176,7 @@ func sessionHelper(t *testing.T, jwtcontents interface{}, url string, init bool)
qr.URL = url + "/" + qr.URL
c := make(chan *Error)
NewSession(qr, TestHandler{t, c})
NewSession(manager, qr, TestHandler{t, c, manager})
if err := <-c; err != nil {
t.Fatal(*err)
......@@ -185,24 +187,24 @@ func sessionHelper(t *testing.T, jwtcontents interface{}, url string, init bool)
}
}
func registerKeyshareServer(t *testing.T) {
func registerKeyshareServer(t *testing.T, manager *CredentialManager) {
bytes := make([]byte, 8, 8)
rand.Read(bytes)
email := fmt.Sprintf("%s@example.com", hex.EncodeToString(bytes))
require.NoError(t, Manager.KeyshareEnroll(NewSchemeManagerIdentifier("test"), email, "12345"))
require.NoError(t, manager.KeyshareEnroll(NewSchemeManagerIdentifier("test"), email, "12345"))
}
// Register a new account at the keyshare server and do an issuance, disclosure,
// and issuance session, also using irma-demo credentials deserialized from Android storage
func TestKeyshareRegistrationAndSessions(t *testing.T) {
parseStorage(t)
parseAndroidStorage(t)
manager := parseStorage(t)
parseAndroidStorage(t, manager)
Manager.credentials[NewCredentialTypeIdentifier("test.test.mijnirma")] = map[int]*credential{}
manager.credentials[NewCredentialTypeIdentifier("test.test.mijnirma")] = map[int]*credential{}
test := NewSchemeManagerIdentifier("test")
err := Manager.KeyshareRemove(test)
err := manager.KeyshareRemove(test)
require.NoError(t, err)
registerKeyshareServer(t)
registerKeyshareServer(t, manager)
id := NewAttributeTypeIdentifier("irma-demo.RU.studentCard.studentID")
expiry := Timestamp(NewMetadataAttribute().Expiry())
......@@ -216,7 +218,7 @@ func TestKeyshareRegistrationAndSessions(t *testing.T) {
Attributes: map[string]string{"email": "example@example.com"},
},
)
sessionHelper(t, jwt, "issue", false)
sessionHelper(t, jwt, "issue", manager)
jwt = getDisclosureJwt("testsp", id)
jwt.(*ServiceProviderJwt).Request.Request.Content = append(
......@@ -226,7 +228,7 @@ func TestKeyshareRegistrationAndSessions(t *testing.T) {
Attributes: []AttributeTypeIdentifier{NewAttributeTypeIdentifier("test.test.mijnirma.email")},