Commit ff181fcb authored by Sietse Ringers's avatar Sietse Ringers
Browse files

Move functions across files

parent 3f4c5d6c
......@@ -163,7 +163,7 @@ func HandleProtocolMessage(
}
}
if method == "GET" && verb == "status" {
status, output = responseJson(handleGetStatus(session), nil)
status, output = responseJson(session.handleGetStatus(), nil)
return
}
status, output = responseJson(nil, session.fail(irmaserver.ErrorInvalidRequest, ""))
......
package backend
import (
"encoding/json"
"net/http"
"runtime/debug"
"time"
"github.com/mhe/gabi"
"github.com/privacybydesign/irmago"
"github.com/privacybydesign/irmago/irmaserver"
)
// This file contains the handler functions for the protocol messages, receiving and returning normally
// Go-typed messages here (JSON (un)marshalling is handled by the router).
// Maintaining the session state is done here, as well as checking whether the session is in the
// appropriate status before handling the request.
var conf *irmaserver.Configuration
func (session *session) handleDelete() {
......@@ -18,6 +18,7 @@ func (session *session) handleDelete() {
return
}
session.markAlive()
// TODO const ProofStatusCancelled = irma.ProofStatus("CANCELLED") ?
session.result = &irmaserver.SessionResult{Token: session.token}
session.setStatus(irmaserver.StatusCancelled)
......@@ -39,7 +40,7 @@ func (session *session) handleGetRequest(min, max *irma.ProtocolVersion) (irma.S
return session.request, nil
}
func handleGetStatus(session *session) irmaserver.Status {
func (session *session) handleGetStatus() irmaserver.Status {
return session.status
}
......@@ -68,52 +69,68 @@ func (session *session) handlePostProofs(proofs gabi.ProofList) (*irma.ProofStat
return &session.result.Status, nil
}
// Session helpers
func (session *session) finished() bool {
return session.status == irmaserver.StatusDone || session.status == irmaserver.StatusCancelled
}
func (session *session) markAlive() {
session.lastActive = time.Now()
}
func (session *session) handlePostCommitments(commitments *gabi.IssueCommitmentMessage) ([]*gabi.IssueSignatureMessage, *irma.RemoteError) {
if session.status != irmaserver.StatusConnected {
return nil, getError(irmaserver.ErrorUnexpectedRequest, "Session not yet started or already finished")
}
session.markAlive()
func (session *session) setStatus(status irmaserver.Status) {
session.status = status
}
request := session.request.(*irma.IssuanceRequest)
discloseCount := len(request.Disclose)
if len(commitments.Proofs) != len(request.Credentials)+discloseCount {
return nil, session.fail(irmaserver.ErrorAttributesMissing, "")
}
func (session *session) fail(err irmaserver.Error, message string) *irma.RemoteError {
rerr := getError(err, message)
session.setStatus(irmaserver.StatusCancelled)
session.result = &irmaserver.SessionResult{Err: rerr, Token: session.token}
return rerr
}
// Compute list of public keys against which to verify the received proofs
disclosureproofs := irma.ProofList(commitments.Proofs[:discloseCount])
pubkeys, err := disclosureproofs.ExtractPublicKeys(conf.IrmaConfiguration)
if err != nil {
return nil, session.fail(irmaserver.ErrorInvalidProofs, err.Error())
}
for _, cred := range request.Credentials {
iss := cred.CredentialTypeID.IssuerIdentifier()
pubkey, _ := conf.IrmaConfiguration.PublicKey(iss, cred.KeyCounter) // No error, already checked earlier
pubkeys = append(pubkeys, pubkey)
}
// Output helpers
func getError(err irmaserver.Error, message string) *irma.RemoteError {
stack := string(debug.Stack())
conf.Logger.Errorf("Error: %d %s %s\n%s", err.Status, err.Type, message, stack)
return &irma.RemoteError{
Status: err.Status,
Description: err.Description,
ErrorName: string(err.Type),
Message: message,
Stacktrace: stack,
// Verify and merge keyshare server proofs, if any
for i, proof := range commitments.Proofs {
pubkey := pubkeys[i]
schemeid := irma.NewIssuerIdentifier(pubkey.Issuer).SchemeManagerIdentifier()
if conf.IrmaConfiguration.SchemeManagers[schemeid].Distributed() {
proofP, err := session.getProofP(commitments, schemeid)
if err != nil {
return nil, session.fail(irmaserver.ErrorKeyshareProofMissing, err.Error())
}
proof.MergeProofP(proofP, pubkey)
}
}
}
func responseJson(v interface{}, err *irma.RemoteError) (int, []byte) {
msg := v
status := http.StatusOK
if err != nil {
msg = err
status = err.Status
// Verify all proofs and check disclosed attributes, if any, against request
session.result.Disclosed, session.result.Status = irma.ProofList(commitments.Proofs).VerifyAgainstDisjunctions(
conf.IrmaConfiguration, request.Disclose, request.Context, request.Nonce, pubkeys, false)
if session.result.Status != irma.ProofStatusValid {
return nil, session.fail(irmaserver.ErrorInvalidProofs, "")
}
b, e := json.Marshal(msg)
if e != nil {
conf.Logger.Error("Failed to serialize response:", e.Error())
return http.StatusInternalServerError, nil
// Compute CL signatures
var sigs []*gabi.IssueSignatureMessage
for i, cred := range request.Credentials {
id := cred.CredentialTypeID.IssuerIdentifier()
pk, _ := conf.IrmaConfiguration.PublicKey(id, cred.KeyCounter)
issuer := gabi.NewIssuer(conf.PrivateKeys[id], pk, one)
proof := commitments.Proofs[i+discloseCount].(*gabi.ProofU)
attributes, err := cred.AttributeList(conf.IrmaConfiguration, 0x03)
if err != nil {
return nil, session.fail(irmaserver.ErrorUnknown, err.Error())
}
sig, err := issuer.IssueSignature(proof.U, attributes.Ints, commitments.Nonce2)
if err != nil {
return nil, session.fail(irmaserver.ErrorUnknown, err.Error())
}
sigs = append(sigs, sig)
}
return status, b
session.setStatus(irmaserver.StatusDone)
return sigs, nil
}
package backend
import (
"encoding/json"
"fmt"
"net/http"
"runtime/debug"
"strconv"
"time"
......@@ -12,6 +15,58 @@ import (
"github.com/privacybydesign/irmago/irmaserver"
)
// Session helpers
func (session *session) finished() bool {
return session.status == irmaserver.StatusDone || session.status == irmaserver.StatusCancelled
}
func (session *session) markAlive() {
session.lastActive = time.Now()
}
func (session *session) setStatus(status irmaserver.Status) {
session.status = status
}
func (session *session) fail(err irmaserver.Error, message string) *irma.RemoteError {
rerr := getError(err, message)
session.setStatus(irmaserver.StatusCancelled)
session.result = &irmaserver.SessionResult{Err: rerr, Token: session.token}
return rerr
}
// Output helpers
func getError(err irmaserver.Error, message string) *irma.RemoteError {
stack := string(debug.Stack())
conf.Logger.Errorf("Error: %d %s %s\n%s", err.Status, err.Type, message, stack)
return &irma.RemoteError{
Status: err.Status,
Description: err.Description,
ErrorName: string(err.Type),
Message: message,
Stacktrace: stack,
}
}
func responseJson(v interface{}, err *irma.RemoteError) (int, []byte) {
msg := v
status := http.StatusOK
if err != nil {
msg = err
status = err.Status
}
b, e := json.Marshal(msg)
if e != nil {
conf.Logger.Error("Failed to serialize response:", e.Error())
return http.StatusInternalServerError, nil
}
return status, b
}
// Issuance helpers
func validateIssuanceRequest(request *irma.IssuanceRequest) error {
for _, cred := range request.Credentials {
// Check that we have the appropriate private key
......@@ -83,68 +138,15 @@ func (session *session) getProofP(commitments *gabi.IssueCommitmentMessage, sche
return session.kssProofs[scheme], nil
}
func (session *session) handlePostCommitments(commitments *gabi.IssueCommitmentMessage) ([]*gabi.IssueSignatureMessage, *irma.RemoteError) {
if session.status != irmaserver.StatusConnected {
return nil, getError(irmaserver.ErrorUnexpectedRequest, "Session not yet started or already finished")
}
session.markAlive()
// Other
request := session.request.(*irma.IssuanceRequest)
discloseCount := len(request.Disclose)
if len(commitments.Proofs) != len(request.Credentials)+discloseCount {
return nil, session.fail(irmaserver.ErrorAttributesMissing, "")
func chooseProtocolVersion(min, max *irma.ProtocolVersion) (*irma.ProtocolVersion, error) {
if min.AboveVersion(minProtocolVersion) || max.BelowVersion(min) {
return nil, errors.Errorf("Protocol version negotiation failed, min=%s max=%s", min.String(), max.String())
}
// Compute list of public keys against which to verify the received proofs
disclosureproofs := irma.ProofList(commitments.Proofs[:discloseCount])
pubkeys, err := disclosureproofs.ExtractPublicKeys(conf.IrmaConfiguration)
if err != nil {
return nil, session.fail(irmaserver.ErrorInvalidProofs, err.Error())
}
for _, cred := range request.Credentials {
iss := cred.CredentialTypeID.IssuerIdentifier()
pubkey, _ := conf.IrmaConfiguration.PublicKey(iss, cred.KeyCounter) // No error, already checked earlier
pubkeys = append(pubkeys, pubkey)
}
// Verify and merge keyshare server proofs, if any
for i, proof := range commitments.Proofs {
pubkey := pubkeys[i]
schemeid := irma.NewIssuerIdentifier(pubkey.Issuer).SchemeManagerIdentifier()
if conf.IrmaConfiguration.SchemeManagers[schemeid].Distributed() {
proofP, err := session.getProofP(commitments, schemeid)
if err != nil {
return nil, session.fail(irmaserver.ErrorKeyshareProofMissing, err.Error())
}
proof.MergeProofP(proofP, pubkey)
}
if max.AboveVersion(maxProtocolVersion) {
return maxProtocolVersion, nil
} else {
return max, nil
}
// Verify all proofs and check disclosed attributes, if any, against request
session.result.Disclosed, session.result.Status = irma.ProofList(commitments.Proofs).VerifyAgainstDisjunctions(
conf.IrmaConfiguration, request.Disclose, request.Context, request.Nonce, pubkeys, false)
if session.result.Status != irma.ProofStatusValid {
return nil, session.fail(irmaserver.ErrorInvalidProofs, "")
}
// Compute CL signatures
var sigs []*gabi.IssueSignatureMessage
for i, cred := range request.Credentials {
id := cred.CredentialTypeID.IssuerIdentifier()
pk, _ := conf.IrmaConfiguration.PublicKey(id, cred.KeyCounter)
issuer := gabi.NewIssuer(conf.PrivateKeys[id], pk, one)
proof := commitments.Proofs[i+discloseCount].(*gabi.ProofU)
attributes, err := cred.AttributeList(conf.IrmaConfiguration, 0x03)
if err != nil {
return nil, session.fail(irmaserver.ErrorUnknown, err.Error())
}
sig, err := issuer.IssueSignature(proof.U, attributes.Ints, commitments.Nonce2)
if err != nil {
return nil, session.fail(irmaserver.ErrorUnknown, err.Error())
}
sigs = append(sigs, sig)
}
session.setStatus(irmaserver.StatusDone)
return sigs, nil
}
......@@ -6,7 +6,6 @@ import (
"sync"
"time"
"github.com/go-errors/errors"
"github.com/mhe/gabi"
"github.com/privacybydesign/irmago"
"github.com/privacybydesign/irmago/irmaserver"
......@@ -125,14 +124,3 @@ func newSessionToken() string {
}
return string(b)
}
func chooseProtocolVersion(min, max *irma.ProtocolVersion) (*irma.ProtocolVersion, error) {
if min.AboveVersion(minProtocolVersion) || max.BelowVersion(min) {
return nil, errors.Errorf("Protocol version negotiation failed, min=%s max=%s", min.String(), max.String())
}
if max.AboveVersion(maxProtocolVersion) {
return maxProtocolVersion, nil
} else {
return max, nil
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment