Don't store server key in token database, make TokenServer responsible for database closure. #35
|
@ -1,6 +1,7 @@
|
||||||
package privacypass
|
package privacypass
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"crypto/sha512"
|
||||||
"git.openprivacy.ca/cwtch.im/tapir/persistence"
|
"git.openprivacy.ca/cwtch.im/tapir/persistence"
|
||||||
"git.openprivacy.ca/cwtch.im/tapir/primitives/core"
|
"git.openprivacy.ca/cwtch.im/tapir/primitives/core"
|
||||||
"git.openprivacy.ca/openprivacy/log"
|
"git.openprivacy.ca/openprivacy/log"
|
||||||
|
@ -67,8 +68,11 @@ func TestGenerateBlindedTokenBatch(t *testing.T) {
|
||||||
log.SetLevel(log.LevelDebug)
|
log.SetLevel(log.LevelDebug)
|
||||||
db := new(persistence.BoltPersistence)
|
db := new(persistence.BoltPersistence)
|
||||||
db.Open("tokens.db")
|
db.Open("tokens.db")
|
||||||
defer db.Close()
|
|
||||||
server := NewTokenServerFromStore(db)
|
fakeRand := sha512.Sum512([]byte{})
|
||||||
|
k := ristretto255.NewScalar().FromUniformBytes(fakeRand[:])
|
||||||
|
server := NewTokenServerFromStore(k, db)
|
||||||
|
defer server.Close()
|
||||||
|
|
||||||
clientTranscript := core.NewTranscript("privacyPass")
|
clientTranscript := core.NewTranscript("privacyPass")
|
||||||
serverTranscript := core.NewTranscript("privacyPass")
|
serverTranscript := core.NewTranscript("privacyPass")
|
||||||
|
@ -98,4 +102,5 @@ func TestGenerateBlindedTokenBatch(t *testing.T) {
|
||||||
if verified {
|
if verified {
|
||||||
t.Errorf("Something went wrong, the proof passed with wrong transcript: %s", wrongTranscript.OutputTranscriptToAudit())
|
t.Errorf("Something went wrong, the proof passed with wrong transcript: %s", wrongTranscript.OutputTranscriptToAudit())
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -28,7 +28,6 @@ type SignedBatchWithProof struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
const tokenBucket = "tokens"
|
const tokenBucket = "tokens"
|
||||||
const keyBucket = "keys"
|
|
||||||
|
|
||||||
// NewTokenServer generates a new TokenServer (used mostly for testing with ephemeral instances)
|
// NewTokenServer generates a new TokenServer (used mostly for testing with ephemeral instances)
|
||||||
func NewTokenServer() *TokenServer {
|
func NewTokenServer() *TokenServer {
|
||||||
|
@ -44,29 +43,25 @@ func NewTokenServer() *TokenServer {
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewTokenServerFromStore generates a new TokenServer backed by a persistence service.
|
// NewTokenServerFromStore generates a new TokenServer backed by a persistence service.
|
||||||
func NewTokenServerFromStore(persistenceService persistence.Service) *TokenServer {
|
func NewTokenServerFromStore(k *ristretto.Scalar, persistenceService persistence.Service) *TokenServer {
|
||||||
tokenServer := NewTokenServer()
|
tokenServer := NewTokenServer()
|
||||||
persistenceService.Setup([]string{tokenBucket})
|
persistenceService.Setup([]string{tokenBucket})
|
||||||
persistenceService.Setup([]string{keyBucket})
|
|
||||||
exists, err := persistenceService.Check(keyBucket, "k")
|
|
||||||
if err != nil {
|
|
||||||
panic(err)
|
|
||||||
}
|
|
||||||
// if we don't have a stored k then save the one we have generated
|
|
||||||
// otherwise use the k we have stored
|
|
||||||
if !exists {
|
|
||||||
persistenceService.Persist(keyBucket, "k", tokenServer.k)
|
|
||||||
} else {
|
|
||||||
persistenceService.Load(keyBucket, "k", tokenServer.k)
|
|
||||||
|
|
||||||
// recalculate public key from stored k
|
// recalculate public key from k
|
||||||
|
tokenServer.k = k
|
||||||
tokenServer.Y = new(ristretto.Element).ScalarBaseMult(tokenServer.k)
|
tokenServer.Y = new(ristretto.Element).ScalarBaseMult(tokenServer.k)
|
||||||
}
|
|
||||||
|
|
||||||
tokenServer.persistanceService = persistenceService
|
tokenServer.persistanceService = persistenceService
|
||||||
return tokenServer
|
return tokenServer
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Close ensures that the database is properly closed...
|
||||||
|
func (ts *TokenServer) Close() {
|
||||||
|
ts.mutex.Lock()
|
||||||
|
defer ts.mutex.Unlock()
|
||||||
|
ts.persistanceService.Close()
|
||||||
|
}
|
||||||
|
|
||||||
// SignBlindedToken calculates kP for the given BlindedToken P
|
// SignBlindedToken calculates kP for the given BlindedToken P
|
||||||
func (ts *TokenServer) SignBlindedToken(bt BlindedToken) SignedToken {
|
func (ts *TokenServer) SignBlindedToken(bt BlindedToken) SignedToken {
|
||||||
Q := new(ristretto.Element).ScalarMult(ts.k, bt.P)
|
Q := new(ristretto.Element).ScalarMult(ts.k, bt.P)
|
||||||
|
|
|
@ -12,7 +12,6 @@ import (
|
||||||
"sync"
|
"sync"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
// ServiceMetrics outlines higher level information about the service e.g. counts of connections
|
// ServiceMetrics outlines higher level information about the service e.g. counts of connections
|
||||||
type ServiceMetrics struct {
|
type ServiceMetrics struct {
|
||||||
ConnectionCount int
|
ConnectionCount int
|
||||||
|
|
Loading…
Reference in New Issue