From: nsz Date: Fri, 2 Dec 2011 01:10:14 +0000 (+0100) Subject: dsakey proof of concept (needs cleanup) X-Git-Url: http://nsz.repo.hu/git/?p=epoint;a=commitdiff_plain;h=ba050281925d304417cc0d4a80340b9dab9b6da8;hp=c407ea867002f1022bc41bb61e25dc4f4a2c5d02 dsakey proof of concept (needs cleanup) --- diff --git a/dsakey/dsakey.go b/dsakey/dsakey.go index eb5d129..f5fa9b5 100644 --- a/dsakey/dsakey.go +++ b/dsakey/dsakey.go @@ -104,3 +104,36 @@ func NewEntity(priv *dsa.PrivateKey, currentTimeSecs int64, name, comment, email return } +// simple key generation for obligation issuer clients +func NewIssuerEntity(r []byte, denomination string) (e *openpgp.Entity, err error) { + return NewEntity(PrivKey(r), 0, "Issuer", denomination, "") +} +// simple key generation for obligation holder clients +func NewHolderEntity(r []byte, issuer, denomination string) (e *openpgp.Entity, err error) { + return NewEntity(PrivKey(r), 0, "Holder of " + issuer, denomination, "") +} + +// check the issuer and denomination associated with the given pgp key +func CheckEntity(e *openpgp.Entity) (isIssuer bool, issuer, denomination string, err error) { + // TODO: allow non-epoint uids + if len(e.Identities) != 1 { + err = fmt.Errorf("CheckEntity: expected one identity") + return + } + for _, i := range e.Identities { + denomination = i.UserId.Comment + if i.UserId.Name == "Issuer" { + isIssuer = true + issuer = fmt.Sprintf("%X", e.PrimaryKey.Fingerprint) + return + } + prefix := "Holder of " + if i.UserId.Name[:len(prefix)] == prefix { + issuer = i.UserId.Name[len(prefix):] + return + } + break + } + err = fmt.Errorf("CheckENtity: invalid userid") + return +} diff --git a/dsakey/dsakey_test.go b/dsakey/dsakey_test.go index 9245199..29ba725 100644 --- a/dsakey/dsakey_test.go +++ b/dsakey/dsakey_test.go @@ -2,7 +2,7 @@ package dsakey import ( "crypto/openpgp" -// "fmt" + "fmt" "bytes" "time" "testing" @@ -19,7 +19,7 @@ func testSignAndVerify(t *testing.T, priv *openpgp.Entity) { _, err = openpgp.CheckDetachedSignature(openpgp.EntityList{priv}, bytes.NewBuffer(msg), w) if err != nil { - t.Errorf("Verify failed") + t.Errorf("Verify failed: %s", err) } } @@ -36,3 +36,83 @@ func TestKey(t *testing.T) { testSignAndVerify(t, priv) } } + +func TestGenIssuer(t *testing.T) { + denomination := "1/100 EUR" + priv, err := NewIssuerEntity([]byte("issuer-rand"), denomination) + if err != nil { + t.Errorf("new entity failed: %s", err) + } else { + testSignAndVerify(t, priv) + } + wpriv := new(bytes.Buffer) + err = priv.SerializePrivate(wpriv) + if err != nil { + t.Errorf("priv key serialization failed: %s", err) + return + } + wpub := new(bytes.Buffer) + err = priv.Serialize(wpub) + if err != nil { + t.Errorf("pub key serialization failed: %s", err) + return + } + es, err := openpgp.ReadKeyRing(wpub) + if err != nil { + t.Errorf("pub key parsing failed: %s", err) + return + } + isIssuer, issuer, denom, err := CheckEntity(es[0]) + if err != nil { + t.Errorf("pub key parsing failed: %s", err) + return + } + if !isIssuer { + t.Errorf("expected issuer key got: %v", es[0].Identities) + } + issuerfpr := fmt.Sprintf("%X", priv.PrimaryKey.Fingerprint) + if issuer != issuerfpr { + t.Errorf("expected issuer %s got %s", issuerfpr, issuer) + } + if denom != denomination { + t.Errorf("expected denomination %q got %q", denomination, denom) + } + + priv, err = NewHolderEntity([]byte("holder-rand"), issuerfpr, denomination) + if err != nil { + t.Errorf("new entity failed: %s", err) + } else { + testSignAndVerify(t, priv) + } + wpriv = new(bytes.Buffer) + err = priv.SerializePrivate(wpriv) + if err != nil { + t.Errorf("priv key serialization failed: %s", err) + return + } + wpub = new(bytes.Buffer) + err = priv.Serialize(wpub) + if err != nil { + t.Errorf("pub key serialization failed: %s", err) + return + } + es, err = openpgp.ReadKeyRing(wpub) + if err != nil { + t.Errorf("pub key parsing failed: %s", err) + return + } + isIssuer, issuer, denom, err = CheckEntity(es[0]) + if err != nil { + t.Errorf("pub key parsing failed: %s", err) + return + } + if isIssuer { + t.Errorf("expected non-issuer key got: %v", es[0].Identities) + } + if issuer != issuerfpr { + t.Errorf("expected issuer %s got %s", issuerfpr, issuer) + } + if denom != denomination { + t.Errorf("expected denomination %q got %q", denomination, denom) + } +}