From 8e6db511c8e535052c5565cc8058dd7aecbe27c3 Mon Sep 17 00:00:00 2001 From: Angelo De Caro Date: Fri, 27 Apr 2018 11:11:50 +0200 Subject: [PATCH] [FAB-9526] Idemix BCCSP This change-set provides a BCCSP implementation supporting the idemix opts Change-Id: Ia675ba19f07a464bbb01110a48276557d6ba2f13 Signed-off-by: Angelo De Caro --- bccsp/idemix/bccsp.go | 106 +++++++ bccsp/idemix/bccsp_test.go | 291 ++++++++++++++++++ bccsp/idemix/bridge/bridge_suite_test.go | 1 - bccsp/idemix/bridge/bridge_test.go | 241 ++++++++------- bccsp/idemix/bridge/credential.go | 13 +- bccsp/idemix/bridge/credrequest.go | 6 +- bccsp/idemix/bridge/issuer.go | 6 +- bccsp/idemix/bridge/math.go | 3 + bccsp/idemix/bridge/nymsignaturescheme.go | 8 +- bccsp/idemix/bridge/revocation.go | 2 +- bccsp/idemix/bridge/signaturescheme.go | 15 +- bccsp/idemix/bridge/user.go | 6 +- bccsp/idemix/{ => handlers}/cred.go | 16 +- bccsp/idemix/{ => handlers}/cred_test.go | 126 ++++---- bccsp/idemix/{ => handlers}/idemix.go | 2 +- bccsp/idemix/handlers/idemix_suite_test.go | 30 ++ bccsp/idemix/{ => handlers}/issuer.go | 2 +- bccsp/idemix/{ => handlers}/issuer_test.go | 17 +- bccsp/idemix/{ => handlers}/mock/big.go | 4 +- .../idemix/{ => handlers}/mock/credential.go | 28 +- .../idemix/{ => handlers}/mock/credrequest.go | 28 +- bccsp/idemix/{ => handlers}/mock/ecp.go | 4 +- bccsp/idemix/{ => handlers}/mock/issuer.go | 22 +- .../{ => handlers}/mock/issuer_public_key.go | 4 +- .../{ => handlers}/mock/issuer_secret_key.go | 22 +- .../mock/nymsignature_scheme.go | 40 +-- .../idemix/{ => handlers}/mock/revocation.go | 4 +- .../{ => handlers}/mock/signature_scheme.go | 36 +-- bccsp/idemix/{ => handlers}/mock/user.go | 60 ++-- bccsp/idemix/{ => handlers}/nym.go | 2 +- bccsp/idemix/{ => handlers}/nymsigner.go | 2 +- bccsp/idemix/{ => handlers}/nymsigner_test.go | 78 ++--- bccsp/idemix/{ => handlers}/revocation.go | 11 +- .../idemix/{ => handlers}/revocation_test.go | 70 ++--- bccsp/idemix/{ => handlers}/signer.go | 2 +- bccsp/idemix/{ => handlers}/signer_test.go | 82 ++--- bccsp/idemix/{ => handlers}/user.go | 2 +- bccsp/idemix/{ => handlers}/user_test.go | 45 +-- bccsp/idemix/idemix_suite_test.go | 12 - bccsp/idemixopts.go | 9 +- 40 files changed, 941 insertions(+), 517 deletions(-) create mode 100644 bccsp/idemix/bccsp.go create mode 100644 bccsp/idemix/bccsp_test.go rename bccsp/idemix/{ => handlers}/cred.go (87%) rename bccsp/idemix/{ => handlers}/cred_test.go (75%) rename bccsp/idemix/{ => handlers}/idemix.go (99%) create mode 100644 bccsp/idemix/handlers/idemix_suite_test.go rename bccsp/idemix/{ => handlers}/issuer.go (99%) rename bccsp/idemix/{ => handlers}/issuer_test.go (89%) rename bccsp/idemix/{ => handlers}/mock/big.go (96%) rename bccsp/idemix/{ => handlers}/mock/credential.go (81%) rename bccsp/idemix/{ => handlers}/mock/credrequest.go (82%) rename bccsp/idemix/{ => handlers}/mock/ecp.go (96%) rename bccsp/idemix/{ => handlers}/mock/issuer.go (79%) rename bccsp/idemix/{ => handlers}/mock/issuer_public_key.go (95%) rename bccsp/idemix/{ => handlers}/mock/issuer_secret_key.go (86%) rename bccsp/idemix/{ => handlers}/mock/nymsignature_scheme.go (78%) rename bccsp/idemix/{ => handlers}/mock/revocation.go (98%) rename bccsp/idemix/{ => handlers}/mock/signature_scheme.go (79%) rename bccsp/idemix/{ => handlers}/mock/user.go (71%) rename bccsp/idemix/{ => handlers}/nym.go (99%) rename bccsp/idemix/{ => handlers}/nymsigner.go (99%) rename bccsp/idemix/{ => handlers}/nymsigner_test.go (80%) rename bccsp/idemix/{ => handlers}/revocation.go (94%) rename bccsp/idemix/{ => handlers}/revocation_test.go (83%) rename bccsp/idemix/{ => handlers}/signer.go (99%) rename bccsp/idemix/{ => handlers}/signer_test.go (79%) rename bccsp/idemix/{ => handlers}/user.go (98%) rename bccsp/idemix/{ => handlers}/user_test.go (84%) diff --git a/bccsp/idemix/bccsp.go b/bccsp/idemix/bccsp.go new file mode 100644 index 00000000000..063e4ed17ba --- /dev/null +++ b/bccsp/idemix/bccsp.go @@ -0,0 +1,106 @@ +/* +Copyright IBM Corp. All Rights Reserved. + +SPDX-License-Identifier: Apache-2.0 +*/ +package idemix + +import ( + "reflect" + + "github.com/hyperledger/fabric/bccsp/idemix/bridge" + + "github.com/hyperledger/fabric/bccsp/idemix/handlers" + + "github.com/hyperledger/fabric/bccsp" + "github.com/hyperledger/fabric/bccsp/sw" + "github.com/pkg/errors" +) + +type csp struct { + bccsp.BCCSP +} + +func New(keyStore bccsp.KeyStore) (*csp, error) { + base, err := sw.New(keyStore) + if err != nil { + return nil, errors.Wrap(err, "failed instantiating base bccsp") + } + + csp := &csp{BCCSP: base} + + // key generators + base.AddWrapper(reflect.TypeOf(&bccsp.IdemixIssuerKeyGenOpts{}), &handlers.IssuerKeyGen{Issuer: &bridge.Issuer{NewRand: bridge.NewRandOrPanic}}) + base.AddWrapper(reflect.TypeOf(&bccsp.IdemixUserSecretKeyGenOpts{}), &handlers.UserKeyGen{User: &bridge.User{NewRand: bridge.NewRandOrPanic}}) + base.AddWrapper(reflect.TypeOf(&bccsp.IdemixRevocationKeyGenOpts{}), &handlers.RevocationKeyGen{Revocation: &bridge.Revocation{}}) + + // key derivers + base.AddWrapper(reflect.TypeOf(handlers.NewUserSecretKey(nil, false)), &handlers.NymKeyDerivation{ + User: &bridge.User{NewRand: bridge.NewRandOrPanic}, + }) + + // signers + base.AddWrapper(reflect.TypeOf(handlers.NewUserSecretKey(nil, false)), &userSecreKeySignerMultiplexer{ + signer: &handlers.Signer{SignatureScheme: &bridge.SignatureScheme{NewRand: bridge.NewRandOrPanic}}, + nymSigner: &handlers.NymSigner{NymSignatureScheme: &bridge.NymSignatureScheme{NewRand: bridge.NewRandOrPanic}}, + credentialRequestSigner: &handlers.CredentialRequestSigner{CredRequest: &bridge.CredRequest{NewRand: bridge.NewRandOrPanic}}, + }) + base.AddWrapper(reflect.TypeOf(handlers.NewIssuerSecretKey(nil, false)), &handlers.CredentialSigner{ + Credential: &bridge.Credential{NewRand: bridge.NewRandOrPanic}, + }) + base.AddWrapper(reflect.TypeOf(handlers.NewRevocationSecretKey(nil, false)), &handlers.CriSigner{ + Revocation: &bridge.Revocation{}, + }) + + // verifiers + base.AddWrapper(reflect.TypeOf(handlers.NewIssuerPublicKey(nil)), &issuerPublicKeyVerifierMultiplexer{ + verifier: &handlers.Verifier{SignatureScheme: &bridge.SignatureScheme{NewRand: bridge.NewRandOrPanic}}, + credentialRequestVerifier: &handlers.CredentialRequestVerifier{CredRequest: &bridge.CredRequest{NewRand: bridge.NewRandOrPanic}}, + }) + base.AddWrapper(reflect.TypeOf(handlers.NewNymPublicKey(nil)), &handlers.NymVerifier{ + NymSignatureScheme: &bridge.NymSignatureScheme{NewRand: bridge.NewRandOrPanic}, + }) + base.AddWrapper(reflect.TypeOf(handlers.NewUserSecretKey(nil, false)), &handlers.CredentialVerifier{ + Credential: &bridge.Credential{NewRand: bridge.NewRandOrPanic}, + }) + base.AddWrapper(reflect.TypeOf(handlers.NewRevocationPublicKey(nil)), &handlers.CriVerifier{ + Revocation: &bridge.Revocation{}, + }) + + return csp, nil +} + +type userSecreKeySignerMultiplexer struct { + signer *handlers.Signer + nymSigner *handlers.NymSigner + credentialRequestSigner *handlers.CredentialRequestSigner +} + +func (s *userSecreKeySignerMultiplexer) Sign(k bccsp.Key, digest []byte, opts bccsp.SignerOpts) (signature []byte, err error) { + switch opts.(type) { + case *bccsp.IdemixSignerOpts: + return s.signer.Sign(k, digest, opts) + case *bccsp.IdemixNymSignerOpts: + return s.nymSigner.Sign(k, digest, opts) + case *bccsp.IdemixCredentialRequestSignerOpts: + return s.credentialRequestSigner.Sign(k, digest, opts) + default: + return nil, errors.New("invalid opts, expected *bccsp.IdemixSignerOpt or *bccsp.IdemixNymSignerOpts or *bccsp.IdemixCredentialRequestSignerOpts") + } +} + +type issuerPublicKeyVerifierMultiplexer struct { + verifier *handlers.Verifier + credentialRequestVerifier *handlers.CredentialRequestVerifier +} + +func (v *issuerPublicKeyVerifierMultiplexer) Verify(k bccsp.Key, signature, digest []byte, opts bccsp.SignerOpts) (valid bool, err error) { + switch opts.(type) { + case *bccsp.IdemixSignerOpts: + return v.verifier.Verify(k, signature, digest, opts) + case *bccsp.IdemixCredentialRequestSignerOpts: + return v.credentialRequestVerifier.Verify(k, signature, digest, opts) + default: + return false, errors.New("invalid opts, expected *bccsp.IdemixSignerOpts or *bccsp.IdemixCredentialRequestSignerOpts") + } +} diff --git a/bccsp/idemix/bccsp_test.go b/bccsp/idemix/bccsp_test.go new file mode 100644 index 00000000000..e49f2f6179e --- /dev/null +++ b/bccsp/idemix/bccsp_test.go @@ -0,0 +1,291 @@ +/* +Copyright IBM Corp. All Rights Reserved. + +SPDX-License-Identifier: Apache-2.0 +*/ +package idemix_test + +import ( + "github.com/hyperledger/fabric/bccsp" + "github.com/hyperledger/fabric/bccsp/idemix" + "github.com/hyperledger/fabric/bccsp/sw" + . "github.com/onsi/ginkgo" + . "github.com/onsi/gomega" +) + +var _ = Describe("Idemix Bridge", func() { + + Describe("setting up the environment with one issuer and one user", func() { + var ( + CSP bccsp.BCCSP + IssuerKey bccsp.Key + IssuerPublicKey bccsp.Key + AttributeNames []string + + UserKey bccsp.Key + NymKey bccsp.Key + NymPublicKey bccsp.Key + + credRequest []byte + + credential []byte + + RevocationKey bccsp.Key + RevocationPublicKey bccsp.Key + cri []byte + ) + + BeforeEach(func() { + var err error + CSP, err = idemix.New(sw.NewDummyKeyStore()) + Expect(err).NotTo(HaveOccurred()) + + // Issuer + AttributeNames = []string{"Attr1", "Attr2", "Attr3", "Attr4", "Attr5"} + IssuerKey, err = CSP.KeyGen(&bccsp.IdemixIssuerKeyGenOpts{Temporary: true, AttributeNames: AttributeNames}) + Expect(err).NotTo(HaveOccurred()) + IssuerPublicKey, err = IssuerKey.PublicKey() + Expect(err).NotTo(HaveOccurred()) + + // User + UserKey, err = CSP.KeyGen(&bccsp.IdemixUserSecretKeyGenOpts{Temporary: true}) + Expect(err).NotTo(HaveOccurred()) + + // User Nym Key + NymKey, err = CSP.KeyDeriv(UserKey, &bccsp.IdemixNymKeyDerivationOpts{Temporary: true, IssuerPK: IssuerPublicKey}) + Expect(err).NotTo(HaveOccurred()) + NymPublicKey, err = NymKey.PublicKey() + Expect(err).NotTo(HaveOccurred()) + + // Credential Request for User + credRequest, err = CSP.Sign( + UserKey, + bccsp.IdemixEmptyDigest(), + &bccsp.IdemixCredentialRequestSignerOpts{IssuerPK: IssuerPublicKey}, + ) + Expect(err).NotTo(HaveOccurred()) + + // Credential + credential, err = CSP.Sign( + IssuerKey, + credRequest, + &bccsp.IdemixCredentialSignerOpts{ + Attributes: []bccsp.IdemixAttribute{ + {Type: bccsp.IdemixBytesAttribute, Value: []byte{0}}, + {Type: bccsp.IdemixBytesAttribute, Value: []byte{0, 1}}, + {Type: bccsp.IdemixIntAttribute, Value: 1}, + {Type: bccsp.IdemixBytesAttribute, Value: []byte{0, 1, 2}}, + {Type: bccsp.IdemixBytesAttribute, Value: []byte{0, 1, 2, 3}}, + }, + }, + ) + Expect(err).NotTo(HaveOccurred()) + + // Revocation + RevocationKey, err = CSP.KeyGen(&bccsp.IdemixRevocationKeyGenOpts{Temporary: true}) + Expect(err).NotTo(HaveOccurred()) + RevocationPublicKey, err = RevocationKey.PublicKey() + Expect(err).NotTo(HaveOccurred()) + + // CRI + cri, err = CSP.Sign( + RevocationKey, + bccsp.IdemixEmptyDigest(), + &bccsp.IdemixCRISignerOpts{}, + ) + Expect(err).NotTo(HaveOccurred()) + + }) + + It("the environment is properly set", func() { + // Verify CredRequest + valid, err := CSP.Verify( + IssuerPublicKey, + credRequest, + bccsp.IdemixEmptyDigest(), + &bccsp.IdemixCredentialRequestSignerOpts{}, + ) + Expect(err).NotTo(HaveOccurred()) + Expect(valid).To(BeTrue()) + + // Verify Credential + valid, err = CSP.Verify( + UserKey, + credential, + bccsp.IdemixEmptyDigest(), + &bccsp.IdemixCredentialSignerOpts{ + IssuerPK: IssuerPublicKey, + Attributes: []bccsp.IdemixAttribute{ + {Type: bccsp.IdemixBytesAttribute, Value: []byte{0}}, + {Type: bccsp.IdemixBytesAttribute, Value: []byte{0, 1}}, + {Type: bccsp.IdemixIntAttribute, Value: 1}, + {Type: bccsp.IdemixBytesAttribute, Value: []byte{0, 1, 2}}, + {Type: bccsp.IdemixBytesAttribute, Value: []byte{0, 1, 2, 3}}, + }, + }, + ) + Expect(err).NotTo(HaveOccurred()) + Expect(valid).To(BeTrue()) + + // Verify CRI + valid, err = CSP.Verify( + RevocationPublicKey, + cri, + bccsp.IdemixEmptyDigest(), + &bccsp.IdemixCRISignerOpts{}, + ) + Expect(err).NotTo(HaveOccurred()) + }) + + Describe("producing an idemix signature with no disclosed attribute", func() { + var ( + digest []byte + signature []byte + ) + + BeforeEach(func() { + var err error + + digest = []byte("a digest") + + signature, err = CSP.Sign( + UserKey, + digest, + &bccsp.IdemixSignerOpts{ + Credential: credential, + Nym: NymKey, + IssuerPK: IssuerPublicKey, + Attributes: []bccsp.IdemixAttribute{ + {Type: bccsp.IdemixHiddenAttribute}, + {Type: bccsp.IdemixHiddenAttribute}, + {Type: bccsp.IdemixHiddenAttribute}, + {Type: bccsp.IdemixHiddenAttribute}, + {Type: bccsp.IdemixHiddenAttribute}, + }, + RhIndex: 4, + Epoch: 0, + CRI: cri, + }, + ) + Expect(err).NotTo(HaveOccurred()) + }) + + It("the signature is valid", func() { + valid, err := CSP.Verify( + IssuerPublicKey, + signature, + digest, + &bccsp.IdemixSignerOpts{ + RevocationPublicKey: RevocationPublicKey, + Attributes: []bccsp.IdemixAttribute{ + {Type: bccsp.IdemixHiddenAttribute}, + {Type: bccsp.IdemixHiddenAttribute}, + {Type: bccsp.IdemixHiddenAttribute}, + {Type: bccsp.IdemixHiddenAttribute}, + {Type: bccsp.IdemixHiddenAttribute}, + }, + RhIndex: 4, + Epoch: 0, + }, + ) + Expect(err).NotTo(HaveOccurred()) + Expect(valid).To(BeTrue()) + }) + + }) + + Describe("producing an idemix signature with disclosed attributes", func() { + var ( + digest []byte + signature []byte + ) + + BeforeEach(func() { + var err error + + digest = []byte("a digest") + + signature, err = CSP.Sign( + UserKey, + digest, + &bccsp.IdemixSignerOpts{ + Credential: credential, + Nym: NymKey, + IssuerPK: IssuerPublicKey, + Attributes: []bccsp.IdemixAttribute{ + {Type: bccsp.IdemixBytesAttribute}, + {Type: bccsp.IdemixHiddenAttribute}, + {Type: bccsp.IdemixIntAttribute}, + {Type: bccsp.IdemixHiddenAttribute}, + {Type: bccsp.IdemixHiddenAttribute}, + }, + RhIndex: 4, + Epoch: 0, + CRI: cri, + }, + ) + Expect(err).NotTo(HaveOccurred()) + }) + + It("the signature is valid", func() { + valid, err := CSP.Verify( + IssuerPublicKey, + signature, + digest, + &bccsp.IdemixSignerOpts{ + RevocationPublicKey: RevocationPublicKey, + Attributes: []bccsp.IdemixAttribute{ + {Type: bccsp.IdemixBytesAttribute, Value: []byte{0}}, + {Type: bccsp.IdemixHiddenAttribute}, + {Type: bccsp.IdemixIntAttribute, Value: 1}, + {Type: bccsp.IdemixHiddenAttribute}, + {Type: bccsp.IdemixHiddenAttribute}, + }, + RhIndex: 4, + Epoch: 0, + }, + ) + Expect(err).NotTo(HaveOccurred()) + Expect(valid).To(BeTrue()) + }) + + }) + + Describe("producing an idemix nym signature", func() { + var ( + digest []byte + signature []byte + ) + + BeforeEach(func() { + var err error + + digest = []byte("a digest") + + signature, err = CSP.Sign( + UserKey, + digest, + &bccsp.IdemixNymSignerOpts{ + Nym: NymKey, + IssuerPK: IssuerPublicKey, + }, + ) + Expect(err).NotTo(HaveOccurred()) + }) + + It("the signature is valid", func() { + valid, err := CSP.Verify( + NymPublicKey, + signature, + digest, + &bccsp.IdemixNymSignerOpts{ + IssuerPK: IssuerPublicKey, + }, + ) + Expect(err).NotTo(HaveOccurred()) + Expect(valid).To(BeTrue()) + }) + + }) + }) +}) diff --git a/bccsp/idemix/bridge/bridge_suite_test.go b/bccsp/idemix/bridge/bridge_suite_test.go index 9b03a31cef9..5f8640430fd 100644 --- a/bccsp/idemix/bridge/bridge_suite_test.go +++ b/bccsp/idemix/bridge/bridge_suite_test.go @@ -9,7 +9,6 @@ import ( "testing" "github.com/hyperledger/fabric-amcl/amcl" - . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" ) diff --git a/bccsp/idemix/bridge/bridge_test.go b/bccsp/idemix/bridge/bridge_test.go index e72522a501b..5981cac2990 100644 --- a/bccsp/idemix/bridge/bridge_test.go +++ b/bccsp/idemix/bridge/bridge_test.go @@ -9,8 +9,8 @@ import ( "github.com/golang/protobuf/proto" "github.com/hyperledger/fabric-amcl/amcl/FP256BN" "github.com/hyperledger/fabric/bccsp" - "github.com/hyperledger/fabric/bccsp/idemix" "github.com/hyperledger/fabric/bccsp/idemix/bridge" + "github.com/hyperledger/fabric/bccsp/idemix/handlers" cryptolib "github.com/hyperledger/fabric/idemix" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" @@ -18,11 +18,11 @@ import ( var _ = Describe("Idemix Bridge", func() { var ( - userSecretKey idemix.Big - issuerPublicKey idemix.IssuerPublicKey - issuerSecretKey idemix.IssuerSecretKey - nymPublicKey idemix.Ecp - nymSecretKey idemix.Big + userSecretKey handlers.Big + issuerPublicKey handlers.IssuerPublicKey + issuerSecretKey handlers.IssuerSecretKey + nymPublicKey handlers.Ecp + nymSecretKey handlers.Big ) BeforeEach(func() { @@ -81,7 +81,7 @@ var _ = Describe("Idemix Bridge", func() { It("panic on rand failure", func() { Issuer.NewRand = NewRandPanic key, err := Issuer.NewKey(nil) - Expect(err).To(MatchError("failure [new rand panic]")) + Expect(err.Error()).To(BeEquivalentTo("failure [new rand panic]")) Expect(key).To(BeNil()) }) }) @@ -100,7 +100,7 @@ var _ = Describe("Idemix Bridge", func() { It("panic on rand failure", func() { User.NewRand = NewRandPanic key, err := User.NewKey() - Expect(err).To(MatchError("failure [new rand panic]")) + Expect(err.Error()).To(BeEquivalentTo("failure [new rand panic]")) Expect(key).To(BeNil()) }) }) @@ -109,28 +109,28 @@ var _ = Describe("Idemix Bridge", func() { It("fails on nil user secret key", func() { r1, r2, err := User.MakeNym(nil, issuerPublicKey) - Expect(err).To(MatchError("invalid user secret key, expected *Big, got []")) + Expect(err.Error()).To(BeEquivalentTo("invalid user secret key, expected *Big, got []")) Expect(r1).To(BeNil()) Expect(r2).To(BeNil()) }) It("fails on invalid user secret key", func() { r1, r2, err := User.MakeNym(issuerPublicKey, issuerPublicKey) - Expect(err).To(MatchError("invalid user secret key, expected *Big, got [*bridge.IssuerPublicKey]")) + Expect(err.Error()).To(BeEquivalentTo("invalid user secret key, expected *Big, got [*bridge.IssuerPublicKey]")) Expect(r1).To(BeNil()) Expect(r2).To(BeNil()) }) It("fails on nil issuer public key", func() { r1, r2, err := User.MakeNym(userSecretKey, nil) - Expect(err).To(MatchError("invalid issuer public key, expected *IssuerPublicKey, got []")) + Expect(err.Error()).To(BeEquivalentTo("invalid issuer public key, expected *IssuerPublicKey, got []")) Expect(r1).To(BeNil()) Expect(r2).To(BeNil()) }) It("fails on invalid issuer public key", func() { r1, r2, err := User.MakeNym(userSecretKey, userSecretKey) - Expect(err).To(MatchError("invalid issuer public key, expected *IssuerPublicKey, got [*bridge.Big]")) + Expect(err.Error()).To(BeEquivalentTo("invalid issuer public key, expected *IssuerPublicKey, got [*bridge.Big]")) Expect(r1).To(BeNil()) Expect(r2).To(BeNil()) }) @@ -138,7 +138,7 @@ var _ = Describe("Idemix Bridge", func() { It("panic on rand failure", func() { User.NewRand = NewRandPanic r1, r2, err := User.MakeNym(userSecretKey, issuerPublicKey) - Expect(err).To(MatchError("failure [new rand panic]")) + Expect(err.Error()).To(BeEquivalentTo("failure [new rand panic]")) Expect(r1).To(BeNil()) Expect(r2).To(BeNil()) }) @@ -156,32 +156,32 @@ var _ = Describe("Idemix Bridge", func() { Context("sign", func() { It("fail on nil user secret key", func() { raw, err := CredRequest.Sign(nil, issuerPublicKey) - Expect(err).To(MatchError("invalid user secret key, expected *Big, got []")) + Expect(err.Error()).To(BeEquivalentTo("invalid user secret key, expected *Big, got []")) Expect(raw).To(BeNil()) }) It("fail on invalid user secret key", func() { raw, err := CredRequest.Sign(issuerPublicKey, issuerPublicKey) - Expect(err).To(MatchError("invalid user secret key, expected *Big, got [*bridge.IssuerPublicKey]")) + Expect(err.Error()).To(BeEquivalentTo("invalid user secret key, expected *Big, got [*bridge.IssuerPublicKey]")) Expect(raw).To(BeNil()) }) It("fail on nil issuer public key", func() { raw, err := CredRequest.Sign(userSecretKey, nil) - Expect(err).To(MatchError("invalid issuer public key, expected *IssuerPublicKey, got []")) + Expect(err.Error()).To(BeEquivalentTo("invalid issuer public key, expected *IssuerPublicKey, got []")) Expect(raw).To(BeNil()) }) It("fail on invalid issuer public key", func() { raw, err := CredRequest.Sign(userSecretKey, userSecretKey) - Expect(err).To(MatchError("invalid issuer public key, expected *IssuerPublicKey, got [*bridge.Big]")) + Expect(err.Error()).To(BeEquivalentTo("invalid issuer public key, expected *IssuerPublicKey, got [*bridge.Big]")) Expect(raw).To(BeNil()) }) It("panic on rand failure", func() { CredRequest.NewRand = NewRandPanic raw, err := CredRequest.Sign(userSecretKey, issuerPublicKey) - Expect(err).To(MatchError("failure [new rand panic]")) + Expect(err.Error()).To(BeEquivalentTo("failure [new rand panic]")) Expect(raw).To(BeNil()) }) @@ -190,29 +190,29 @@ var _ = Describe("Idemix Bridge", func() { Context("verify", func() { It("panic on nil credential request", func() { err := CredRequest.Verify(nil, issuerPublicKey) - Expect(err).To(MatchError("failure [runtime error: index out of range]")) + Expect(err.Error()).To(BeEquivalentTo("failure [runtime error: index out of range]")) }) It("fail on invalid credential request", func() { err := CredRequest.Verify([]byte{0, 1, 2, 3, 4}, issuerPublicKey) - Expect(err).To(MatchError("proto: idemix.CredRequest: illegal tag 0 (wire type 0)")) + Expect(err.Error()).To(BeEquivalentTo("proto: idemix.CredRequest: illegal tag 0 (wire type 0)")) }) It("fail on nil issuer public key", func() { err := CredRequest.Verify(nil, nil) - Expect(err).To(MatchError("invalid issuer public key, expected *IssuerPublicKey, got []")) + Expect(err.Error()).To(BeEquivalentTo("invalid issuer public key, expected *IssuerPublicKey, got []")) }) It("fail on invalid issuer public key", func() { err := CredRequest.Verify(nil, userSecretKey) - Expect(err).To(MatchError("invalid issuer public key, expected *IssuerPublicKey, got [*bridge.Big]")) + Expect(err.Error()).To(BeEquivalentTo("invalid issuer public key, expected *IssuerPublicKey, got [*bridge.Big]")) }) }) }) Describe("credential", func() { var ( - Credential idemix.Credential + Credential handlers.Credential ) BeforeEach(func() { Credential = &bridge.Credential{} @@ -222,19 +222,19 @@ var _ = Describe("Idemix Bridge", func() { It("fail on nil issuer secret key", func() { raw, err := Credential.Sign(nil, []byte{0, 1, 2, 3, 4}, nil) - Expect(err).To(MatchError("invalid issuer secret key, expected *Big, got []")) + Expect(err.Error()).To(BeEquivalentTo("invalid issuer secret key, expected *Big, got []")) Expect(raw).To(BeNil()) }) It("fail on invalid credential request", func() { raw, err := Credential.Sign(issuerSecretKey, []byte{0, 1, 2, 3, 4}, nil) - Expect(err).To(MatchError("proto: idemix.CredRequest: illegal tag 0 (wire type 0)")) + Expect(err.Error()).To(BeEquivalentTo("failed unmarshalling credential request: proto: idemix.CredRequest: illegal tag 0 (wire type 0)")) Expect(raw).To(BeNil()) }) It("fail on nil inputs", func() { raw, err := Credential.Sign(issuerSecretKey, nil, nil) - Expect(err).To(MatchError("failure [runtime error: invalid memory address or nil pointer dereference]")) + Expect(err.Error()).To(BeEquivalentTo("failure [runtime error: invalid memory address or nil pointer dereference]")) Expect(raw).To(BeNil()) }) @@ -242,7 +242,7 @@ var _ = Describe("Idemix Bridge", func() { raw, err := Credential.Sign(issuerSecretKey, nil, []bccsp.IdemixAttribute{ {Type: 5, Value: nil}, }) - Expect(err).To(MatchError("attribute type not allowed or supported [5] at position [0]")) + Expect(err.Error()).To(BeEquivalentTo("attribute type not allowed or supported [5] at position [0]")) Expect(raw).To(BeNil()) }) }) @@ -250,36 +250,36 @@ var _ = Describe("Idemix Bridge", func() { Context("verify", func() { It("fail on nil user secret key", func() { err := Credential.Verify(nil, nil, nil, nil) - Expect(err).To(MatchError("invalid user secret key, expected *Big, got []")) + Expect(err.Error()).To(BeEquivalentTo("invalid user secret key, expected *Big, got []")) }) It("fail on invalid user secret key", func() { err := Credential.Verify(issuerPublicKey, nil, nil, nil) - Expect(err).To(MatchError("invalid user secret key, expected *Big, got [*bridge.IssuerPublicKey]")) + Expect(err.Error()).To(BeEquivalentTo("invalid user secret key, expected *Big, got [*bridge.IssuerPublicKey]")) }) It("fail on nil issuer public key", func() { err := Credential.Verify(userSecretKey, nil, nil, nil) - Expect(err).To(MatchError("invalid issuer public key, expected *IssuerPublicKey, got [*bridge.Big]")) + Expect(err.Error()).To(BeEquivalentTo("invalid issuer public key, expected *IssuerPublicKey, got [*bridge.Big]")) }) It("fail on invalid issuer public key", func() { err := Credential.Verify(userSecretKey, userSecretKey, nil, nil) - Expect(err).To(MatchError("invalid issuer public key, expected *IssuerPublicKey, got [*bridge.Big]")) + Expect(err.Error()).To(BeEquivalentTo("invalid issuer public key, expected *IssuerPublicKey, got [*bridge.Big]")) }) It("fail on invalid attributes", func() { err := Credential.Verify(userSecretKey, issuerPublicKey, nil, []bccsp.IdemixAttribute{ {Type: 5, Value: nil}, }) - Expect(err).To(MatchError("attribute type not allowed or supported [5] at position [0]")) + Expect(err.Error()).To(BeEquivalentTo("attribute type not allowed or supported [5] at position [0]")) }) }) }) Describe("revocation", func() { var ( - Revocation idemix.Revocation + Revocation handlers.Revocation ) BeforeEach(func() { Revocation = &bridge.Revocation{} @@ -289,13 +289,13 @@ var _ = Describe("Idemix Bridge", func() { It("fail on nil inputs", func() { raw, err := Revocation.Sign(nil, nil, 0, 0) - Expect(err).To(MatchError("CreateCRI received nil input")) + Expect(err.Error()).To(BeEquivalentTo("failed creating CRI: CreateCRI received nil input")) Expect(raw).To(BeNil()) }) It("fail on invalid handlers", func() { raw, err := Revocation.Sign(nil, [][]byte{{0, 2, 3, 4}}, 0, 0) - Expect(err).To(MatchError("failure [runtime error: index out of range]")) + Expect(err.Error()).To(BeEquivalentTo("failure [runtime error: index out of range]")) Expect(raw).To(BeNil()) }) }) @@ -303,19 +303,19 @@ var _ = Describe("Idemix Bridge", func() { Context("verify", func() { It("fail on nil inputs", func() { err := Revocation.Verify(nil, nil, 0, 0) - Expect(err).To(MatchError("EpochPK invalid: received nil input")) + Expect(err.Error()).To(BeEquivalentTo("EpochPK invalid: received nil input")) }) It("fail on malformed cri", func() { err := Revocation.Verify(nil, []byte{0, 1, 2, 3, 4}, 0, 0) - Expect(err).To(MatchError("proto: idemix.CredentialRevocationInformation: illegal tag 0 (wire type 0)")) + Expect(err.Error()).To(BeEquivalentTo("proto: idemix.CredentialRevocationInformation: illegal tag 0 (wire type 0)")) }) }) }) Describe("signature", func() { var ( - SignatureScheme idemix.SignatureScheme + SignatureScheme handlers.SignatureScheme ) BeforeEach(func() { SignatureScheme = &bridge.SignatureScheme{NewRand: bridge.NewRandOrPanic} @@ -324,25 +324,25 @@ var _ = Describe("Idemix Bridge", func() { Context("sign", func() { It("fail on nil user secret key", func() { signature, err := SignatureScheme.Sign(nil, nil, nil, nil, nil, nil, nil, 0, nil) - Expect(err).To(MatchError("invalid user secret key, expected *Big, got []")) + Expect(err.Error()).To(BeEquivalentTo("invalid user secret key, expected *Big, got []")) Expect(signature).To(BeNil()) }) It("fail on nil nym public key", func() { signature, err := SignatureScheme.Sign(nil, userSecretKey, nil, nil, nil, nil, nil, 0, nil) - Expect(err).To(MatchError("invalid nym public key, expected *Ecp, got []")) + Expect(err.Error()).To(BeEquivalentTo("invalid nym public key, expected *Ecp, got []")) Expect(signature).To(BeNil()) }) It("fail on nil nym secret key", func() { signature, err := SignatureScheme.Sign(nil, userSecretKey, nymPublicKey, nil, nil, nil, nil, 0, nil) - Expect(err).To(MatchError("invalid nym secret key, expected *Big, got []")) + Expect(err.Error()).To(BeEquivalentTo("invalid nym secret key, expected *Big, got []")) Expect(signature).To(BeNil()) }) It("fail on nil issuer public key", func() { signature, err := SignatureScheme.Sign(nil, userSecretKey, nymPublicKey, nymSecretKey, nil, nil, nil, 0, nil) - Expect(err).To(MatchError("invalid issuer public key, expected *IssuerPublicKey, got []")) + Expect(err.Error()).To(BeEquivalentTo("invalid issuer public key, expected *IssuerPublicKey, got []")) Expect(signature).To(BeNil()) }) }) @@ -350,30 +350,30 @@ var _ = Describe("Idemix Bridge", func() { Context("verify", func() { It("fail on nil issuer Public key", func() { err := SignatureScheme.Verify(nil, nil, nil, nil, 0, nil, 0) - Expect(err).To(MatchError("invalid issuer public key, expected *IssuerPublicKey, got []")) + Expect(err.Error()).To(BeEquivalentTo("invalid issuer public key, expected *IssuerPublicKey, got []")) }) It("fail on nil signature", func() { err := SignatureScheme.Verify(issuerPublicKey, nil, nil, nil, 0, nil, 0) - Expect(err).To(MatchError("cannot verify idemix signature: received nil input")) + Expect(err.Error()).To(BeEquivalentTo("cannot verify idemix signature: received nil input")) }) It("fail on invalid signature", func() { err := SignatureScheme.Verify(issuerPublicKey, []byte{0, 1, 2, 3, 4}, nil, nil, 0, nil, 0) - Expect(err).To(MatchError("proto: idemix.Signature: illegal tag 0 (wire type 0)")) + Expect(err.Error()).To(BeEquivalentTo("proto: idemix.Signature: illegal tag 0 (wire type 0)")) }) It("fail on invalid attributes", func() { err := SignatureScheme.Verify(issuerPublicKey, nil, nil, []bccsp.IdemixAttribute{{Type: -1}}, 0, nil, 0) - Expect(err).To(MatchError("attribute type not allowed or supported [-1] at position [0]")) + Expect(err.Error()).To(BeEquivalentTo("attribute type not allowed or supported [-1] at position [0]")) }) }) }) Describe("nym signature", func() { var ( - NymSignatureScheme idemix.NymSignatureScheme + NymSignatureScheme handlers.NymSignatureScheme ) BeforeEach(func() { NymSignatureScheme = &bridge.NymSignatureScheme{NewRand: bridge.NewRandOrPanic} @@ -382,25 +382,25 @@ var _ = Describe("Idemix Bridge", func() { Context("sign", func() { It("fail on nil user secret key", func() { signature, err := NymSignatureScheme.Sign(nil, nil, nil, nil, nil) - Expect(err).To(MatchError("invalid user secret key, expected *Big, got []")) + Expect(err.Error()).To(BeEquivalentTo("invalid user secret key, expected *Big, got []")) Expect(signature).To(BeNil()) }) It("fail on nil nym public key", func() { signature, err := NymSignatureScheme.Sign(userSecretKey, nil, nil, nil, nil) - Expect(err).To(MatchError("invalid nym public key, expected *Ecp, got []")) + Expect(err.Error()).To(BeEquivalentTo("invalid nym public key, expected *Ecp, got []")) Expect(signature).To(BeNil()) }) It("fail on nil nym secret key", func() { signature, err := NymSignatureScheme.Sign(userSecretKey, nymPublicKey, nil, nil, nil) - Expect(err).To(MatchError("invalid nym secret key, expected *Big, got []")) + Expect(err.Error()).To(BeEquivalentTo("invalid nym secret key, expected *Big, got []")) Expect(signature).To(BeNil()) }) It("fail on nil issuer public key", func() { signature, err := NymSignatureScheme.Sign(userSecretKey, nymPublicKey, nymSecretKey, nil, nil) - Expect(err).To(MatchError("invalid issuer public key, expected *IssuerPublicKey, got []")) + Expect(err.Error()).To(BeEquivalentTo("invalid issuer public key, expected *IssuerPublicKey, got []")) Expect(signature).To(BeNil()) }) }) @@ -408,22 +408,22 @@ var _ = Describe("Idemix Bridge", func() { Context("verify", func() { It("fail on nil issuer Public key", func() { err := NymSignatureScheme.Verify(nil, nil, nil, nil) - Expect(err).To(MatchError("invalid issuer public key, expected *IssuerPublicKey, got []")) + Expect(err.Error()).To(BeEquivalentTo("invalid issuer public key, expected *IssuerPublicKey, got []")) }) It("fail on nil nym public key", func() { err := NymSignatureScheme.Verify(issuerPublicKey, nil, nil, nil) - Expect(err).To(MatchError("invalid nym public key, expected *Ecp, got []")) + Expect(err.Error()).To(BeEquivalentTo("invalid nym public key, expected *Ecp, got []")) }) It("panic on nil signature", func() { err := NymSignatureScheme.Verify(issuerPublicKey, nymPublicKey, nil, nil) - Expect(err).To(MatchError("failure [runtime error: index out of range]")) + Expect(err.Error()).To(BeEquivalentTo("failure [runtime error: index out of range]")) }) It("fail on invalid signature", func() { err := NymSignatureScheme.Verify(issuerPublicKey, nymPublicKey, []byte{0, 1, 2, 3, 4}, nil) - Expect(err).To(MatchError("proto: idemix.NymSignature: illegal tag 0 (wire type 0)")) + Expect(err.Error()).To(BeEquivalentTo("proto: idemix.NymSignature: illegal tag 0 (wire type 0)")) }) }) @@ -431,35 +431,35 @@ var _ = Describe("Idemix Bridge", func() { Describe("setting up the environment with one issuer and one user", func() { var ( - Issuer idemix.Issuer - IssuerKeyGen *idemix.IssuerKeyGen + Issuer handlers.Issuer + IssuerKeyGen *handlers.IssuerKeyGen IssuerKey bccsp.Key IssuerPublicKey bccsp.Key AttributeNames []string - User idemix.User - UserKeyGen *idemix.UserKeyGen + User handlers.User + UserKeyGen *handlers.UserKeyGen UserKey bccsp.Key - NymKeyDerivation *idemix.NymKeyDerivation + NymKeyDerivation *handlers.NymKeyDerivation NymKey bccsp.Key NymPublicKey bccsp.Key - CredRequest idemix.CredRequest - CredentialRequestSigner *idemix.CredentialRequestSigner - CredentialRequestVerifier *idemix.CredentialRequestVerifier + CredRequest handlers.CredRequest + CredentialRequestSigner *handlers.CredentialRequestSigner + CredentialRequestVerifier *handlers.CredentialRequestVerifier credRequest []byte - Credential idemix.Credential - CredentialSigner *idemix.CredentialSigner - CredentialVerifier *idemix.CredentialVerifier + Credential handlers.Credential + CredentialSigner *handlers.CredentialSigner + CredentialVerifier *handlers.CredentialVerifier credential []byte - Revocation idemix.Revocation - RevocationKeyGen *idemix.RevocationKeyGen + Revocation handlers.Revocation + RevocationKeyGen *handlers.RevocationKeyGen RevocationKey bccsp.Key RevocationPublicKey bccsp.Key - CriSigner *idemix.CriSigner - CriVerifier *idemix.CriVerifier + CriSigner *handlers.CriSigner + CriVerifier *handlers.CriVerifier cri []byte ) @@ -467,7 +467,7 @@ var _ = Describe("Idemix Bridge", func() { // Issuer var err error Issuer = &bridge.Issuer{NewRand: bridge.NewRandOrPanic} - IssuerKeyGen = &idemix.IssuerKeyGen{Issuer: Issuer} + IssuerKeyGen = &handlers.IssuerKeyGen{Issuer: Issuer} AttributeNames = []string{"Attr1", "Attr2", "Attr3", "Attr4", "Attr5"} IssuerKey, err = IssuerKeyGen.KeyGen(&bccsp.IdemixIssuerKeyGenOpts{Temporary: true, AttributeNames: AttributeNames}) Expect(err).NotTo(HaveOccurred()) @@ -476,12 +476,12 @@ var _ = Describe("Idemix Bridge", func() { // User User = &bridge.User{NewRand: bridge.NewRandOrPanic} - UserKeyGen = &idemix.UserKeyGen{User: User} + UserKeyGen = &handlers.UserKeyGen{User: User} UserKey, err = UserKeyGen.KeyGen(&bccsp.IdemixUserSecretKeyGenOpts{}) Expect(err).NotTo(HaveOccurred()) // User Nym Key - NymKeyDerivation = &idemix.NymKeyDerivation{User: User} + NymKeyDerivation = &handlers.NymKeyDerivation{User: User} NymKey, err = NymKeyDerivation.KeyDeriv(UserKey, &bccsp.IdemixNymKeyDerivationOpts{IssuerPK: IssuerPublicKey}) Expect(err).NotTo(HaveOccurred()) NymPublicKey, err = NymKey.PublicKey() @@ -489,19 +489,19 @@ var _ = Describe("Idemix Bridge", func() { // Credential Request for User CredRequest = &bridge.CredRequest{NewRand: bridge.NewRandOrPanic} - CredentialRequestSigner = &idemix.CredentialRequestSigner{CredRequest: CredRequest} - CredentialRequestVerifier = &idemix.CredentialRequestVerifier{CredRequest: CredRequest} + CredentialRequestSigner = &handlers.CredentialRequestSigner{CredRequest: CredRequest} + CredentialRequestVerifier = &handlers.CredentialRequestVerifier{CredRequest: CredRequest} credRequest, err = CredentialRequestSigner.Sign( UserKey, - nil, + bccsp.IdemixEmptyDigest(), &bccsp.IdemixCredentialRequestSignerOpts{IssuerPK: IssuerPublicKey}, ) Expect(err).NotTo(HaveOccurred()) // Credential Credential = &bridge.Credential{NewRand: bridge.NewRandOrPanic} - CredentialSigner = &idemix.CredentialSigner{Credential: Credential} - CredentialVerifier = &idemix.CredentialVerifier{Credential: Credential} + CredentialSigner = &handlers.CredentialSigner{Credential: Credential} + CredentialVerifier = &handlers.CredentialVerifier{Credential: Credential} credential, err = CredentialSigner.Sign( IssuerKey, credRequest, @@ -519,22 +519,21 @@ var _ = Describe("Idemix Bridge", func() { // Revocation Revocation = &bridge.Revocation{} - RevocationKeyGen = &idemix.RevocationKeyGen{Revocation: Revocation} + RevocationKeyGen = &handlers.RevocationKeyGen{Revocation: Revocation} RevocationKey, err = RevocationKeyGen.KeyGen(&bccsp.IdemixRevocationKeyGenOpts{}) Expect(err).NotTo(HaveOccurred()) RevocationPublicKey, err = RevocationKey.PublicKey() Expect(err).NotTo(HaveOccurred()) // CRI - CriSigner = &idemix.CriSigner{Revocation: Revocation} - CriVerifier = &idemix.CriVerifier{Revocation: Revocation} + CriSigner = &handlers.CriSigner{Revocation: Revocation} + CriVerifier = &handlers.CriVerifier{Revocation: Revocation} cri, err = CriSigner.Sign( RevocationKey, - nil, + bccsp.IdemixEmptyDigest(), &bccsp.IdemixCRISignerOpts{}, ) Expect(err).NotTo(HaveOccurred()) - }) It("the environment is properly set", func() { @@ -542,7 +541,7 @@ var _ = Describe("Idemix Bridge", func() { valid, err := CredentialRequestVerifier.Verify( IssuerPublicKey, credRequest, - nil, + bccsp.IdemixEmptyDigest(), nil, ) Expect(err).NotTo(HaveOccurred()) @@ -552,7 +551,7 @@ var _ = Describe("Idemix Bridge", func() { valid, err = CredentialVerifier.Verify( UserKey, credential, - nil, + bccsp.IdemixEmptyDigest(), &bccsp.IdemixCredentialSignerOpts{ IssuerPK: IssuerPublicKey, Attributes: []bccsp.IdemixAttribute{ @@ -571,7 +570,7 @@ var _ = Describe("Idemix Bridge", func() { valid, err = CriVerifier.Verify( RevocationPublicKey, cri, - nil, + bccsp.IdemixEmptyDigest(), &bccsp.IdemixCRISignerOpts{}, ) Expect(err).NotTo(HaveOccurred()) @@ -595,7 +594,7 @@ var _ = Describe("Idemix Bridge", func() { }, }, ) - Expect(err).To(MatchError("zero knowledge proof is invalid")) + Expect(err.Error()).To(BeEquivalentTo("failed creating new credential: zero knowledge proof is invalid")) Expect(credential).To(BeNil()) }) @@ -604,7 +603,7 @@ var _ = Describe("Idemix Bridge", func() { valid, err := CredentialVerifier.Verify( UserKey, nil, - nil, + bccsp.IdemixEmptyDigest(), &bccsp.IdemixCredentialSignerOpts{ IssuerPK: IssuerPublicKey, Attributes: []bccsp.IdemixAttribute{ @@ -616,7 +615,7 @@ var _ = Describe("Idemix Bridge", func() { }, }, ) - Expect(err).To(MatchError("invalid signature, it must not be empty")) + Expect(err.Error()).To(BeEquivalentTo("invalid signature, it must not be empty")) Expect(valid).To(BeFalse()) }) @@ -625,7 +624,7 @@ var _ = Describe("Idemix Bridge", func() { valid, err := CredentialVerifier.Verify( UserKey, []byte{0, 1, 2, 3, 4}, - nil, + bccsp.IdemixEmptyDigest(), &bccsp.IdemixCredentialSignerOpts{ IssuerPK: IssuerPublicKey, Attributes: []bccsp.IdemixAttribute{ @@ -637,7 +636,7 @@ var _ = Describe("Idemix Bridge", func() { }, }, ) - Expect(err).To(MatchError("proto: idemix.Credential: illegal tag 0 (wire type 0)")) + Expect(err.Error()).To(BeEquivalentTo("proto: idemix.Credential: illegal tag 0 (wire type 0)")) Expect(valid).To(BeFalse()) }) @@ -647,7 +646,7 @@ var _ = Describe("Idemix Bridge", func() { valid, err := CredentialVerifier.Verify( UserKey, credential, - nil, + bccsp.IdemixEmptyDigest(), &bccsp.IdemixCredentialSignerOpts{ IssuerPK: IssuerPublicKey, Attributes: []bccsp.IdemixAttribute{ @@ -659,7 +658,7 @@ var _ = Describe("Idemix Bridge", func() { }, }, ) - Expect(err).To(MatchError("credential is not cryptographically valid")) + Expect(err.Error()).To(BeEquivalentTo("credential is not cryptographically valid")) Expect(valid).To(BeFalse()) }) @@ -668,7 +667,7 @@ var _ = Describe("Idemix Bridge", func() { valid, err := CredentialVerifier.Verify( UserKey, credential, - nil, + bccsp.IdemixEmptyDigest(), &bccsp.IdemixCredentialSignerOpts{ IssuerPK: IssuerPublicKey, Attributes: []bccsp.IdemixAttribute{ @@ -680,7 +679,7 @@ var _ = Describe("Idemix Bridge", func() { }, }, ) - Expect(err).To(MatchError("credential does not contain the correct attribute value at position [0]")) + Expect(err.Error()).To(BeEquivalentTo("credential does not contain the correct attribute value at position [0]")) Expect(valid).To(BeFalse()) }) @@ -689,7 +688,7 @@ var _ = Describe("Idemix Bridge", func() { valid, err := CredentialVerifier.Verify( UserKey, credential, - nil, + bccsp.IdemixEmptyDigest(), &bccsp.IdemixCredentialSignerOpts{ IssuerPK: IssuerPublicKey, Attributes: []bccsp.IdemixAttribute{ @@ -701,7 +700,7 @@ var _ = Describe("Idemix Bridge", func() { }, }, ) - Expect(err).To(MatchError("credential does not contain the correct attribute value at position [2]")) + Expect(err.Error()).To(BeEquivalentTo("credential does not contain the correct attribute value at position [2]")) Expect(valid).To(BeFalse()) }) @@ -712,10 +711,10 @@ var _ = Describe("Idemix Bridge", func() { valid, err := CriVerifier.Verify( RevocationPublicKey, cri, - nil, + bccsp.IdemixEmptyDigest(), &bccsp.IdemixCRISignerOpts{}, ) - Expect(err).To(MatchError("EpochPKSig invalid")) + Expect(err.Error()).To(BeEquivalentTo("EpochPKSig invalid")) Expect(valid).To(BeFalse()) }) }) @@ -727,7 +726,7 @@ var _ = Describe("Idemix Bridge", func() { It("returns an error", func() { AttributeNames = []string{"A", "A"} IssuerKey, err := IssuerKeyGen.KeyGen(&bccsp.IdemixIssuerKeyGenOpts{Temporary: true, AttributeNames: AttributeNames}) - Expect(err).To(MatchError("attribute A appears multiple times in AttributeNames")) + Expect(err.Error()).To(BeEquivalentTo("attribute A appears multiple times in AttributeNames")) Expect(IssuerKey).To(BeNil()) }) }) @@ -737,9 +736,9 @@ var _ = Describe("Idemix Bridge", func() { Describe("producing and verifying idemix signature with different sets of attributes", func() { var ( - SignatureScheme idemix.SignatureScheme - Signer *idemix.Signer - Verifier *idemix.Verifier + SignatureScheme handlers.SignatureScheme + Signer *handlers.Signer + Verifier *handlers.Verifier digest []byte signature []byte @@ -753,8 +752,8 @@ var _ = Describe("Idemix Bridge", func() { BeforeEach(func() { SignatureScheme = &bridge.SignatureScheme{NewRand: bridge.NewRandOrPanic} - Signer = &idemix.Signer{SignatureScheme: SignatureScheme} - Verifier = &idemix.Verifier{SignatureScheme: SignatureScheme} + Signer = &handlers.Signer{SignatureScheme: SignatureScheme} + Verifier = &handlers.Verifier{SignatureScheme: SignatureScheme} digest = []byte("a digest") RhIndex = 4 @@ -856,7 +855,7 @@ var _ = Describe("Idemix Bridge", func() { if errMessage == "" { Expect(err).NotTo(HaveOccurred()) } else { - Expect(err).To(MatchError(errMessage)) + Expect(err.Error()).To(BeEquivalentTo(errMessage)) } Expect(valid).To(BeEquivalentTo(validity)) }) @@ -865,15 +864,15 @@ var _ = Describe("Idemix Bridge", func() { Context("producing an idemix signature", func() { var ( - SignatureScheme idemix.SignatureScheme - Signer *idemix.Signer + SignatureScheme handlers.SignatureScheme + Signer *handlers.Signer SignAttributes []bccsp.IdemixAttribute - Verifier *idemix.Verifier + Verifier *handlers.Verifier ) BeforeEach(func() { SignatureScheme = &bridge.SignatureScheme{NewRand: bridge.NewRandOrPanic} - Signer = &idemix.Signer{SignatureScheme: SignatureScheme} + Signer = &handlers.Signer{SignatureScheme: SignatureScheme} SignAttributes = []bccsp.IdemixAttribute{ {Type: bccsp.IdemixHiddenAttribute}, {Type: bccsp.IdemixHiddenAttribute}, @@ -881,7 +880,7 @@ var _ = Describe("Idemix Bridge", func() { {Type: bccsp.IdemixHiddenAttribute}, {Type: bccsp.IdemixHiddenAttribute}, } - Verifier = &idemix.Verifier{SignatureScheme: SignatureScheme} + Verifier = &handlers.Verifier{SignatureScheme: SignatureScheme} }) It("fails when the credential is malformed", func() { @@ -898,7 +897,7 @@ var _ = Describe("Idemix Bridge", func() { CRI: cri, }, ) - Expect(err).To(MatchError("proto: idemix.Credential: illegal tag 0 (wire type 0)")) + Expect(err.Error()).To(BeEquivalentTo("failed unmarshalling credential: proto: idemix.Credential: illegal tag 0 (wire type 0)")) Expect(signature).To(BeNil()) }) @@ -916,7 +915,7 @@ var _ = Describe("Idemix Bridge", func() { CRI: []byte{0, 1, 2, 3, 4}, }, ) - Expect(err).To(MatchError("proto: idemix.CredentialRevocationInformation: illegal tag 0 (wire type 0)")) + Expect(err.Error()).To(BeEquivalentTo("failed unmarshalling credential revocation information: proto: idemix.CredentialRevocationInformation: illegal tag 0 (wire type 0)")) Expect(signature).To(BeNil()) }) @@ -934,7 +933,7 @@ var _ = Describe("Idemix Bridge", func() { CRI: cri, }, ) - Expect(err).To(MatchError("cannot create idemix signature: received invalid input")) + Expect(err.Error()).To(BeEquivalentTo("failed creating new signature: cannot create idemix signature: received invalid input")) Expect(signature).To(BeNil()) }) @@ -967,7 +966,7 @@ var _ = Describe("Idemix Bridge", func() { Epoch: 0, }, ) - Expect(err).To(MatchError("signature invalid: APrime = 1")) + Expect(err.Error()).To(BeEquivalentTo("signature invalid: APrime = 1")) Expect(valid).To(BeFalse()) }) @@ -987,7 +986,7 @@ var _ = Describe("Idemix Bridge", func() { CRI: cri, }, ) - Expect(err).To(MatchError("failure [runtime error: index out of range]")) + Expect(err.Error()).To(BeEquivalentTo("failure [runtime error: index out of range]")) Expect(signature).To(BeNil()) }) }) @@ -995,8 +994,8 @@ var _ = Describe("Idemix Bridge", func() { Describe("producing an idemix nym signature", func() { var ( NymSignatureScheme *bridge.NymSignatureScheme - NymSigner *idemix.NymSigner - NymVerifier *idemix.NymVerifier + NymSigner *handlers.NymSigner + NymVerifier *handlers.NymVerifier digest []byte signature []byte ) @@ -1004,8 +1003,8 @@ var _ = Describe("Idemix Bridge", func() { BeforeEach(func() { var err error NymSignatureScheme = &bridge.NymSignatureScheme{NewRand: bridge.NewRandOrPanic} - NymSigner = &idemix.NymSigner{NymSignatureScheme: NymSignatureScheme} - NymVerifier = &idemix.NymVerifier{NymSignatureScheme: NymSignatureScheme} + NymSigner = &handlers.NymSigner{NymSignatureScheme: NymSignatureScheme} + NymVerifier = &handlers.NymVerifier{NymSignatureScheme: NymSignatureScheme} digest = []byte("a digest") @@ -1153,7 +1152,7 @@ var _ = Describe("Idemix Bridge", func() { IssuerPK: IssuerPublicKey, }, ) - Expect(err).To(MatchError(errMessage)) + Expect(err.Error()).To(BeEquivalentTo(errMessage)) Expect(valid).To(BeFalse()) }) }) diff --git a/bccsp/idemix/bridge/credential.go b/bccsp/idemix/bridge/credential.go index 05c356de6f6..ae5859b4418 100644 --- a/bccsp/idemix/bridge/credential.go +++ b/bccsp/idemix/bridge/credential.go @@ -8,12 +8,11 @@ package bridge import ( "bytes" - "github.com/hyperledger/fabric-amcl/amcl" - "github.com/golang/protobuf/proto" + "github.com/hyperledger/fabric-amcl/amcl" "github.com/hyperledger/fabric-amcl/amcl/FP256BN" "github.com/hyperledger/fabric/bccsp" - "github.com/hyperledger/fabric/bccsp/idemix" + "github.com/hyperledger/fabric/bccsp/idemix/handlers" cryptolib "github.com/hyperledger/fabric/idemix" "github.com/pkg/errors" ) @@ -29,7 +28,7 @@ type Credential struct { // a serialised credential request, and a list of attribute values. // Notice that attributes should not contain attributes whose type is IdemixHiddenAttribute // cause the credential needs to carry all the attribute values. -func (c *Credential) Sign(key idemix.IssuerSecretKey, credentialRequest []byte, attributes []bccsp.IdemixAttribute) (res []byte, err error) { +func (c *Credential) Sign(key handlers.IssuerSecretKey, credentialRequest []byte, attributes []bccsp.IdemixAttribute) (res []byte, err error) { defer func() { if r := recover(); r != nil { res = nil @@ -45,7 +44,7 @@ func (c *Credential) Sign(key idemix.IssuerSecretKey, credentialRequest []byte, cr := &cryptolib.CredRequest{} err = proto.Unmarshal(credentialRequest, cr) if err != nil { - return nil, err + return nil, errors.Wrap(err, "failed unmarshalling credential request") } attrValues := make([]*FP256BN.BIG, len(attributes)) @@ -62,7 +61,7 @@ func (c *Credential) Sign(key idemix.IssuerSecretKey, credentialRequest []byte, cred, err := cryptolib.NewCredential(iisk.SK, cr, attrValues, c.NewRand()) if err != nil { - return nil, err + return nil, errors.WithMessage(err, "failed creating new credential") } return proto.Marshal(cred) @@ -72,7 +71,7 @@ func (c *Credential) Sign(key idemix.IssuerSecretKey, credentialRequest []byte, // in input the user secret key (sk), the issuer public key (ipk), the serialised credential (credential), // and a list of attributes. The list of attributes is optional, in case it is specified, Verify // checks that the credential carries the specified attributes. -func (*Credential) Verify(sk idemix.Big, ipk idemix.IssuerPublicKey, credential []byte, attributes []bccsp.IdemixAttribute) (err error) { +func (*Credential) Verify(sk handlers.Big, ipk handlers.IssuerPublicKey, credential []byte, attributes []bccsp.IdemixAttribute) (err error) { defer func() { if r := recover(); r != nil { err = errors.Errorf("failure [%s]", r) diff --git a/bccsp/idemix/bridge/credrequest.go b/bccsp/idemix/bridge/credrequest.go index c51afa39d01..a28161029e5 100644 --- a/bccsp/idemix/bridge/credrequest.go +++ b/bccsp/idemix/bridge/credrequest.go @@ -8,7 +8,7 @@ package bridge import ( "github.com/golang/protobuf/proto" "github.com/hyperledger/fabric-amcl/amcl" - "github.com/hyperledger/fabric/bccsp/idemix" + "github.com/hyperledger/fabric/bccsp/idemix/handlers" cryptolib "github.com/hyperledger/fabric/idemix" "github.com/pkg/errors" ) @@ -22,7 +22,7 @@ type CredRequest struct { // Sign produces an idemix credential request. It takes in input a user secret key and // an issuer public key. -func (cr *CredRequest) Sign(sk idemix.Big, ipk idemix.IssuerPublicKey) (res []byte, err error) { +func (cr *CredRequest) Sign(sk handlers.Big, ipk handlers.IssuerPublicKey) (res []byte, err error) { defer func() { if r := recover(); r != nil { res = nil @@ -52,7 +52,7 @@ func (cr *CredRequest) Sign(sk idemix.Big, ipk idemix.IssuerPublicKey) (res []by // Verify checks that the passed credential request is valid with the respect to the passed // issuer public key. -func (*CredRequest) Verify(credentialRequest []byte, ipk idemix.IssuerPublicKey) (err error) { +func (*CredRequest) Verify(credentialRequest []byte, ipk handlers.IssuerPublicKey) (err error) { defer func() { if r := recover(); r != nil { err = errors.Errorf("failure [%s]", r) diff --git a/bccsp/idemix/bridge/issuer.go b/bccsp/idemix/bridge/issuer.go index 9d159af9d32..9b3a8d1e3e8 100644 --- a/bccsp/idemix/bridge/issuer.go +++ b/bccsp/idemix/bridge/issuer.go @@ -8,7 +8,7 @@ package bridge import ( "github.com/golang/protobuf/proto" "github.com/hyperledger/fabric-amcl/amcl" - "github.com/hyperledger/fabric/bccsp/idemix" + "github.com/hyperledger/fabric/bccsp/idemix/handlers" cryptolib "github.com/hyperledger/fabric/idemix" "github.com/pkg/errors" ) @@ -31,7 +31,7 @@ func (o *IssuerSecretKey) Bytes() ([]byte, error) { return proto.Marshal(o.SK) } -func (o *IssuerSecretKey) Public() idemix.IssuerPublicKey { +func (o *IssuerSecretKey) Public() handlers.IssuerPublicKey { return &IssuerPublicKey{o.SK.Ipk} } @@ -41,7 +41,7 @@ type Issuer struct { } // NewKey generates a new issuer key-pair -func (i *Issuer) NewKey(attributeNames []string) (res idemix.IssuerSecretKey, err error) { +func (i *Issuer) NewKey(attributeNames []string) (res handlers.IssuerSecretKey, err error) { defer func() { if r := recover(); r != nil { res = nil diff --git a/bccsp/idemix/bridge/math.go b/bccsp/idemix/bridge/math.go index 9ed4e3786a7..53c0b57fb75 100644 --- a/bccsp/idemix/bridge/math.go +++ b/bccsp/idemix/bridge/math.go @@ -25,6 +25,9 @@ type Ecp struct { } func (o *Ecp) Bytes() ([]byte, error) { + // To store a non-compressed elliptic curve point, we need to allocate + // enough space for the x and y coordinate, therefore two elements in the + // base field res := make([]byte, 2*idemix.FieldBytes+1) o.E.ToBytes(res, false) diff --git a/bccsp/idemix/bridge/nymsignaturescheme.go b/bccsp/idemix/bridge/nymsignaturescheme.go index 1c78269b561..f4e39ce0b47 100644 --- a/bccsp/idemix/bridge/nymsignaturescheme.go +++ b/bccsp/idemix/bridge/nymsignaturescheme.go @@ -7,9 +7,9 @@ package bridge import ( "github.com/hyperledger/fabric-amcl/amcl" + "github.com/hyperledger/fabric/bccsp/idemix/handlers" "github.com/golang/protobuf/proto" - "github.com/hyperledger/fabric/bccsp/idemix" cryptolib "github.com/hyperledger/fabric/idemix" "github.com/pkg/errors" ) @@ -22,7 +22,7 @@ type NymSignatureScheme struct { // Sign produces a signature over the passed digest. It takes in input, the user secret key (sk), // the pseudonym public key (Nym) and secret key (RNym), and the issuer public key (ipk). -func (n *NymSignatureScheme) Sign(sk idemix.Big, Nym idemix.Ecp, RNym idemix.Big, ipk idemix.IssuerPublicKey, digest []byte) (res []byte, err error) { +func (n *NymSignatureScheme) Sign(sk handlers.Big, Nym handlers.Ecp, RNym handlers.Big, ipk handlers.IssuerPublicKey, digest []byte) (res []byte, err error) { defer func() { if r := recover(); r != nil { res = nil @@ -55,7 +55,7 @@ func (n *NymSignatureScheme) Sign(sk idemix.Big, Nym idemix.Ecp, RNym idemix.Big digest, n.NewRand()) if err != nil { - return nil, err + return nil, errors.WithMessage(err, "failed creating new nym signature") } return proto.Marshal(sig) @@ -63,7 +63,7 @@ func (n *NymSignatureScheme) Sign(sk idemix.Big, Nym idemix.Ecp, RNym idemix.Big // Verify checks that the passed signatures is valid with the respect to the passed digest, issuer public key, // and pseudonym public key. -func (*NymSignatureScheme) Verify(ipk idemix.IssuerPublicKey, Nym idemix.Ecp, signature, digest []byte) (err error) { +func (*NymSignatureScheme) Verify(ipk handlers.IssuerPublicKey, Nym handlers.Ecp, signature, digest []byte) (err error) { defer func() { if r := recover(); r != nil { err = errors.Errorf("failure [%s]", r) diff --git a/bccsp/idemix/bridge/revocation.go b/bccsp/idemix/bridge/revocation.go index 4ada6bf6031..9170bb43cfe 100644 --- a/bccsp/idemix/bridge/revocation.go +++ b/bccsp/idemix/bridge/revocation.go @@ -39,7 +39,7 @@ func (*Revocation) Sign(key *ecdsa.PrivateKey, unrevokedHandles [][]byte, epoch } cri, err := cryptolib.CreateCRI(key, handles, epoch, cryptolib.RevocationAlgorithm(alg), NewRandOrPanic()) if err != nil { - return nil, err + return nil, errors.WithMessage(err, "failed creating CRI") } return proto.Marshal(cri) diff --git a/bccsp/idemix/bridge/signaturescheme.go b/bccsp/idemix/bridge/signaturescheme.go index 258c18f944e..7ccd1a13e54 100644 --- a/bccsp/idemix/bridge/signaturescheme.go +++ b/bccsp/idemix/bridge/signaturescheme.go @@ -8,12 +8,11 @@ package bridge import ( "crypto/ecdsa" - "github.com/hyperledger/fabric-amcl/amcl" - "github.com/golang/protobuf/proto" + "github.com/hyperledger/fabric-amcl/amcl" "github.com/hyperledger/fabric-amcl/amcl/FP256BN" "github.com/hyperledger/fabric/bccsp" - "github.com/hyperledger/fabric/bccsp/idemix" + "github.com/hyperledger/fabric/bccsp/idemix/handlers" cryptolib "github.com/hyperledger/fabric/idemix" "github.com/pkg/errors" ) @@ -26,7 +25,7 @@ type SignatureScheme struct { // Sign produces an idemix-signature with the respect to the passed serialised credential (cred), // user secret key (sk), pseudonym public key (Nym) and secret key (RNym), issuer public key (ipk), // and attributes to be disclosed. -func (s *SignatureScheme) Sign(cred []byte, sk idemix.Big, Nym idemix.Ecp, RNym idemix.Big, ipk idemix.IssuerPublicKey, attributes []bccsp.IdemixAttribute, +func (s *SignatureScheme) Sign(cred []byte, sk handlers.Big, Nym handlers.Ecp, RNym handlers.Big, ipk handlers.IssuerPublicKey, attributes []bccsp.IdemixAttribute, msg []byte, rhIndex int, criRaw []byte) (res []byte, err error) { defer func() { if r := recover(); r != nil { @@ -55,13 +54,13 @@ func (s *SignatureScheme) Sign(cred []byte, sk idemix.Big, Nym idemix.Ecp, RNym credential := &cryptolib.Credential{} err = proto.Unmarshal(cred, credential) if err != nil { - return nil, err + return nil, errors.Wrap(err, "failed unmarshalling credential") } cri := &cryptolib.CredentialRevocationInformation{} err = proto.Unmarshal(criRaw, cri) if err != nil { - return nil, err + return nil, errors.Wrap(err, "failed unmarshalling credential revocation information") } disclosure := make([]byte, len(attributes)) @@ -85,7 +84,7 @@ func (s *SignatureScheme) Sign(cred []byte, sk idemix.Big, Nym idemix.Ecp, RNym cri, s.NewRand()) if err != nil { - return nil, err + return nil, errors.WithMessage(err, "failed creating new signature") } return proto.Marshal(sig) @@ -93,7 +92,7 @@ func (s *SignatureScheme) Sign(cred []byte, sk idemix.Big, Nym idemix.Ecp, RNym // Verify checks that an idemix signature is valid with the respect to the passed issuer public key, digest, attributes, // revocation index (rhIndex), revocation public key, and epoch. -func (*SignatureScheme) Verify(ipk idemix.IssuerPublicKey, signature, digest []byte, attributes []bccsp.IdemixAttribute, rhIndex int, revocationPublicKey *ecdsa.PublicKey, epoch int) (err error) { +func (*SignatureScheme) Verify(ipk handlers.IssuerPublicKey, signature, digest []byte, attributes []bccsp.IdemixAttribute, rhIndex int, revocationPublicKey *ecdsa.PublicKey, epoch int) (err error) { defer func() { if r := recover(); r != nil { err = errors.Errorf("failure [%s]", r) diff --git a/bccsp/idemix/bridge/user.go b/bccsp/idemix/bridge/user.go index 0a3d62a0487..b66e76dddaa 100644 --- a/bccsp/idemix/bridge/user.go +++ b/bccsp/idemix/bridge/user.go @@ -7,7 +7,7 @@ package bridge import ( "github.com/hyperledger/fabric-amcl/amcl" - "github.com/hyperledger/fabric/bccsp/idemix" + "github.com/hyperledger/fabric/bccsp/idemix/handlers" cryptolib "github.com/hyperledger/fabric/idemix" "github.com/pkg/errors" ) @@ -18,7 +18,7 @@ type User struct { } // NewKey generates an idemix user secret key -func (u *User) NewKey() (res idemix.Big, err error) { +func (u *User) NewKey() (res handlers.Big, err error) { defer func() { if r := recover(); r != nil { res = nil @@ -32,7 +32,7 @@ func (u *User) NewKey() (res idemix.Big, err error) { } // MakeNym generates a new pseudonym key-pair derived from the passed user secret key (sk) and issuer public key (ipk) -func (u *User) MakeNym(sk idemix.Big, ipk idemix.IssuerPublicKey) (r1 idemix.Ecp, r2 idemix.Big, err error) { +func (u *User) MakeNym(sk handlers.Big, ipk handlers.IssuerPublicKey) (r1 handlers.Ecp, r2 handlers.Big, err error) { defer func() { if r := recover(); r != nil { r1 = nil diff --git a/bccsp/idemix/cred.go b/bccsp/idemix/handlers/cred.go similarity index 87% rename from bccsp/idemix/cred.go rename to bccsp/idemix/handlers/cred.go index a91876c99e9..08ec3759765 100644 --- a/bccsp/idemix/cred.go +++ b/bccsp/idemix/handlers/cred.go @@ -3,9 +3,11 @@ Copyright IBM Corp. All Rights Reserved. SPDX-License-Identifier: Apache-2.0 */ -package idemix +package handlers import ( + "reflect" + "github.com/hyperledger/fabric/bccsp" "github.com/pkg/errors" ) @@ -32,8 +34,8 @@ func (c *CredentialRequestSigner) Sign(k bccsp.Key, digest []byte, opts bccsp.Si if !ok { return nil, errors.New("invalid options, expected IssuerPK as *issuerPublicKey") } - if len(digest) != 0 { - return nil, errors.New("invalid digest, it must be empty") + if !reflect.DeepEqual(digest, bccsp.IdemixEmptyDigest()) { + return nil, errors.New("invalid digest, the idemix empty digest is expected") } return c.CredRequest.Sign(userSecretKey.sk, issuerPK.pk) @@ -50,8 +52,8 @@ func (c *CredentialRequestVerifier) Verify(k bccsp.Key, signature, digest []byte if !ok { return false, errors.New("invalid key, expected *issuerPublicKey") } - if len(digest) != 0 { - return false, errors.New("invalid digest, it must be empty") + if !reflect.DeepEqual(digest, bccsp.IdemixEmptyDigest()) { + return false, errors.New("invalid digest, the idemix empty digest is expected") } err := c.CredRequest.Verify(signature, issuerPublicKey.pk) @@ -104,8 +106,8 @@ func (v *CredentialVerifier) Verify(k bccsp.Key, signature, digest []byte, opts if !ok { return false, errors.New("invalid issuer public key, expected *issuerPublicKey") } - if len(digest) != 0 { - return false, errors.New("invalid digest, it must be empty") + if !reflect.DeepEqual(digest, bccsp.IdemixEmptyDigest()) { + return false, errors.New("invalid digest, the idemix empty digest is expected") } if len(signature) == 0 { return false, errors.New("invalid signature, it must not be empty") diff --git a/bccsp/idemix/cred_test.go b/bccsp/idemix/handlers/cred_test.go similarity index 75% rename from bccsp/idemix/cred_test.go rename to bccsp/idemix/handlers/cred_test.go index cc48e3bc1cb..c544bd5fd68 100644 --- a/bccsp/idemix/cred_test.go +++ b/bccsp/idemix/handlers/cred_test.go @@ -3,12 +3,12 @@ Copyright IBM Corp. All Rights Reserved. SPDX-License-Identifier: Apache-2.0 */ -package idemix_test +package handlers_test import ( "github.com/hyperledger/fabric/bccsp" - "github.com/hyperledger/fabric/bccsp/idemix" - "github.com/hyperledger/fabric/bccsp/idemix/mock" + "github.com/hyperledger/fabric/bccsp/idemix/handlers" + "github.com/hyperledger/fabric/bccsp/idemix/handlers/mock" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" "github.com/pkg/errors" @@ -19,13 +19,13 @@ var _ = Describe("Credential Request", func() { Describe("when creating a credential request", func() { var ( - CredentialRequestSigner *idemix.CredentialRequestSigner + CredentialRequestSigner *handlers.CredentialRequestSigner fakeCredRequest *mock.CredRequest ) BeforeEach(func() { fakeCredRequest = &mock.CredRequest{} - CredentialRequestSigner = &idemix.CredentialRequestSigner{CredRequest: fakeCredRequest} + CredentialRequestSigner = &handlers.CredentialRequestSigner{CredRequest: fakeCredRequest} }) Context("and the underlying cryptographic algorithm succeed", func() { @@ -39,9 +39,9 @@ var _ = Describe("Credential Request", func() { It("returns no error and a signature", func() { signature, err := CredentialRequestSigner.Sign( - idemix.NewUserSecretKey(nil, false), - nil, - &bccsp.IdemixCredentialRequestSignerOpts{IssuerPK: idemix.NewIssuerPublicKey(nil)}, + handlers.NewUserSecretKey(nil, false), + bccsp.IdemixEmptyDigest(), + &bccsp.IdemixCredentialRequestSignerOpts{IssuerPK: handlers.NewIssuerPublicKey(nil)}, ) Expect(err).NotTo(HaveOccurred()) Expect(signature).To(BeEquivalentTo(fakeSignature)) @@ -56,9 +56,9 @@ var _ = Describe("Credential Request", func() { It("returns an error", func() { signature, err := CredentialRequestSigner.Sign( - idemix.NewUserSecretKey(nil, false), - nil, - &bccsp.IdemixCredentialRequestSignerOpts{IssuerPK: idemix.NewIssuerPublicKey(nil)}, + handlers.NewUserSecretKey(nil, false), + bccsp.IdemixEmptyDigest(), + &bccsp.IdemixCredentialRequestSignerOpts{IssuerPK: handlers.NewIssuerPublicKey(nil)}, ) Expect(err).To(MatchError("sign error")) Expect(signature).To(BeNil()) @@ -72,7 +72,7 @@ var _ = Describe("Credential Request", func() { signature, err := CredentialRequestSigner.Sign( nil, nil, - &bccsp.IdemixCredentialRequestSignerOpts{IssuerPK: idemix.NewIssuerPublicKey(nil)}, + &bccsp.IdemixCredentialRequestSignerOpts{IssuerPK: handlers.NewIssuerPublicKey(nil)}, ) Expect(err).To(MatchError("invalid key, expected *userSecretKey")) Expect(signature).To(BeNil()) @@ -82,9 +82,9 @@ var _ = Describe("Credential Request", func() { Context("and the user secret key is not of type *userSecretKey", func() { It("returns error", func() { signature, err := CredentialRequestSigner.Sign( - idemix.NewIssuerPublicKey(nil), + handlers.NewIssuerPublicKey(nil), nil, - &bccsp.IdemixCredentialRequestSignerOpts{IssuerPK: idemix.NewIssuerPublicKey(nil)}, + &bccsp.IdemixCredentialRequestSignerOpts{IssuerPK: handlers.NewIssuerPublicKey(nil)}, ) Expect(err).To(MatchError("invalid key, expected *userSecretKey")) Expect(signature).To(BeNil()) @@ -94,7 +94,7 @@ var _ = Describe("Credential Request", func() { Context("and the option is missing", func() { It("returns error", func() { signature, err := CredentialRequestSigner.Sign( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), nil, nil, ) @@ -106,7 +106,7 @@ var _ = Describe("Credential Request", func() { Context("and the option is not of type *bccsp.IdemixCredentialRequestSignerOpts", func() { It("returns error", func() { signature, err := CredentialRequestSigner.Sign( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), nil, &bccsp.IdemixSignerOpts{}, ) @@ -118,7 +118,7 @@ var _ = Describe("Credential Request", func() { Context("and the issuer public key is missing", func() { It("returns error", func() { signature, err := CredentialRequestSigner.Sign( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), nil, &bccsp.IdemixCredentialRequestSignerOpts{IssuerPK: nil}, ) @@ -130,23 +130,23 @@ var _ = Describe("Credential Request", func() { Context("and the issuer public key is not of type *issuerPublicKey", func() { It("returns error", func() { signature, err := CredentialRequestSigner.Sign( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), nil, - &bccsp.IdemixCredentialRequestSignerOpts{IssuerPK: idemix.NewUserSecretKey(nil, false)}, + &bccsp.IdemixCredentialRequestSignerOpts{IssuerPK: handlers.NewUserSecretKey(nil, false)}, ) Expect(err).To(MatchError("invalid options, expected IssuerPK as *issuerPublicKey")) Expect(signature).To(BeNil()) }) }) - Context("and the digest is not nil", func() { + Context("and the digest is not the idemix empty digest", func() { It("returns error", func() { signature, err := CredentialRequestSigner.Sign( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), []byte{1, 2, 3, 4}, - &bccsp.IdemixCredentialRequestSignerOpts{IssuerPK: idemix.NewIssuerPublicKey(nil)}, + &bccsp.IdemixCredentialRequestSignerOpts{IssuerPK: handlers.NewIssuerPublicKey(nil)}, ) - Expect(err).To(MatchError("invalid digest, it must be empty")) + Expect(err).To(MatchError("invalid digest, the idemix empty digest is expected")) Expect(signature).To(BeNil()) }) }) @@ -157,13 +157,13 @@ var _ = Describe("Credential Request", func() { Describe("when verifying a credential request", func() { var ( - CredentialRequestVerifier *idemix.CredentialRequestVerifier + CredentialRequestVerifier *handlers.CredentialRequestVerifier fakeCredRequest *mock.CredRequest ) BeforeEach(func() { fakeCredRequest = &mock.CredRequest{} - CredentialRequestVerifier = &idemix.CredentialRequestVerifier{CredRequest: fakeCredRequest} + CredentialRequestVerifier = &handlers.CredentialRequestVerifier{CredRequest: fakeCredRequest} }) Context("and the underlying cryptographic algorithm succeed", func() { @@ -173,9 +173,9 @@ var _ = Describe("Credential Request", func() { It("returns no error and valid signature", func() { valid, err := CredentialRequestVerifier.Verify( - idemix.NewIssuerPublicKey(nil), + handlers.NewIssuerPublicKey(nil), []byte("fake signature"), - nil, + bccsp.IdemixEmptyDigest(), nil, ) Expect(err).NotTo(HaveOccurred()) @@ -190,9 +190,9 @@ var _ = Describe("Credential Request", func() { It("returns an error", func() { valid, err := CredentialRequestVerifier.Verify( - idemix.NewIssuerPublicKey(nil), + handlers.NewIssuerPublicKey(nil), []byte("fake signature"), - nil, + bccsp.IdemixEmptyDigest(), nil, ) Expect(err).To(MatchError("verify error")) @@ -218,7 +218,7 @@ var _ = Describe("Credential Request", func() { Context("and the issuer public key is not of type *issuerPublicKey", func() { It("returns error", func() { valid, err := CredentialRequestVerifier.Verify( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), []byte("fake signature"), nil, nil, @@ -228,15 +228,15 @@ var _ = Describe("Credential Request", func() { }) }) - Context("and the digest is not nil", func() { + Context("and the digest is not the idemix empty digest", func() { It("returns error", func() { valid, err := CredentialRequestVerifier.Verify( - idemix.NewIssuerPublicKey(nil), + handlers.NewIssuerPublicKey(nil), []byte("fake signature"), []byte{1, 2, 3, 4}, nil, ) - Expect(err).To(MatchError("invalid digest, it must be empty")) + Expect(err).To(MatchError("invalid digest, the idemix empty digest is expected")) Expect(valid).To(BeFalse()) }) }) @@ -250,13 +250,13 @@ var _ = Describe("Credential", func() { Describe("when creating a credential", func() { var ( - CredentialSigner *idemix.CredentialSigner + CredentialSigner *handlers.CredentialSigner fakeCredential *mock.Credential ) BeforeEach(func() { fakeCredential = &mock.Credential{} - CredentialSigner = &idemix.CredentialSigner{Credential: fakeCredential} + CredentialSigner = &handlers.CredentialSigner{Credential: fakeCredential} }) Context("and the underlying cryptographic algorithm succeed", func() { @@ -270,7 +270,7 @@ var _ = Describe("Credential", func() { It("returns no error and a signature", func() { signature, err := CredentialSigner.Sign( - idemix.NewIssuerSecretKey(nil, false), + handlers.NewIssuerSecretKey(nil, false), nil, &bccsp.IdemixCredentialSignerOpts{}, ) @@ -287,7 +287,7 @@ var _ = Describe("Credential", func() { It("returns an error", func() { signature, err := CredentialSigner.Sign( - idemix.NewIssuerSecretKey(nil, false), + handlers.NewIssuerSecretKey(nil, false), nil, &bccsp.IdemixCredentialSignerOpts{}, ) @@ -313,7 +313,7 @@ var _ = Describe("Credential", func() { Context("and the user secret key is not of type *issuerSecretKey", func() { It("returns error", func() { signature, err := CredentialSigner.Sign( - idemix.NewIssuerPublicKey(nil), + handlers.NewIssuerPublicKey(nil), nil, &bccsp.IdemixCredentialSignerOpts{}, ) @@ -325,7 +325,7 @@ var _ = Describe("Credential", func() { Context("and the opt is nil", func() { It("returns error", func() { signature, err := CredentialSigner.Sign( - idemix.NewIssuerSecretKey(nil, false), + handlers.NewIssuerSecretKey(nil, false), nil, nil, ) @@ -337,7 +337,7 @@ var _ = Describe("Credential", func() { Context("and the opt is not of type *IdemixCredentialSignerOpts", func() { It("returns error", func() { signature, err := CredentialSigner.Sign( - idemix.NewIssuerSecretKey(nil, false), + handlers.NewIssuerSecretKey(nil, false), nil, &bccsp.IdemixCredentialRequestSignerOpts{}, ) @@ -351,13 +351,13 @@ var _ = Describe("Credential", func() { Describe("when verifying a credential", func() { var ( - CredentialVerifier *idemix.CredentialVerifier + CredentialVerifier *handlers.CredentialVerifier fakeCredential *mock.Credential ) BeforeEach(func() { fakeCredential = &mock.Credential{} - CredentialVerifier = &idemix.CredentialVerifier{Credential: fakeCredential} + CredentialVerifier = &handlers.CredentialVerifier{Credential: fakeCredential} }) Context("and the underlying cryptographic algorithm succeed", func() { @@ -367,10 +367,10 @@ var _ = Describe("Credential", func() { It("returns no error and valid signature", func() { valid, err := CredentialVerifier.Verify( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), []byte("fake signature"), - nil, - &bccsp.IdemixCredentialSignerOpts{IssuerPK: idemix.NewIssuerPublicKey(nil)}, + bccsp.IdemixEmptyDigest(), + &bccsp.IdemixCredentialSignerOpts{IssuerPK: handlers.NewIssuerPublicKey(nil)}, ) Expect(err).NotTo(HaveOccurred()) Expect(valid).To(BeTrue()) @@ -384,10 +384,10 @@ var _ = Describe("Credential", func() { It("returns an error", func() { valid, err := CredentialVerifier.Verify( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), []byte("fake signature"), - nil, - &bccsp.IdemixCredentialSignerOpts{IssuerPK: idemix.NewIssuerPublicKey(nil)}, + bccsp.IdemixEmptyDigest(), + &bccsp.IdemixCredentialSignerOpts{IssuerPK: handlers.NewIssuerPublicKey(nil)}, ) Expect(err).To(MatchError("verify error")) Expect(valid).To(BeFalse()) @@ -402,7 +402,7 @@ var _ = Describe("Credential", func() { nil, []byte("fake signature"), nil, - &bccsp.IdemixCredentialSignerOpts{IssuerPK: idemix.NewIssuerPublicKey(nil)}, + &bccsp.IdemixCredentialSignerOpts{IssuerPK: handlers.NewIssuerPublicKey(nil)}, ) Expect(err).To(MatchError("invalid key, expected *userSecretKey")) Expect(valid).To(BeFalse()) @@ -412,25 +412,25 @@ var _ = Describe("Credential", func() { Context("and the user secret key is not of type *userSecretKey", func() { It("returns error", func() { valid, err := CredentialVerifier.Verify( - idemix.NewIssuerPublicKey(nil), + handlers.NewIssuerPublicKey(nil), []byte("fake signature"), nil, - &bccsp.IdemixCredentialSignerOpts{IssuerPK: idemix.NewIssuerPublicKey(nil)}, + &bccsp.IdemixCredentialSignerOpts{IssuerPK: handlers.NewIssuerPublicKey(nil)}, ) Expect(err).To(MatchError("invalid key, expected *userSecretKey")) Expect(valid).To(BeFalse()) }) }) - Context("and the digest is not nil", func() { + Context("and the digest is not the idemix empty digest", func() { It("returns error", func() { valid, err := CredentialVerifier.Verify( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), []byte("fake signature"), []byte{1, 2, 3, 4}, - &bccsp.IdemixCredentialSignerOpts{IssuerPK: idemix.NewIssuerPublicKey(nil)}, + &bccsp.IdemixCredentialSignerOpts{IssuerPK: handlers.NewIssuerPublicKey(nil)}, ) - Expect(err).To(MatchError("invalid digest, it must be empty")) + Expect(err).To(MatchError("invalid digest, the idemix empty digest is expected")) Expect(valid).To(BeFalse()) }) }) @@ -438,10 +438,10 @@ var _ = Describe("Credential", func() { Context("and the signature is empty", func() { It("returns error", func() { valid, err := CredentialVerifier.Verify( - idemix.NewUserSecretKey(nil, false), - nil, + handlers.NewUserSecretKey(nil, false), nil, - &bccsp.IdemixCredentialSignerOpts{IssuerPK: idemix.NewIssuerPublicKey(nil)}, + bccsp.IdemixEmptyDigest(), + &bccsp.IdemixCredentialSignerOpts{IssuerPK: handlers.NewIssuerPublicKey(nil)}, ) Expect(err).To(MatchError("invalid signature, it must not be empty")) Expect(valid).To(BeFalse()) @@ -451,7 +451,7 @@ var _ = Describe("Credential", func() { Context("and the option is empty", func() { It("returns error", func() { valid, err := CredentialVerifier.Verify( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), []byte("fake signature"), nil, nil, @@ -464,7 +464,7 @@ var _ = Describe("Credential", func() { Context("and the option is not of type *IdemixCredentialSignerOpts", func() { It("returns error", func() { valid, err := CredentialVerifier.Verify( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), []byte("fake signature"), nil, &bccsp.IdemixCredentialRequestSignerOpts{}, @@ -477,7 +477,7 @@ var _ = Describe("Credential", func() { Context("and the option's issuer public key is empty", func() { It("returns error", func() { valid, err := CredentialVerifier.Verify( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), []byte("fake signature"), nil, &bccsp.IdemixCredentialSignerOpts{}, @@ -490,10 +490,10 @@ var _ = Describe("Credential", func() { Context("and the option's issuer public key is not of type *issuerPublicKey", func() { It("returns error", func() { valid, err := CredentialVerifier.Verify( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), []byte("fake signature"), nil, - &bccsp.IdemixCredentialSignerOpts{IssuerPK: idemix.NewUserSecretKey(nil, false)}, + &bccsp.IdemixCredentialSignerOpts{IssuerPK: handlers.NewUserSecretKey(nil, false)}, ) Expect(err).To(MatchError("invalid issuer public key, expected *issuerPublicKey")) Expect(valid).To(BeFalse()) diff --git a/bccsp/idemix/idemix.go b/bccsp/idemix/handlers/idemix.go similarity index 99% rename from bccsp/idemix/idemix.go rename to bccsp/idemix/handlers/idemix.go index 887096e246b..6d5c963e3ce 100644 --- a/bccsp/idemix/idemix.go +++ b/bccsp/idemix/handlers/idemix.go @@ -3,7 +3,7 @@ Copyright IBM Corp. All Rights Reserved. SPDX-License-Identifier: Apache-2.0 */ -package idemix +package handlers import ( "crypto/ecdsa" diff --git a/bccsp/idemix/handlers/idemix_suite_test.go b/bccsp/idemix/handlers/idemix_suite_test.go new file mode 100644 index 00000000000..b0baff5a2f9 --- /dev/null +++ b/bccsp/idemix/handlers/idemix_suite_test.go @@ -0,0 +1,30 @@ +/* +Copyright IBM Corp. All Rights Reserved. + +SPDX-License-Identifier: Apache-2.0 +*/ +package handlers_test + +import ( + "testing" + + . "github.com/onsi/ginkgo" + . "github.com/onsi/gomega" +) + +//go:generate counterfeiter -o mock/issuer.go -fake-name Issuer . Issuer +//go:generate counterfeiter -o mock/issuer_secret_key.go -fake-name IssuerSecretKey . IssuerSecretKey +//go:generate counterfeiter -o mock/issuer_public_key.go -fake-name IssuerPublicKey . IssuerPublicKey +//go:generate counterfeiter -o mock/user.go -fake-name User . User +//go:generate counterfeiter -o mock/big.go -fake-name Big . Big +//go:generate counterfeiter -o mock/ecp.go -fake-name Ecp . Ecp +//go:generate counterfeiter -o mock/credrequest.go -fake-name CredRequest . CredRequest +//go:generate counterfeiter -o mock/credential.go -fake-name Credential . Credential +//go:generate counterfeiter -o mock/revocation.go -fake-name Revocation . Revocation +//go:generate counterfeiter -o mock/signature_scheme.go -fake-name SignatureScheme . SignatureScheme +//go:generate counterfeiter -o mock/nymsignature_scheme.go -fake-name NymSignatureScheme . NymSignatureScheme + +func TestPlain(t *testing.T) { + RegisterFailHandler(Fail) + RunSpecs(t, "Plain Suite") +} diff --git a/bccsp/idemix/issuer.go b/bccsp/idemix/handlers/issuer.go similarity index 99% rename from bccsp/idemix/issuer.go rename to bccsp/idemix/handlers/issuer.go index 0360ed57f50..020129b64d9 100644 --- a/bccsp/idemix/issuer.go +++ b/bccsp/idemix/handlers/issuer.go @@ -3,7 +3,7 @@ Copyright IBM Corp. All Rights Reserved. SPDX-License-Identifier: Apache-2.0 */ -package idemix +package handlers import ( "crypto/sha256" diff --git a/bccsp/idemix/issuer_test.go b/bccsp/idemix/handlers/issuer_test.go similarity index 89% rename from bccsp/idemix/issuer_test.go rename to bccsp/idemix/handlers/issuer_test.go index 259f1267e2b..581e496b2aa 100644 --- a/bccsp/idemix/issuer_test.go +++ b/bccsp/idemix/handlers/issuer_test.go @@ -3,14 +3,15 @@ Copyright IBM Corp. All Rights Reserved. SPDX-License-Identifier: Apache-2.0 */ -package idemix_test +package handlers_test import ( "crypto/sha256" + "github.com/hyperledger/fabric/bccsp/idemix/handlers" + "github.com/hyperledger/fabric/bccsp" - "github.com/hyperledger/fabric/bccsp/idemix" - "github.com/hyperledger/fabric/bccsp/idemix/mock" + "github.com/hyperledger/fabric/bccsp/idemix/handlers/mock" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" "github.com/pkg/errors" @@ -20,7 +21,7 @@ var _ = Describe("Issuer", func() { Describe("when creating an issuer key-pair", func() { var ( - IssuerKeyGen *idemix.IssuerKeyGen + IssuerKeyGen *handlers.IssuerKeyGen fakeIssuer *mock.Issuer IssuerSecretKey bccsp.Key @@ -29,7 +30,7 @@ var _ = Describe("Issuer", func() { BeforeEach(func() { fakeIssuer = &mock.Issuer{} - IssuerKeyGen = &idemix.IssuerKeyGen{} + IssuerKeyGen = &handlers.IssuerKeyGen{} IssuerKeyGen.Issuer = fakeIssuer }) @@ -57,7 +58,7 @@ var _ = Describe("Issuer", func() { Expect(err).NotTo(HaveOccurred()) fakeIssuer.NewKeyReturns(fakeIssuerSecretKey, nil) - IssuerSecretKey = idemix.NewIssuerSecretKey(fakeIssuerSecretKey, false) + IssuerSecretKey = handlers.NewIssuerSecretKey(fakeIssuerSecretKey, false) }) AfterEach(func() { @@ -86,7 +87,7 @@ var _ = Describe("Issuer", func() { Context("and the secret key is exportable", func() { BeforeEach(func() { IssuerKeyGen.Exportable = true - IssuerSecretKey = idemix.NewIssuerSecretKey(fakeIssuerSecretKey, true) + IssuerSecretKey = handlers.NewIssuerSecretKey(fakeIssuerSecretKey, true) }) It("returns no error and a key", func() { @@ -105,7 +106,7 @@ var _ = Describe("Issuer", func() { Context("and the secret key is not exportable", func() { BeforeEach(func() { IssuerKeyGen.Exportable = false - IssuerSecretKey = idemix.NewIssuerSecretKey(fakeIssuerSecretKey, false) + IssuerSecretKey = handlers.NewIssuerSecretKey(fakeIssuerSecretKey, false) }) It("returns no error and a key", func() { diff --git a/bccsp/idemix/mock/big.go b/bccsp/idemix/handlers/mock/big.go similarity index 96% rename from bccsp/idemix/mock/big.go rename to bccsp/idemix/handlers/mock/big.go index 65417cf09d9..5730fb807c6 100644 --- a/bccsp/idemix/mock/big.go +++ b/bccsp/idemix/handlers/mock/big.go @@ -4,7 +4,7 @@ package mock import ( "sync" - "github.com/hyperledger/fabric/bccsp/idemix" + "github.com/hyperledger/fabric/bccsp/idemix/handlers" ) type Big struct { @@ -90,4 +90,4 @@ func (fake *Big) recordInvocation(key string, args []interface{}) { fake.invocations[key] = append(fake.invocations[key], args) } -var _ idemix.Big = new(Big) +var _ handlers.Big = new(Big) diff --git a/bccsp/idemix/mock/credential.go b/bccsp/idemix/handlers/mock/credential.go similarity index 81% rename from bccsp/idemix/mock/credential.go rename to bccsp/idemix/handlers/mock/credential.go index 90d3ed5d41f..faccd9154a0 100644 --- a/bccsp/idemix/mock/credential.go +++ b/bccsp/idemix/handlers/mock/credential.go @@ -5,14 +5,14 @@ import ( "sync" "github.com/hyperledger/fabric/bccsp" - "github.com/hyperledger/fabric/bccsp/idemix" + "github.com/hyperledger/fabric/bccsp/idemix/handlers" ) type Credential struct { - SignStub func(key idemix.IssuerSecretKey, credentialRequest []byte, attributes []bccsp.IdemixAttribute) ([]byte, error) + SignStub func(key handlers.IssuerSecretKey, credentialRequest []byte, attributes []bccsp.IdemixAttribute) ([]byte, error) signMutex sync.RWMutex signArgsForCall []struct { - key idemix.IssuerSecretKey + key handlers.IssuerSecretKey credentialRequest []byte attributes []bccsp.IdemixAttribute } @@ -24,11 +24,11 @@ type Credential struct { result1 []byte result2 error } - VerifyStub func(sk idemix.Big, ipk idemix.IssuerPublicKey, credential []byte, attributes []bccsp.IdemixAttribute) error + VerifyStub func(sk handlers.Big, ipk handlers.IssuerPublicKey, credential []byte, attributes []bccsp.IdemixAttribute) error verifyMutex sync.RWMutex verifyArgsForCall []struct { - sk idemix.Big - ipk idemix.IssuerPublicKey + sk handlers.Big + ipk handlers.IssuerPublicKey credential []byte attributes []bccsp.IdemixAttribute } @@ -42,7 +42,7 @@ type Credential struct { invocationsMutex sync.RWMutex } -func (fake *Credential) Sign(key idemix.IssuerSecretKey, credentialRequest []byte, attributes []bccsp.IdemixAttribute) ([]byte, error) { +func (fake *Credential) Sign(key handlers.IssuerSecretKey, credentialRequest []byte, attributes []bccsp.IdemixAttribute) ([]byte, error) { var credentialRequestCopy []byte if credentialRequest != nil { credentialRequestCopy = make([]byte, len(credentialRequest)) @@ -56,7 +56,7 @@ func (fake *Credential) Sign(key idemix.IssuerSecretKey, credentialRequest []byt fake.signMutex.Lock() ret, specificReturn := fake.signReturnsOnCall[len(fake.signArgsForCall)] fake.signArgsForCall = append(fake.signArgsForCall, struct { - key idemix.IssuerSecretKey + key handlers.IssuerSecretKey credentialRequest []byte attributes []bccsp.IdemixAttribute }{key, credentialRequestCopy, attributesCopy}) @@ -77,7 +77,7 @@ func (fake *Credential) SignCallCount() int { return len(fake.signArgsForCall) } -func (fake *Credential) SignArgsForCall(i int) (idemix.IssuerSecretKey, []byte, []bccsp.IdemixAttribute) { +func (fake *Credential) SignArgsForCall(i int) (handlers.IssuerSecretKey, []byte, []bccsp.IdemixAttribute) { fake.signMutex.RLock() defer fake.signMutex.RUnlock() return fake.signArgsForCall[i].key, fake.signArgsForCall[i].credentialRequest, fake.signArgsForCall[i].attributes @@ -105,7 +105,7 @@ func (fake *Credential) SignReturnsOnCall(i int, result1 []byte, result2 error) }{result1, result2} } -func (fake *Credential) Verify(sk idemix.Big, ipk idemix.IssuerPublicKey, credential []byte, attributes []bccsp.IdemixAttribute) error { +func (fake *Credential) Verify(sk handlers.Big, ipk handlers.IssuerPublicKey, credential []byte, attributes []bccsp.IdemixAttribute) error { var credentialCopy []byte if credential != nil { credentialCopy = make([]byte, len(credential)) @@ -119,8 +119,8 @@ func (fake *Credential) Verify(sk idemix.Big, ipk idemix.IssuerPublicKey, creden fake.verifyMutex.Lock() ret, specificReturn := fake.verifyReturnsOnCall[len(fake.verifyArgsForCall)] fake.verifyArgsForCall = append(fake.verifyArgsForCall, struct { - sk idemix.Big - ipk idemix.IssuerPublicKey + sk handlers.Big + ipk handlers.IssuerPublicKey credential []byte attributes []bccsp.IdemixAttribute }{sk, ipk, credentialCopy, attributesCopy}) @@ -141,7 +141,7 @@ func (fake *Credential) VerifyCallCount() int { return len(fake.verifyArgsForCall) } -func (fake *Credential) VerifyArgsForCall(i int) (idemix.Big, idemix.IssuerPublicKey, []byte, []bccsp.IdemixAttribute) { +func (fake *Credential) VerifyArgsForCall(i int) (handlers.Big, handlers.IssuerPublicKey, []byte, []bccsp.IdemixAttribute) { fake.verifyMutex.RLock() defer fake.verifyMutex.RUnlock() return fake.verifyArgsForCall[i].sk, fake.verifyArgsForCall[i].ipk, fake.verifyArgsForCall[i].credential, fake.verifyArgsForCall[i].attributes @@ -192,4 +192,4 @@ func (fake *Credential) recordInvocation(key string, args []interface{}) { fake.invocations[key] = append(fake.invocations[key], args) } -var _ idemix.Credential = new(Credential) +var _ handlers.Credential = new(Credential) diff --git a/bccsp/idemix/mock/credrequest.go b/bccsp/idemix/handlers/mock/credrequest.go similarity index 82% rename from bccsp/idemix/mock/credrequest.go rename to bccsp/idemix/handlers/mock/credrequest.go index a5bce368450..d19e673299c 100644 --- a/bccsp/idemix/mock/credrequest.go +++ b/bccsp/idemix/handlers/mock/credrequest.go @@ -4,15 +4,15 @@ package mock import ( "sync" - "github.com/hyperledger/fabric/bccsp/idemix" + "github.com/hyperledger/fabric/bccsp/idemix/handlers" ) type CredRequest struct { - SignStub func(sk idemix.Big, ipk idemix.IssuerPublicKey) ([]byte, error) + SignStub func(sk handlers.Big, ipk handlers.IssuerPublicKey) ([]byte, error) signMutex sync.RWMutex signArgsForCall []struct { - sk idemix.Big - ipk idemix.IssuerPublicKey + sk handlers.Big + ipk handlers.IssuerPublicKey } signReturns struct { result1 []byte @@ -22,11 +22,11 @@ type CredRequest struct { result1 []byte result2 error } - VerifyStub func(credRequest []byte, ipk idemix.IssuerPublicKey) error + VerifyStub func(credRequest []byte, ipk handlers.IssuerPublicKey) error verifyMutex sync.RWMutex verifyArgsForCall []struct { credRequest []byte - ipk idemix.IssuerPublicKey + ipk handlers.IssuerPublicKey } verifyReturns struct { result1 error @@ -38,12 +38,12 @@ type CredRequest struct { invocationsMutex sync.RWMutex } -func (fake *CredRequest) Sign(sk idemix.Big, ipk idemix.IssuerPublicKey) ([]byte, error) { +func (fake *CredRequest) Sign(sk handlers.Big, ipk handlers.IssuerPublicKey) ([]byte, error) { fake.signMutex.Lock() ret, specificReturn := fake.signReturnsOnCall[len(fake.signArgsForCall)] fake.signArgsForCall = append(fake.signArgsForCall, struct { - sk idemix.Big - ipk idemix.IssuerPublicKey + sk handlers.Big + ipk handlers.IssuerPublicKey }{sk, ipk}) fake.recordInvocation("Sign", []interface{}{sk, ipk}) fake.signMutex.Unlock() @@ -62,7 +62,7 @@ func (fake *CredRequest) SignCallCount() int { return len(fake.signArgsForCall) } -func (fake *CredRequest) SignArgsForCall(i int) (idemix.Big, idemix.IssuerPublicKey) { +func (fake *CredRequest) SignArgsForCall(i int) (handlers.Big, handlers.IssuerPublicKey) { fake.signMutex.RLock() defer fake.signMutex.RUnlock() return fake.signArgsForCall[i].sk, fake.signArgsForCall[i].ipk @@ -90,7 +90,7 @@ func (fake *CredRequest) SignReturnsOnCall(i int, result1 []byte, result2 error) }{result1, result2} } -func (fake *CredRequest) Verify(credRequest []byte, ipk idemix.IssuerPublicKey) error { +func (fake *CredRequest) Verify(credRequest []byte, ipk handlers.IssuerPublicKey) error { var credRequestCopy []byte if credRequest != nil { credRequestCopy = make([]byte, len(credRequest)) @@ -100,7 +100,7 @@ func (fake *CredRequest) Verify(credRequest []byte, ipk idemix.IssuerPublicKey) ret, specificReturn := fake.verifyReturnsOnCall[len(fake.verifyArgsForCall)] fake.verifyArgsForCall = append(fake.verifyArgsForCall, struct { credRequest []byte - ipk idemix.IssuerPublicKey + ipk handlers.IssuerPublicKey }{credRequestCopy, ipk}) fake.recordInvocation("Verify", []interface{}{credRequestCopy, ipk}) fake.verifyMutex.Unlock() @@ -119,7 +119,7 @@ func (fake *CredRequest) VerifyCallCount() int { return len(fake.verifyArgsForCall) } -func (fake *CredRequest) VerifyArgsForCall(i int) ([]byte, idemix.IssuerPublicKey) { +func (fake *CredRequest) VerifyArgsForCall(i int) ([]byte, handlers.IssuerPublicKey) { fake.verifyMutex.RLock() defer fake.verifyMutex.RUnlock() return fake.verifyArgsForCall[i].credRequest, fake.verifyArgsForCall[i].ipk @@ -170,4 +170,4 @@ func (fake *CredRequest) recordInvocation(key string, args []interface{}) { fake.invocations[key] = append(fake.invocations[key], args) } -var _ idemix.CredRequest = new(CredRequest) +var _ handlers.CredRequest = new(CredRequest) diff --git a/bccsp/idemix/mock/ecp.go b/bccsp/idemix/handlers/mock/ecp.go similarity index 96% rename from bccsp/idemix/mock/ecp.go rename to bccsp/idemix/handlers/mock/ecp.go index bad2105df4f..90db59f0745 100644 --- a/bccsp/idemix/mock/ecp.go +++ b/bccsp/idemix/handlers/mock/ecp.go @@ -4,7 +4,7 @@ package mock import ( "sync" - "github.com/hyperledger/fabric/bccsp/idemix" + "github.com/hyperledger/fabric/bccsp/idemix/handlers" ) type Ecp struct { @@ -90,4 +90,4 @@ func (fake *Ecp) recordInvocation(key string, args []interface{}) { fake.invocations[key] = append(fake.invocations[key], args) } -var _ idemix.Ecp = new(Ecp) +var _ handlers.Ecp = new(Ecp) diff --git a/bccsp/idemix/mock/issuer.go b/bccsp/idemix/handlers/mock/issuer.go similarity index 79% rename from bccsp/idemix/mock/issuer.go rename to bccsp/idemix/handlers/mock/issuer.go index e9339a7b236..3060dc0fbad 100644 --- a/bccsp/idemix/mock/issuer.go +++ b/bccsp/idemix/handlers/mock/issuer.go @@ -4,28 +4,28 @@ package mock import ( "sync" - "github.com/hyperledger/fabric/bccsp/idemix" + "github.com/hyperledger/fabric/bccsp/idemix/handlers" ) type Issuer struct { - NewKeyStub func(AttributeNames []string) (idemix.IssuerSecretKey, error) + NewKeyStub func(AttributeNames []string) (handlers.IssuerSecretKey, error) newKeyMutex sync.RWMutex newKeyArgsForCall []struct { AttributeNames []string } newKeyReturns struct { - result1 idemix.IssuerSecretKey + result1 handlers.IssuerSecretKey result2 error } newKeyReturnsOnCall map[int]struct { - result1 idemix.IssuerSecretKey + result1 handlers.IssuerSecretKey result2 error } invocations map[string][][]interface{} invocationsMutex sync.RWMutex } -func (fake *Issuer) NewKey(AttributeNames []string) (idemix.IssuerSecretKey, error) { +func (fake *Issuer) NewKey(AttributeNames []string) (handlers.IssuerSecretKey, error) { var AttributeNamesCopy []string if AttributeNames != nil { AttributeNamesCopy = make([]string, len(AttributeNames)) @@ -59,24 +59,24 @@ func (fake *Issuer) NewKeyArgsForCall(i int) []string { return fake.newKeyArgsForCall[i].AttributeNames } -func (fake *Issuer) NewKeyReturns(result1 idemix.IssuerSecretKey, result2 error) { +func (fake *Issuer) NewKeyReturns(result1 handlers.IssuerSecretKey, result2 error) { fake.NewKeyStub = nil fake.newKeyReturns = struct { - result1 idemix.IssuerSecretKey + result1 handlers.IssuerSecretKey result2 error }{result1, result2} } -func (fake *Issuer) NewKeyReturnsOnCall(i int, result1 idemix.IssuerSecretKey, result2 error) { +func (fake *Issuer) NewKeyReturnsOnCall(i int, result1 handlers.IssuerSecretKey, result2 error) { fake.NewKeyStub = nil if fake.newKeyReturnsOnCall == nil { fake.newKeyReturnsOnCall = make(map[int]struct { - result1 idemix.IssuerSecretKey + result1 handlers.IssuerSecretKey result2 error }) } fake.newKeyReturnsOnCall[i] = struct { - result1 idemix.IssuerSecretKey + result1 handlers.IssuerSecretKey result2 error }{result1, result2} } @@ -105,4 +105,4 @@ func (fake *Issuer) recordInvocation(key string, args []interface{}) { fake.invocations[key] = append(fake.invocations[key], args) } -var _ idemix.Issuer = new(Issuer) +var _ handlers.Issuer = new(Issuer) diff --git a/bccsp/idemix/mock/issuer_public_key.go b/bccsp/idemix/handlers/mock/issuer_public_key.go similarity index 95% rename from bccsp/idemix/mock/issuer_public_key.go rename to bccsp/idemix/handlers/mock/issuer_public_key.go index 65d96c205ca..37ef56953f1 100644 --- a/bccsp/idemix/mock/issuer_public_key.go +++ b/bccsp/idemix/handlers/mock/issuer_public_key.go @@ -4,7 +4,7 @@ package mock import ( "sync" - "github.com/hyperledger/fabric/bccsp/idemix" + "github.com/hyperledger/fabric/bccsp/idemix/handlers" ) type IssuerPublicKey struct { @@ -90,4 +90,4 @@ func (fake *IssuerPublicKey) recordInvocation(key string, args []interface{}) { fake.invocations[key] = append(fake.invocations[key], args) } -var _ idemix.IssuerPublicKey = new(IssuerPublicKey) +var _ handlers.IssuerPublicKey = new(IssuerPublicKey) diff --git a/bccsp/idemix/mock/issuer_secret_key.go b/bccsp/idemix/handlers/mock/issuer_secret_key.go similarity index 86% rename from bccsp/idemix/mock/issuer_secret_key.go rename to bccsp/idemix/handlers/mock/issuer_secret_key.go index 957aabf3ae2..d7355799270 100644 --- a/bccsp/idemix/mock/issuer_secret_key.go +++ b/bccsp/idemix/handlers/mock/issuer_secret_key.go @@ -4,7 +4,7 @@ package mock import ( "sync" - "github.com/hyperledger/fabric/bccsp/idemix" + "github.com/hyperledger/fabric/bccsp/idemix/handlers" ) type IssuerSecretKey struct { @@ -19,14 +19,14 @@ type IssuerSecretKey struct { result1 []byte result2 error } - PublicStub func() idemix.IssuerPublicKey + PublicStub func() handlers.IssuerPublicKey publicMutex sync.RWMutex publicArgsForCall []struct{} publicReturns struct { - result1 idemix.IssuerPublicKey + result1 handlers.IssuerPublicKey } publicReturnsOnCall map[int]struct { - result1 idemix.IssuerPublicKey + result1 handlers.IssuerPublicKey } invocations map[string][][]interface{} invocationsMutex sync.RWMutex @@ -75,7 +75,7 @@ func (fake *IssuerSecretKey) BytesReturnsOnCall(i int, result1 []byte, result2 e }{result1, result2} } -func (fake *IssuerSecretKey) Public() idemix.IssuerPublicKey { +func (fake *IssuerSecretKey) Public() handlers.IssuerPublicKey { fake.publicMutex.Lock() ret, specificReturn := fake.publicReturnsOnCall[len(fake.publicArgsForCall)] fake.publicArgsForCall = append(fake.publicArgsForCall, struct{}{}) @@ -96,22 +96,22 @@ func (fake *IssuerSecretKey) PublicCallCount() int { return len(fake.publicArgsForCall) } -func (fake *IssuerSecretKey) PublicReturns(result1 idemix.IssuerPublicKey) { +func (fake *IssuerSecretKey) PublicReturns(result1 handlers.IssuerPublicKey) { fake.PublicStub = nil fake.publicReturns = struct { - result1 idemix.IssuerPublicKey + result1 handlers.IssuerPublicKey }{result1} } -func (fake *IssuerSecretKey) PublicReturnsOnCall(i int, result1 idemix.IssuerPublicKey) { +func (fake *IssuerSecretKey) PublicReturnsOnCall(i int, result1 handlers.IssuerPublicKey) { fake.PublicStub = nil if fake.publicReturnsOnCall == nil { fake.publicReturnsOnCall = make(map[int]struct { - result1 idemix.IssuerPublicKey + result1 handlers.IssuerPublicKey }) } fake.publicReturnsOnCall[i] = struct { - result1 idemix.IssuerPublicKey + result1 handlers.IssuerPublicKey }{result1} } @@ -141,4 +141,4 @@ func (fake *IssuerSecretKey) recordInvocation(key string, args []interface{}) { fake.invocations[key] = append(fake.invocations[key], args) } -var _ idemix.IssuerSecretKey = new(IssuerSecretKey) +var _ handlers.IssuerSecretKey = new(IssuerSecretKey) diff --git a/bccsp/idemix/mock/nymsignature_scheme.go b/bccsp/idemix/handlers/mock/nymsignature_scheme.go similarity index 78% rename from bccsp/idemix/mock/nymsignature_scheme.go rename to bccsp/idemix/handlers/mock/nymsignature_scheme.go index fd694e104fc..358dd27e4cf 100644 --- a/bccsp/idemix/mock/nymsignature_scheme.go +++ b/bccsp/idemix/handlers/mock/nymsignature_scheme.go @@ -4,17 +4,17 @@ package mock import ( "sync" - "github.com/hyperledger/fabric/bccsp/idemix" + "github.com/hyperledger/fabric/bccsp/idemix/handlers" ) type NymSignatureScheme struct { - SignStub func(sk idemix.Big, Nym idemix.Ecp, RNym idemix.Big, ipk idemix.IssuerPublicKey, digest []byte) ([]byte, error) + SignStub func(sk handlers.Big, Nym handlers.Ecp, RNym handlers.Big, ipk handlers.IssuerPublicKey, digest []byte) ([]byte, error) signMutex sync.RWMutex signArgsForCall []struct { - sk idemix.Big - Nym idemix.Ecp - RNym idemix.Big - ipk idemix.IssuerPublicKey + sk handlers.Big + Nym handlers.Ecp + RNym handlers.Big + ipk handlers.IssuerPublicKey digest []byte } signReturns struct { @@ -25,11 +25,11 @@ type NymSignatureScheme struct { result1 []byte result2 error } - VerifyStub func(pk idemix.IssuerPublicKey, Nym idemix.Ecp, signature, digest []byte) error + VerifyStub func(pk handlers.IssuerPublicKey, Nym handlers.Ecp, signature, digest []byte) error verifyMutex sync.RWMutex verifyArgsForCall []struct { - pk idemix.IssuerPublicKey - Nym idemix.Ecp + pk handlers.IssuerPublicKey + Nym handlers.Ecp signature []byte digest []byte } @@ -43,7 +43,7 @@ type NymSignatureScheme struct { invocationsMutex sync.RWMutex } -func (fake *NymSignatureScheme) Sign(sk idemix.Big, Nym idemix.Ecp, RNym idemix.Big, ipk idemix.IssuerPublicKey, digest []byte) ([]byte, error) { +func (fake *NymSignatureScheme) Sign(sk handlers.Big, Nym handlers.Ecp, RNym handlers.Big, ipk handlers.IssuerPublicKey, digest []byte) ([]byte, error) { var digestCopy []byte if digest != nil { digestCopy = make([]byte, len(digest)) @@ -52,10 +52,10 @@ func (fake *NymSignatureScheme) Sign(sk idemix.Big, Nym idemix.Ecp, RNym idemix. fake.signMutex.Lock() ret, specificReturn := fake.signReturnsOnCall[len(fake.signArgsForCall)] fake.signArgsForCall = append(fake.signArgsForCall, struct { - sk idemix.Big - Nym idemix.Ecp - RNym idemix.Big - ipk idemix.IssuerPublicKey + sk handlers.Big + Nym handlers.Ecp + RNym handlers.Big + ipk handlers.IssuerPublicKey digest []byte }{sk, Nym, RNym, ipk, digestCopy}) fake.recordInvocation("Sign", []interface{}{sk, Nym, RNym, ipk, digestCopy}) @@ -75,7 +75,7 @@ func (fake *NymSignatureScheme) SignCallCount() int { return len(fake.signArgsForCall) } -func (fake *NymSignatureScheme) SignArgsForCall(i int) (idemix.Big, idemix.Ecp, idemix.Big, idemix.IssuerPublicKey, []byte) { +func (fake *NymSignatureScheme) SignArgsForCall(i int) (handlers.Big, handlers.Ecp, handlers.Big, handlers.IssuerPublicKey, []byte) { fake.signMutex.RLock() defer fake.signMutex.RUnlock() return fake.signArgsForCall[i].sk, fake.signArgsForCall[i].Nym, fake.signArgsForCall[i].RNym, fake.signArgsForCall[i].ipk, fake.signArgsForCall[i].digest @@ -103,7 +103,7 @@ func (fake *NymSignatureScheme) SignReturnsOnCall(i int, result1 []byte, result2 }{result1, result2} } -func (fake *NymSignatureScheme) Verify(pk idemix.IssuerPublicKey, Nym idemix.Ecp, signature []byte, digest []byte) error { +func (fake *NymSignatureScheme) Verify(pk handlers.IssuerPublicKey, Nym handlers.Ecp, signature []byte, digest []byte) error { var signatureCopy []byte if signature != nil { signatureCopy = make([]byte, len(signature)) @@ -117,8 +117,8 @@ func (fake *NymSignatureScheme) Verify(pk idemix.IssuerPublicKey, Nym idemix.Ecp fake.verifyMutex.Lock() ret, specificReturn := fake.verifyReturnsOnCall[len(fake.verifyArgsForCall)] fake.verifyArgsForCall = append(fake.verifyArgsForCall, struct { - pk idemix.IssuerPublicKey - Nym idemix.Ecp + pk handlers.IssuerPublicKey + Nym handlers.Ecp signature []byte digest []byte }{pk, Nym, signatureCopy, digestCopy}) @@ -139,7 +139,7 @@ func (fake *NymSignatureScheme) VerifyCallCount() int { return len(fake.verifyArgsForCall) } -func (fake *NymSignatureScheme) VerifyArgsForCall(i int) (idemix.IssuerPublicKey, idemix.Ecp, []byte, []byte) { +func (fake *NymSignatureScheme) VerifyArgsForCall(i int) (handlers.IssuerPublicKey, handlers.Ecp, []byte, []byte) { fake.verifyMutex.RLock() defer fake.verifyMutex.RUnlock() return fake.verifyArgsForCall[i].pk, fake.verifyArgsForCall[i].Nym, fake.verifyArgsForCall[i].signature, fake.verifyArgsForCall[i].digest @@ -190,4 +190,4 @@ func (fake *NymSignatureScheme) recordInvocation(key string, args []interface{}) fake.invocations[key] = append(fake.invocations[key], args) } -var _ idemix.NymSignatureScheme = new(NymSignatureScheme) +var _ handlers.NymSignatureScheme = new(NymSignatureScheme) diff --git a/bccsp/idemix/mock/revocation.go b/bccsp/idemix/handlers/mock/revocation.go similarity index 98% rename from bccsp/idemix/mock/revocation.go rename to bccsp/idemix/handlers/mock/revocation.go index 94c78faa1c3..0b71708cec1 100644 --- a/bccsp/idemix/mock/revocation.go +++ b/bccsp/idemix/handlers/mock/revocation.go @@ -6,7 +6,7 @@ import ( "sync" "github.com/hyperledger/fabric/bccsp" - "github.com/hyperledger/fabric/bccsp/idemix" + "github.com/hyperledger/fabric/bccsp/idemix/handlers" ) type Revocation struct { @@ -241,4 +241,4 @@ func (fake *Revocation) recordInvocation(key string, args []interface{}) { fake.invocations[key] = append(fake.invocations[key], args) } -var _ idemix.Revocation = new(Revocation) +var _ handlers.Revocation = new(Revocation) diff --git a/bccsp/idemix/mock/signature_scheme.go b/bccsp/idemix/handlers/mock/signature_scheme.go similarity index 79% rename from bccsp/idemix/mock/signature_scheme.go rename to bccsp/idemix/handlers/mock/signature_scheme.go index af435dfff87..4e7a5197fd8 100644 --- a/bccsp/idemix/mock/signature_scheme.go +++ b/bccsp/idemix/handlers/mock/signature_scheme.go @@ -6,18 +6,18 @@ import ( "sync" "github.com/hyperledger/fabric/bccsp" - "github.com/hyperledger/fabric/bccsp/idemix" + "github.com/hyperledger/fabric/bccsp/idemix/handlers" ) type SignatureScheme struct { - SignStub func(cred []byte, sk idemix.Big, Nym idemix.Ecp, RNym idemix.Big, ipk idemix.IssuerPublicKey, attributes []bccsp.IdemixAttribute, msg []byte, rhIndex int, cri []byte) ([]byte, error) + SignStub func(cred []byte, sk handlers.Big, Nym handlers.Ecp, RNym handlers.Big, ipk handlers.IssuerPublicKey, attributes []bccsp.IdemixAttribute, msg []byte, rhIndex int, cri []byte) ([]byte, error) signMutex sync.RWMutex signArgsForCall []struct { cred []byte - sk idemix.Big - Nym idemix.Ecp - RNym idemix.Big - ipk idemix.IssuerPublicKey + sk handlers.Big + Nym handlers.Ecp + RNym handlers.Big + ipk handlers.IssuerPublicKey attributes []bccsp.IdemixAttribute msg []byte rhIndex int @@ -31,10 +31,10 @@ type SignatureScheme struct { result1 []byte result2 error } - VerifyStub func(pk idemix.IssuerPublicKey, signature, digest []byte, attributes []bccsp.IdemixAttribute, hIndex int, revocationPublicKey *ecdsa.PublicKey, epoch int) error + VerifyStub func(pk handlers.IssuerPublicKey, signature, digest []byte, attributes []bccsp.IdemixAttribute, hIndex int, revocationPublicKey *ecdsa.PublicKey, epoch int) error verifyMutex sync.RWMutex verifyArgsForCall []struct { - pk idemix.IssuerPublicKey + pk handlers.IssuerPublicKey signature []byte digest []byte attributes []bccsp.IdemixAttribute @@ -52,7 +52,7 @@ type SignatureScheme struct { invocationsMutex sync.RWMutex } -func (fake *SignatureScheme) Sign(cred []byte, sk idemix.Big, Nym idemix.Ecp, RNym idemix.Big, ipk idemix.IssuerPublicKey, attributes []bccsp.IdemixAttribute, msg []byte, rhIndex int, cri []byte) ([]byte, error) { +func (fake *SignatureScheme) Sign(cred []byte, sk handlers.Big, Nym handlers.Ecp, RNym handlers.Big, ipk handlers.IssuerPublicKey, attributes []bccsp.IdemixAttribute, msg []byte, rhIndex int, cri []byte) ([]byte, error) { var credCopy []byte if cred != nil { credCopy = make([]byte, len(cred)) @@ -77,10 +77,10 @@ func (fake *SignatureScheme) Sign(cred []byte, sk idemix.Big, Nym idemix.Ecp, RN ret, specificReturn := fake.signReturnsOnCall[len(fake.signArgsForCall)] fake.signArgsForCall = append(fake.signArgsForCall, struct { cred []byte - sk idemix.Big - Nym idemix.Ecp - RNym idemix.Big - ipk idemix.IssuerPublicKey + sk handlers.Big + Nym handlers.Ecp + RNym handlers.Big + ipk handlers.IssuerPublicKey attributes []bccsp.IdemixAttribute msg []byte rhIndex int @@ -103,7 +103,7 @@ func (fake *SignatureScheme) SignCallCount() int { return len(fake.signArgsForCall) } -func (fake *SignatureScheme) SignArgsForCall(i int) ([]byte, idemix.Big, idemix.Ecp, idemix.Big, idemix.IssuerPublicKey, []bccsp.IdemixAttribute, []byte, int, []byte) { +func (fake *SignatureScheme) SignArgsForCall(i int) ([]byte, handlers.Big, handlers.Ecp, handlers.Big, handlers.IssuerPublicKey, []bccsp.IdemixAttribute, []byte, int, []byte) { fake.signMutex.RLock() defer fake.signMutex.RUnlock() return fake.signArgsForCall[i].cred, fake.signArgsForCall[i].sk, fake.signArgsForCall[i].Nym, fake.signArgsForCall[i].RNym, fake.signArgsForCall[i].ipk, fake.signArgsForCall[i].attributes, fake.signArgsForCall[i].msg, fake.signArgsForCall[i].rhIndex, fake.signArgsForCall[i].cri @@ -131,7 +131,7 @@ func (fake *SignatureScheme) SignReturnsOnCall(i int, result1 []byte, result2 er }{result1, result2} } -func (fake *SignatureScheme) Verify(pk idemix.IssuerPublicKey, signature []byte, digest []byte, attributes []bccsp.IdemixAttribute, hIndex int, revocationPublicKey *ecdsa.PublicKey, epoch int) error { +func (fake *SignatureScheme) Verify(pk handlers.IssuerPublicKey, signature []byte, digest []byte, attributes []bccsp.IdemixAttribute, hIndex int, revocationPublicKey *ecdsa.PublicKey, epoch int) error { var signatureCopy []byte if signature != nil { signatureCopy = make([]byte, len(signature)) @@ -150,7 +150,7 @@ func (fake *SignatureScheme) Verify(pk idemix.IssuerPublicKey, signature []byte, fake.verifyMutex.Lock() ret, specificReturn := fake.verifyReturnsOnCall[len(fake.verifyArgsForCall)] fake.verifyArgsForCall = append(fake.verifyArgsForCall, struct { - pk idemix.IssuerPublicKey + pk handlers.IssuerPublicKey signature []byte digest []byte attributes []bccsp.IdemixAttribute @@ -175,7 +175,7 @@ func (fake *SignatureScheme) VerifyCallCount() int { return len(fake.verifyArgsForCall) } -func (fake *SignatureScheme) VerifyArgsForCall(i int) (idemix.IssuerPublicKey, []byte, []byte, []bccsp.IdemixAttribute, int, *ecdsa.PublicKey, int) { +func (fake *SignatureScheme) VerifyArgsForCall(i int) (handlers.IssuerPublicKey, []byte, []byte, []bccsp.IdemixAttribute, int, *ecdsa.PublicKey, int) { fake.verifyMutex.RLock() defer fake.verifyMutex.RUnlock() return fake.verifyArgsForCall[i].pk, fake.verifyArgsForCall[i].signature, fake.verifyArgsForCall[i].digest, fake.verifyArgsForCall[i].attributes, fake.verifyArgsForCall[i].hIndex, fake.verifyArgsForCall[i].revocationPublicKey, fake.verifyArgsForCall[i].epoch @@ -226,4 +226,4 @@ func (fake *SignatureScheme) recordInvocation(key string, args []interface{}) { fake.invocations[key] = append(fake.invocations[key], args) } -var _ idemix.SignatureScheme = new(SignatureScheme) +var _ handlers.SignatureScheme = new(SignatureScheme) diff --git a/bccsp/idemix/mock/user.go b/bccsp/idemix/handlers/mock/user.go similarity index 71% rename from bccsp/idemix/mock/user.go rename to bccsp/idemix/handlers/mock/user.go index 3f38e6ff230..231af381ca7 100644 --- a/bccsp/idemix/mock/user.go +++ b/bccsp/idemix/handlers/mock/user.go @@ -4,42 +4,42 @@ package mock import ( "sync" - "github.com/hyperledger/fabric/bccsp/idemix" + "github.com/hyperledger/fabric/bccsp/idemix/handlers" ) type User struct { - NewKeyStub func() (idemix.Big, error) + NewKeyStub func() (handlers.Big, error) newKeyMutex sync.RWMutex newKeyArgsForCall []struct{} newKeyReturns struct { - result1 idemix.Big + result1 handlers.Big result2 error } newKeyReturnsOnCall map[int]struct { - result1 idemix.Big + result1 handlers.Big result2 error } - MakeNymStub func(sk idemix.Big, key idemix.IssuerPublicKey) (idemix.Ecp, idemix.Big, error) + MakeNymStub func(sk handlers.Big, key handlers.IssuerPublicKey) (handlers.Ecp, handlers.Big, error) makeNymMutex sync.RWMutex makeNymArgsForCall []struct { - sk idemix.Big - key idemix.IssuerPublicKey + sk handlers.Big + key handlers.IssuerPublicKey } makeNymReturns struct { - result1 idemix.Ecp - result2 idemix.Big + result1 handlers.Ecp + result2 handlers.Big result3 error } makeNymReturnsOnCall map[int]struct { - result1 idemix.Ecp - result2 idemix.Big + result1 handlers.Ecp + result2 handlers.Big result3 error } invocations map[string][][]interface{} invocationsMutex sync.RWMutex } -func (fake *User) NewKey() (idemix.Big, error) { +func (fake *User) NewKey() (handlers.Big, error) { fake.newKeyMutex.Lock() ret, specificReturn := fake.newKeyReturnsOnCall[len(fake.newKeyArgsForCall)] fake.newKeyArgsForCall = append(fake.newKeyArgsForCall, struct{}{}) @@ -60,34 +60,34 @@ func (fake *User) NewKeyCallCount() int { return len(fake.newKeyArgsForCall) } -func (fake *User) NewKeyReturns(result1 idemix.Big, result2 error) { +func (fake *User) NewKeyReturns(result1 handlers.Big, result2 error) { fake.NewKeyStub = nil fake.newKeyReturns = struct { - result1 idemix.Big + result1 handlers.Big result2 error }{result1, result2} } -func (fake *User) NewKeyReturnsOnCall(i int, result1 idemix.Big, result2 error) { +func (fake *User) NewKeyReturnsOnCall(i int, result1 handlers.Big, result2 error) { fake.NewKeyStub = nil if fake.newKeyReturnsOnCall == nil { fake.newKeyReturnsOnCall = make(map[int]struct { - result1 idemix.Big + result1 handlers.Big result2 error }) } fake.newKeyReturnsOnCall[i] = struct { - result1 idemix.Big + result1 handlers.Big result2 error }{result1, result2} } -func (fake *User) MakeNym(sk idemix.Big, key idemix.IssuerPublicKey) (idemix.Ecp, idemix.Big, error) { +func (fake *User) MakeNym(sk handlers.Big, key handlers.IssuerPublicKey) (handlers.Ecp, handlers.Big, error) { fake.makeNymMutex.Lock() ret, specificReturn := fake.makeNymReturnsOnCall[len(fake.makeNymArgsForCall)] fake.makeNymArgsForCall = append(fake.makeNymArgsForCall, struct { - sk idemix.Big - key idemix.IssuerPublicKey + sk handlers.Big + key handlers.IssuerPublicKey }{sk, key}) fake.recordInvocation("MakeNym", []interface{}{sk, key}) fake.makeNymMutex.Unlock() @@ -106,33 +106,33 @@ func (fake *User) MakeNymCallCount() int { return len(fake.makeNymArgsForCall) } -func (fake *User) MakeNymArgsForCall(i int) (idemix.Big, idemix.IssuerPublicKey) { +func (fake *User) MakeNymArgsForCall(i int) (handlers.Big, handlers.IssuerPublicKey) { fake.makeNymMutex.RLock() defer fake.makeNymMutex.RUnlock() return fake.makeNymArgsForCall[i].sk, fake.makeNymArgsForCall[i].key } -func (fake *User) MakeNymReturns(result1 idemix.Ecp, result2 idemix.Big, result3 error) { +func (fake *User) MakeNymReturns(result1 handlers.Ecp, result2 handlers.Big, result3 error) { fake.MakeNymStub = nil fake.makeNymReturns = struct { - result1 idemix.Ecp - result2 idemix.Big + result1 handlers.Ecp + result2 handlers.Big result3 error }{result1, result2, result3} } -func (fake *User) MakeNymReturnsOnCall(i int, result1 idemix.Ecp, result2 idemix.Big, result3 error) { +func (fake *User) MakeNymReturnsOnCall(i int, result1 handlers.Ecp, result2 handlers.Big, result3 error) { fake.MakeNymStub = nil if fake.makeNymReturnsOnCall == nil { fake.makeNymReturnsOnCall = make(map[int]struct { - result1 idemix.Ecp - result2 idemix.Big + result1 handlers.Ecp + result2 handlers.Big result3 error }) } fake.makeNymReturnsOnCall[i] = struct { - result1 idemix.Ecp - result2 idemix.Big + result1 handlers.Ecp + result2 handlers.Big result3 error }{result1, result2, result3} } @@ -163,4 +163,4 @@ func (fake *User) recordInvocation(key string, args []interface{}) { fake.invocations[key] = append(fake.invocations[key], args) } -var _ idemix.User = new(User) +var _ handlers.User = new(User) diff --git a/bccsp/idemix/nym.go b/bccsp/idemix/handlers/nym.go similarity index 99% rename from bccsp/idemix/nym.go rename to bccsp/idemix/handlers/nym.go index 3f20e421916..3dd7014f07e 100644 --- a/bccsp/idemix/nym.go +++ b/bccsp/idemix/handlers/nym.go @@ -3,7 +3,7 @@ Copyright IBM Corp. All Rights Reserved. SPDX-License-Identifier: Apache-2.0 */ -package idemix +package handlers import ( "crypto/sha256" diff --git a/bccsp/idemix/nymsigner.go b/bccsp/idemix/handlers/nymsigner.go similarity index 99% rename from bccsp/idemix/nymsigner.go rename to bccsp/idemix/handlers/nymsigner.go index 6741d84b1cc..6517957274f 100644 --- a/bccsp/idemix/nymsigner.go +++ b/bccsp/idemix/handlers/nymsigner.go @@ -3,7 +3,7 @@ Copyright IBM Corp. All Rights Reserved. SPDX-License-Identifier: Apache-2.0 */ -package idemix +package handlers import ( "github.com/hyperledger/fabric/bccsp" diff --git a/bccsp/idemix/nymsigner_test.go b/bccsp/idemix/handlers/nymsigner_test.go similarity index 80% rename from bccsp/idemix/nymsigner_test.go rename to bccsp/idemix/handlers/nymsigner_test.go index ec9cc3e100e..164f687dcb5 100644 --- a/bccsp/idemix/nymsigner_test.go +++ b/bccsp/idemix/handlers/nymsigner_test.go @@ -3,14 +3,14 @@ Copyright IBM Corp. All Rights Reserved. SPDX-License-Identifier: Apache-2.0 */ -package idemix_test +package handlers_test import ( "errors" "github.com/hyperledger/fabric/bccsp" - "github.com/hyperledger/fabric/bccsp/idemix" - "github.com/hyperledger/fabric/bccsp/idemix/mock" + "github.com/hyperledger/fabric/bccsp/idemix/handlers" + "github.com/hyperledger/fabric/bccsp/idemix/handlers/mock" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" ) @@ -20,19 +20,19 @@ var _ = Describe("Nym Signature", func() { Describe("when creating a signature", func() { var ( - NymSigner *idemix.NymSigner + NymSigner *handlers.NymSigner fakeSignatureScheme *mock.NymSignatureScheme nymSK bccsp.Key ) BeforeEach(func() { fakeSignatureScheme = &mock.NymSignatureScheme{} - NymSigner = &idemix.NymSigner{NymSignatureScheme: fakeSignatureScheme} + NymSigner = &handlers.NymSigner{NymSignatureScheme: fakeSignatureScheme} var err error sk := &mock.Big{} sk.BytesReturns([]byte{1, 2, 3, 4}, nil) - nymSK, err = idemix.NewNymSecretKey(sk, nil, false) + nymSK, err = handlers.NewNymSecretKey(sk, nil, false) Expect(err).NotTo(HaveOccurred()) }) @@ -47,11 +47,11 @@ var _ = Describe("Nym Signature", func() { It("returns no error and a signature", func() { signature, err := NymSigner.Sign( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), []byte("a digest"), &bccsp.IdemixNymSignerOpts{ Nym: nymSK, - IssuerPK: idemix.NewIssuerPublicKey(nil), + IssuerPK: handlers.NewIssuerPublicKey(nil), }, ) Expect(err).NotTo(HaveOccurred()) @@ -67,11 +67,11 @@ var _ = Describe("Nym Signature", func() { It("returns an error", func() { signature, err := NymSigner.Sign( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), []byte("a digest"), &bccsp.IdemixNymSignerOpts{ Nym: nymSK, - IssuerPK: idemix.NewIssuerPublicKey(nil), + IssuerPK: handlers.NewIssuerPublicKey(nil), }, ) Expect(err).To(MatchError("sign error")) @@ -88,7 +88,7 @@ var _ = Describe("Nym Signature", func() { []byte("a digest"), &bccsp.IdemixNymSignerOpts{ Nym: nymSK, - IssuerPK: idemix.NewIssuerPublicKey(nil), + IssuerPK: handlers.NewIssuerPublicKey(nil), }, ) Expect(err).To(MatchError("invalid key, expected *userSecretKey")) @@ -99,11 +99,11 @@ var _ = Describe("Nym Signature", func() { Context("and the user secret key is not of type *userSecretKey", func() { It("returns error", func() { signature, err := NymSigner.Sign( - idemix.NewIssuerPublicKey(nil), + handlers.NewIssuerPublicKey(nil), []byte("a digest"), &bccsp.IdemixNymSignerOpts{ Nym: nymSK, - IssuerPK: idemix.NewIssuerPublicKey(nil), + IssuerPK: handlers.NewIssuerPublicKey(nil), }, ) Expect(err).To(MatchError("invalid key, expected *userSecretKey")) @@ -114,7 +114,7 @@ var _ = Describe("Nym Signature", func() { Context("and the option is nil", func() { It("returns error", func() { signature, err := NymSigner.Sign( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), []byte("a digest"), nil, ) @@ -126,7 +126,7 @@ var _ = Describe("Nym Signature", func() { Context("and the option is not of type *IdemixNymSignerOpts", func() { It("returns error", func() { signature, err := NymSigner.Sign( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), []byte("a digest"), &bccsp.IdemixCRISignerOpts{}, ) @@ -138,10 +138,10 @@ var _ = Describe("Nym Signature", func() { Context("and the nym is nil", func() { It("returns error", func() { signature, err := NymSigner.Sign( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), []byte("a digest"), &bccsp.IdemixNymSignerOpts{ - IssuerPK: idemix.NewIssuerPublicKey(nil), + IssuerPK: handlers.NewIssuerPublicKey(nil), }, ) Expect(err).To(MatchError("invalid options, missing nym key")) @@ -152,11 +152,11 @@ var _ = Describe("Nym Signature", func() { Context("and the nym is not of type *nymSecretKey", func() { It("returns error", func() { signature, err := NymSigner.Sign( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), []byte("a digest"), &bccsp.IdemixNymSignerOpts{ - Nym: idemix.NewIssuerPublicKey(nil), - IssuerPK: idemix.NewIssuerPublicKey(nil), + Nym: handlers.NewIssuerPublicKey(nil), + IssuerPK: handlers.NewIssuerPublicKey(nil), }, ) Expect(err).To(MatchError("invalid nym key, expected *nymSecretKey")) @@ -167,7 +167,7 @@ var _ = Describe("Nym Signature", func() { Context("and the IssuerPk is nil", func() { It("returns error", func() { signature, err := NymSigner.Sign( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), []byte("a digest"), &bccsp.IdemixNymSignerOpts{ Nym: nymSK, @@ -181,11 +181,11 @@ var _ = Describe("Nym Signature", func() { Context("and the IssuerPk is not of type *issuerPublicKey", func() { It("returns error", func() { signature, err := NymSigner.Sign( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), []byte("a digest"), &bccsp.IdemixNymSignerOpts{ Nym: nymSK, - IssuerPK: idemix.NewUserSecretKey(nil, false), + IssuerPK: handlers.NewUserSecretKey(nil, false), }, ) Expect(err).To(MatchError("invalid issuer public key, expected *issuerPublicKey")) @@ -198,13 +198,13 @@ var _ = Describe("Nym Signature", func() { Describe("when verifying a signature", func() { var ( - NymVerifier *idemix.NymVerifier + NymVerifier *handlers.NymVerifier fakeSignatureScheme *mock.NymSignatureScheme ) BeforeEach(func() { fakeSignatureScheme = &mock.NymSignatureScheme{} - NymVerifier = &idemix.NymVerifier{NymSignatureScheme: fakeSignatureScheme} + NymVerifier = &handlers.NymVerifier{NymSignatureScheme: fakeSignatureScheme} }) Context("and the underlying cryptographic algorithm succeed", func() { @@ -214,11 +214,11 @@ var _ = Describe("Nym Signature", func() { It("returns no error and valid signature", func() { valid, err := NymVerifier.Verify( - idemix.NewNymPublicKey(nil), + handlers.NewNymPublicKey(nil), []byte("a signature"), []byte("a digest"), &bccsp.IdemixNymSignerOpts{ - IssuerPK: idemix.NewIssuerPublicKey(nil), + IssuerPK: handlers.NewIssuerPublicKey(nil), }, ) Expect(err).NotTo(HaveOccurred()) @@ -233,11 +233,11 @@ var _ = Describe("Nym Signature", func() { It("returns an error", func() { valid, err := NymVerifier.Verify( - idemix.NewNymPublicKey(nil), + handlers.NewNymPublicKey(nil), []byte("a signature"), []byte("a digest"), &bccsp.IdemixNymSignerOpts{ - IssuerPK: idemix.NewIssuerPublicKey(nil), + IssuerPK: handlers.NewIssuerPublicKey(nil), }, ) Expect(err).To(MatchError("verify error")) @@ -253,7 +253,7 @@ var _ = Describe("Nym Signature", func() { nil, []byte("fake signature"), nil, - &bccsp.IdemixNymSignerOpts{IssuerPK: idemix.NewIssuerPublicKey(nil)}, + &bccsp.IdemixNymSignerOpts{IssuerPK: handlers.NewIssuerPublicKey(nil)}, ) Expect(err).To(MatchError("invalid key, expected *nymPublicKey")) Expect(valid).To(BeFalse()) @@ -263,10 +263,10 @@ var _ = Describe("Nym Signature", func() { Context("and the nym public key is not of type *nymPublicKey", func() { It("returns error", func() { valid, err := NymVerifier.Verify( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), []byte("fake signature"), nil, - &bccsp.IdemixNymSignerOpts{IssuerPK: idemix.NewIssuerPublicKey(nil)}, + &bccsp.IdemixNymSignerOpts{IssuerPK: handlers.NewIssuerPublicKey(nil)}, ) Expect(err).To(MatchError("invalid key, expected *nymPublicKey")) Expect(valid).To(BeFalse()) @@ -276,10 +276,10 @@ var _ = Describe("Nym Signature", func() { Context("and the signature is empty", func() { It("returns error", func() { valid, err := NymVerifier.Verify( - idemix.NewNymPublicKey(nil), + handlers.NewNymPublicKey(nil), nil, []byte("a digest"), - &bccsp.IdemixNymSignerOpts{IssuerPK: idemix.NewIssuerPublicKey(nil)}, + &bccsp.IdemixNymSignerOpts{IssuerPK: handlers.NewIssuerPublicKey(nil)}, ) Expect(err).To(MatchError("invalid signature, it must not be empty")) Expect(valid).To(BeFalse()) @@ -289,7 +289,7 @@ var _ = Describe("Nym Signature", func() { Context("and the option is empty", func() { It("returns error", func() { valid, err := NymVerifier.Verify( - idemix.NewNymPublicKey(nil), + handlers.NewNymPublicKey(nil), []byte("a signature"), []byte("a digest"), nil, @@ -302,7 +302,7 @@ var _ = Describe("Nym Signature", func() { Context("and the option is not of type *IdemixNymSignerOpts", func() { It("returns error", func() { valid, err := NymVerifier.Verify( - idemix.NewNymPublicKey(nil), + handlers.NewNymPublicKey(nil), []byte("a signature"), []byte("a digest"), &bccsp.IdemixCredentialRequestSignerOpts{}, @@ -315,7 +315,7 @@ var _ = Describe("Nym Signature", func() { Context("and the option's issuer public key is empty", func() { It("returns error", func() { valid, err := NymVerifier.Verify( - idemix.NewNymPublicKey(nil), + handlers.NewNymPublicKey(nil), []byte("fake signature"), nil, &bccsp.IdemixNymSignerOpts{}, @@ -328,11 +328,11 @@ var _ = Describe("Nym Signature", func() { Context("and the option's issuer public key is not of type *issuerPublicKey", func() { It("returns error", func() { valid, err := NymVerifier.Verify( - idemix.NewNymPublicKey(nil), + handlers.NewNymPublicKey(nil), []byte("fake signature"), nil, &bccsp.IdemixNymSignerOpts{ - IssuerPK: idemix.NewNymPublicKey(nil), + IssuerPK: handlers.NewNymPublicKey(nil), }, ) Expect(err).To(MatchError("invalid issuer public key, expected *issuerPublicKey")) diff --git a/bccsp/idemix/revocation.go b/bccsp/idemix/handlers/revocation.go similarity index 94% rename from bccsp/idemix/revocation.go rename to bccsp/idemix/handlers/revocation.go index 49428fc37d6..958df7df156 100644 --- a/bccsp/idemix/revocation.go +++ b/bccsp/idemix/handlers/revocation.go @@ -3,7 +3,7 @@ Copyright IBM Corp. All Rights Reserved. SPDX-License-Identifier: Apache-2.0 */ -package idemix +package handlers import ( "crypto/ecdsa" @@ -11,6 +11,7 @@ import ( "crypto/sha256" "crypto/x509" "fmt" + "reflect" "github.com/hyperledger/fabric/bccsp" "github.com/pkg/errors" @@ -147,8 +148,8 @@ func (s *CriSigner) Sign(k bccsp.Key, digest []byte, opts bccsp.SignerOpts) ([]b if !ok { return nil, errors.New("invalid options, expected *IdemixCRISignerOpts") } - if len(digest) != 0 { - return nil, errors.New("invalid digest, it must be empty") + if !reflect.DeepEqual(digest, bccsp.IdemixEmptyDigest()) { + return nil, errors.New("invalid digest, the idemix empty digest is expected") } return s.Revocation.Sign( @@ -172,8 +173,8 @@ func (v *CriVerifier) Verify(k bccsp.Key, signature, digest []byte, opts bccsp.S if !ok { return false, errors.New("invalid options, expected *IdemixCRISignerOpts") } - if len(digest) != 0 { - return false, errors.New("invalid digest, it must be empty") + if !reflect.DeepEqual(digest, bccsp.IdemixEmptyDigest()) { + return false, errors.New("invalid digest, the idemix empty digest is expected") } if len(signature) == 0 { return false, errors.New("invalid signature, it must not be empty") diff --git a/bccsp/idemix/revocation_test.go b/bccsp/idemix/handlers/revocation_test.go similarity index 83% rename from bccsp/idemix/revocation_test.go rename to bccsp/idemix/handlers/revocation_test.go index 5013c0897f8..a9de08524c8 100644 --- a/bccsp/idemix/revocation_test.go +++ b/bccsp/idemix/handlers/revocation_test.go @@ -3,7 +3,7 @@ Copyright IBM Corp. All Rights Reserved. SPDX-License-Identifier: Apache-2.0 */ -package idemix_test +package handlers_test import ( "crypto/ecdsa" @@ -12,9 +12,10 @@ import ( "crypto/x509" "math/big" + "github.com/hyperledger/fabric/bccsp/idemix/handlers" + "github.com/hyperledger/fabric/bccsp" - "github.com/hyperledger/fabric/bccsp/idemix" - "github.com/hyperledger/fabric/bccsp/idemix/mock" + "github.com/hyperledger/fabric/bccsp/idemix/handlers/mock" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" "github.com/pkg/errors" @@ -24,7 +25,7 @@ var _ = Describe("Revocation", func() { Describe("when creating an revocation key-pair", func() { var ( - RevocationKeyGen *idemix.RevocationKeyGen + RevocationKeyGen *handlers.RevocationKeyGen fakeRevocation *mock.Revocation fakeRevocationSecretKey bccsp.Key @@ -33,7 +34,7 @@ var _ = Describe("Revocation", func() { BeforeEach(func() { fakeRevocation = &mock.Revocation{} - RevocationKeyGen = &idemix.RevocationKeyGen{} + RevocationKeyGen = &handlers.RevocationKeyGen{} RevocationKeyGen.Revocation = fakeRevocation }) @@ -62,7 +63,7 @@ var _ = Describe("Revocation", func() { fakeRevocation.NewKeyReturns(idemixRevocationKey, nil) - fakeRevocationSecretKey = idemix.NewRevocationSecretKey(idemixRevocationKey, false) + fakeRevocationSecretKey = handlers.NewRevocationSecretKey(idemixRevocationKey, false) }) AfterEach(func() { @@ -91,7 +92,7 @@ var _ = Describe("Revocation", func() { Context("and the secret key is exportable", func() { BeforeEach(func() { RevocationKeyGen.Exportable = true - fakeRevocationSecretKey = idemix.NewRevocationSecretKey(idemixRevocationKey, true) + fakeRevocationSecretKey = handlers.NewRevocationSecretKey(idemixRevocationKey, true) }) It("returns no error and a key", func() { @@ -110,7 +111,7 @@ var _ = Describe("Revocation", func() { Context("and the secret key is not exportable", func() { BeforeEach(func() { RevocationKeyGen.Exportable = false - fakeRevocationSecretKey = idemix.NewRevocationSecretKey(idemixRevocationKey, false) + fakeRevocationSecretKey = handlers.NewRevocationSecretKey(idemixRevocationKey, false) }) It("returns no error and a key", func() { @@ -146,13 +147,13 @@ var _ = Describe("CRI", func() { Describe("when creating a CRI", func() { var ( - CriSigner *idemix.CriSigner + CriSigner *handlers.CriSigner fakeRevocation *mock.Revocation ) BeforeEach(func() { fakeRevocation = &mock.Revocation{} - CriSigner = &idemix.CriSigner{Revocation: fakeRevocation} + CriSigner = &handlers.CriSigner{Revocation: fakeRevocation} }) Context("and the underlying cryptographic algorithm succeed", func() { @@ -166,8 +167,8 @@ var _ = Describe("CRI", func() { It("returns no error and a signature", func() { signature, err := CriSigner.Sign( - idemix.NewRevocationSecretKey(nil, false), - nil, + handlers.NewRevocationSecretKey(nil, false), + bccsp.IdemixEmptyDigest(), &bccsp.IdemixCRISignerOpts{}, ) Expect(err).NotTo(HaveOccurred()) @@ -183,8 +184,8 @@ var _ = Describe("CRI", func() { It("returns an error", func() { signature, err := CriSigner.Sign( - idemix.NewRevocationSecretKey(nil, false), - nil, + handlers.NewRevocationSecretKey(nil, false), + bccsp.IdemixEmptyDigest(), &bccsp.IdemixCRISignerOpts{}, ) Expect(err).To(MatchError("sign error")) @@ -209,7 +210,7 @@ var _ = Describe("CRI", func() { Context("and the revocation secret key is not of type *revocationSecretKey", func() { It("returns error", func() { signature, err := CriSigner.Sign( - idemix.NewIssuerPublicKey(nil), + handlers.NewIssuerPublicKey(nil), nil, nil, ) @@ -224,7 +225,7 @@ var _ = Describe("CRI", func() { It("returns an error", func() { signature, err := CriSigner.Sign( - idemix.NewRevocationSecretKey(nil, false), + handlers.NewRevocationSecretKey(nil, false), nil, nil, ) @@ -233,17 +234,14 @@ var _ = Describe("CRI", func() { }) }) - Context("and the digest is not empty", func() { - BeforeEach(func() { - }) - + Context("and the digest is not the idemix empty digest", func() { It("returns an error", func() { signature, err := CriSigner.Sign( - idemix.NewRevocationSecretKey(nil, false), + handlers.NewRevocationSecretKey(nil, false), []byte{1, 2, 3, 4}, &bccsp.IdemixCRISignerOpts{}, ) - Expect(err).To(MatchError("invalid digest, it must be empty")) + Expect(err).To(MatchError("invalid digest, the idemix empty digest is expected")) Expect(signature).To(BeNil()) }) }) @@ -253,13 +251,13 @@ var _ = Describe("CRI", func() { Describe("when verifying a CRI", func() { var ( - CriVerifier *idemix.CriVerifier + CriVerifier *handlers.CriVerifier fakeRevocation *mock.Revocation ) BeforeEach(func() { fakeRevocation = &mock.Revocation{} - CriVerifier = &idemix.CriVerifier{Revocation: fakeRevocation} + CriVerifier = &handlers.CriVerifier{Revocation: fakeRevocation} }) Context("and the underlying cryptographic algorithm succeed", func() { @@ -269,9 +267,9 @@ var _ = Describe("CRI", func() { It("returns no error and valid signature", func() { valid, err := CriVerifier.Verify( - idemix.NewRevocationPublicKey(nil), + handlers.NewRevocationPublicKey(nil), []byte("fake signature"), - nil, + bccsp.IdemixEmptyDigest(), &bccsp.IdemixCRISignerOpts{}, ) Expect(err).NotTo(HaveOccurred()) @@ -286,9 +284,9 @@ var _ = Describe("CRI", func() { It("returns an error", func() { valid, err := CriVerifier.Verify( - idemix.NewRevocationPublicKey(nil), + handlers.NewRevocationPublicKey(nil), []byte("fake signature"), - nil, + bccsp.IdemixEmptyDigest(), &bccsp.IdemixCRISignerOpts{}, ) Expect(err).To(MatchError("verify error")) @@ -314,7 +312,7 @@ var _ = Describe("CRI", func() { Context("and the user secret key is not of type *revocationPublicKey", func() { It("returns error", func() { valid, err := CriVerifier.Verify( - idemix.NewIssuerPublicKey(nil), + handlers.NewIssuerPublicKey(nil), []byte("fake signature"), nil, &bccsp.IdemixCRISignerOpts{}, @@ -324,15 +322,15 @@ var _ = Describe("CRI", func() { }) }) - Context("and the digest is not nil", func() { + Context("and the digest is not the idemix empty digest", func() { It("returns error", func() { valid, err := CriVerifier.Verify( - idemix.NewRevocationPublicKey(nil), + handlers.NewRevocationPublicKey(nil), []byte("fake signature"), []byte{1, 2, 3, 4}, &bccsp.IdemixCRISignerOpts{}, ) - Expect(err).To(MatchError("invalid digest, it must be empty")) + Expect(err).To(MatchError("invalid digest, the idemix empty digest is expected")) Expect(valid).To(BeFalse()) }) }) @@ -340,9 +338,9 @@ var _ = Describe("CRI", func() { Context("and the signature is empty", func() { It("returns error", func() { valid, err := CriVerifier.Verify( - idemix.NewRevocationPublicKey(nil), - nil, + handlers.NewRevocationPublicKey(nil), nil, + bccsp.IdemixEmptyDigest(), &bccsp.IdemixCRISignerOpts{}, ) Expect(err).To(MatchError("invalid signature, it must not be empty")) @@ -353,7 +351,7 @@ var _ = Describe("CRI", func() { Context("and the option is empty", func() { It("returns error", func() { valid, err := CriVerifier.Verify( - idemix.NewRevocationPublicKey(nil), + handlers.NewRevocationPublicKey(nil), []byte("fake signature"), nil, nil, @@ -366,7 +364,7 @@ var _ = Describe("CRI", func() { Context("and the option is not of type *IdemixCRISignerOpts", func() { It("returns error", func() { valid, err := CriVerifier.Verify( - idemix.NewRevocationPublicKey(nil), + handlers.NewRevocationPublicKey(nil), []byte("fake signature"), nil, &bccsp.IdemixCredentialRequestSignerOpts{}, diff --git a/bccsp/idemix/signer.go b/bccsp/idemix/handlers/signer.go similarity index 99% rename from bccsp/idemix/signer.go rename to bccsp/idemix/handlers/signer.go index b8c006a6964..441d086e567 100644 --- a/bccsp/idemix/signer.go +++ b/bccsp/idemix/handlers/signer.go @@ -3,7 +3,7 @@ Copyright IBM Corp. All Rights Reserved. SPDX-License-Identifier: Apache-2.0 */ -package idemix +package handlers import ( "github.com/hyperledger/fabric/bccsp" diff --git a/bccsp/idemix/signer_test.go b/bccsp/idemix/handlers/signer_test.go similarity index 79% rename from bccsp/idemix/signer_test.go rename to bccsp/idemix/handlers/signer_test.go index e6363abf703..b6e775aa4a2 100644 --- a/bccsp/idemix/signer_test.go +++ b/bccsp/idemix/handlers/signer_test.go @@ -3,14 +3,14 @@ Copyright IBM Corp. All Rights Reserved. SPDX-License-Identifier: Apache-2.0 */ -package idemix_test +package handlers_test import ( "errors" "github.com/hyperledger/fabric/bccsp" - "github.com/hyperledger/fabric/bccsp/idemix" - "github.com/hyperledger/fabric/bccsp/idemix/mock" + "github.com/hyperledger/fabric/bccsp/idemix/handlers" + "github.com/hyperledger/fabric/bccsp/idemix/handlers/mock" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" ) @@ -20,19 +20,19 @@ var _ = Describe("Signature", func() { Describe("when creating a signature", func() { var ( - Signer *idemix.Signer + Signer *handlers.Signer fakeSignatureScheme *mock.SignatureScheme nymSK bccsp.Key ) BeforeEach(func() { fakeSignatureScheme = &mock.SignatureScheme{} - Signer = &idemix.Signer{SignatureScheme: fakeSignatureScheme} + Signer = &handlers.Signer{SignatureScheme: fakeSignatureScheme} var err error sk := &mock.Big{} sk.BytesReturns([]byte{1, 2, 3, 4}, nil) - nymSK, err = idemix.NewNymSecretKey(sk, nil, false) + nymSK, err = handlers.NewNymSecretKey(sk, nil, false) Expect(err).NotTo(HaveOccurred()) }) @@ -47,11 +47,11 @@ var _ = Describe("Signature", func() { It("returns no error and a signature", func() { signature, err := Signer.Sign( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), []byte("a digest"), &bccsp.IdemixSignerOpts{ Nym: nymSK, - IssuerPK: idemix.NewIssuerPublicKey(nil), + IssuerPK: handlers.NewIssuerPublicKey(nil), }, ) Expect(err).NotTo(HaveOccurred()) @@ -67,11 +67,11 @@ var _ = Describe("Signature", func() { It("returns an error", func() { signature, err := Signer.Sign( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), []byte("a digest"), &bccsp.IdemixSignerOpts{ Nym: nymSK, - IssuerPK: idemix.NewIssuerPublicKey(nil), + IssuerPK: handlers.NewIssuerPublicKey(nil), }, ) Expect(err).To(MatchError("sign error")) @@ -88,7 +88,7 @@ var _ = Describe("Signature", func() { []byte("a digest"), &bccsp.IdemixSignerOpts{ Nym: nymSK, - IssuerPK: idemix.NewIssuerPublicKey(nil), + IssuerPK: handlers.NewIssuerPublicKey(nil), }, ) Expect(err).To(MatchError("invalid key, expected *userSecretKey")) @@ -99,11 +99,11 @@ var _ = Describe("Signature", func() { Context("and the user secret key is not of type *userSecretKey", func() { It("returns error", func() { signature, err := Signer.Sign( - idemix.NewIssuerPublicKey(nil), + handlers.NewIssuerPublicKey(nil), []byte("a digest"), &bccsp.IdemixSignerOpts{ Nym: nymSK, - IssuerPK: idemix.NewIssuerPublicKey(nil), + IssuerPK: handlers.NewIssuerPublicKey(nil), }, ) Expect(err).To(MatchError("invalid key, expected *userSecretKey")) @@ -114,11 +114,11 @@ var _ = Describe("Signature", func() { Context("and the digest is empty", func() { It("returns error", func() { signature, err := Signer.Sign( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), nil, &bccsp.IdemixSignerOpts{ Nym: nymSK, - IssuerPK: idemix.NewIssuerPublicKey(nil), + IssuerPK: handlers.NewIssuerPublicKey(nil), }, ) Expect(err).To(MatchError("invalid digest, it must not be empty")) @@ -129,7 +129,7 @@ var _ = Describe("Signature", func() { Context("and the option is nil", func() { It("returns error", func() { signature, err := Signer.Sign( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), []byte("a digest"), nil, ) @@ -141,7 +141,7 @@ var _ = Describe("Signature", func() { Context("and the option is not of type *IdemixSignerOpts", func() { It("returns error", func() { signature, err := Signer.Sign( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), []byte("a digest"), &bccsp.IdemixCRISignerOpts{}, ) @@ -153,10 +153,10 @@ var _ = Describe("Signature", func() { Context("and the nym is nil", func() { It("returns error", func() { signature, err := Signer.Sign( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), []byte("a digest"), &bccsp.IdemixSignerOpts{ - IssuerPK: idemix.NewIssuerPublicKey(nil), + IssuerPK: handlers.NewIssuerPublicKey(nil), }, ) Expect(err).To(MatchError("invalid options, missing nym key")) @@ -167,11 +167,11 @@ var _ = Describe("Signature", func() { Context("and the nym is not of type *nymSecretKey", func() { It("returns error", func() { signature, err := Signer.Sign( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), []byte("a digest"), &bccsp.IdemixSignerOpts{ - Nym: idemix.NewIssuerPublicKey(nil), - IssuerPK: idemix.NewIssuerPublicKey(nil), + Nym: handlers.NewIssuerPublicKey(nil), + IssuerPK: handlers.NewIssuerPublicKey(nil), }, ) Expect(err).To(MatchError("invalid nym key, expected *nymSecretKey")) @@ -182,7 +182,7 @@ var _ = Describe("Signature", func() { Context("and the IssuerPk is nil", func() { It("returns error", func() { signature, err := Signer.Sign( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), []byte("a digest"), &bccsp.IdemixSignerOpts{ Nym: nymSK, @@ -196,11 +196,11 @@ var _ = Describe("Signature", func() { Context("and the IssuerPk is not of type *issuerPublicKey", func() { It("returns error", func() { signature, err := Signer.Sign( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), []byte("a digest"), &bccsp.IdemixSignerOpts{ Nym: nymSK, - IssuerPK: idemix.NewUserSecretKey(nil, false), + IssuerPK: handlers.NewUserSecretKey(nil, false), }, ) Expect(err).To(MatchError("invalid issuer public key, expected *issuerPublicKey")) @@ -213,13 +213,13 @@ var _ = Describe("Signature", func() { Describe("when verifying a signature", func() { var ( - Verifier *idemix.Verifier + Verifier *handlers.Verifier fakeSignatureScheme *mock.SignatureScheme ) BeforeEach(func() { fakeSignatureScheme = &mock.SignatureScheme{} - Verifier = &idemix.Verifier{SignatureScheme: fakeSignatureScheme} + Verifier = &handlers.Verifier{SignatureScheme: fakeSignatureScheme} }) Context("and the underlying cryptographic algorithm succeed", func() { @@ -229,11 +229,11 @@ var _ = Describe("Signature", func() { It("returns no error and valid signature", func() { valid, err := Verifier.Verify( - idemix.NewIssuerPublicKey(nil), + handlers.NewIssuerPublicKey(nil), []byte("a signature"), []byte("a digest"), &bccsp.IdemixSignerOpts{ - RevocationPublicKey: idemix.NewRevocationPublicKey(nil), + RevocationPublicKey: handlers.NewRevocationPublicKey(nil), }, ) Expect(err).NotTo(HaveOccurred()) @@ -248,11 +248,11 @@ var _ = Describe("Signature", func() { It("returns an error", func() { valid, err := Verifier.Verify( - idemix.NewIssuerPublicKey(nil), + handlers.NewIssuerPublicKey(nil), []byte("a signature"), []byte("a digest"), &bccsp.IdemixSignerOpts{ - RevocationPublicKey: idemix.NewRevocationPublicKey(nil), + RevocationPublicKey: handlers.NewRevocationPublicKey(nil), }, ) Expect(err).To(MatchError("verify error")) @@ -268,7 +268,7 @@ var _ = Describe("Signature", func() { nil, []byte("fake signature"), nil, - &bccsp.IdemixSignerOpts{IssuerPK: idemix.NewIssuerPublicKey(nil)}, + &bccsp.IdemixSignerOpts{IssuerPK: handlers.NewIssuerPublicKey(nil)}, ) Expect(err).To(MatchError("invalid key, expected *issuerPublicKey")) Expect(valid).To(BeFalse()) @@ -278,10 +278,10 @@ var _ = Describe("Signature", func() { Context("and the issuer public key is not of type *issuerPublicKey", func() { It("returns error", func() { valid, err := Verifier.Verify( - idemix.NewUserSecretKey(nil, false), + handlers.NewUserSecretKey(nil, false), []byte("fake signature"), nil, - &bccsp.IdemixSignerOpts{IssuerPK: idemix.NewIssuerPublicKey(nil)}, + &bccsp.IdemixSignerOpts{IssuerPK: handlers.NewIssuerPublicKey(nil)}, ) Expect(err).To(MatchError("invalid key, expected *issuerPublicKey")) Expect(valid).To(BeFalse()) @@ -291,11 +291,11 @@ var _ = Describe("Signature", func() { Context("and the signature is empty", func() { It("returns error", func() { valid, err := Verifier.Verify( - idemix.NewIssuerPublicKey(nil), + handlers.NewIssuerPublicKey(nil), nil, []byte("a digest"), &bccsp.IdemixSignerOpts{ - RevocationPublicKey: idemix.NewRevocationPublicKey(nil), + RevocationPublicKey: handlers.NewRevocationPublicKey(nil), }, ) Expect(err).To(MatchError("invalid signature, it must not be empty")) @@ -306,7 +306,7 @@ var _ = Describe("Signature", func() { Context("and the option is empty", func() { It("returns error", func() { valid, err := Verifier.Verify( - idemix.NewIssuerPublicKey(nil), + handlers.NewIssuerPublicKey(nil), []byte("a signature"), []byte("a digest"), nil, @@ -319,7 +319,7 @@ var _ = Describe("Signature", func() { Context("and the option is not of type *IdemixSignerOpts", func() { It("returns error", func() { valid, err := Verifier.Verify( - idemix.NewIssuerPublicKey(nil), + handlers.NewIssuerPublicKey(nil), []byte("a signature"), []byte("a digest"), &bccsp.IdemixCredentialRequestSignerOpts{}, @@ -332,7 +332,7 @@ var _ = Describe("Signature", func() { Context("and the option's revocation public key is empty", func() { It("returns error", func() { valid, err := Verifier.Verify( - idemix.NewIssuerPublicKey(nil), + handlers.NewIssuerPublicKey(nil), []byte("fake signature"), nil, &bccsp.IdemixSignerOpts{}, @@ -345,10 +345,10 @@ var _ = Describe("Signature", func() { Context("and the option's revocation public key is not of type *revocationPublicKey", func() { It("returns error", func() { valid, err := Verifier.Verify( - idemix.NewIssuerPublicKey(nil), + handlers.NewIssuerPublicKey(nil), []byte("fake signature"), nil, - &bccsp.IdemixSignerOpts{RevocationPublicKey: idemix.NewUserSecretKey(nil, false)}, + &bccsp.IdemixSignerOpts{RevocationPublicKey: handlers.NewUserSecretKey(nil, false)}, ) Expect(err).To(MatchError("invalid options, expected *revocationPublicKey")) Expect(valid).To(BeFalse()) diff --git a/bccsp/idemix/user.go b/bccsp/idemix/handlers/user.go similarity index 98% rename from bccsp/idemix/user.go rename to bccsp/idemix/handlers/user.go index ff8811b351f..bf4215be956 100644 --- a/bccsp/idemix/user.go +++ b/bccsp/idemix/handlers/user.go @@ -3,7 +3,7 @@ Copyright IBM Corp. All Rights Reserved. SPDX-License-Identifier: Apache-2.0 */ -package idemix +package handlers import ( "crypto/sha256" diff --git a/bccsp/idemix/user_test.go b/bccsp/idemix/handlers/user_test.go similarity index 84% rename from bccsp/idemix/user_test.go rename to bccsp/idemix/handlers/user_test.go index d44bf3f76a9..0fc5baee9db 100644 --- a/bccsp/idemix/user_test.go +++ b/bccsp/idemix/handlers/user_test.go @@ -3,15 +3,16 @@ Copyright IBM Corp. All Rights Reserved. SPDX-License-Identifier: Apache-2.0 */ -package idemix_test +package handlers_test import ( "crypto/sha256" "errors" + "github.com/hyperledger/fabric/bccsp/idemix/handlers" + "github.com/hyperledger/fabric/bccsp" - "github.com/hyperledger/fabric/bccsp/idemix" - "github.com/hyperledger/fabric/bccsp/idemix/mock" + "github.com/hyperledger/fabric/bccsp/idemix/handlers/mock" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" ) @@ -29,11 +30,11 @@ var _ = Describe("User", func() { Describe("when creating a user key", func() { var ( - UserKeyGen *idemix.UserKeyGen + UserKeyGen *handlers.UserKeyGen ) BeforeEach(func() { - UserKeyGen = &idemix.UserKeyGen{} + UserKeyGen = &handlers.UserKeyGen{} UserKeyGen.User = fakeUser }) @@ -52,7 +53,7 @@ var _ = Describe("User", func() { hash.Write([]byte{1, 2, 3, 4}) SKI = hash.Sum(nil) - fakeUserSecretKey = idemix.NewUserSecretKey(fakeIdemixKey, false) + fakeUserSecretKey = handlers.NewUserSecretKey(fakeIdemixKey, false) }) AfterEach(func() { @@ -69,7 +70,7 @@ var _ = Describe("User", func() { Context("and the secret key is exportable", func() { BeforeEach(func() { UserKeyGen.Exportable = true - fakeUserSecretKey = idemix.NewUserSecretKey(fakeIdemixKey, true) + fakeUserSecretKey = handlers.NewUserSecretKey(fakeIdemixKey, true) }) It("returns no error and a key", func() { @@ -88,7 +89,7 @@ var _ = Describe("User", func() { Context("and the secret key is not exportable", func() { BeforeEach(func() { UserKeyGen.Exportable = false - fakeUserSecretKey = idemix.NewUserSecretKey(fakeIdemixKey, false) + fakeUserSecretKey = handlers.NewUserSecretKey(fakeIdemixKey, false) }) It("returns no error and a key", func() { @@ -120,12 +121,12 @@ var _ = Describe("User", func() { Describe("when deriving a new pseudonym", func() { var ( - NymKeyDerivation *idemix.NymKeyDerivation + NymKeyDerivation *handlers.NymKeyDerivation fakeIssuerPublicKey bccsp.Key ) BeforeEach(func() { - NymKeyDerivation = &idemix.NymKeyDerivation{} + NymKeyDerivation = &handlers.NymKeyDerivation{} NymKeyDerivation.User = fakeUser }) @@ -171,9 +172,9 @@ var _ = Describe("User", func() { BeforeEach(func() { var err error NymKeyDerivation.Exportable = true - fakeUserSecretKey = idemix.NewUserSecretKey(userKey, true) - fakeIssuerPublicKey = idemix.NewIssuerPublicKey(nil) - fakeNym, err = idemix.NewNymSecretKey(result2, result1, true) + fakeUserSecretKey = handlers.NewUserSecretKey(userKey, true) + fakeIssuerPublicKey = handlers.NewIssuerPublicKey(nil) + fakeNym, err = handlers.NewNymSecretKey(result2, result1, true) Expect(err).NotTo(HaveOccurred()) }) @@ -193,8 +194,8 @@ var _ = Describe("User", func() { BeforeEach(func() { var err error NymKeyDerivation.Exportable = false - fakeUserSecretKey = idemix.NewUserSecretKey(userKey, false) - fakeNym, err = idemix.NewNymSecretKey(result2, result1, false) + fakeUserSecretKey = handlers.NewUserSecretKey(userKey, false) + fakeNym, err = handlers.NewNymSecretKey(result2, result1, false) Expect(err).NotTo(HaveOccurred()) }) @@ -214,8 +215,8 @@ var _ = Describe("User", func() { Context("and the underlying cryptographic algorithm fails", func() { BeforeEach(func() { - fakeUserSecretKey = idemix.NewUserSecretKey(nil, true) - fakeIssuerPublicKey = idemix.NewIssuerPublicKey(nil) + fakeUserSecretKey = handlers.NewUserSecretKey(nil, true) + fakeIssuerPublicKey = handlers.NewIssuerPublicKey(nil) fakeUser.MakeNymReturns(nil, nil, errors.New("make-nym error")) }) @@ -238,7 +239,7 @@ var _ = Describe("User", func() { Context("and the user secret key is not of type *userSecretKey", func() { It("returns error", func() { - nym, err := NymKeyDerivation.KeyDeriv(idemix.NewIssuerPublicKey(nil), &bccsp.IdemixNymKeyDerivationOpts{}) + nym, err := NymKeyDerivation.KeyDeriv(handlers.NewIssuerPublicKey(nil), &bccsp.IdemixNymKeyDerivationOpts{}) Expect(err).To(MatchError("invalid key, expected *userSecretKey")) Expect(nym).To(BeNil()) }) @@ -246,7 +247,7 @@ var _ = Describe("User", func() { Context("and the option is missing", func() { BeforeEach(func() { - fakeUserSecretKey = idemix.NewUserSecretKey(nil, false) + fakeUserSecretKey = handlers.NewUserSecretKey(nil, false) }) It("returns error", func() { @@ -258,7 +259,7 @@ var _ = Describe("User", func() { Context("and the option is not of type *bccsp.IdemixNymKeyDerivationOpts", func() { BeforeEach(func() { - fakeUserSecretKey = idemix.NewUserSecretKey(nil, false) + fakeUserSecretKey = handlers.NewUserSecretKey(nil, false) }) It("returns error", func() { @@ -270,7 +271,7 @@ var _ = Describe("User", func() { Context("and the issuer public key is missing", func() { BeforeEach(func() { - fakeUserSecretKey = idemix.NewUserSecretKey(nil, false) + fakeUserSecretKey = handlers.NewUserSecretKey(nil, false) }) It("returns error", func() { @@ -283,7 +284,7 @@ var _ = Describe("User", func() { Context("and the issuer public key is not of type *issuerPublicKey", func() { BeforeEach(func() { - fakeUserSecretKey = idemix.NewUserSecretKey(nil, false) + fakeUserSecretKey = handlers.NewUserSecretKey(nil, false) }) It("returns error", func() { diff --git a/bccsp/idemix/idemix_suite_test.go b/bccsp/idemix/idemix_suite_test.go index a69f90aff11..c5a92d8290b 100644 --- a/bccsp/idemix/idemix_suite_test.go +++ b/bccsp/idemix/idemix_suite_test.go @@ -12,18 +12,6 @@ import ( . "github.com/onsi/gomega" ) -//go:generate counterfeiter -o mock/issuer.go -fake-name Issuer . Issuer -//go:generate counterfeiter -o mock/issuer_secret_key.go -fake-name IssuerSecretKey . IssuerSecretKey -//go:generate counterfeiter -o mock/issuer_public_key.go -fake-name IssuerPublicKey . IssuerPublicKey -//go:generate counterfeiter -o mock/user.go -fake-name User . User -//go:generate counterfeiter -o mock/big.go -fake-name Big . Big -//go:generate counterfeiter -o mock/ecp.go -fake-name Ecp . Ecp -//go:generate counterfeiter -o mock/credrequest.go -fake-name CredRequest . CredRequest -//go:generate counterfeiter -o mock/credential.go -fake-name Credential . Credential -//go:generate counterfeiter -o mock/revocation.go -fake-name Revocation . Revocation -//go:generate counterfeiter -o mock/signature_scheme.go -fake-name SignatureScheme . SignatureScheme -//go:generate counterfeiter -o mock/nymsignature_scheme.go -fake-name NymSignatureScheme . NymSignatureScheme - func TestPlain(t *testing.T) { RegisterFailHandler(Fail) RunSpecs(t, "Plain Suite") diff --git a/bccsp/idemixopts.go b/bccsp/idemixopts.go index f599ad1646e..5a1262c4ca8 100644 --- a/bccsp/idemixopts.go +++ b/bccsp/idemixopts.go @@ -18,6 +18,13 @@ const ( AlgNoRevocation RevocationAlgorithm = iota ) +// IdemixEmptyDigest is used every time an idemix-related signed operation is not supposed +// to take any digest in input. The underlying code ensure that the passed digest is that +// returned by this function. This applies to credential request, credential, CRI +func IdemixEmptyDigest() []byte { + return []byte("idemix-empty-digest") +} + // IdemixIssuerKeyGenOpts contains the options for the Idemix Issuer key-generation. // A list of attribytes may be optionally passed type IdemixIssuerKeyGenOpts struct { @@ -124,7 +131,7 @@ type IdemixAttribute struct { type IdemixCredentialSignerOpts struct { // Attributes to include in the credentials. IdemixHiddenAttribute is not allowed here Attributes []IdemixAttribute - // IssuerPK is the public-keXy of the issuer + // IssuerPK is the public-key of the issuer IssuerPK Key // HashFun is the hash function to be used H crypto.Hash