|
|
@@ -38,13 +38,13 @@ and a new Lox credential to be issued:
|
|
|
|
|
|
*/
|
|
|
|
|
|
-use crate::lox_creds::{BucketReachability, Lox};
|
|
|
use super::super::scalar_u32;
|
|
|
+use super::errors::CredentialError;
|
|
|
+use crate::lox_creds::{BucketReachability, Lox};
|
|
|
use cmz::*;
|
|
|
use curve25519_dalek::ristretto::RistrettoPoint as G;
|
|
|
use ff::PrimeField;
|
|
|
use rand_core::RngCore;
|
|
|
-use super::errors::CredentialError;
|
|
|
use sha2::Sha512;
|
|
|
|
|
|
/// The maximum trust level in the system. A user can run this level
|
|
|
@@ -88,11 +88,14 @@ CMZProtocol! { level_up<credential_expiry, eligibility_max_age, max_blockage>,
|
|
|
N.blockages = L.blockages,
|
|
|
}
|
|
|
|
|
|
-pub fn request(L: Lox, B: BucketReachability, pubkeys: CMZPubkey<G>, today: u32) -> Result<(level_up::Request, level_up::ClientState), CredentialError> {
|
|
|
+pub fn request(
|
|
|
+ L: Lox,
|
|
|
+ B: BucketReachability,
|
|
|
+ pubkeys: CMZPubkey<G>,
|
|
|
+ today: u32,
|
|
|
+) -> Result<(level_up::Request, level_up::ClientState), CredentialError> {
|
|
|
let mut rng = rand::thread_rng();
|
|
|
- cmz_group_init(G::hash_from_bytes::<Sha512>(
|
|
|
- b"CMZ Generator A",
|
|
|
- ));
|
|
|
+ cmz_group_init(G::hash_from_bytes::<Sha512>(b"CMZ Generator A"));
|
|
|
|
|
|
// Ensure the credential can be correctly shown: it must be the case
|
|
|
// that level_since + LEVEL_INTERVAL[level] <= today.
|
|
|
@@ -187,7 +190,7 @@ pub fn request(L: Lox, B: BucketReachability, pubkeys: CMZPubkey<G>, today: u32)
|
|
|
let mut N = Lox::using_pubkey(&pubkeys);
|
|
|
N.invites_remaining = Some(LEVEL_INVITATIONS[new_level as usize].into());
|
|
|
let params = level_up::Params {
|
|
|
- credential_expiry: (eligibility_max_age-511).into(),
|
|
|
+ credential_expiry: (eligibility_max_age - 511).into(),
|
|
|
eligibility_max_age: eligibility_max_age.into(),
|
|
|
max_blockage: MAX_BLOCKAGES[new_level as usize].into(),
|
|
|
};
|
|
|
@@ -199,43 +202,50 @@ pub fn request(L: Lox, B: BucketReachability, pubkeys: CMZPubkey<G>, today: u32)
|
|
|
}
|
|
|
|
|
|
impl BridgeAuth {
|
|
|
-
|
|
|
- pub fn handle_level_up(&mut self, req: level_up::Request) -> Result<level_up::Reply,
|
|
|
-CredentialError> {
|
|
|
- let mut rng = rand::thread_rng();
|
|
|
- let reqbytes = req.as_bytes();
|
|
|
- let recvreq = level_up::Request::try_from(&reqbytes[..]).unwrap();
|
|
|
- let (response, (_L_issuer, _B_isser, _N_issuer)) =
|
|
|
- level_up::handle(&mut rng, recvreq,
|
|
|
- |L: &mut Lox, B: &mut BucketReachability, N: &mut Lox| {
|
|
|
- // The trust level has to be at least 1
|
|
|
- let trust_level: u32 = match scalar_u32(&L.trust_level.unwrap()) {
|
|
|
- Some(v) => v,
|
|
|
- None => {
|
|
|
- return Err(CMZError::RevealAttrMissing(
|
|
|
+ pub fn handle_level_up(
|
|
|
+ &mut self,
|
|
|
+ req: level_up::Request,
|
|
|
+ ) -> Result<level_up::Reply, CredentialError> {
|
|
|
+ let mut rng = rand::thread_rng();
|
|
|
+ let reqbytes = req.as_bytes();
|
|
|
+ let recvreq = level_up::Request::try_from(&reqbytes[..]).unwrap();
|
|
|
+ let (response, (_L_issuer, _B_isser, _N_issuer)) = level_up::handle(
|
|
|
+ &mut rng,
|
|
|
+ recvreq,
|
|
|
+ |L: &mut Lox, B: &mut BucketReachability, N: &mut Lox| {
|
|
|
+ // The trust level has to be at least 1
|
|
|
+ let trust_level: u32 = match scalar_u32(&L.trust_level.unwrap()) {
|
|
|
+ Some(v) => v,
|
|
|
+ None => {
|
|
|
+ return Err(CMZError::RevealAttrMissing(
|
|
|
"trust_level",
|
|
|
- "could not be converted to u32",
|
|
|
- ))
|
|
|
- }
|
|
|
- };
|
|
|
- let eligibility_max_age: u32 = self.today() - LEVEL_INTERVAL[trust_level as usize];
|
|
|
- Ok(level_up::Params {
|
|
|
- credential_expiry: (eligibility_max_age-511).into(),
|
|
|
- eligibility_max_age: eligibility_max_age.into(),
|
|
|
- max_blockage: MAX_BLOCKAGES[(trust_level + 1) as usize].into(),
|
|
|
- })
|
|
|
- },
|
|
|
- |L: &Lox, B: &BucketReachability, N: &Lox| {
|
|
|
- Ok(())
|
|
|
- }
|
|
|
- ).unwrap();
|
|
|
- Ok(response)
|
|
|
+ "could not be converted to u32",
|
|
|
+ ))
|
|
|
+ }
|
|
|
+ };
|
|
|
+ let eligibility_max_age: u32 = self.today() - LEVEL_INTERVAL[trust_level as usize];
|
|
|
+ N.invites_remaining = Some(LEVEL_INVITATIONS[(trust_level + 1) as usize].into());
|
|
|
+ Ok(level_up::Params {
|
|
|
+ credential_expiry: (eligibility_max_age - 511).into(),
|
|
|
+ eligibility_max_age: eligibility_max_age.into(),
|
|
|
+ max_blockage: MAX_BLOCKAGES[(trust_level + 1) as usize].into(),
|
|
|
+ })
|
|
|
+ },
|
|
|
+ |L: &Lox, B: &BucketReachability, N: &Lox| Ok(()),
|
|
|
+ )
|
|
|
+ .unwrap();
|
|
|
+ Ok(response)
|
|
|
}
|
|
|
}
|
|
|
|
|
|
-pub fn handle_response(state: level_up::ClientState, rep: level_up::Reply) -> Result<Lox, ProofError> {
|
|
|
- match cmz_finalize(client_state, response_message) {
|
|
|
- Ok(Vec<Credential>) => Ok(Vec<Credential>),
|
|
|
- Err(e) => ProofError(e),
|
|
|
- }
|
|
|
+pub fn handle_response(
|
|
|
+ state: level_up::ClientState,
|
|
|
+ rep: level_up::Reply,
|
|
|
+) -> Result<Lox, CMZError> {
|
|
|
+ let replybytes = rep.as_bytes();
|
|
|
+ let recvreply = level_up::Reply::try_from(&replybytes[..]).unwrap();
|
|
|
+ match state.finalize(recvreply) {
|
|
|
+ Ok(cred) => Ok(cred),
|
|
|
+ Err(_e) => Err(CMZError::Unknown),
|
|
|
+ }
|
|
|
}
|
onyinyang