Challenge-response for attestation #162
Conversation
…te attestation info to file.
…rror if deserialize fails, but not if file doesn't exist. Improve tests.
…nitiation request.
…quests. Update integration test accordingly.
…p-server Add test http server to CR (#94)
| ContentResponseComplete, | ||
| } | ||
|
|
||
| // TODO: Impose additional constraints on the nonce type. |
There was a problem hiding this comment.
Ok for this PR, come back to another time.
| } | ||
| Ok(()) | ||
| } | ||
| /// Deserializes each field of the struct from a file. |
There was a problem hiding this comment.
Note deserialize cannot have default implementation as flexible over struct implementing. Add comment?
| } | ||
| } | ||
| /// Returns true if all fields required for the initiation have a non-null value. | ||
| /// Note: temp_s_key is optional since only requester has it. |
There was a problem hiding this comment.
| /// Note: temp_s_key is optional since only requester has it. | |
| /// Note: `temp_s_key` is optional since only requester has it. |
| mut self, | ||
| path: &PathBuf, | ||
| ) -> Result<Option<IdentityCRInitiation>, TrustchainCRError> { | ||
| let temp_p_key_path = path.join("temp_p_key.json"); |
There was a problem hiding this comment.
Consider refactors here to simplify reading from files.
| } | ||
| } | ||
| /// Returns true if all fields required for the challenge have a non-null value. | ||
| /// Note: update_s_key is optional since only attestor has it. |
There was a problem hiding this comment.
| /// Note: update_s_key is optional since only attestor has it. | |
| /// Note: `update_s_key` is optional since only attestor has it. |
| ) -> Result<Option<IdentityCRChallenge>, TrustchainCRError> { | ||
| // update public key | ||
| let mut full_path = path.join("update_p_key.json"); | ||
| self.update_p_key = match File::open(&full_path) { |
There was a problem hiding this comment.
Refactor as above with std::fs::read_to_string
| payload.set_claim( | ||
| "identity_nonce", | ||
| Some(Value::from( | ||
| value.identity_nonce.as_ref().unwrap().to_string(), |
There was a problem hiding this comment.
Add a new error variant that is TrustchainCRError::InvalidPayload(String) where the data is a context. Could also use a anyhow::Error for the data if the purpose is a general. Will look like:
value.identity_nonce.as_ref().ok_or(TrustchainCRError::InvalidPayload("Missing `identity_nonce` field".to_string()))?.to_string()
| payload.set_claim( | ||
| "update_p_key", | ||
| Some(Value::from( | ||
| value.update_p_key.as_ref().unwrap().to_string(), |
There was a problem hiding this comment.
Use TrustchainCRError::InvalidPayload error mentioned above.
| value | ||
| .claim("identity_nonce") | ||
| .unwrap() | ||
| .as_str() | ||
| .unwrap() | ||
| .to_string(), |
There was a problem hiding this comment.
Handle the unwraps as above.
| mut self, | ||
| path: &PathBuf, | ||
| ) -> Result<Option<ContentCRInitiation>, TrustchainCRError> { | ||
| let requester_details_path = path.join("requester_did.json"); |
There was a problem hiding this comment.
Refactor as above with std::fs:read_from_string
| ) -> Result<Option<ContentCRChallenge>, TrustchainCRError> { | ||
| // content nonce(s) | ||
| let mut full_path = path.join("content_nonce.json"); | ||
| self.content_nonce = match File::open(&full_path) { |
There was a problem hiding this comment.
Consider refactor std::fs::read_to_string
| content_challenge_response: None, | ||
| } | ||
| } | ||
| /// Returns true if all fields have a non-null value. |
| return Ok(current_state); | ||
| } | ||
| } | ||
|
|
|
While reviewing the CR hackmd I noticed that there was a TODO in Step 2 of Part II, to remember to check that the candidate dDID contains the expected update key (sent by the attestor in Part I). Perhaps this has already been implemented, but just wanted to flag as something to check. |
Good spot. This hasn't been implemented yet. Still a |
Functionality and cli for challenge-response process for attestation.
Closes #94