keymanager.go

package pepgo

import (
	"log"

	"github.com/stevenvegt/pep-go/curve"
)

type KMAKeys struct {
	YPair curve.KeyPair
	ZPair curve.KeyPair
	// IEm Identity Encryption Master key
	// Used for PI to EI transformation, Global key used by APs
	IEm curve.HMACKey
	// AAm Authentication provider Adherence Master key
	// Used to make PP/PI AuthProvider specific, Global key, used by Activation Service
	AAm curve.HMACKey
}

func NewKeyManagementAuthority() IKeyManagementAuthority {
	IEm := curve.HMACKey{}
	IEm.Rand()
	AAm := curve.HMACKey{}
	AAm.Rand()
	return KeyManagementAuthority{
		authProviders:    make(map[string]IAuthProvider),
		serviceProviders: make(map[string]IServiceProvider),
		keys: KMAKeys{
			YPair: curve.KeyGen(),
			ZPair: curve.KeyGen(),
			IEm:   IEm,
			AAm:   AAm,
		},
	}
}

func (kma KeyManagementAuthority) RegisterActivationService(as IActivationService) {
	keys := ActivationServiceKeys{
		Y:   kma.keys.YPair.PublicKey,
		Z:   kma.keys.ZPair.PublicKey,
		AAm: kma.keys.AAm,
	}
	as.SetKeys(keys)
}

type IIdentifiable interface {
	GetIdentifier() string
}

func (kma KeyManagementAuthority) RegisterAuthProvider(ap IAuthProvider) {
	log.Println("OP: RegisterAuthProvider")
	kma.authProviders[ap.GetIdentifier()] = ap
	aadi := calcDerivedKey(kma.keys.AAm, []byte(ap.GetIdentifier()))
	// keys := Keys{Y: kma.yPair.PublicKey, Z: kma.zPair.PublicKey, AAdi: aadi}
	keys := AuthProviderKeys{
		Y:    kma.keys.YPair.PublicKey,
		AAdi: aadi,
		IEm:  kma.keys.IEm,
	}

	ap.SetKeys(keys)
}

// RegisterServiceProvider registers a new service provider with the KeyManagementAuthority.
// It logs the operation, stores the service provider in the serviceProviders map, 
// and calculates and sets the derived keys for the service provider.
//
// Parameters:
//   sp (IServiceProvider): The service provider to be registered.
//
// The function performs the following steps:
// 1. Logs the operation "RegisterServiceProvider".
// 2. Stores the service provider in the serviceProviders map using its identifier.
// 3. Calculates the derived key (IEdi) using the master key (IEm) and the service provider's identifier.
// 4. Computes the private derived key (IDdi) by multiplying the private key (YPair.PrivateKey) with the derived key (IEdi).
// 5. Derives the public key (IDpi) from the private derived key (IDdi).
// 6. Creates a ServiceProviderKeys struct with the public keys (Y, Z) and the derived keys (IDdi, IDpi).
// 7. Sets the calculated keys to the service provider using the SetKeys method.
func (kma KeyManagementAuthority) RegisterServiceProvider(sp IServiceProvider) {
	log.Println("OP: RegisterServiceProvider")

	kma.serviceProviders[sp.GetIdentifier()] = sp

	IEdi := calcDerivedKey(kma.keys.IEm, []byte(sp.GetIdentifier()))
	IDdi := curve.MultiplyKey(kma.keys.YPair.PrivateKey, IEdi.Scalar())
	IDpi := curve.DerivePubKey(IDdi)

	keys := ServiceProviderKeys{
		Y:    kma.keys.YPair.PublicKey,
		Z:    kma.keys.ZPair.PublicKey,
		IDdi: IDdi,
		IDpi: IDpi,
	}
	sp.SetKeys(keys)
}

type IIdentifiabe interface {
	GetIdentifier() string
}

type IKeyManagementAuthority interface {
	RegisterAuthProvider(IAuthProvider)
	RegisterServiceProvider(IServiceProvider)
	RegisterActivationService(IActivationService)
}

type KeyManagementAuthority struct {
	authProviders    map[string]IAuthProvider
	serviceProviders map[string]IServiceProvider
	keys             KMAKeys
}