Principal Service: Add support for multiple user accounts

services/vanadium/security/principal.go

+// Copyright 2015 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+package main
+
+import (
+        "crypto/ecdsa"
+        "crypto/elliptic"
+        "crypto/rand"
+        "fmt"
+        "reflect"
+        "sync"
+
+        vpkg "mojo/services/vanadium/security/interfaces/principal"
+)
+
+type principal struct {
+        private *ecdsa.PrivateKey
+        mu      sync.Mutex
+        users   []vpkg.User // GUARDED_BY(mu)
+        curr    *vpkg.User  // GUARDED_BY(mu)
+}
+
+func (p *principal) publicKey() publicKey {
+        return newECDSAPublicKey(&p.private.PublicKey)
+}
+
+func (p *principal) getUsers() ([]vpkg.User, *vpkg.User) {
+        p.mu.Lock()
+        defer p.mu.Unlock()
+        var users []vpkg.User
+        for _, user := range p.users {
+                users = append(users, user)
+        }
+        return users, p.curr
+}
+
+func (p *principal) addUser(user vpkg.User) {
+        p.mu.Lock()
+        defer p.mu.Unlock()
+        p.users = append(p.users, user)
+        p.curr = &user
+}
+
+func (p *principal) setCurrentUser(user vpkg.User) (err *string) {
+        p.mu.Lock()
+        defer p.mu.Unlock()
+        for _, u := range p.users {
+                if !reflect.DeepEqual(u, user) {
+                        str := fmt.Sprintf("User %v does not exist", user)
+                        return &str
+                }
+        }
+        p.curr = &user
+        return
+}
+
+func (p *principal) unsetCurrentUser() {
+        p.mu.Lock()
+        defer p.mu.Unlock()
+        p.curr = nil
+}
+
+func newPrincipal() (*principal, error) {
+        priv, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
+        if err != nil {
+                return nil, err
+        }
+        return &principal{private: priv}, nil
+}