gabi

package module
v0.0.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 19, 2020 License: BSD-3-Clause Imports: 19 Imported by: 0

README

GoDoc Gabi

Gabi is a Go implementation of the IRMA approach to the Idemix attribute based credential system. Check out the IRMA website to learn more on this great alternative to traditional identity management.

gabi itself is designed to be compatible with the existing Java and C++ implementations of the IRMA system.

Status

Do note that this library is still fairly young. As such there might be some API-changes in the near future. And although most (if not all) cryptographic primitives are present, it does need additional "field testing". In addition, since this library implements (non-trivial) cryptography it needs to be checked by many more eyeballs.

Install

To install:

go get -v github.com/vchain-dev/gabi

Test

To run tests:

go test -v ./...

Documentation

Overview

Package gabi is an implementation of the IRMA (https://irmacard.org) approach to attribute based credentials. For now, see gabi_test.go on how to use the library.

Index

Constants

View Source 
const (
	//XMLHeader can be a used as the XML header when writing keys in XML format.
	XMLHeader = "<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"no\"?>\n"
	// DefaultEpochLength is the default epoch length for public keys.
	DefaultEpochLength = 432000
)

Variables

View Source 
var (
	// ErrIncorrectProofOfSignatureCorrectness is issued when the the proof of
	// correctness on the signature does not verify.
	ErrIncorrectProofOfSignatureCorrectness = errors.New("Proof of correctness on signature does not verify.")
	// ErrIncorrectAttributeSignature is issued when the signature on the
	// attributes is not correct.
	ErrIncorrectAttributeSignature = errors.New("The Signature on the attributes is not correct.")
)
View Source 
var DefaultKeyLengths = getAvailableKeyLengths(DefaultSystemParameters)

DefaultKeyLengths is a slice of integers holding the keylengths for which system parameters are available.

View Source 
var DefaultSystemParameters = map[int]*SystemParameters{
	1024: &SystemParameters{defaultBaseParameters[1024], MakeDerivedParameters(defaultBaseParameters[1024])},
	2048: &SystemParameters{defaultBaseParameters[2048], MakeDerivedParameters(defaultBaseParameters[2048])},
	4096: &SystemParameters{defaultBaseParameters[4096], MakeDerivedParameters(defaultBaseParameters[4096])},
}

DefaultSystemParameters holds per keylength the default parameters as are currently in use at the moment. This might (and probably will) change in the future.

View Source 
var (
	// ErrMissingProofU is returned when a ProofU proof is missing in a prooflist
	// when this is expected.
	ErrMissingProofU = errors.New("Missing ProofU in ProofList, has a CredentialBuilder been added?")
)
View Source 
var Logger *logrus.Logger

Functions

func GenerateKeyPair 

func GenerateKeyPair(param *SystemParameters, numAttributes int, counter uint, expiryDate time.Time) (*PrivateKey, *PublicKey, error)

GenerateKeyPair generates a private/public keypair for an Issuer

func GenerateNonce 

func GenerateNonce() (*big.Int, error)

Generate nonce for use in proofs

func GenerateRevocationKeypair 

func GenerateRevocationKeypair(privk *PrivateKey, pubk *PublicKey) error

func GenerateSecretAttribute 

func GenerateSecretAttribute() (*big.Int, error)

Generate secret attribute used prove ownership and links between credentials from the same user.

func ParamSize 

func ParamSize(a int) int

ParamSize computes the size of a parameter in bytes given the size in bits.

func RepresentToPublicKey 

func RepresentToPublicKey(pk *PublicKey, exps []*big.Int) (*big.Int, error)

RepresentToPublicKey returns a representation of the given exponents in terms of the R bases from the public key. For example given exponents exps[1],...,exps[k] this function returns 

R[1]^{exps[1]}*...*R[k]^{exps[k]} (mod N)

with R and N coming from the public key. The exponents are hashed if their length exceeds the maximum message length from the public key.

Types

type BaseParameters 

type BaseParameters struct {
	LePrime uint
	Lh      uint
	Lm      uint
	Ln      uint
	Lstatzk uint
}

BaseParameters holds the base system parameters

type Bases 

type Bases []*big.Int

Bases is a type that is introduced to simplify the encoding/decoding of a PublicKey whilst using the xml support of Go's standard library.

func (*Bases) MarshalXML 

func (bl *Bases) MarshalXML(e *xml.Encoder, start xml.StartElement) error

MarshalXML is an internal function to simplify encoding a PublicKey to XML.

func (*Bases) UnmarshalXML 

func (bl *Bases) UnmarshalXML(d *xml.Decoder, start xml.StartElement) error

UnmarshalXML is an internal function to simplify decoding a PublicKey from XML.

type CLSignature 

type CLSignature struct {
	A         *big.Int
	E         *big.Int `json:"e"`
	V         *big.Int `json:"v"`
	KeyshareP *big.Int `json:"KeyshareP"` // R_0^{keysharesecret}, necessary for verification
}

CLSignature is a data structure for holding a Camenisch-Lysyanskaya signature.

func SignMessageBlock 

func SignMessageBlock(sk *PrivateKey, pk *PublicKey, ms []*big.Int) (*CLSignature, error)

SignMessageBlock signs a message block (ms) using the Camenisch-Lysyanskaya signature scheme as used in the IdeMix system.

func (*CLSignature) Randomize 

func (s *CLSignature) Randomize(pk *PublicKey) *CLSignature

Randomize returns a randomized copy of the signature.

func (*CLSignature) Verify 

func (s *CLSignature) Verify(pk *PublicKey, ms []*big.Int) bool

Verify checks whether the signature is correct while being given a public key and the messages.

type Credential 

type Credential struct {
	Signature            *CLSignature        `json:"signature"`
	Pk                   *PublicKey          `json:"pk"`
	Attributes           []*big.Int          `json:"attributes"`
	NonRevocationWitness *revocation.Witness `json:"nonrevWitness,omitempty"`
	// contains filtered or unexported fields
}

Credential represents an Idemix credential.

func (*Credential) CreateDisclosureProof 

func (ic *Credential) CreateDisclosureProof(disclosedAttributes []int, nonrev bool, context, nonce1 *big.Int) (*ProofD, error)

CreateDisclosureProof creates a disclosure proof (ProofD) voor the provided indices of disclosed attributes.

func (*Credential) CreateDisclosureProofBuilder 

func (ic *Credential) CreateDisclosureProofBuilder(disclosedAttributes []int, nonrev bool) (*DisclosureProofBuilder, error)

CreateDisclosureProofBuilder produces a DisclosureProofBuilder, an object to hold the state in the protocol for producing a disclosure proof that is linked to other proofs.

func (*Credential) NonrevBuildProofBuilder 

func (ic *Credential) NonrevBuildProofBuilder() (*NonRevocationProofBuilder, error)

NonrevBuildProofBuilder builds and returns a new commited-to NonRevocationProofBuilder.

func (*Credential) NonrevIndex 

func (ic *Credential) NonrevIndex() (int, error)

func (*Credential) NonrevPrepareCache 

func (ic *Credential) NonrevPrepareCache() error

NonrevPrepareCache ensures that the Credential's nonrevocation proof builder cache is usable, by creating one if it does not exist, or otherwise updating it to the latest accumulator contained in the credential's witness.

type CredentialBuilder 

type CredentialBuilder struct {
	// contains filtered or unexported fields
}

CredentialBuilder is a temporary object to hold some state for the protocol that is used to create (build) a credential. It also implements the ProofBuilder interface.

func NewCredentialBuilder 

func NewCredentialBuilder(pk *PublicKey, context, secret *big.Int, nonce2 *big.Int) *CredentialBuilder

NewCredentialBuilder creates a new credential builder. The resulting credential builder is already committed to the provided secret.

func NewCredentialBuilderFromString 

func NewCredentialBuilderFromString(bs string) *CredentialBuilder

func (*CredentialBuilder) Commit 

func (b *CredentialBuilder) Commit(randomizers map[string]*big.Int) []*big.Int

Commit commits to the secret (first) attribute using the provided randomizer.

func (*CredentialBuilder) CommitToSecretAndProve 

func (b *CredentialBuilder) CommitToSecretAndProve(nonce1 *big.Int) *IssueCommitmentMessage

CommitToSecretAndProve creates the response to the initial challenge nonce nonce1 sent by the issuer. The response consists of a commitment to the secret (set on creation of the builder, see NewBuilder) and a proof of correctness of this commitment.

func (*CredentialBuilder) ConstructCredential 

func (b *CredentialBuilder) ConstructCredential(msg *IssueSignatureMessage, attributes []*big.Int) (*Credential, error)

ConstructCredential creates a credential using the IssueSignatureMessage from the issuer and the content of the attributes.

func (*CredentialBuilder) CreateIssueCommitmentMessage 

func (b *CredentialBuilder) CreateIssueCommitmentMessage(proofs ProofList) *IssueCommitmentMessage

CreateIssueCommitmentMessage creates the IssueCommitmentMessage based on the provided prooflist, to be sent to the issuer.

func (*CredentialBuilder) CreateProof 

func (b *CredentialBuilder) CreateProof(challenge *big.Int) Proof

CreateProof creates a (ProofU) Proof using the provided challenge.

func (*CredentialBuilder) MergeProofPCommitment 

func (b *CredentialBuilder) MergeProofPCommitment(commitment *ProofPCommitment)

func (*CredentialBuilder) PublicKey 

func (b *CredentialBuilder) PublicKey() *PublicKey

PublicKey returns the Idemix public key against which the credential will verify.

func (*CredentialBuilder) ToString 

func (b *CredentialBuilder) ToString() string

PublicKey returns the Idemix public key against which the credential will verify.

type CredentialBuilderPublic 

type CredentialBuilderPublic struct {
	Pk      *PublicKey `json:"pk"`
	Context *big.Int   `json:"context"`
	Secret  *big.Int   `json:"secret"`
	VPrime  *big.Int   `json:"vPrime"`
	U       *big.Int   `json:"u"`
	UCommit *big.Int   `json:"uCommit"`
	Nonce2  *big.Int   `json:"nonce2"`

	VPrimeCommit *big.Int `json:"vPrimeCommit"`
	SkRandomizer *big.Int `json:"skRandomizer"`

	ProofPcomm *ProofPCommitment `json:"proofPcomm"`
}

CredentialBuilderPublic is a temporary object to hold some state for the protocol that is used to create (build) a credential. It also implements the ProofBuilder interface.

type DerivedParameters 

type DerivedParameters struct {
	Le            uint
	LeCommit      uint
	LmCommit      uint
	LRA           uint
	LsCommit      uint
	Lv            uint
	LvCommit      uint
	LvPrime       uint
	LvPrimeCommit uint
}

DerivedParameters holds system parameters that can be drived from base systemparameters (BaseParameters)

func MakeDerivedParameters 

func MakeDerivedParameters(base BaseParameters) DerivedParameters

MakeDerivedParameters computes the derived system parameters

type DisclosureProofBuilder 

type DisclosureProofBuilder struct {
	// contains filtered or unexported fields
}

DisclosureProofBuilder is an object that holds the state for the protocol to produce a disclosure proof.

func NewDisclosureProofBuilderFromString 

func NewDisclosureProofBuilderFromString(pb string) *DisclosureProofBuilder

func (*DisclosureProofBuilder) Commit 

func (d *DisclosureProofBuilder) Commit(randomizers map[string]*big.Int) []*big.Int

Commit commits to the first attribute (the secret) using the provided randomizer.

func (*DisclosureProofBuilder) CreateProof 

func (d *DisclosureProofBuilder) CreateProof(challenge *big.Int) Proof

CreateProof creates a (disclosure) proof with the provided challenge.

func (*DisclosureProofBuilder) MergeProofPCommitment 

func (d *DisclosureProofBuilder) MergeProofPCommitment(commitment *ProofPCommitment)

func (*DisclosureProofBuilder) PublicKey 

func (d *DisclosureProofBuilder) PublicKey() *PublicKey

PublicKey returns the Idemix public key against which this disclosure proof will verify.

func (*DisclosureProofBuilder) TimestampRequestContributions 

func (d *DisclosureProofBuilder) TimestampRequestContributions() (*big.Int, []*big.Int)

TimestampRequestContributions returns the contributions of this disclosure proof to the message that is to be signed by the timestamp server: - A of the randomized CL-signature - Slice of bigints populated with the disclosed attributes and 0 for the undisclosed ones.

func (*DisclosureProofBuilder) ToString 

func (pb *DisclosureProofBuilder) ToString() string

type DisclosureProofBuilderPublic 

type DisclosureProofBuilderPublic struct {
	RandomizedSignature   *CLSignature               `json:"RandomizedSignature"`
	ECommit               *big.Int                   `json:"ECommit"`
	VCommit               *big.Int                   `json:"VCommit"`
	AttrRandomizers       map[int]*big.Int           `json:"AttrRandomizers"`
	Z                     *big.Int                   `json:"Z"`
	DisclosedAttributes   []int                      `json:"DisclosedAttributes"`
	UndisclosedAttributes []int                      `json:"UndisclosedAttributes"`
	Pk                    *PublicKey                 `json:"Pk"`
	Attributes            []*big.Int                 `json:"Attributes"`
	NonrevBuilder         *NonRevocationProofBuilder `json:"NonrevBuilder"`
}

type EpochLength 

type EpochLength int

EpochLength is a type that is introduced to simplify the encoding/decoding of a PublicKey whilst using the xml support of Go's standard library.

func (*EpochLength) MarshalXML 

func (el *EpochLength) MarshalXML(e *xml.Encoder, start xml.StartElement) error

MarshalXML is an internal function to simplify encoding a PublicKey to XML.

func (*EpochLength) UnmarshalXML 

func (el *EpochLength) UnmarshalXML(d *xml.Decoder, start xml.StartElement) error

UnmarshalXML is an internal function to simplify decoding a PublicKey from XML.

type IssueCommitmentMessage 

type IssueCommitmentMessage struct {
	U          *big.Int          `json:"U,omitempty"`
	Nonce2     *big.Int          `json:"n_2"`
	Proofs     ProofList         `json:"combinedProofs"`
	ProofPjwt  string            `json:"proofPJwt,omitempty"`
	ProofPjwts map[string]string `json:"proofPJwts,omitempty"`
}

IssueCommitmentMessage encapsulates the messages sent by the receiver to the issuer in the second step of the issuance protocol.

type IssueSignatureMessage 

type IssueSignatureMessage struct {
	Proof                *ProofS             `json:"proof"`
	Signature            *CLSignature        `json:"signature"`
	NonRevocationWitness *revocation.Witness `json:"nonrev,omitempty"`
}

IssueSignatureMessage encapsulates the messages sent from the issuer to the reciver in the final step of the issuance protocol.

type Issuer 

type Issuer struct {
	Sk      *PrivateKey
	Pk      *PublicKey
	Context *big.Int
}

Issuer holds the key material for a credential issuer.

func NewIssuer 

func NewIssuer(sk *PrivateKey, pk *PublicKey, context *big.Int) *Issuer

NewIssuer creates a new credential issuer.

func (*Issuer) IssueSignature 

func (i *Issuer) IssueSignature(U *big.Int, attributes []*big.Int, witness *revocation.Witness, nonce2 *big.Int) (*IssueSignatureMessage, error)

IssueSignature produces an IssueSignatureMessage for the attributes based on the IssueCommitmentMessage provided. Note that this function DOES NOT check the proofs containted in the IssueCommitmentMessage! That needs to be done at a higher level!

type NonRevocationProofBuilder 

type NonRevocationProofBuilder struct {
	// contains filtered or unexported fields
}

func (*NonRevocationProofBuilder) Commit 

func (b *NonRevocationProofBuilder) Commit() ([]*big.Int, error)

func (*NonRevocationProofBuilder) CreateProof 

func (b *NonRevocationProofBuilder) CreateProof(challenge *big.Int) *revocation.Proof

func (*NonRevocationProofBuilder) UpdateCommit 

func (b *NonRevocationProofBuilder) UpdateCommit(witness *revocation.Witness) error

UpdateCommit updates the builder to the latest accumulator contained in the specified (updated) witness.

type PrivateKey 

type PrivateKey struct {
	XMLName    xml.Name `xml:"http://www.zurich.ibm.com/security/idemix IssuerPrivateKey"`
	Counter    uint     `xml:"Counter"`
	ExpiryDate int64    `xml:"ExpiryDate"`
	P          *big.Int `xml:"Elements>p"`
	Q          *big.Int `xml:"Elements>q"`
	PPrime     *big.Int `xml:"Elements>pPrime"`
	QPrime     *big.Int `xml:"Elements>qPrime"`

	ECDSA string `xml:",omitempty"`
	// contains filtered or unexported fields
}

PrivateKey represents an issuer's private key.

func NewPrivateKey 

func NewPrivateKey(p, q *big.Int, ecdsa string, counter uint, expiryDate time.Time) *PrivateKey

NewPrivateKey creates a new issuer private key using the provided parameters.

func NewPrivateKeyFromFile 

func NewPrivateKeyFromFile(filename string, demo bool) (*PrivateKey, error)

NewPrivateKeyFromFile create a new issuer private key from an xml file.

func NewPrivateKeyFromXML 

func NewPrivateKeyFromXML(xmlInput string, demo bool) (*PrivateKey, error)

NewPrivateKeyFromXML creates a new issuer private key using the xml data provided.

func (*PrivateKey) CacheOrder 

func (privk *PrivateKey) CacheOrder()

func (*PrivateKey) Print 

func (privk *PrivateKey) Print() error

Print prints the key to stdout.

func (*PrivateKey) RevocationGenerateWitness 

func (privk *PrivateKey) RevocationGenerateWitness(accumulator *revocation.Accumulator) (*revocation.Witness, error)

func (*PrivateKey) RevocationKey 

func (privk *PrivateKey) RevocationKey() (*revocation.PrivateKey, error)

func (*PrivateKey) RevocationSupported 

func (privk *PrivateKey) RevocationSupported() bool

func (*PrivateKey) Validate 

func (privk *PrivateKey) Validate() error

func (*PrivateKey) WriteTo 

func (privk *PrivateKey) WriteTo(writer io.Writer) (int64, error)

WriteTo writes the XML-serialized public key to the given writer.

func (*PrivateKey) WriteToFile 

func (privk *PrivateKey) WriteToFile(filename string, forceOverwrite bool) (int64, error)

WriteToFile writes the private key to an xml file. If any existing file with the same filename should be overwritten, set forceOverwrite to true.

type Proof 

type Proof interface {
	VerifyWithChallenge(pk *PublicKey, reconstructedChallenge *big.Int) bool
	SecretKeyResponse() *big.Int
	ChallengeContribution(pk *PublicKey) ([]*big.Int, error)
	MergeProofP(proofP *ProofP, pk *PublicKey)
}

Proof represents a non-interactive zero-knowledge proof

type ProofBuilder 

type ProofBuilder interface {
	Commit(randomizers map[string]*big.Int) []*big.Int
	CreateProof(challenge *big.Int) Proof
	PublicKey() *PublicKey
	MergeProofPCommitment(commitment *ProofPCommitment)
}

ProofBuilder is an interface for a proof builder. That is, an object to hold the state to build a list of bounded proofs (see ProofList).

type ProofBuilderList 

type ProofBuilderList []ProofBuilder

ProofBuilderList is a list of proof builders, for calculating a list of bound proofs.

func (ProofBuilderList) BuildDistributedProofList 

func (builders ProofBuilderList) BuildDistributedProofList(
	challenge *big.Int, proofPs []*ProofP,
) (ProofList, error)

func (ProofBuilderList) BuildProofList 

func (builders ProofBuilderList) BuildProofList(context, nonce *big.Int, issig bool) ProofList

BuildProofList builds a list of bounded proofs. For this it is given a list of ProofBuilders. Examples of proof builders are CredentialBuilder and DisclosureProofBuilder.

func (ProofBuilderList) Challenge 

func (builders ProofBuilderList) Challenge(context, nonce *big.Int, issig bool) *big.Int

type ProofD 

type ProofD struct {
	C                  *big.Int          `json:"c"`
	A                  *big.Int          `json:"A"`
	EResponse          *big.Int          `json:"e_response"`
	VResponse          *big.Int          `json:"v_response"`
	AResponses         map[int]*big.Int  `json:"a_responses"`
	ADisclosed         map[int]*big.Int  `json:"a_disclosed"`
	NonRevocationProof *revocation.Proof `json:"nonrev_proof,omitempty"`
}

ProofD represents a proof in the showing protocol.

func (*ProofD) Challenge 

func (p *ProofD) Challenge() *big.Int

Challenge returns the challenge in the proof (part of the Proof interface).

func (*ProofD) ChallengeContribution 

func (p *ProofD) ChallengeContribution(pk *PublicKey) ([]*big.Int, error)

ChallengeContribution returns the contribution of this proof to the challenge.

func (*ProofD) GetDisclosedAttributes 

func (p *ProofD) GetDisclosedAttributes() map[int]*big.Int

func (*ProofD) HasNonRevocationProof 

func (p *ProofD) HasNonRevocationProof() bool

func (*ProofD) MergeProofP 

func (p *ProofD) MergeProofP(proofP *ProofP, pk *PublicKey)

func (*ProofD) SecretKeyResponse 

func (p *ProofD) SecretKeyResponse() *big.Int

SecretKeyResponse returns the secret key response (as part of Proof interface).

func (*ProofD) Verify 

func (p *ProofD) Verify(pk *PublicKey, context, nonce1 *big.Int, issig bool) bool

Verify verifies the proof against the given public key, context, and nonce.

func (*ProofD) VerifyWithChallenge 

func (p *ProofD) VerifyWithChallenge(pk *PublicKey, reconstructedChallenge *big.Int) bool

Verify verifies the proof against the given public key and the provided reconstruted challenge.

type ProofList 

type ProofList []Proof

ProofList represents a list of (typically bound) proofs.

func (ProofList) GetFirstProofU 

func (pl ProofList) GetFirstProofU() (*ProofU, error)

GetFirstProofU returns the first ProofU in this proof list

func (ProofList) GetProofD 

func (pl ProofList) GetProofD(n int) (*ProofD, error)

func (ProofList) GetProofU 

func (pl ProofList) GetProofU(n int) (*ProofU, error)

GetProofU returns the n'th ProofU in this proof list.

func (*ProofList) UnmarshalJSON 

func (pl *ProofList) UnmarshalJSON(bytes []byte) error

UnmarshalJSON implements json.Unmarshaler (json's default unmarshaler is unable to handle a list of interfaces).

func (ProofList) Verify 

func (pl ProofList) Verify(publicKeys []*PublicKey, context, nonce *big.Int, issig bool, keyshareServers []string) bool

Verify returns true when all the proofs inside verify. The keyshareServers parameter is used to indicate which proofs should be verified to share the same secret key: when two proofs share the same keyshare server (or none), so that they should have the same secret key, they should have identical entries (index-wise) in keyshareServers. Pass nil if all proofs should have the same secret key (i.e. it should be verified that all proofs use either none, or one and the same keyshare server). An empty ProofList is not considered valid.

type ProofP 

type ProofP struct {
	P         *big.Int `json:"P"`
	C         *big.Int `json:"c"`
	SResponse *big.Int `json:"s_response"`
}

ProofP is a keyshare server's knowledge of its part of the secret key.

type ProofPCommitment 

type ProofPCommitment struct {
	P       *big.Int
	Pcommit *big.Int
}

ProofPCommitment is a keyshare server's first message in its proof of knowledge of its part of the secret key.

type ProofS 

type ProofS struct {
	C         *big.Int `json:"c"`
	EResponse *big.Int `json:"e_response"`
}

ProofS represents a proof.

func (*ProofS) Verify 

func (p *ProofS) Verify(pk *PublicKey, signature *CLSignature, context, nonce *big.Int) bool

Verify verifies the proof agains the given public key, signature, context, and nonce.

type ProofU 

type ProofU struct {
	U              *big.Int `json:"U"`
	C              *big.Int `json:"c"`
	VPrimeResponse *big.Int `json:"v_prime_response"`
	SResponse      *big.Int `json:"s_response"`
}

ProofU represents a proof of correctness of the commitment in the first phase of the issuance protocol.

func (*ProofU) Challenge 

func (p *ProofU) Challenge() *big.Int

Challenge returns the challenge in the proof (part of the Proof interface).

func (*ProofU) ChallengeContribution 

func (p *ProofU) ChallengeContribution(pk *PublicKey) ([]*big.Int, error)

ChallengeContribution returns the contribution of this proof to the challenge.

func (*ProofU) MergeProofP 

func (p *ProofU) MergeProofP(proofP *ProofP, pk *PublicKey)

func (*ProofU) SecretKeyResponse 

func (p *ProofU) SecretKeyResponse() *big.Int

SecretKeyResponse returns the secret key response (as part of Proof interface).

func (*ProofU) Verify 

func (p *ProofU) Verify(pk *PublicKey, context, nonce *big.Int) bool

Verify verifies whether the proof is correct.

func (*ProofU) VerifyWithChallenge 

func (p *ProofU) VerifyWithChallenge(pk *PublicKey, reconstructedChallenge *big.Int) bool

VerifyWithChallenge verifies whether the proof is correct.

type PublicKey 

type PublicKey struct {
	XMLName     xml.Name          `json:"xmlName" xml:"http://www.zurich.ibm.com/security/idemix IssuerPublicKey"`
	Counter     uint              `json:"Counter" xml:"Counter"`
	ExpiryDate  int64             `json:"ExpiryDate" xml:"ExpiryDate"`
	N           *big.Int          `json:"N" xml:"Elements>n"` // Modulus n
	Z           *big.Int          `json:"Z" xml:"Elements>Z"` // Generator Z
	S           *big.Int          `json:"S" xml:"Elements>S"` // Generator S
	G           *big.Int          `json:"G" xml:"Elements>G"` // Generator G for revocation
	H           *big.Int          `json:"H" xml:"Elements>H"` // Generator H for revocation
	R           Bases             `json:"R" xml:"Elements>Bases"`
	EpochLength EpochLength       `json:"epochLength" xml:"Features"`
	Params      *SystemParameters `json:"Params" xml:"-"`
	Issuer      string            `json:"Issuer" xml:"-"`
	ECDSA       string            `json:"ECDSA" xml:",omitempty"`
	// contains filtered or unexported fields
}

PublicKey represents an issuer's public key.

func NewPublicKey 

func NewPublicKey(N, Z, S, G, H *big.Int, R []*big.Int, ecdsa string, counter uint, expiryDate time.Time) *PublicKey

NewPublicKey creates and returns a new public key based on the provided parameters.

func NewPublicKeyFromBytes 

func NewPublicKeyFromBytes(bts []byte) (*PublicKey, error)

NewPublicKeyFromXML creates a new issuer public key using the xml data provided.

func NewPublicKeyFromFile 

func NewPublicKeyFromFile(filename string) (*PublicKey, error)

NewPublicKeyFromFile create a new issuer public key from an xml file.

func NewPublicKeyFromXML 

func NewPublicKeyFromXML(xmlInput string) (*PublicKey, error)

func (*PublicKey) Print 

func (pubk *PublicKey) Print() error

Print prints the key to stdout.

func (*PublicKey) RevocationKey 

func (pubk *PublicKey) RevocationKey() (*revocation.PublicKey, error)

func (*PublicKey) RevocationSupported 

func (pubk *PublicKey) RevocationSupported() bool

func (*PublicKey) WriteTo 

func (pubk *PublicKey) WriteTo(writer io.Writer) (int64, error)

WriteTo writes the XML-serialized public key to the given writer.

func (*PublicKey) WriteToFile 

func (pubk *PublicKey) WriteToFile(filename string, forceOverwrite bool) (int64, error)

WriteToFile writes the public key to an xml file. If any existing file with the same filename should be overwritten, set forceOverwrite to true.

type SystemParameters 

type SystemParameters struct {
	BaseParameters
	DerivedParameters
}

SystemParameters holds the system parameters of the IRMA system.

Source Files

View all Source files

Directories

Path Synopsis
Package big contains a mostly API-compatible "math/big".Int that JSON-marshals to and from Base64.
 Package big contains a mostly API-compatible "math/big".Int that JSON-marshals to and from Base64.
internal
common
------------ INTRODUCTION ------------ This sublibrary implements functionality for creating and verifying zero knowledge attestations of proper generation of idemix keys.
 ------------ INTRODUCTION ------------ This sublibrary implements functionality for creating and verifying zero knowledge attestations of proper generation of idemix keys.
Package revocation implements the RSA-B accumulator and associated zero knowledge proofs, introduced in "Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials", Jan Camenisch and Anna Lysyanskaya, CRYPTO 2002, DOI https://doi.org/10.1007/3-540-45708-9_5, http://static.cs.brown.edu/people/alysyans/papers/camlys02.pdf, and "Accumulators with Applications to Anonymity-Preserving Revocation", Foteini Baldimtsi et al, IEEE 2017, DOI https://doi.org/10.1109/EuroSP.2017.13, https://eprint.iacr.org/2017/043.pdf.
 Package revocation implements the RSA-B accumulator and associated zero knowledge proofs, introduced in "Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials", Jan Camenisch and Anna Lysyanskaya, CRYPTO 2002, DOI https://doi.org/10.1007/3-540-45708-9_5, http://static.cs.brown.edu/people/alysyans/papers/camlys02.pdf, and "Accumulators with Applications to Anonymity-Preserving Revocation", Foteini Baldimtsi et al, IEEE 2017, DOI https://doi.org/10.1109/EuroSP.2017.13, https://eprint.iacr.org/2017/043.pdf.
Package safeprime computes safe primes, i.e.
 Package safeprime computes safe primes, i.e.
Package signed contains (1) convenience functions for ECDSA private and public key handling, and for signing and verifying byte slices with ECDSA; (2) functions for marshaling structs to signed bytes, and verifying and unmarshaling signed bytes back to structs.
 Package signed contains (1) convenience functions for ECDSA private and public key handling, and for signing and verifying byte slices with ECDSA; (2) functions for marshaling structs to signed bytes, and verifying and unmarshaling signed bytes back to structs.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.