Documentation ¶
Overview ¶
Package gabi is an implementation of the IRMA (https://irmacard.org) approach to attribute based credentials. For now, see gabi_test.go on how to use the library.
Index ¶
- Constants
- Variables
- func GenerateKeyPair(param *SystemParameters, numAttributes int, counter uint, expiryDate time.Time) (*PrivateKey, *PublicKey, error)
- func GenerateNonce() (*big.Int, error)
- func GenerateRevocationKeypair(privk *PrivateKey, pubk *PublicKey) error
- func GenerateSecretAttribute() (*big.Int, error)
- func ParamSize(a int) int
- func RepresentToPublicKey(pk *PublicKey, exps []*big.Int) (*big.Int, error)
- type BaseParameters
- type Bases
- type CLSignature
- type Credential
- func (ic *Credential) CreateDisclosureProof(disclosedAttributes []int, nonrev bool, context, nonce1 *big.Int) (*ProofD, error)
- func (ic *Credential) CreateDisclosureProofBuilder(disclosedAttributes []int, nonrev bool) (*DisclosureProofBuilder, error)
- func (ic *Credential) NonrevBuildProofBuilder() (*NonRevocationProofBuilder, error)
- func (ic *Credential) NonrevIndex() (int, error)
- func (ic *Credential) NonrevPrepareCache() error
- type CredentialBuilder
- func (b *CredentialBuilder) Commit(randomizers map[string]*big.Int) []*big.Int
- func (b *CredentialBuilder) CommitToSecretAndProve(nonce1 *big.Int) *IssueCommitmentMessage
- func (b *CredentialBuilder) ConstructCredential(msg *IssueSignatureMessage, attributes []*big.Int) (*Credential, error)
- func (b *CredentialBuilder) CreateIssueCommitmentMessage(proofs ProofList) *IssueCommitmentMessage
- func (b *CredentialBuilder) CreateProof(challenge *big.Int) Proof
- func (b *CredentialBuilder) MergeProofPCommitment(commitment *ProofPCommitment)
- func (b *CredentialBuilder) PublicKey() *PublicKey
- func (b *CredentialBuilder) ToString() string
- type CredentialBuilderPublic
- type DerivedParameters
- type DisclosureProofBuilder
- func (d *DisclosureProofBuilder) Commit(randomizers map[string]*big.Int) []*big.Int
- func (d *DisclosureProofBuilder) CreateProof(challenge *big.Int) Proof
- func (d *DisclosureProofBuilder) MergeProofPCommitment(commitment *ProofPCommitment)
- func (d *DisclosureProofBuilder) PublicKey() *PublicKey
- func (d *DisclosureProofBuilder) TimestampRequestContributions() (*big.Int, []*big.Int)
- func (pb *DisclosureProofBuilder) ToString() string
- type DisclosureProofBuilderPublic
- type EpochLength
- type IssueCommitmentMessage
- type IssueSignatureMessage
- type Issuer
- type NonRevocationProofBuilder
- type PrivateKey
- func (privk *PrivateKey) CacheOrder()
- func (privk *PrivateKey) Print() error
- func (privk *PrivateKey) RevocationGenerateWitness(accumulator *revocation.Accumulator) (*revocation.Witness, error)
- func (privk *PrivateKey) RevocationKey() (*revocation.PrivateKey, error)
- func (privk *PrivateKey) RevocationSupported() bool
- func (privk *PrivateKey) Validate() error
- func (privk *PrivateKey) WriteTo(writer io.Writer) (int64, error)
- func (privk *PrivateKey) WriteToFile(filename string, forceOverwrite bool) (int64, error)
- type Proof
- type ProofBuilder
- type ProofBuilderList
- func (builders ProofBuilderList) BuildDistributedProofList(challenge *big.Int, proofPs []*ProofP) (ProofList, error)
- func (builders ProofBuilderList) BuildProofList(context, nonce *big.Int, issig bool) ProofList
- func (builders ProofBuilderList) Challenge(context, nonce *big.Int, issig bool) *big.Int
- type ProofD
- func (p *ProofD) Challenge() *big.Int
- func (p *ProofD) ChallengeContribution(pk *PublicKey) ([]*big.Int, error)
- func (p *ProofD) GetDisclosedAttributes() map[int]*big.Int
- func (p *ProofD) HasNonRevocationProof() bool
- func (p *ProofD) MergeProofP(proofP *ProofP, pk *PublicKey)
- func (p *ProofD) SecretKeyResponse() *big.Int
- func (p *ProofD) Verify(pk *PublicKey, context, nonce1 *big.Int, issig bool) bool
- func (p *ProofD) VerifyWithChallenge(pk *PublicKey, reconstructedChallenge *big.Int) bool
- type ProofList
- func (pl ProofList) GetFirstProofU() (*ProofU, error)
- func (pl ProofList) GetProofD(n int) (*ProofD, error)
- func (pl ProofList) GetProofU(n int) (*ProofU, error)
- func (pl *ProofList) UnmarshalJSON(bytes []byte) error
- func (pl ProofList) Verify(publicKeys []*PublicKey, context, nonce *big.Int, issig bool, ...) bool
- type ProofP
- type ProofPCommitment
- type ProofS
- type ProofU
- func (p *ProofU) Challenge() *big.Int
- func (p *ProofU) ChallengeContribution(pk *PublicKey) ([]*big.Int, error)
- func (p *ProofU) MergeProofP(proofP *ProofP, pk *PublicKey)
- func (p *ProofU) SecretKeyResponse() *big.Int
- func (p *ProofU) Verify(pk *PublicKey, context, nonce *big.Int) bool
- func (p *ProofU) VerifyWithChallenge(pk *PublicKey, reconstructedChallenge *big.Int) bool
- type PublicKey
- func (pubk *PublicKey) Print() error
- func (pubk *PublicKey) RevocationKey() (*revocation.PublicKey, error)
- func (pubk *PublicKey) RevocationSupported() bool
- func (pubk *PublicKey) WriteTo(writer io.Writer) (int64, error)
- func (pubk *PublicKey) WriteToFile(filename string, forceOverwrite bool) (int64, error)
- type SystemParameters
Constants ¶
const ( //XMLHeader can be a used as the XML header when writing keys in XML format. XMLHeader = "<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"no\"?>\n" // DefaultEpochLength is the default epoch length for public keys. DefaultEpochLength = 432000 )
Variables ¶
var ( // ErrIncorrectProofOfSignatureCorrectness is issued when the the proof of // correctness on the signature does not verify. ErrIncorrectProofOfSignatureCorrectness = errors.New("Proof of correctness on signature does not verify.") // ErrIncorrectAttributeSignature is issued when the signature on the // attributes is not correct. ErrIncorrectAttributeSignature = errors.New("The Signature on the attributes is not correct.") )
var DefaultKeyLengths = getAvailableKeyLengths(DefaultSystemParameters)
DefaultKeyLengths is a slice of integers holding the keylengths for which system parameters are available.
var DefaultSystemParameters = map[int]*SystemParameters{ 1024: &SystemParameters{defaultBaseParameters[1024], MakeDerivedParameters(defaultBaseParameters[1024])}, 2048: &SystemParameters{defaultBaseParameters[2048], MakeDerivedParameters(defaultBaseParameters[2048])}, 4096: &SystemParameters{defaultBaseParameters[4096], MakeDerivedParameters(defaultBaseParameters[4096])}, }
DefaultSystemParameters holds per keylength the default parameters as are currently in use at the moment. This might (and probably will) change in the future.
var ( // ErrMissingProofU is returned when a ProofU proof is missing in a prooflist // when this is expected. ErrMissingProofU = errors.New("Missing ProofU in ProofList, has a CredentialBuilder been added?") )
var Logger *logrus.Logger
Functions ¶
func GenerateKeyPair ¶
func GenerateKeyPair(param *SystemParameters, numAttributes int, counter uint, expiryDate time.Time) (*PrivateKey, *PublicKey, error)
GenerateKeyPair generates a private/public keypair for an Issuer
func GenerateRevocationKeypair ¶
func GenerateRevocationKeypair(privk *PrivateKey, pubk *PublicKey) error
func GenerateSecretAttribute ¶
Generate secret attribute used prove ownership and links between credentials from the same user.
func RepresentToPublicKey ¶
RepresentToPublicKey returns a representation of the given exponents in terms of the R bases from the public key. For example given exponents exps[1],...,exps[k] this function returns
R[1]^{exps[1]}*...*R[k]^{exps[k]} (mod N)
with R and N coming from the public key. The exponents are hashed if their length exceeds the maximum message length from the public key.
Types ¶
type BaseParameters ¶
BaseParameters holds the base system parameters
type Bases ¶
Bases is a type that is introduced to simplify the encoding/decoding of a PublicKey whilst using the xml support of Go's standard library.
func (*Bases) MarshalXML ¶
MarshalXML is an internal function to simplify encoding a PublicKey to XML.
func (*Bases) UnmarshalXML ¶
UnmarshalXML is an internal function to simplify decoding a PublicKey from XML.
type CLSignature ¶
CLSignature is a data structure for holding a Camenisch-Lysyanskaya signature.
func SignMessageBlock ¶
func SignMessageBlock(sk *PrivateKey, pk *PublicKey, ms []*big.Int) (*CLSignature, error)
SignMessageBlock signs a message block (ms) using the Camenisch-Lysyanskaya signature scheme as used in the IdeMix system.
func (*CLSignature) Randomize ¶
func (s *CLSignature) Randomize(pk *PublicKey) *CLSignature
Randomize returns a randomized copy of the signature.
type Credential ¶
type Credential struct { Signature *CLSignature `json:"signature"` Pk *PublicKey `json:"pk"` Attributes []*big.Int `json:"attributes"` NonRevocationWitness *revocation.Witness `json:"nonrevWitness,omitempty"` // contains filtered or unexported fields }
Credential represents an Idemix credential.
func (*Credential) CreateDisclosureProof ¶
func (ic *Credential) CreateDisclosureProof(disclosedAttributes []int, nonrev bool, context, nonce1 *big.Int) (*ProofD, error)
CreateDisclosureProof creates a disclosure proof (ProofD) voor the provided indices of disclosed attributes.
func (*Credential) CreateDisclosureProofBuilder ¶
func (ic *Credential) CreateDisclosureProofBuilder(disclosedAttributes []int, nonrev bool) (*DisclosureProofBuilder, error)
CreateDisclosureProofBuilder produces a DisclosureProofBuilder, an object to hold the state in the protocol for producing a disclosure proof that is linked to other proofs.
func (*Credential) NonrevBuildProofBuilder ¶
func (ic *Credential) NonrevBuildProofBuilder() (*NonRevocationProofBuilder, error)
NonrevBuildProofBuilder builds and returns a new commited-to NonRevocationProofBuilder.
func (*Credential) NonrevIndex ¶
func (ic *Credential) NonrevIndex() (int, error)
func (*Credential) NonrevPrepareCache ¶
func (ic *Credential) NonrevPrepareCache() error
NonrevPrepareCache ensures that the Credential's nonrevocation proof builder cache is usable, by creating one if it does not exist, or otherwise updating it to the latest accumulator contained in the credential's witness.
type CredentialBuilder ¶
type CredentialBuilder struct {
// contains filtered or unexported fields
}
CredentialBuilder is a temporary object to hold some state for the protocol that is used to create (build) a credential. It also implements the ProofBuilder interface.
func NewCredentialBuilder ¶
func NewCredentialBuilder(pk *PublicKey, context, secret *big.Int, nonce2 *big.Int) *CredentialBuilder
NewCredentialBuilder creates a new credential builder. The resulting credential builder is already committed to the provided secret.
func NewCredentialBuilderFromString ¶
func NewCredentialBuilderFromString(bs string) *CredentialBuilder
func (*CredentialBuilder) Commit ¶
Commit commits to the secret (first) attribute using the provided randomizer.
func (*CredentialBuilder) CommitToSecretAndProve ¶
func (b *CredentialBuilder) CommitToSecretAndProve(nonce1 *big.Int) *IssueCommitmentMessage
CommitToSecretAndProve creates the response to the initial challenge nonce nonce1 sent by the issuer. The response consists of a commitment to the secret (set on creation of the builder, see NewBuilder) and a proof of correctness of this commitment.
func (*CredentialBuilder) ConstructCredential ¶
func (b *CredentialBuilder) ConstructCredential(msg *IssueSignatureMessage, attributes []*big.Int) (*Credential, error)
ConstructCredential creates a credential using the IssueSignatureMessage from the issuer and the content of the attributes.
func (*CredentialBuilder) CreateIssueCommitmentMessage ¶
func (b *CredentialBuilder) CreateIssueCommitmentMessage(proofs ProofList) *IssueCommitmentMessage
CreateIssueCommitmentMessage creates the IssueCommitmentMessage based on the provided prooflist, to be sent to the issuer.
func (*CredentialBuilder) CreateProof ¶
func (b *CredentialBuilder) CreateProof(challenge *big.Int) Proof
CreateProof creates a (ProofU) Proof using the provided challenge.
func (*CredentialBuilder) MergeProofPCommitment ¶
func (b *CredentialBuilder) MergeProofPCommitment(commitment *ProofPCommitment)
func (*CredentialBuilder) PublicKey ¶
func (b *CredentialBuilder) PublicKey() *PublicKey
PublicKey returns the Idemix public key against which the credential will verify.
func (*CredentialBuilder) ToString ¶
func (b *CredentialBuilder) ToString() string
PublicKey returns the Idemix public key against which the credential will verify.
type CredentialBuilderPublic ¶
type CredentialBuilderPublic struct { Pk *PublicKey `json:"pk"` Context *big.Int `json:"context"` Secret *big.Int `json:"secret"` VPrime *big.Int `json:"vPrime"` U *big.Int `json:"u"` UCommit *big.Int `json:"uCommit"` Nonce2 *big.Int `json:"nonce2"` VPrimeCommit *big.Int `json:"vPrimeCommit"` SkRandomizer *big.Int `json:"skRandomizer"` ProofPcomm *ProofPCommitment `json:"proofPcomm"` }
CredentialBuilderPublic is a temporary object to hold some state for the protocol that is used to create (build) a credential. It also implements the ProofBuilder interface.
type DerivedParameters ¶
type DerivedParameters struct { Le uint LeCommit uint LmCommit uint LRA uint LsCommit uint Lv uint LvCommit uint LvPrime uint LvPrimeCommit uint }
DerivedParameters holds system parameters that can be drived from base systemparameters (BaseParameters)
func MakeDerivedParameters ¶
func MakeDerivedParameters(base BaseParameters) DerivedParameters
MakeDerivedParameters computes the derived system parameters
type DisclosureProofBuilder ¶
type DisclosureProofBuilder struct {
// contains filtered or unexported fields
}
DisclosureProofBuilder is an object that holds the state for the protocol to produce a disclosure proof.
func NewDisclosureProofBuilderFromString ¶
func NewDisclosureProofBuilderFromString(pb string) *DisclosureProofBuilder
func (*DisclosureProofBuilder) Commit ¶
Commit commits to the first attribute (the secret) using the provided randomizer.
func (*DisclosureProofBuilder) CreateProof ¶
func (d *DisclosureProofBuilder) CreateProof(challenge *big.Int) Proof
CreateProof creates a (disclosure) proof with the provided challenge.
func (*DisclosureProofBuilder) MergeProofPCommitment ¶
func (d *DisclosureProofBuilder) MergeProofPCommitment(commitment *ProofPCommitment)
func (*DisclosureProofBuilder) PublicKey ¶
func (d *DisclosureProofBuilder) PublicKey() *PublicKey
PublicKey returns the Idemix public key against which this disclosure proof will verify.
func (*DisclosureProofBuilder) TimestampRequestContributions ¶
func (d *DisclosureProofBuilder) TimestampRequestContributions() (*big.Int, []*big.Int)
TimestampRequestContributions returns the contributions of this disclosure proof to the message that is to be signed by the timestamp server: - A of the randomized CL-signature - Slice of bigints populated with the disclosed attributes and 0 for the undisclosed ones.
func (*DisclosureProofBuilder) ToString ¶
func (pb *DisclosureProofBuilder) ToString() string
type DisclosureProofBuilderPublic ¶
type DisclosureProofBuilderPublic struct { RandomizedSignature *CLSignature `json:"RandomizedSignature"` ECommit *big.Int `json:"ECommit"` VCommit *big.Int `json:"VCommit"` AttrRandomizers map[int]*big.Int `json:"AttrRandomizers"` Z *big.Int `json:"Z"` DisclosedAttributes []int `json:"DisclosedAttributes"` UndisclosedAttributes []int `json:"UndisclosedAttributes"` Pk *PublicKey `json:"Pk"` Attributes []*big.Int `json:"Attributes"` NonrevBuilder *NonRevocationProofBuilder `json:"NonrevBuilder"` }
type EpochLength ¶
type EpochLength int
EpochLength is a type that is introduced to simplify the encoding/decoding of a PublicKey whilst using the xml support of Go's standard library.
func (*EpochLength) MarshalXML ¶
func (el *EpochLength) MarshalXML(e *xml.Encoder, start xml.StartElement) error
MarshalXML is an internal function to simplify encoding a PublicKey to XML.
func (*EpochLength) UnmarshalXML ¶
func (el *EpochLength) UnmarshalXML(d *xml.Decoder, start xml.StartElement) error
UnmarshalXML is an internal function to simplify decoding a PublicKey from XML.
type IssueCommitmentMessage ¶
type IssueCommitmentMessage struct { U *big.Int `json:"U,omitempty"` Nonce2 *big.Int `json:"n_2"` Proofs ProofList `json:"combinedProofs"` ProofPjwt string `json:"proofPJwt,omitempty"` ProofPjwts map[string]string `json:"proofPJwts,omitempty"` }
IssueCommitmentMessage encapsulates the messages sent by the receiver to the issuer in the second step of the issuance protocol.
type IssueSignatureMessage ¶
type IssueSignatureMessage struct { Proof *ProofS `json:"proof"` Signature *CLSignature `json:"signature"` NonRevocationWitness *revocation.Witness `json:"nonrev,omitempty"` }
IssueSignatureMessage encapsulates the messages sent from the issuer to the reciver in the final step of the issuance protocol.
type Issuer ¶
type Issuer struct { Sk *PrivateKey Pk *PublicKey Context *big.Int }
Issuer holds the key material for a credential issuer.
func NewIssuer ¶
func NewIssuer(sk *PrivateKey, pk *PublicKey, context *big.Int) *Issuer
NewIssuer creates a new credential issuer.
func (*Issuer) IssueSignature ¶
func (i *Issuer) IssueSignature(U *big.Int, attributes []*big.Int, witness *revocation.Witness, nonce2 *big.Int) (*IssueSignatureMessage, error)
IssueSignature produces an IssueSignatureMessage for the attributes based on the IssueCommitmentMessage provided. Note that this function DOES NOT check the proofs containted in the IssueCommitmentMessage! That needs to be done at a higher level!
type NonRevocationProofBuilder ¶
type NonRevocationProofBuilder struct {
// contains filtered or unexported fields
}
func (*NonRevocationProofBuilder) Commit ¶
func (b *NonRevocationProofBuilder) Commit() ([]*big.Int, error)
func (*NonRevocationProofBuilder) CreateProof ¶
func (b *NonRevocationProofBuilder) CreateProof(challenge *big.Int) *revocation.Proof
func (*NonRevocationProofBuilder) UpdateCommit ¶
func (b *NonRevocationProofBuilder) UpdateCommit(witness *revocation.Witness) error
UpdateCommit updates the builder to the latest accumulator contained in the specified (updated) witness.
type PrivateKey ¶
type PrivateKey struct { XMLName xml.Name `xml:"http://www.zurich.ibm.com/security/idemix IssuerPrivateKey"` Counter uint `xml:"Counter"` ExpiryDate int64 `xml:"ExpiryDate"` P *big.Int `xml:"Elements>p"` Q *big.Int `xml:"Elements>q"` PPrime *big.Int `xml:"Elements>pPrime"` QPrime *big.Int `xml:"Elements>qPrime"` ECDSA string `xml:",omitempty"` // contains filtered or unexported fields }
PrivateKey represents an issuer's private key.
func NewPrivateKey ¶
NewPrivateKey creates a new issuer private key using the provided parameters.
func NewPrivateKeyFromFile ¶
func NewPrivateKeyFromFile(filename string, demo bool) (*PrivateKey, error)
NewPrivateKeyFromFile create a new issuer private key from an xml file.
func NewPrivateKeyFromXML ¶
func NewPrivateKeyFromXML(xmlInput string, demo bool) (*PrivateKey, error)
NewPrivateKeyFromXML creates a new issuer private key using the xml data provided.
func (*PrivateKey) CacheOrder ¶
func (privk *PrivateKey) CacheOrder()
func (*PrivateKey) RevocationGenerateWitness ¶
func (privk *PrivateKey) RevocationGenerateWitness(accumulator *revocation.Accumulator) (*revocation.Witness, error)
func (*PrivateKey) RevocationKey ¶
func (privk *PrivateKey) RevocationKey() (*revocation.PrivateKey, error)
func (*PrivateKey) RevocationSupported ¶
func (privk *PrivateKey) RevocationSupported() bool
func (*PrivateKey) Validate ¶
func (privk *PrivateKey) Validate() error
func (*PrivateKey) WriteTo ¶
func (privk *PrivateKey) WriteTo(writer io.Writer) (int64, error)
WriteTo writes the XML-serialized public key to the given writer.
func (*PrivateKey) WriteToFile ¶
func (privk *PrivateKey) WriteToFile(filename string, forceOverwrite bool) (int64, error)
WriteToFile writes the private key to an xml file. If any existing file with the same filename should be overwritten, set forceOverwrite to true.
type Proof ¶
type Proof interface { VerifyWithChallenge(pk *PublicKey, reconstructedChallenge *big.Int) bool SecretKeyResponse() *big.Int ChallengeContribution(pk *PublicKey) ([]*big.Int, error) MergeProofP(proofP *ProofP, pk *PublicKey) }
Proof represents a non-interactive zero-knowledge proof
type ProofBuilder ¶
type ProofBuilder interface { Commit(randomizers map[string]*big.Int) []*big.Int CreateProof(challenge *big.Int) Proof PublicKey() *PublicKey MergeProofPCommitment(commitment *ProofPCommitment) }
ProofBuilder is an interface for a proof builder. That is, an object to hold the state to build a list of bounded proofs (see ProofList).
type ProofBuilderList ¶
type ProofBuilderList []ProofBuilder
ProofBuilderList is a list of proof builders, for calculating a list of bound proofs.
func (ProofBuilderList) BuildDistributedProofList ¶
func (ProofBuilderList) BuildProofList ¶
func (builders ProofBuilderList) BuildProofList(context, nonce *big.Int, issig bool) ProofList
BuildProofList builds a list of bounded proofs. For this it is given a list of ProofBuilders. Examples of proof builders are CredentialBuilder and DisclosureProofBuilder.
type ProofD ¶
type ProofD struct { C *big.Int `json:"c"` A *big.Int `json:"A"` EResponse *big.Int `json:"e_response"` VResponse *big.Int `json:"v_response"` AResponses map[int]*big.Int `json:"a_responses"` ADisclosed map[int]*big.Int `json:"a_disclosed"` NonRevocationProof *revocation.Proof `json:"nonrev_proof,omitempty"` }
ProofD represents a proof in the showing protocol.
func (*ProofD) Challenge ¶
Challenge returns the challenge in the proof (part of the Proof interface).
func (*ProofD) ChallengeContribution ¶
ChallengeContribution returns the contribution of this proof to the challenge.
func (*ProofD) HasNonRevocationProof ¶
func (*ProofD) MergeProofP ¶
func (*ProofD) SecretKeyResponse ¶
SecretKeyResponse returns the secret key response (as part of Proof interface).
type ProofList ¶
type ProofList []Proof
ProofList represents a list of (typically bound) proofs.
func (ProofList) GetFirstProofU ¶
GetFirstProofU returns the first ProofU in this proof list
func (*ProofList) UnmarshalJSON ¶
UnmarshalJSON implements json.Unmarshaler (json's default unmarshaler is unable to handle a list of interfaces).
func (ProofList) Verify ¶
func (pl ProofList) Verify(publicKeys []*PublicKey, context, nonce *big.Int, issig bool, keyshareServers []string) bool
Verify returns true when all the proofs inside verify. The keyshareServers parameter is used to indicate which proofs should be verified to share the same secret key: when two proofs share the same keyshare server (or none), so that they should have the same secret key, they should have identical entries (index-wise) in keyshareServers. Pass nil if all proofs should have the same secret key (i.e. it should be verified that all proofs use either none, or one and the same keyshare server). An empty ProofList is not considered valid.
type ProofP ¶
type ProofP struct { P *big.Int `json:"P"` C *big.Int `json:"c"` SResponse *big.Int `json:"s_response"` }
ProofP is a keyshare server's knowledge of its part of the secret key.
type ProofPCommitment ¶
ProofPCommitment is a keyshare server's first message in its proof of knowledge of its part of the secret key.
type ProofU ¶
type ProofU struct { U *big.Int `json:"U"` C *big.Int `json:"c"` VPrimeResponse *big.Int `json:"v_prime_response"` SResponse *big.Int `json:"s_response"` }
ProofU represents a proof of correctness of the commitment in the first phase of the issuance protocol.
func (*ProofU) Challenge ¶
Challenge returns the challenge in the proof (part of the Proof interface).
func (*ProofU) ChallengeContribution ¶
ChallengeContribution returns the contribution of this proof to the challenge.
func (*ProofU) MergeProofP ¶
func (*ProofU) SecretKeyResponse ¶
SecretKeyResponse returns the secret key response (as part of Proof interface).
type PublicKey ¶
type PublicKey struct { XMLName xml.Name `json:"xmlName" xml:"http://www.zurich.ibm.com/security/idemix IssuerPublicKey"` Counter uint `json:"Counter" xml:"Counter"` ExpiryDate int64 `json:"ExpiryDate" xml:"ExpiryDate"` N *big.Int `json:"N" xml:"Elements>n"` // Modulus n Z *big.Int `json:"Z" xml:"Elements>Z"` // Generator Z S *big.Int `json:"S" xml:"Elements>S"` // Generator S G *big.Int `json:"G" xml:"Elements>G"` // Generator G for revocation H *big.Int `json:"H" xml:"Elements>H"` // Generator H for revocation R Bases `json:"R" xml:"Elements>Bases"` EpochLength EpochLength `json:"epochLength" xml:"Features"` Params *SystemParameters `json:"Params" xml:"-"` Issuer string `json:"Issuer" xml:"-"` ECDSA string `json:"ECDSA" xml:",omitempty"` // contains filtered or unexported fields }
PublicKey represents an issuer's public key.
func NewPublicKey ¶
func NewPublicKey(N, Z, S, G, H *big.Int, R []*big.Int, ecdsa string, counter uint, expiryDate time.Time) *PublicKey
NewPublicKey creates and returns a new public key based on the provided parameters.
func NewPublicKeyFromBytes ¶
NewPublicKeyFromXML creates a new issuer public key using the xml data provided.
func NewPublicKeyFromFile ¶
NewPublicKeyFromFile create a new issuer public key from an xml file.
func NewPublicKeyFromXML ¶
func (*PublicKey) RevocationKey ¶
func (pubk *PublicKey) RevocationKey() (*revocation.PublicKey, error)
func (*PublicKey) RevocationSupported ¶
type SystemParameters ¶
type SystemParameters struct { BaseParameters DerivedParameters }
SystemParameters holds the system parameters of the IRMA system.
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
Package big contains a mostly API-compatible "math/big".Int that JSON-marshals to and from Base64.
|
Package big contains a mostly API-compatible "math/big".Int that JSON-marshals to and from Base64. |
internal
|
|
------------ INTRODUCTION ------------ This sublibrary implements functionality for creating and verifying zero knowledge attestations of proper generation of idemix keys.
|
------------ INTRODUCTION ------------ This sublibrary implements functionality for creating and verifying zero knowledge attestations of proper generation of idemix keys. |
Package revocation implements the RSA-B accumulator and associated zero knowledge proofs, introduced in "Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials", Jan Camenisch and Anna Lysyanskaya, CRYPTO 2002, DOI https://doi.org/10.1007/3-540-45708-9_5, http://static.cs.brown.edu/people/alysyans/papers/camlys02.pdf, and "Accumulators with Applications to Anonymity-Preserving Revocation", Foteini Baldimtsi et al, IEEE 2017, DOI https://doi.org/10.1109/EuroSP.2017.13, https://eprint.iacr.org/2017/043.pdf.
|
Package revocation implements the RSA-B accumulator and associated zero knowledge proofs, introduced in "Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials", Jan Camenisch and Anna Lysyanskaya, CRYPTO 2002, DOI https://doi.org/10.1007/3-540-45708-9_5, http://static.cs.brown.edu/people/alysyans/papers/camlys02.pdf, and "Accumulators with Applications to Anonymity-Preserving Revocation", Foteini Baldimtsi et al, IEEE 2017, DOI https://doi.org/10.1109/EuroSP.2017.13, https://eprint.iacr.org/2017/043.pdf. |
Package safeprime computes safe primes, i.e.
|
Package safeprime computes safe primes, i.e. |
Package signed contains (1) convenience functions for ECDSA private and public key handling, and for signing and verifying byte slices with ECDSA; (2) functions for marshaling structs to signed bytes, and verifying and unmarshaling signed bytes back to structs.
|
Package signed contains (1) convenience functions for ECDSA private and public key handling, and for signing and verifying byte slices with ECDSA; (2) functions for marshaling structs to signed bytes, and verifying and unmarshaling signed bytes back to structs. |