Documentation ¶
Overview ¶
Copyright IBM Corp. All Rights Reserved.
SPDX-License-Identifier: Apache-2.0
Copyright IBM Corp. All Rights Reserved.
SPDX-License-Identifier: Apache-2.0
Index ¶
- Constants
- type AuditVerificationType
- type BCCSP
- type DecrypterOpts
- type EidNymAuditOpts
- type EncrypterOpts
- type HashOpts
- type IdemixAttribute
- type IdemixAttributeType
- type IdemixCRISignerOpts
- type IdemixCredentialRequestSignerOpts
- type IdemixCredentialSignerOpts
- type IdemixIIssuerPublicKeyImporterErrorType
- type IdemixIssuerKeyGenOpts
- type IdemixIssuerKeyImportOpts
- type IdemixIssuerPublicKeyImportOpts
- type IdemixIssuerPublicKeyImporterError
- type IdemixNymKeyDerivationOpts
- type IdemixNymKeyImportOpts
- type IdemixNymPublicKeyImportOpts
- type IdemixNymSignerOpts
- type IdemixRevocationKeyGenOpts
- type IdemixRevocationKeyImportOpts
- type IdemixRevocationPublicKeyImportOpts
- type IdemixSignerMetadata
- type IdemixSignerOpts
- type IdemixUserSecretKeyGenOpts
- type IdemixUserSecretKeyImportOpts
- type Key
- type KeyDerivOpts
- type KeyGenOpts
- type KeyImportOpts
- type KeyStore
- type NymEIDAuditData
- type RevocationAlgorithm
- type SignatureType
- type SignerOpts
- type VerificationType
Constants ¶
const (
// IDEMIX constant to identify Idemix related algorithms
IDEMIX = "IDEMIX"
)
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuditVerificationType ¶
type AuditVerificationType int
AuditVerificationType describes the type of audit verification that is required
const ( // AuditExpectSignature performs the audit verification against a signature AuditExpectSignature AuditVerificationType = iota // AuditExpectEidNym performs the audit verification against a Nym EID AuditExpectEidNym )
type BCCSP ¶
type BCCSP interface { // KeyGen generates a key using opts. KeyGen(opts KeyGenOpts) (k Key, err error) // KeyDeriv derives a key from k using opts. // The opts argument should be appropriate for the primitive used. KeyDeriv(k Key, opts KeyDerivOpts) (dk Key, err error) // KeyImport imports a key from its raw representation using opts. // The opts argument should be appropriate for the primitive used. KeyImport(raw interface{}, opts KeyImportOpts) (k Key, err error) // GetKey returns the key this CSP associates to // the Subject Key Identifier ski. GetKey(ski []byte) (k Key, err error) // Hash hashes messages msg using options opts. // If opts is nil, the default hash function will be used. Hash(msg []byte, opts HashOpts) (hash []byte, err error) // GetHash returns and instance of hash.Hash using options opts. // If opts is nil, the default hash function will be returned. GetHash(opts HashOpts) (h hash.Hash, err error) // Sign signs digest using key k. // The opts argument should be appropriate for the algorithm used. // // Note that when a signature of a hash of a larger message is needed, // the caller is responsible for hashing the larger message and passing // the hash (as digest). Sign(k Key, digest []byte, opts SignerOpts) (signature []byte, err error) // Verify verifies signature against key k and digest // The opts argument should be appropriate for the algorithm used. Verify(k Key, signature, digest []byte, opts SignerOpts) (valid bool, err error) // Encrypt encrypts plaintext using key k. // The opts argument should be appropriate for the algorithm used. Encrypt(k Key, plaintext []byte, opts EncrypterOpts) (ciphertext []byte, err error) // Decrypt decrypts ciphertext using key k. // The opts argument should be appropriate for the algorithm used. Decrypt(k Key, ciphertext []byte, opts DecrypterOpts) (plaintext []byte, err error) }
BCCSP is the blockchain cryptographic service provider that offers the implementation of cryptographic standards and algorithms.
type DecrypterOpts ¶
type DecrypterOpts interface{}
DecrypterOpts contains options for decrypting with a CSP.
type EidNymAuditOpts ¶
type EidNymAuditOpts struct { AuditVerificationType AuditVerificationType EidIndex int EnrollmentID string RNymEid *math.Zr }
func (*EidNymAuditOpts) HashFunc ¶
func (o *EidNymAuditOpts) HashFunc() crypto.Hash
type EncrypterOpts ¶
type EncrypterOpts interface{}
EncrypterOpts contains options for encrypting with a CSP.
type HashOpts ¶
type HashOpts interface { // Algorithm returns the hash algorithm identifier (to be used). Algorithm() string }
HashOpts contains options for hashing with a CSP.
type IdemixAttribute ¶
type IdemixAttribute struct { // Type is the attribute's type Type IdemixAttributeType // Value is the attribute's value Value interface{} }
type IdemixAttributeType ¶
type IdemixAttributeType int
IdemixAttributeType represents the type of an idemix attribute
const ( // IdemixHiddenAttribute represents an hidden attribute IdemixHiddenAttribute IdemixAttributeType = iota // IdemixStringAttribute represents a sequence of bytes IdemixBytesAttribute // IdemixIntAttribute represents an int IdemixIntAttribute )
type IdemixCRISignerOpts ¶
type IdemixCRISignerOpts struct { Epoch int RevocationAlgorithm RevocationAlgorithm UnrevokedHandles [][]byte // H is the hash function to be used H crypto.Hash }
IdemixCRISignerOpts contains the options to generate an Idemix CRI. The CRI is supposed to be generated by the Issuing authority and can be verified publicly by using the revocation public key.
func (*IdemixCRISignerOpts) HashFunc ¶
func (o *IdemixCRISignerOpts) HashFunc() crypto.Hash
type IdemixCredentialRequestSignerOpts ¶
type IdemixCredentialRequestSignerOpts struct { // Attributes contains a list of indices of the attributes to be included in the // credential. The indices are with the respect to IdemixIssuerKeyGenOpts#AttributeNames. Attributes []int // IssuerPK is the public-key of the issuer IssuerPK Key // IssuerNonce is generated by the issuer and used by the client to generate the credential request. // Once the issuer gets the credential requests, it checks that the nonce is the same. IssuerNonce []byte // HashFun is the hash function to be used H crypto.Hash }
IdemixCredentialRequestSignerOpts contains the option to create a Idemix credential request.
func (*IdemixCredentialRequestSignerOpts) HashFunc ¶
func (o *IdemixCredentialRequestSignerOpts) HashFunc() crypto.Hash
func (*IdemixCredentialRequestSignerOpts) IssuerPublicKey ¶
func (o *IdemixCredentialRequestSignerOpts) IssuerPublicKey() Key
IssuerPublicKey returns the issuer public key used to derive a new unlinkable pseudonym from a credential secret key
type IdemixCredentialSignerOpts ¶
type IdemixCredentialSignerOpts struct { // Attributes to include in the credentials. IdemixHiddenAttribute is not allowed here Attributes []IdemixAttribute // IssuerPK is the public-key of the issuer IssuerPK Key // HashFun is the hash function to be used H crypto.Hash }
IdemixCredentialSignerOpts contains the options to produce a credential starting from a credential request
func (*IdemixCredentialSignerOpts) HashFunc ¶
func (o *IdemixCredentialSignerOpts) HashFunc() crypto.Hash
HashFunc returns an identifier for the hash function used to produce the message passed to Signer.Sign, or else zero to indicate that no hashing was done.
func (*IdemixCredentialSignerOpts) IssuerPublicKey ¶
func (o *IdemixCredentialSignerOpts) IssuerPublicKey() Key
type IdemixIIssuerPublicKeyImporterErrorType ¶
type IdemixIIssuerPublicKeyImporterErrorType int
const ( IdemixIssuerPublicKeyImporterUnmarshallingError IdemixIIssuerPublicKeyImporterErrorType = iota IdemixIssuerPublicKeyImporterHashError IdemixIssuerPublicKeyImporterValidationError IdemixIssuerPublicKeyImporterNumAttributesError IdemixIssuerPublicKeyImporterAttributeNameError )
type IdemixIssuerKeyGenOpts ¶
type IdemixIssuerKeyGenOpts struct { // Temporary tells if the key is ephemeral Temporary bool // AttributeNames is a list of attributes AttributeNames []string }
IdemixIssuerKeyGenOpts contains the options for the Idemix Issuer key-generation. A list of attribytes may be optionally passed
func (*IdemixIssuerKeyGenOpts) Algorithm ¶
func (*IdemixIssuerKeyGenOpts) Algorithm() string
Algorithm returns the key generation algorithm identifier (to be used).
func (*IdemixIssuerKeyGenOpts) Ephemeral ¶
func (o *IdemixIssuerKeyGenOpts) Ephemeral() bool
Ephemeral returns true if the key to generate has to be ephemeral, false otherwise.
type IdemixIssuerKeyImportOpts ¶
type IdemixIssuerKeyImportOpts struct { Temporary bool // AttributeNames is a list of attributes to ensure the import public key has AttributeNames []string }
IdemixIssuerKeyImportOpts contains the options for importing of an Idemix issuer public key.
func (*IdemixIssuerKeyImportOpts) Algorithm ¶
func (*IdemixIssuerKeyImportOpts) Algorithm() string
Algorithm returns the key generation algorithm identifier (to be used).
func (*IdemixIssuerKeyImportOpts) Ephemeral ¶
func (o *IdemixIssuerKeyImportOpts) Ephemeral() bool
Ephemeral returns true if the key to generate has to be ephemeral, false otherwise.
type IdemixIssuerPublicKeyImportOpts ¶
type IdemixIssuerPublicKeyImportOpts struct { Temporary bool // AttributeNames is a list of attributes to ensure the import public key has AttributeNames []string }
IdemixIssuerPublicKeyImportOpts contains the options for importing of an Idemix issuer public key.
func (*IdemixIssuerPublicKeyImportOpts) Algorithm ¶
func (*IdemixIssuerPublicKeyImportOpts) Algorithm() string
Algorithm returns the key generation algorithm identifier (to be used).
func (*IdemixIssuerPublicKeyImportOpts) Ephemeral ¶
func (o *IdemixIssuerPublicKeyImportOpts) Ephemeral() bool
Ephemeral returns true if the key to generate has to be ephemeral, false otherwise.
type IdemixIssuerPublicKeyImporterError ¶
type IdemixIssuerPublicKeyImporterError struct { Type IdemixIIssuerPublicKeyImporterErrorType ErrorMsg string Cause error }
func (*IdemixIssuerPublicKeyImporterError) Error ¶
func (r *IdemixIssuerPublicKeyImporterError) Error() string
type IdemixNymKeyDerivationOpts ¶
type IdemixNymKeyDerivationOpts struct { // Temporary tells if the key is ephemeral Temporary bool // IssuerPK is the public-key of the issuer IssuerPK Key }
IdemixNymKeyDerivationOpts contains the options to create a new unlinkable pseudonym from a credential secret key with the respect to the specified issuer public key
func (*IdemixNymKeyDerivationOpts) Algorithm ¶
func (*IdemixNymKeyDerivationOpts) Algorithm() string
Algorithm returns the key derivation algorithm identifier (to be used).
func (*IdemixNymKeyDerivationOpts) Ephemeral ¶
func (o *IdemixNymKeyDerivationOpts) Ephemeral() bool
Ephemeral returns true if the key to derive has to be ephemeral, false otherwise.
func (*IdemixNymKeyDerivationOpts) IssuerPublicKey ¶
func (o *IdemixNymKeyDerivationOpts) IssuerPublicKey() Key
IssuerPublicKey returns the issuer public key used to derive a new unlinkable pseudonym from a credential secret key
type IdemixNymKeyImportOpts ¶
type IdemixNymKeyImportOpts struct { // Temporary tells if the key is ephemeral Temporary bool }
IdemixNymKeyImportOpts contains the options to import a pseudonym
func (*IdemixNymKeyImportOpts) Algorithm ¶
func (*IdemixNymKeyImportOpts) Algorithm() string
Algorithm returns the key derivation algorithm identifier (to be used).
func (*IdemixNymKeyImportOpts) Ephemeral ¶
func (o *IdemixNymKeyImportOpts) Ephemeral() bool
Ephemeral returns true if the key to derive has to be ephemeral, false otherwise.
type IdemixNymPublicKeyImportOpts ¶
type IdemixNymPublicKeyImportOpts struct { // Temporary tells if the key is ephemeral Temporary bool }
IdemixNymPublicKeyImportOpts contains the options to import the public part of a pseudonym
func (*IdemixNymPublicKeyImportOpts) Algorithm ¶
func (*IdemixNymPublicKeyImportOpts) Algorithm() string
Algorithm returns the key derivation algorithm identifier (to be used).
func (*IdemixNymPublicKeyImportOpts) Ephemeral ¶
func (o *IdemixNymPublicKeyImportOpts) Ephemeral() bool
Ephemeral returns true if the key to derive has to be ephemeral, false otherwise.
type IdemixNymSignerOpts ¶
type IdemixNymSignerOpts struct { // Nym is the pseudonym to be used Nym Key // IssuerPK is the public-key of the issuer IssuerPK Key // H is the hash function to be used H crypto.Hash }
IdemixNymSignerOpts contains the options to generate an idemix pseudonym signature.
func (*IdemixNymSignerOpts) HashFunc ¶
func (o *IdemixNymSignerOpts) HashFunc() crypto.Hash
HashFunc returns an identifier for the hash function used to produce the message passed to Signer.Sign, or else zero to indicate that no hashing was done.
type IdemixRevocationKeyGenOpts ¶
type IdemixRevocationKeyGenOpts struct { // Temporary tells if the key is ephemeral Temporary bool }
IdemixRevocationKeyGenOpts contains the options for the Idemix revocation key-generation.
func (*IdemixRevocationKeyGenOpts) Algorithm ¶
func (*IdemixRevocationKeyGenOpts) Algorithm() string
Algorithm returns the key generation algorithm identifier (to be used).
func (*IdemixRevocationKeyGenOpts) Ephemeral ¶
func (o *IdemixRevocationKeyGenOpts) Ephemeral() bool
Ephemeral returns true if the key to generate has to be ephemeral, false otherwise.
type IdemixRevocationKeyImportOpts ¶
type IdemixRevocationKeyImportOpts struct {
Temporary bool
}
IdemixRevocationKeyImportOpts contains the options for importing of an Idemix revocation key pair.
func (*IdemixRevocationKeyImportOpts) Algorithm ¶
func (*IdemixRevocationKeyImportOpts) Algorithm() string
Algorithm returns the key generation algorithm identifier (to be used).
func (*IdemixRevocationKeyImportOpts) Ephemeral ¶
func (o *IdemixRevocationKeyImportOpts) Ephemeral() bool
Ephemeral returns true if the key to generate has to be ephemeral, false otherwise.
type IdemixRevocationPublicKeyImportOpts ¶
type IdemixRevocationPublicKeyImportOpts struct {
Temporary bool
}
IdemixRevocationPublicKeyImportOpts contains the options for importing of an Idemix revocation public key.
func (*IdemixRevocationPublicKeyImportOpts) Algorithm ¶
func (*IdemixRevocationPublicKeyImportOpts) Algorithm() string
Algorithm returns the key generation algorithm identifier (to be used).
func (*IdemixRevocationPublicKeyImportOpts) Ephemeral ¶
func (o *IdemixRevocationPublicKeyImportOpts) Ephemeral() bool
Ephemeral returns true if the key to generate has to be ephemeral, false otherwise.
type IdemixSignerMetadata ¶
type IdemixSignerMetadata struct { NymEID []byte NymEIDAuditData *NymEIDAuditData }
type IdemixSignerOpts ¶
type IdemixSignerOpts struct { // Nym is the pseudonym to be used Nym Key // IssuerPK is the public-key of the issuer IssuerPK Key // Credential is the byte representation of the credential signed by the issuer Credential []byte // Attributes specifies which attribute should be disclosed and which not. // If Attributes[i].Type = IdemixHiddenAttribute // then the i-th credential attribute should not be disclosed, otherwise the i-th // credential attribute will be disclosed. // At verification time, if the i-th attribute is disclosed (Attributes[i].Type != IdemixHiddenAttribute), // then Attributes[i].Value must be set accordingly. Attributes []IdemixAttribute // RhIndex is the index of attribute containing the revocation handler. // Notice that this attributed cannot be discloused RhIndex int // EidIndex contains the index of the EID attrbiute EidIndex int // CRI contains the credential revocation information CRI []byte // Epoch is the revocation epoch the signature should be produced against Epoch int // RevocationPublicKey is the revocation public key RevocationPublicKey Key // H is the hash function to be used H crypto.Hash // SigType is the type of signature that shall be generated SigType SignatureType // IdemixSignerMetadata contains metadata about the signature Metadata *IdemixSignerMetadata // VerificationType controls what type of verification the caller expects VerificationType VerificationType }
IdemixSignerOpts contains the options to generate an Idemix signature
func (*IdemixSignerOpts) HashFunc ¶
func (o *IdemixSignerOpts) HashFunc() crypto.Hash
type IdemixUserSecretKeyGenOpts ¶
type IdemixUserSecretKeyGenOpts struct {
Temporary bool
}
IdemixUserSecretKeyGenOpts contains the options for the generation of an Idemix credential secret key.
func (*IdemixUserSecretKeyGenOpts) Algorithm ¶
func (*IdemixUserSecretKeyGenOpts) Algorithm() string
Algorithm returns the key generation algorithm identifier (to be used).
func (*IdemixUserSecretKeyGenOpts) Ephemeral ¶
func (o *IdemixUserSecretKeyGenOpts) Ephemeral() bool
Ephemeral returns true if the key to generate has to be ephemeral, false otherwise.
type IdemixUserSecretKeyImportOpts ¶
type IdemixUserSecretKeyImportOpts struct {
Temporary bool
}
IdemixUserSecretKeyImportOpts contains the options for importing of an Idemix credential secret key.
func (*IdemixUserSecretKeyImportOpts) Algorithm ¶
func (*IdemixUserSecretKeyImportOpts) Algorithm() string
Algorithm returns the key generation algorithm identifier (to be used).
func (*IdemixUserSecretKeyImportOpts) Ephemeral ¶
func (o *IdemixUserSecretKeyImportOpts) Ephemeral() bool
Ephemeral returns true if the key to generate has to be ephemeral, false otherwise.
type Key ¶
type Key interface { // Bytes converts this key to its byte representation, // if this operation is allowed. Bytes() ([]byte, error) // SKI returns the subject key identifier of this key. SKI() []byte // Symmetric returns true if this key is a symmetric key, // false is this key is asymmetric Symmetric() bool // Private returns true if this key is a private key, // false otherwise. Private() bool // PublicKey returns the corresponding public key part of an asymmetric public/private key pair. // This method returns an error in symmetric key schemes. PublicKey() (Key, error) }
Key represents a cryptographic key
type KeyDerivOpts ¶
type KeyDerivOpts interface { // Algorithm returns the key derivation algorithm identifier (to be used). Algorithm() string // Ephemeral returns true if the key to derived has to be ephemeral, // false otherwise. Ephemeral() bool }
KeyDerivOpts contains options for key-derivation with a CSP.
type KeyGenOpts ¶
type KeyGenOpts interface { // Algorithm returns the key generation algorithm identifier (to be used). Algorithm() string // Ephemeral returns true if the key to generate has to be ephemeral, // false otherwise. Ephemeral() bool }
KeyGenOpts contains options for key-generation with a CSP.
type KeyImportOpts ¶
type KeyImportOpts interface { // Algorithm returns the key importation algorithm identifier (to be used). Algorithm() string // Ephemeral returns true if the key generated has to be ephemeral, // false otherwise. Ephemeral() bool }
KeyImportOpts contains options for importing the raw material of a key with a CSP.
type KeyStore ¶
type KeyStore interface { // ReadOnly returns true if this KeyStore is read only, false otherwise. // If ReadOnly is true then StoreKey will fail. ReadOnly() bool // GetKey returns a key object whose SKI is the one passed. GetKey(ski []byte) (k Key, err error) // StoreKey stores the key k in this KeyStore. // If this KeyStore is read only then the method will fail. StoreKey(k Key) (err error) }
KeyStore represents a storage system for cryptographic keys. It allows to store and retrieve bccsp.Key objects. The KeyStore can be read only, in that case StoreKey will return an error.
type NymEIDAuditData ¶
type NymEIDAuditData struct { // Nym is the EID Nym Nym *math.G1 // RNymEid is the randomness used to generate the EID Nym RNymEid *math.Zr // EID is the enrollment id EID *math.Zr }
NymEIDAuditData contains the data that is used to audit the nym EID. Notice that this data should be used only after validating the corresponding signature.
type RevocationAlgorithm ¶
type RevocationAlgorithm int32
RevocationAlgorithm identifies the revocation algorithm
const ( // AlgNoRevocation means no revocation support AlgNoRevocation RevocationAlgorithm = iota )
type SignatureType ¶
type SignatureType int
SignatureType describes the type of idemix signature
const ( // Standard is the base signature type Standard SignatureType = iota // EidNym adds a hiding and binding commitment to the enrollment id and proves its correctness EidNym )
type SignerOpts ¶
type SignerOpts interface { crypto.SignerOpts }
SignerOpts contains options for signing with a CSP.
type VerificationType ¶
type VerificationType int
VerificationType describes the type of verification that is required
const ( // Basic performs the verification without any of the extensions (e.g. it ignores the nym eid) Basic VerificationType = iota // BestEffort performs all verifications possible given the available information in the signature/opts BestEffort // ExpectStandard expects a SignatureType of type Standard ExpectStandard // ExpectEidNym expects a SignatureType of type EidNym ExpectEidNym )
Directories ¶
Path | Synopsis |
---|---|
aries
module
|
|
dlog
|
|
handlers/mock
Code generated by counterfeiter.
|
Code generated by counterfeiter. |
weak-bb
module
|