fabric: github.com/hyperledger/fabric/bccsp/idemix/handlers Index | Files | Directories

package handlers

import "github.com/hyperledger/fabric/bccsp/idemix/handlers"

Copyright IBM Corp. All Rights Reserved.

SPDX-License-Identifier: Apache-2.0

Copyright IBM Corp. All Rights Reserved.

SPDX-License-Identifier: Apache-2.0

Copyright IBM Corp. All Rights Reserved.

SPDX-License-Identifier: Apache-2.0

Copyright IBM Corp. All Rights Reserved.

SPDX-License-Identifier: Apache-2.0

Copyright IBM Corp. All Rights Reserved.

SPDX-License-Identifier: Apache-2.0

Copyright IBM Corp. All Rights Reserved.

SPDX-License-Identifier: Apache-2.0

Copyright IBM Corp. All Rights Reserved.

SPDX-License-Identifier: Apache-2.0

Copyright IBM Corp. All Rights Reserved.

SPDX-License-Identifier: Apache-2.0

Index

Package Files

cred.go idemix.go issuer.go nym.go nymsigner.go revocation.go signer.go user.go

func NewIssuerPublicKey Uses

func NewIssuerPublicKey(pk IssuerPublicKey) *issuerPublicKey

func NewIssuerSecretKey Uses

func NewIssuerSecretKey(sk IssuerSecretKey, exportable bool) *issuerSecretKey

func NewNymPublicKey Uses

func NewNymPublicKey(pk Ecp) *nymPublicKey

func NewNymSecretKey Uses

func NewNymSecretKey(sk Big, pk Ecp, exportable bool) (*nymSecretKey, error)

func NewRevocationPublicKey Uses

func NewRevocationPublicKey(pubKey *ecdsa.PublicKey) *revocationPublicKey

func NewRevocationSecretKey Uses

func NewRevocationSecretKey(sk *ecdsa.PrivateKey, exportable bool) *revocationSecretKey

func NewUserSecretKey Uses

func NewUserSecretKey(sk Big, exportable bool) *userSecretKey

type Big Uses

type Big interface {
    // Bytes returns the byte representation of this key
    Bytes() ([]byte, error)
}

Big represent a big integer

type CredRequest Uses

type CredRequest interface {
    // Sign creates a new Credential Request, the first message of the interactive credential issuance protocol
    // (from user to issuer)
    Sign(sk Big, ipk IssuerPublicKey, nonce []byte) ([]byte, error)

    // Verify verifies the credential request
    Verify(credRequest []byte, ipk IssuerPublicKey, nonce []byte) error
}

CredRequest is a local interface to decouple from the idemix implementation of the issuance of credential requests.

type Credential Uses

type Credential interface {

    // Sign issues a new credential, which is the last step of the interactive issuance protocol
    // All attribute values are added by the issuer at this step and then signed together with a commitment to
    // the user's secret key from a credential request
    Sign(key IssuerSecretKey, credentialRequest []byte, attributes []bccsp.IdemixAttribute) ([]byte, error)

    // Verify cryptographically verifies the credential by verifying the signature
    // on the attribute values and user's secret key
    Verify(sk Big, ipk IssuerPublicKey, credential []byte, attributes []bccsp.IdemixAttribute) error
}

CredRequest is a local interface to decouple from the idemix implementation of the issuance of credentials.

type CredentialRequestSigner Uses

type CredentialRequestSigner struct {
    // CredRequest implements the underlying cryptographic algorithms
    CredRequest CredRequest
}

CredentialRequestSigner produces credential requests

func (*CredentialRequestSigner) Sign Uses

func (c *CredentialRequestSigner) Sign(k bccsp.Key, digest []byte, opts bccsp.SignerOpts) ([]byte, error)

type CredentialRequestVerifier Uses

type CredentialRequestVerifier struct {
    // CredRequest implements the underlying cryptographic algorithms
    CredRequest CredRequest
}

CredentialRequestVerifier verifies credential requests

func (*CredentialRequestVerifier) Verify Uses

func (c *CredentialRequestVerifier) Verify(k bccsp.Key, signature, digest []byte, opts bccsp.SignerOpts) (bool, error)

type CredentialSigner Uses

type CredentialSigner struct {
    Credential Credential
}

func (*CredentialSigner) Sign Uses

func (s *CredentialSigner) Sign(k bccsp.Key, digest []byte, opts bccsp.SignerOpts) (signature []byte, err error)

type CredentialVerifier Uses

type CredentialVerifier struct {
    Credential Credential
}

func (*CredentialVerifier) Verify Uses

func (v *CredentialVerifier) Verify(k bccsp.Key, signature, digest []byte, opts bccsp.SignerOpts) (valid bool, err error)

type CriSigner Uses

type CriSigner struct {
    Revocation Revocation
}

func (*CriSigner) Sign Uses

func (s *CriSigner) Sign(k bccsp.Key, digest []byte, opts bccsp.SignerOpts) ([]byte, error)

type CriVerifier Uses

type CriVerifier struct {
    Revocation Revocation
}

func (*CriVerifier) Verify Uses

func (v *CriVerifier) Verify(k bccsp.Key, signature, digest []byte, opts bccsp.SignerOpts) (bool, error)

type Ecp Uses

type Ecp interface {
    // Bytes returns the byte representation of this key
    Bytes() ([]byte, error)
}

Ecp represents an elliptic curve point

type Issuer Uses

type Issuer interface {
    // NewKey generates a new idemix issuer key w.r.t the passed attribute names.
    NewKey(AttributeNames []string) (IssuerSecretKey, error)

    // NewPublicKeyFromBytes converts the passed bytes to an Issuer public key
    // It makes sure that the so obtained public key has the passed attributes, if specified
    NewPublicKeyFromBytes(raw []byte, attributes []string) (IssuerPublicKey, error)
}

Issuer is a local interface to decouple from the idemix implementation

type IssuerKeyGen Uses

type IssuerKeyGen struct {
    // exportable is a flag to allow an issuer secret key to be marked as exportable.
    // If a secret key is marked as exportable, its Bytes method will return the key's byte representation.
    Exportable bool
    // Issuer implements the underlying cryptographic algorithms
    Issuer Issuer
}

IssuerKeyGen generates issuer secret keys.

func (*IssuerKeyGen) KeyGen Uses

func (g *IssuerKeyGen) KeyGen(opts bccsp.KeyGenOpts) (k bccsp.Key, err error)

type IssuerPublicKey Uses

type IssuerPublicKey interface {

    // Bytes returns the byte representation of this key
    Bytes() ([]byte, error)

    // Hash returns the hash representation of this key.
    // The output is supposed to be collision-resistant
    Hash() []byte
}

IssuerPublicKey is the issuer public key

type IssuerPublicKeyImporter Uses

type IssuerPublicKeyImporter struct {
    // Issuer implements the underlying cryptographic algorithms
    Issuer Issuer
}

IssuerPublicKeyImporter imports issuer public keys

func (*IssuerPublicKeyImporter) KeyImport Uses

func (i *IssuerPublicKeyImporter) KeyImport(raw interface{}, opts bccsp.KeyImportOpts) (k bccsp.Key, err error)

type IssuerSecretKey Uses

type IssuerSecretKey interface {

    // Bytes returns the byte representation of this key
    Bytes() ([]byte, error)

    // Public returns the corresponding public key
    Public() IssuerPublicKey
}

IssuerPublicKey is the issuer secret key

type NymKeyDerivation Uses

type NymKeyDerivation struct {
    // Exportable is a flag to allow an issuer secret key to be marked as Exportable.
    // If a secret key is marked as Exportable, its Bytes method will return the key's byte representation.
    Exportable bool
    // User implements the underlying cryptographic algorithms
    User User
}

NymKeyDerivation derives nyms

func (*NymKeyDerivation) KeyDeriv Uses

func (kd *NymKeyDerivation) KeyDeriv(k bccsp.Key, opts bccsp.KeyDerivOpts) (dk bccsp.Key, err error)

type NymPublicKeyImporter Uses

type NymPublicKeyImporter struct {
    // User implements the underlying cryptographic algorithms
    User User
}

NymPublicKeyImporter imports nym public keys

func (*NymPublicKeyImporter) KeyImport Uses

func (i *NymPublicKeyImporter) KeyImport(raw interface{}, opts bccsp.KeyImportOpts) (k bccsp.Key, err error)

type NymSignatureScheme Uses

type NymSignatureScheme interface {
    // Sign creates a new idemix pseudonym signature
    Sign(sk Big, Nym Ecp, RNym Big, ipk IssuerPublicKey, digest []byte) ([]byte, error)

    // Verify verifies an idemix NymSignature
    Verify(pk IssuerPublicKey, Nym Ecp, signature, digest []byte) error
}

NymSignatureScheme is a local interface to decouple from the idemix implementation the nym sign-related operations

type NymSigner Uses

type NymSigner struct {
    NymSignatureScheme NymSignatureScheme
}

func (*NymSigner) Sign Uses

func (s *NymSigner) Sign(k bccsp.Key, digest []byte, opts bccsp.SignerOpts) ([]byte, error)

type NymVerifier Uses

type NymVerifier struct {
    NymSignatureScheme NymSignatureScheme
}

func (*NymVerifier) Verify Uses

func (v *NymVerifier) Verify(k bccsp.Key, signature, digest []byte, opts bccsp.SignerOpts) (bool, error)

type Revocation Uses

type Revocation interface {

    // NewKey generates a long term signing key that will be used for revocation
    NewKey() (*ecdsa.PrivateKey, error)

    // Sign creates the Credential Revocation Information for a certain time period (epoch).
    // Users can use the CRI to prove that they are not revoked.
    // Note that when not using revocation (i.e., alg = ALG_NO_REVOCATION), the entered unrevokedHandles are not used,
    // and the resulting CRI can be used by any signer.
    Sign(key *ecdsa.PrivateKey, unrevokedHandles [][]byte, epoch int, alg bccsp.RevocationAlgorithm) ([]byte, error)

    // Verify verifies that the revocation PK for a certain epoch is valid,
    // by checking that it was signed with the long term revocation key.
    // Note that even if we use no revocation (i.e., alg = ALG_NO_REVOCATION), we need
    // to verify the signature to make sure the issuer indeed signed that no revocation
    // is used in this epoch.
    Verify(pk *ecdsa.PublicKey, cri []byte, epoch int, alg bccsp.RevocationAlgorithm) error
}

Revocation is a local interface to decouple from the idemix implementation the revocation-related operations

type RevocationKeyGen Uses

type RevocationKeyGen struct {
    // exportable is a flag to allow an revocation secret key to be marked as exportable.
    // If a secret key is marked as exportable, its Bytes method will return the key's byte representation.
    Exportable bool
    // Revocation implements the underlying cryptographic algorithms
    Revocation Revocation
}

RevocationKeyGen generates revocation secret keys.

func (*RevocationKeyGen) KeyGen Uses

func (g *RevocationKeyGen) KeyGen(opts bccsp.KeyGenOpts) (bccsp.Key, error)

type RevocationPublicKeyImporter Uses

type RevocationPublicKeyImporter struct {
}

RevocationPublicKeyImporter imports revocation public keys

func (*RevocationPublicKeyImporter) KeyImport Uses

func (i *RevocationPublicKeyImporter) KeyImport(raw interface{}, opts bccsp.KeyImportOpts) (k bccsp.Key, err error)

type SignatureScheme Uses

type SignatureScheme interface {
    // Sign creates a new idemix signature (Schnorr-type signature).
    // The attributes slice steers which attributes are disclosed:
    // If attributes[i].Type == bccsp.IdemixHiddenAttribute then attribute i remains hidden and otherwise it is disclosed.
    // We require the revocation handle to remain undisclosed (i.e., attributes[rhIndex] == bccsp.IdemixHiddenAttribute).
    // Parameters are to be understood as follow:
    // cred: the serialized version of an idemix credential;
    // sk: the user secret key;
    // (Nym, RNym): Nym key-pair;
    // ipk: issuer public key;
    // attributes: as described above;
    // msg: the message to be signed;
    // rhIndex: revocation handle index relative to attributes;
    // cri: the serialized version of the Credential Revocation Information (it contains the epoch this signature
    // is created in reference to).
    Sign(cred []byte, sk Big, Nym Ecp, RNym Big, ipk IssuerPublicKey, attributes []bccsp.IdemixAttribute,
        msg []byte, rhIndex int, cri []byte) ([]byte, error)

    // Verify verifies an idemix signature.
    // The attribute slice steers which attributes it expects to be disclosed
    // If attributes[i].Type == bccsp.IdemixHiddenAttribute then attribute i remains hidden and otherwise
    // attributes[i].Value is expected to contain the disclosed attribute value.
    // In other words, this function will check that if attribute i is disclosed, the i-th attribute equals attributes[i].Value.
    // Parameters are to be understood as follow:
    // ipk: issuer public key;
    // signature: signature to verify;
    // msg: message signed;
    // attributes: as described above;
    // rhIndex: revocation handle index relative to attributes;
    // revocationPublicKey: revocation public key;
    // epoch: revocation epoch.
    Verify(ipk IssuerPublicKey, signature, msg []byte, attributes []bccsp.IdemixAttribute, rhIndex int, revocationPublicKey *ecdsa.PublicKey, epoch int) error
}

SignatureScheme is a local interface to decouple from the idemix implementation the sign-related operations

type Signer Uses

type Signer struct {
    SignatureScheme SignatureScheme
}

func (*Signer) Sign Uses

func (s *Signer) Sign(k bccsp.Key, digest []byte, opts bccsp.SignerOpts) ([]byte, error)

type User Uses

type User interface {
    // NewKey generates a new User secret key
    NewKey() (Big, error)

    // NewKeyFromBytes converts the passed bytes to a User secret key
    NewKeyFromBytes(raw []byte) (Big, error)

    // MakeNym creates a new unlinkable pseudonym
    MakeNym(sk Big, key IssuerPublicKey) (Ecp, Big, error)

    // NewPublicNymFromBytes converts the passed bytes to a public nym
    NewPublicNymFromBytes(raw []byte) (Ecp, error)
}

User is a local interface to decouple from the idemix implementation

type UserKeyGen Uses

type UserKeyGen struct {
    // Exportable is a flag to allow an issuer secret key to be marked as Exportable.
    // If a secret key is marked as Exportable, its Bytes method will return the key's byte representation.
    Exportable bool
    // User implements the underlying cryptographic algorithms
    User User
}

func (*UserKeyGen) KeyGen Uses

func (g *UserKeyGen) KeyGen(opts bccsp.KeyGenOpts) (bccsp.Key, error)

type UserKeyImporter Uses

type UserKeyImporter struct {
    // Exportable is a flag to allow a secret key to be marked as Exportable.
    // If a secret key is marked as Exportable, its Bytes method will return the key's byte representation.
    Exportable bool
    // User implements the underlying cryptographic algorithms
    User User
}

UserKeyImporter import user keys

func (*UserKeyImporter) KeyImport Uses

func (i *UserKeyImporter) KeyImport(raw interface{}, opts bccsp.KeyImportOpts) (k bccsp.Key, err error)

type Verifier Uses

type Verifier struct {
    SignatureScheme SignatureScheme
}

func (*Verifier) Verify Uses

func (v *Verifier) Verify(k bccsp.Key, signature, digest []byte, opts bccsp.SignerOpts) (bool, error)

Directories

PathSynopsis
mockCode generated by counterfeiter.

Package handlers imports 9 packages (graph) and is imported by 6 packages. Updated 2018-12-11. Refresh now. Tools for package owners.