idemix

package
v2.1.1+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 1, 2020 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var FieldBytes = int(FP256BN.MODBYTES)

FieldBytes is the bytelength of the group order

GenG1 is a generator of Group G1

GenG2 is a generator of Group G2

View Source
var GenGT = FP256BN.Fexp(FP256BN.Ate(GenG2, GenG1))

GenGT is a generator of Group GT

View Source
var GroupOrder = FP256BN.NewBIGints(FP256BN.CURVE_Order)

GroupOrder is the order of the groups

View Source
var ProofBytes = map[RevocationAlgorithm]int{
	ALG_NO_REVOCATION: 0,
}

Functions

func BigToBytes

func BigToBytes(big *FP256BN.BIG) []byte

BigToBytes takes an *amcl.BIG and returns a []byte representation

func Ecp2FromProto

func Ecp2FromProto(p *ECP2) *FP256BN.ECP2

Ecp2FromProto converts a proto struct *ECP2 into an *amcl.ECP2

func EcpFromProto

func EcpFromProto(p *ECP) *FP256BN.ECP

EcpFromProto converts a proto struct *ECP into an *amcl.ECP

func EcpToBytes added in v1.4.0

func EcpToBytes(E *FP256BN.ECP) []byte

func GenerateLongTermRevocationKey added in v1.2.0

func GenerateLongTermRevocationKey() (*ecdsa.PrivateKey, error)

GenerateLongTermRevocationKey generates a long term signing key that will be used for revocation

func GetRand

func GetRand() (*amcl.RAND, error)

GetRand returns a new *amcl.RAND with a fresh seed

func HashModOrder

func HashModOrder(data []byte) *FP256BN.BIG

HashModOrder hashes data into 0, ..., GroupOrder-1

func MakeNym

func MakeNym(sk *FP256BN.BIG, IPk *IssuerPublicKey, rng *amcl.RAND) (*FP256BN.ECP, *FP256BN.BIG)

MakeNym creates a new unlinkable pseudonym

func Modadd

func Modadd(a, b, m *FP256BN.BIG) *FP256BN.BIG

Modadd takes input BIGs a, b, m, and returns a+b modulo m

func Modsub

func Modsub(a, b, m *FP256BN.BIG) *FP256BN.BIG

Modsub takes input BIGs a, b, m and returns a-b modulo m

func RandModOrder

func RandModOrder(rng *amcl.RAND) *FP256BN.BIG

RandModOrder returns a random element in 0, ..., GroupOrder-1

func SetLogger

func SetLogger(l Logger)

SetLogger sets the logger instance used for debug and error reporting. The logger reference is not mutex-protected so this must be set before calling any other library functions.

If a custom logger is not defined, the global logger from the standard library's log package is used.

func VerifyEpochPK added in v1.2.0

func VerifyEpochPK(pk *ecdsa.PublicKey, epochPK *ECP2, epochPkSig []byte, epoch int, alg RevocationAlgorithm) error

VerifyEpochPK verifies that the revocation PK for a certain epoch is valid, by checking that it was signed with the long term revocation key. Note that even if we use no revocation (i.e., alg = ALG_NO_REVOCATION), we need to verify the signature to make sure the issuer indeed signed that no revocation is used in this epoch.

func WBBKeyGen added in v1.2.0

func WBBKeyGen(rng *amcl.RAND) (*FP256BN.BIG, *FP256BN.ECP2)

WBBKeyGen creates a fresh weak-Boneh-Boyen signature key pair (http://ia.cr/2004/171)

func WBBSign added in v1.2.0

func WBBSign(sk *FP256BN.BIG, m *FP256BN.BIG) *FP256BN.ECP

WBBSign places a weak Boneh-Boyen signature on message m using secret key sk

func WBBVerify added in v1.2.0

func WBBVerify(pk *FP256BN.ECP2, sig *FP256BN.ECP, m *FP256BN.BIG) error

WBBVerify verifies a weak Boneh-Boyen signature sig on message m with public key pk

Types

type CredRequest

type CredRequest struct {
	Nym                  *ECP     `protobuf:"bytes,1,opt,name=nym,proto3" json:"nym,omitempty"`
	IssuerNonce          []byte   `protobuf:"bytes,2,opt,name=issuer_nonce,json=issuerNonce,proto3" json:"issuer_nonce,omitempty"`
	ProofC               []byte   `protobuf:"bytes,3,opt,name=proof_c,json=proofC,proto3" json:"proof_c,omitempty"`
	ProofS               []byte   `protobuf:"bytes,4,opt,name=proof_s,json=proofS,proto3" json:"proof_s,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

CredRequest specifies a credential request object that consists of nym - a pseudonym, which is a commitment to the user secret issuer_nonce - a random nonce provided by the issuer proof_c, proof_s - a zero-knowledge proof of knowledge of the user secret inside Nym

func NewCredRequest

func NewCredRequest(sk *FP256BN.BIG, IssuerNonce []byte, ipk *IssuerPublicKey, rng *amcl.RAND) *CredRequest

NewCredRequest creates a new Credential Request, the first message of the interactive credential issuance protocol (from user to issuer)

func (*CredRequest) Check

func (m *CredRequest) Check(ipk *IssuerPublicKey) error

Check cryptographically verifies the credential request

func (*CredRequest) Descriptor

func (*CredRequest) Descriptor() ([]byte, []int)

func (*CredRequest) GetIssuerNonce

func (m *CredRequest) GetIssuerNonce() []byte

func (*CredRequest) GetNym

func (m *CredRequest) GetNym() *ECP

func (*CredRequest) GetProofC

func (m *CredRequest) GetProofC() []byte

func (*CredRequest) GetProofS added in v1.2.0

func (m *CredRequest) GetProofS() []byte

func (*CredRequest) ProtoMessage

func (*CredRequest) ProtoMessage()

func (*CredRequest) Reset

func (m *CredRequest) Reset()

func (*CredRequest) String

func (m *CredRequest) String() string

func (*CredRequest) XXX_DiscardUnknown added in v1.3.0

func (m *CredRequest) XXX_DiscardUnknown()

func (*CredRequest) XXX_Marshal added in v1.3.0

func (m *CredRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*CredRequest) XXX_Merge added in v1.3.0

func (m *CredRequest) XXX_Merge(src proto.Message)

func (*CredRequest) XXX_Size added in v1.3.0

func (m *CredRequest) XXX_Size() int

func (*CredRequest) XXX_Unmarshal added in v1.3.0

func (m *CredRequest) XXX_Unmarshal(b []byte) error

type Credential

type Credential struct {
	A                    *ECP     `protobuf:"bytes,1,opt,name=a,proto3" json:"a,omitempty"`
	B                    *ECP     `protobuf:"bytes,2,opt,name=b,proto3" json:"b,omitempty"`
	E                    []byte   `protobuf:"bytes,3,opt,name=e,proto3" json:"e,omitempty"`
	S                    []byte   `protobuf:"bytes,4,opt,name=s,proto3" json:"s,omitempty"`
	Attrs                [][]byte `protobuf:"bytes,5,rep,name=attrs,proto3" json:"attrs,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

Credential specifies a credential object that consists of a, b, e, s - signature value attrs - attribute values

func NewCredential

func NewCredential(key *IssuerKey, m *CredRequest, attrs []*FP256BN.BIG, rng *amcl.RAND) (*Credential, error)

NewCredential issues a new credential, which is the last step of the interactive issuance protocol All attribute values are added by the issuer at this step and then signed together with a commitment to the user's secret key from a credential request

func (*Credential) Descriptor

func (*Credential) Descriptor() ([]byte, []int)

func (*Credential) GetA

func (m *Credential) GetA() *ECP

func (*Credential) GetAttrs

func (m *Credential) GetAttrs() [][]byte

func (*Credential) GetB

func (m *Credential) GetB() *ECP

func (*Credential) GetE

func (m *Credential) GetE() []byte

func (*Credential) GetS

func (m *Credential) GetS() []byte

func (*Credential) ProtoMessage

func (*Credential) ProtoMessage()

func (*Credential) Reset

func (m *Credential) Reset()

func (*Credential) String

func (m *Credential) String() string

func (*Credential) Ver

func (cred *Credential) Ver(sk *FP256BN.BIG, ipk *IssuerPublicKey) error

Ver cryptographically verifies the credential by verifying the signature on the attribute values and user's secret key

func (*Credential) XXX_DiscardUnknown added in v1.3.0

func (m *Credential) XXX_DiscardUnknown()

func (*Credential) XXX_Marshal added in v1.3.0

func (m *Credential) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Credential) XXX_Merge added in v1.3.0

func (m *Credential) XXX_Merge(src proto.Message)

func (*Credential) XXX_Size added in v1.3.0

func (m *Credential) XXX_Size() int

func (*Credential) XXX_Unmarshal added in v1.3.0

func (m *Credential) XXX_Unmarshal(b []byte) error

type CredentialRevocationInformation added in v1.2.0

type CredentialRevocationInformation struct {
	// epoch contains the epoch (time window) in which this CRI is valid
	Epoch int64 `protobuf:"varint,1,opt,name=epoch,proto3" json:"epoch,omitempty"`
	// epoch_pk is the public key that is used by the revocation authority in this epoch
	EpochPk *ECP2 `protobuf:"bytes,2,opt,name=epoch_pk,json=epochPk,proto3" json:"epoch_pk,omitempty"`
	// epoch_pk_sig is a signature on the EpochPK valid under the revocation authority's long term key
	EpochPkSig []byte `protobuf:"bytes,3,opt,name=epoch_pk_sig,json=epochPkSig,proto3" json:"epoch_pk_sig,omitempty"`
	// revocation_alg denotes which revocation algorithm is used
	RevocationAlg int32 `protobuf:"varint,4,opt,name=revocation_alg,json=revocationAlg,proto3" json:"revocation_alg,omitempty"`
	// revocation_data contains data specific to the revocation algorithm used
	RevocationData       []byte   `protobuf:"bytes,5,opt,name=revocation_data,json=revocationData,proto3" json:"revocation_data,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func CreateCRI added in v1.2.0

func CreateCRI(key *ecdsa.PrivateKey, unrevokedHandles []*FP256BN.BIG, epoch int, alg RevocationAlgorithm, rng *amcl.RAND) (*CredentialRevocationInformation, error)

CreateCRI creates the Credential Revocation Information for a certain time period (epoch). Users can use the CRI to prove that they are not revoked. Note that when not using revocation (i.e., alg = ALG_NO_REVOCATION), the entered unrevokedHandles are not used, and the resulting CRI can be used by any signer.

func (*CredentialRevocationInformation) Descriptor added in v1.2.0

func (*CredentialRevocationInformation) Descriptor() ([]byte, []int)

func (*CredentialRevocationInformation) GetEpoch added in v1.2.0

func (m *CredentialRevocationInformation) GetEpoch() int64

func (*CredentialRevocationInformation) GetEpochPk added in v1.2.0

func (m *CredentialRevocationInformation) GetEpochPk() *ECP2

func (*CredentialRevocationInformation) GetEpochPkSig added in v1.2.0

func (m *CredentialRevocationInformation) GetEpochPkSig() []byte

func (*CredentialRevocationInformation) GetRevocationAlg added in v1.2.0

func (m *CredentialRevocationInformation) GetRevocationAlg() int32

func (*CredentialRevocationInformation) GetRevocationData added in v1.2.0

func (m *CredentialRevocationInformation) GetRevocationData() []byte

func (*CredentialRevocationInformation) ProtoMessage added in v1.2.0

func (*CredentialRevocationInformation) ProtoMessage()

func (*CredentialRevocationInformation) Reset added in v1.2.0

func (*CredentialRevocationInformation) String added in v1.2.0

func (*CredentialRevocationInformation) XXX_DiscardUnknown added in v1.3.0

func (m *CredentialRevocationInformation) XXX_DiscardUnknown()

func (*CredentialRevocationInformation) XXX_Marshal added in v1.3.0

func (m *CredentialRevocationInformation) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*CredentialRevocationInformation) XXX_Merge added in v1.3.0

func (m *CredentialRevocationInformation) XXX_Merge(src proto.Message)

func (*CredentialRevocationInformation) XXX_Size added in v1.3.0

func (m *CredentialRevocationInformation) XXX_Size() int

func (*CredentialRevocationInformation) XXX_Unmarshal added in v1.3.0

func (m *CredentialRevocationInformation) XXX_Unmarshal(b []byte) error

type ECP

type ECP struct {
	X                    []byte   `protobuf:"bytes,1,opt,name=x,proto3" json:"x,omitempty"`
	Y                    []byte   `protobuf:"bytes,2,opt,name=y,proto3" json:"y,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

ECP is an elliptic curve point specified by its coordinates ECP corresponds to an element of the first group (G1)

func EcpToProto

func EcpToProto(p *FP256BN.ECP) *ECP

EcpToProto converts a *amcl.ECP into the proto struct *ECP

func (*ECP) Descriptor

func (*ECP) Descriptor() ([]byte, []int)

func (*ECP) GetX

func (m *ECP) GetX() []byte

func (*ECP) GetY

func (m *ECP) GetY() []byte

func (*ECP) ProtoMessage

func (*ECP) ProtoMessage()

func (*ECP) Reset

func (m *ECP) Reset()

func (*ECP) String

func (m *ECP) String() string

func (*ECP) XXX_DiscardUnknown added in v1.3.0

func (m *ECP) XXX_DiscardUnknown()

func (*ECP) XXX_Marshal added in v1.3.0

func (m *ECP) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ECP) XXX_Merge added in v1.3.0

func (m *ECP) XXX_Merge(src proto.Message)

func (*ECP) XXX_Size added in v1.3.0

func (m *ECP) XXX_Size() int

func (*ECP) XXX_Unmarshal added in v1.3.0

func (m *ECP) XXX_Unmarshal(b []byte) error

type ECP2

type ECP2 struct {
	Xa                   []byte   `protobuf:"bytes,1,opt,name=xa,proto3" json:"xa,omitempty"`
	Xb                   []byte   `protobuf:"bytes,2,opt,name=xb,proto3" json:"xb,omitempty"`
	Ya                   []byte   `protobuf:"bytes,3,opt,name=ya,proto3" json:"ya,omitempty"`
	Yb                   []byte   `protobuf:"bytes,4,opt,name=yb,proto3" json:"yb,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

ECP2 is an elliptic curve point specified by its coordinates ECP2 corresponds to an element of the second group (G2)

func Ecp2ToProto

func Ecp2ToProto(p *FP256BN.ECP2) *ECP2

Ecp2ToProto converts a *amcl.ECP2 into the proto struct *ECP2

func (*ECP2) Descriptor

func (*ECP2) Descriptor() ([]byte, []int)

func (*ECP2) GetXa added in v1.2.0

func (m *ECP2) GetXa() []byte

func (*ECP2) GetXb added in v1.2.0

func (m *ECP2) GetXb() []byte

func (*ECP2) GetYa added in v1.2.0

func (m *ECP2) GetYa() []byte

func (*ECP2) GetYb added in v1.2.0

func (m *ECP2) GetYb() []byte

func (*ECP2) ProtoMessage

func (*ECP2) ProtoMessage()

func (*ECP2) Reset

func (m *ECP2) Reset()

func (*ECP2) String

func (m *ECP2) String() string

func (*ECP2) XXX_DiscardUnknown added in v1.3.0

func (m *ECP2) XXX_DiscardUnknown()

func (*ECP2) XXX_Marshal added in v1.3.0

func (m *ECP2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ECP2) XXX_Merge added in v1.3.0

func (m *ECP2) XXX_Merge(src proto.Message)

func (*ECP2) XXX_Size added in v1.3.0

func (m *ECP2) XXX_Size() int

func (*ECP2) XXX_Unmarshal added in v1.3.0

func (m *ECP2) XXX_Unmarshal(b []byte) error

type IssuerKey

type IssuerKey struct {
	Isk                  []byte           `protobuf:"bytes,1,opt,name=isk,proto3" json:"isk,omitempty"`
	Ipk                  *IssuerPublicKey `protobuf:"bytes,2,opt,name=ipk,proto3" json:"ipk,omitempty"`
	XXX_NoUnkeyedLiteral struct{}         `json:"-"`
	XXX_unrecognized     []byte           `json:"-"`
	XXX_sizecache        int32            `json:"-"`
}

IssuerKey specifies an issuer key pair that consists of ISk - the issuer secret key and IssuerPublicKey - the issuer public key

func NewIssuerKey

func NewIssuerKey(AttributeNames []string, rng *amcl.RAND) (*IssuerKey, error)

NewIssuerKey creates a new issuer key pair taking an array of attribute names that will be contained in credentials certified by this issuer (a credential specification) See http://eprint.iacr.org/2016/663.pdf Sec. 4.3, for references.

func (*IssuerKey) Descriptor

func (*IssuerKey) Descriptor() ([]byte, []int)

func (*IssuerKey) GetIpk added in v1.2.0

func (m *IssuerKey) GetIpk() *IssuerPublicKey

func (*IssuerKey) GetIsk added in v1.2.0

func (m *IssuerKey) GetIsk() []byte

func (*IssuerKey) ProtoMessage

func (*IssuerKey) ProtoMessage()

func (*IssuerKey) Reset

func (m *IssuerKey) Reset()

func (*IssuerKey) String

func (m *IssuerKey) String() string

func (*IssuerKey) XXX_DiscardUnknown added in v1.3.0

func (m *IssuerKey) XXX_DiscardUnknown()

func (*IssuerKey) XXX_Marshal added in v1.3.0

func (m *IssuerKey) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*IssuerKey) XXX_Merge added in v1.3.0

func (m *IssuerKey) XXX_Merge(src proto.Message)

func (*IssuerKey) XXX_Size added in v1.3.0

func (m *IssuerKey) XXX_Size() int

func (*IssuerKey) XXX_Unmarshal added in v1.3.0

func (m *IssuerKey) XXX_Unmarshal(b []byte) error

type IssuerPublicKey

type IssuerPublicKey struct {
	AttributeNames       []string `protobuf:"bytes,1,rep,name=attribute_names,json=attributeNames,proto3" json:"attribute_names,omitempty"`
	HSk                  *ECP     `protobuf:"bytes,2,opt,name=h_sk,json=hSk,proto3" json:"h_sk,omitempty"`
	HRand                *ECP     `protobuf:"bytes,3,opt,name=h_rand,json=hRand,proto3" json:"h_rand,omitempty"`
	HAttrs               []*ECP   `protobuf:"bytes,4,rep,name=h_attrs,json=hAttrs,proto3" json:"h_attrs,omitempty"`
	W                    *ECP2    `protobuf:"bytes,5,opt,name=w,proto3" json:"w,omitempty"`
	BarG1                *ECP     `protobuf:"bytes,6,opt,name=bar_g1,json=barG1,proto3" json:"bar_g1,omitempty"`
	BarG2                *ECP     `protobuf:"bytes,7,opt,name=bar_g2,json=barG2,proto3" json:"bar_g2,omitempty"`
	ProofC               []byte   `protobuf:"bytes,8,opt,name=proof_c,json=proofC,proto3" json:"proof_c,omitempty"`
	ProofS               []byte   `protobuf:"bytes,9,opt,name=proof_s,json=proofS,proto3" json:"proof_s,omitempty"`
	Hash                 []byte   `protobuf:"bytes,10,opt,name=hash,proto3" json:"hash,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

IssuerPublicKey specifies an issuer public key that consists of attribute_names - a list of the attribute names of a credential issued by the issuer h_sk, h_rand, h_attrs, w, bar_g1, bar_g2 - group elements corresponding to the signing key, randomness, and attributes proof_c, proof_s compose a zero-knowledge proof of knowledge of the secret key hash is a hash of the public key appended to it

func (*IssuerPublicKey) Check

func (IPk *IssuerPublicKey) Check() error

Check checks that this issuer public key is valid, i.e. that all components are present and a ZK proofs verifies

func (*IssuerPublicKey) Descriptor

func (*IssuerPublicKey) Descriptor() ([]byte, []int)

func (*IssuerPublicKey) GetAttributeNames

func (m *IssuerPublicKey) GetAttributeNames() []string

func (*IssuerPublicKey) GetBarG1

func (m *IssuerPublicKey) GetBarG1() *ECP

func (*IssuerPublicKey) GetBarG2

func (m *IssuerPublicKey) GetBarG2() *ECP

func (*IssuerPublicKey) GetHAttrs

func (m *IssuerPublicKey) GetHAttrs() []*ECP

func (*IssuerPublicKey) GetHRand

func (m *IssuerPublicKey) GetHRand() *ECP

func (*IssuerPublicKey) GetHSk

func (m *IssuerPublicKey) GetHSk() *ECP

func (*IssuerPublicKey) GetHash

func (m *IssuerPublicKey) GetHash() []byte

func (*IssuerPublicKey) GetProofC

func (m *IssuerPublicKey) GetProofC() []byte

func (*IssuerPublicKey) GetProofS

func (m *IssuerPublicKey) GetProofS() []byte

func (*IssuerPublicKey) GetW

func (m *IssuerPublicKey) GetW() *ECP2

func (*IssuerPublicKey) ProtoMessage

func (*IssuerPublicKey) ProtoMessage()

func (*IssuerPublicKey) Reset

func (m *IssuerPublicKey) Reset()

func (*IssuerPublicKey) SetHash

func (IPk *IssuerPublicKey) SetHash() error

SetHash appends a hash of a serialized public key

func (*IssuerPublicKey) String

func (m *IssuerPublicKey) String() string

func (*IssuerPublicKey) XXX_DiscardUnknown added in v1.3.0

func (m *IssuerPublicKey) XXX_DiscardUnknown()

func (*IssuerPublicKey) XXX_Marshal added in v1.3.0

func (m *IssuerPublicKey) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*IssuerPublicKey) XXX_Merge added in v1.3.0

func (m *IssuerPublicKey) XXX_Merge(src proto.Message)

func (*IssuerPublicKey) XXX_Size added in v1.3.0

func (m *IssuerPublicKey) XXX_Size() int

func (*IssuerPublicKey) XXX_Unmarshal added in v1.3.0

func (m *IssuerPublicKey) XXX_Unmarshal(b []byte) error

type LogFunc

type LogFunc func(format string, a ...interface{})

LogFunc is a function adapter for logging.

func (LogFunc) Printf

func (l LogFunc) Printf(format string, a ...interface{})

Printf is used to create a formatted string log record.

type Logger

type Logger interface {
	Printf(format string, a ...interface{})
}

Logger defines the contract for logging. This interface is explicitly defined to be compatible with the logger in the standard library log package.

type NonRevocationProof added in v1.2.0

type NonRevocationProof struct {
	RevocationAlg        int32    `protobuf:"varint,1,opt,name=revocation_alg,json=revocationAlg,proto3" json:"revocation_alg,omitempty"`
	NonRevocationProof   []byte   `protobuf:"bytes,2,opt,name=non_revocation_proof,json=nonRevocationProof,proto3" json:"non_revocation_proof,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

NonRevocationProof contains proof that the credential is not revoked

func (*NonRevocationProof) Descriptor added in v1.2.0

func (*NonRevocationProof) Descriptor() ([]byte, []int)

func (*NonRevocationProof) GetNonRevocationProof added in v1.2.0

func (m *NonRevocationProof) GetNonRevocationProof() []byte

func (*NonRevocationProof) GetRevocationAlg added in v1.2.0

func (m *NonRevocationProof) GetRevocationAlg() int32

func (*NonRevocationProof) ProtoMessage added in v1.2.0

func (*NonRevocationProof) ProtoMessage()

func (*NonRevocationProof) Reset added in v1.2.0

func (m *NonRevocationProof) Reset()

func (*NonRevocationProof) String added in v1.2.0

func (m *NonRevocationProof) String() string

func (*NonRevocationProof) XXX_DiscardUnknown added in v1.3.0

func (m *NonRevocationProof) XXX_DiscardUnknown()

func (*NonRevocationProof) XXX_Marshal added in v1.3.0

func (m *NonRevocationProof) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*NonRevocationProof) XXX_Merge added in v1.3.0

func (m *NonRevocationProof) XXX_Merge(src proto.Message)

func (*NonRevocationProof) XXX_Size added in v1.3.0

func (m *NonRevocationProof) XXX_Size() int

func (*NonRevocationProof) XXX_Unmarshal added in v1.3.0

func (m *NonRevocationProof) XXX_Unmarshal(b []byte) error

type NymSignature

type NymSignature struct {
	// proof_c is the Fiat-Shamir challenge of the ZKP
	ProofC []byte `protobuf:"bytes,1,opt,name=proof_c,json=proofC,proto3" json:"proof_c,omitempty"`
	// proof_s_sk is the s-value proving knowledge of the user secret key
	ProofSSk []byte `protobuf:"bytes,2,opt,name=proof_s_sk,json=proofSSk,proto3" json:"proof_s_sk,omitempty"`
	//proof_s_r_nym is the s-value proving knowledge of the pseudonym secret
	ProofSRNym []byte `protobuf:"bytes,3,opt,name=proof_s_r_nym,json=proofSRNym,proto3" json:"proof_s_r_nym,omitempty"`
	// nonce is a fresh nonce used for the signature
	Nonce                []byte   `protobuf:"bytes,4,opt,name=nonce,proto3" json:"nonce,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

NymSignature specifies a signature object that signs a message with respect to a pseudonym. It differs from the standard idemix.signature in the fact that the standard signature object also proves that the pseudonym is based on a secret certified by a CA (issuer), whereas NymSignature only proves that the the owner of the pseudonym signed the message

func NewNymSignature

func NewNymSignature(sk *FP256BN.BIG, Nym *FP256BN.ECP, RNym *FP256BN.BIG, ipk *IssuerPublicKey, msg []byte, rng *amcl.RAND) (*NymSignature, error)

NewSignature creates a new idemix pseudonym signature

func (*NymSignature) Descriptor

func (*NymSignature) Descriptor() ([]byte, []int)

func (*NymSignature) GetNonce

func (m *NymSignature) GetNonce() []byte

func (*NymSignature) GetProofC

func (m *NymSignature) GetProofC() []byte

func (*NymSignature) GetProofSRNym

func (m *NymSignature) GetProofSRNym() []byte

func (*NymSignature) GetProofSSk

func (m *NymSignature) GetProofSSk() []byte

func (*NymSignature) ProtoMessage

func (*NymSignature) ProtoMessage()

func (*NymSignature) Reset

func (m *NymSignature) Reset()

func (*NymSignature) String

func (m *NymSignature) String() string

func (*NymSignature) Ver

func (sig *NymSignature) Ver(nym *FP256BN.ECP, ipk *IssuerPublicKey, msg []byte) error

Ver verifies an idemix NymSignature

func (*NymSignature) XXX_DiscardUnknown added in v1.3.0

func (m *NymSignature) XXX_DiscardUnknown()

func (*NymSignature) XXX_Marshal added in v1.3.0

func (m *NymSignature) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*NymSignature) XXX_Merge added in v1.3.0

func (m *NymSignature) XXX_Merge(src proto.Message)

func (*NymSignature) XXX_Size added in v1.3.0

func (m *NymSignature) XXX_Size() int

func (*NymSignature) XXX_Unmarshal added in v1.3.0

func (m *NymSignature) XXX_Unmarshal(b []byte) error

type RevocationAlgorithm added in v1.2.0

type RevocationAlgorithm int32
const (
	ALG_NO_REVOCATION RevocationAlgorithm = iota
)

type Signature

type Signature struct {
	APrime               *ECP                `protobuf:"bytes,1,opt,name=a_prime,json=aPrime,proto3" json:"a_prime,omitempty"`
	ABar                 *ECP                `protobuf:"bytes,2,opt,name=a_bar,json=aBar,proto3" json:"a_bar,omitempty"`
	BPrime               *ECP                `protobuf:"bytes,3,opt,name=b_prime,json=bPrime,proto3" json:"b_prime,omitempty"`
	ProofC               []byte              `protobuf:"bytes,4,opt,name=proof_c,json=proofC,proto3" json:"proof_c,omitempty"`
	ProofSSk             []byte              `protobuf:"bytes,5,opt,name=proof_s_sk,json=proofSSk,proto3" json:"proof_s_sk,omitempty"`
	ProofSE              []byte              `protobuf:"bytes,6,opt,name=proof_s_e,json=proofSE,proto3" json:"proof_s_e,omitempty"`
	ProofSR2             []byte              `protobuf:"bytes,7,opt,name=proof_s_r2,json=proofSR2,proto3" json:"proof_s_r2,omitempty"`
	ProofSR3             []byte              `protobuf:"bytes,8,opt,name=proof_s_r3,json=proofSR3,proto3" json:"proof_s_r3,omitempty"`
	ProofSSPrime         []byte              `protobuf:"bytes,9,opt,name=proof_s_s_prime,json=proofSSPrime,proto3" json:"proof_s_s_prime,omitempty"`
	ProofSAttrs          [][]byte            `protobuf:"bytes,10,rep,name=proof_s_attrs,json=proofSAttrs,proto3" json:"proof_s_attrs,omitempty"`
	Nonce                []byte              `protobuf:"bytes,11,opt,name=nonce,proto3" json:"nonce,omitempty"`
	Nym                  *ECP                `protobuf:"bytes,12,opt,name=nym,proto3" json:"nym,omitempty"`
	ProofSRNym           []byte              `protobuf:"bytes,13,opt,name=proof_s_r_nym,json=proofSRNym,proto3" json:"proof_s_r_nym,omitempty"`
	RevocationEpochPk    *ECP2               `protobuf:"bytes,14,opt,name=revocation_epoch_pk,json=revocationEpochPk,proto3" json:"revocation_epoch_pk,omitempty"`
	RevocationPkSig      []byte              `protobuf:"bytes,15,opt,name=revocation_pk_sig,json=revocationPkSig,proto3" json:"revocation_pk_sig,omitempty"`
	Epoch                int64               `protobuf:"varint,16,opt,name=epoch,proto3" json:"epoch,omitempty"`
	NonRevocationProof   *NonRevocationProof `protobuf:"bytes,17,opt,name=non_revocation_proof,json=nonRevocationProof,proto3" json:"non_revocation_proof,omitempty"`
	XXX_NoUnkeyedLiteral struct{}            `json:"-"`
	XXX_unrecognized     []byte              `json:"-"`
	XXX_sizecache        int32               `json:"-"`
}

Signature specifies a signature object that consists of a_prime, a_bar, b_prime, proof_* - randomized credential signature values and a zero-knowledge proof of knowledge of a credential and the corresponding user secret together with the attribute values nonce - a fresh nonce used for the signature nym - a fresh pseudonym (a commitment to to the user secret)

func NewSignature

func NewSignature(cred *Credential, sk *FP256BN.BIG, Nym *FP256BN.ECP, RNym *FP256BN.BIG, ipk *IssuerPublicKey, Disclosure []byte, msg []byte, rhIndex int, cri *CredentialRevocationInformation, rng *amcl.RAND) (*Signature, error)

NewSignature creates a new idemix signature (Schnorr-type signature) The []byte Disclosure steers which attributes are disclosed: if Disclosure[i] == 0 then attribute i remains hidden and otherwise it is disclosed. We require the revocation handle to remain undisclosed (i.e., Disclosure[rhIndex] == 0). We use the zero-knowledge proof by http://eprint.iacr.org/2016/663.pdf, Sec. 4.5 to prove knowledge of a BBS+ signature

func (*Signature) Descriptor

func (*Signature) Descriptor() ([]byte, []int)

func (*Signature) GetABar

func (m *Signature) GetABar() *ECP

func (*Signature) GetAPrime

func (m *Signature) GetAPrime() *ECP

func (*Signature) GetBPrime

func (m *Signature) GetBPrime() *ECP

func (*Signature) GetEpoch added in v1.2.0

func (m *Signature) GetEpoch() int64

func (*Signature) GetNonRevocationProof added in v1.2.0

func (m *Signature) GetNonRevocationProof() *NonRevocationProof

func (*Signature) GetNonce

func (m *Signature) GetNonce() []byte

func (*Signature) GetNym

func (m *Signature) GetNym() *ECP

func (*Signature) GetProofC

func (m *Signature) GetProofC() []byte

func (*Signature) GetProofSAttrs

func (m *Signature) GetProofSAttrs() [][]byte

func (*Signature) GetProofSE

func (m *Signature) GetProofSE() []byte

func (*Signature) GetProofSR2

func (m *Signature) GetProofSR2() []byte

func (*Signature) GetProofSR3

func (m *Signature) GetProofSR3() []byte

func (*Signature) GetProofSRNym

func (m *Signature) GetProofSRNym() []byte

func (*Signature) GetProofSSPrime

func (m *Signature) GetProofSSPrime() []byte

func (*Signature) GetProofSSk

func (m *Signature) GetProofSSk() []byte

func (*Signature) GetRevocationEpochPk added in v1.2.0

func (m *Signature) GetRevocationEpochPk() *ECP2

func (*Signature) GetRevocationPkSig added in v1.2.0

func (m *Signature) GetRevocationPkSig() []byte

func (*Signature) ProtoMessage

func (*Signature) ProtoMessage()

func (*Signature) Reset

func (m *Signature) Reset()

func (*Signature) String

func (m *Signature) String() string

func (*Signature) Ver

func (sig *Signature) Ver(Disclosure []byte, ipk *IssuerPublicKey, msg []byte, attributeValues []*FP256BN.BIG, rhIndex int, revPk *ecdsa.PublicKey, epoch int) error

Ver verifies an idemix signature Disclosure steers which attributes it expects to be disclosed attributeValues contains the desired attribute values. This function will check that if attribute i is disclosed, the i-th attribute equals attributeValues[i].

func (*Signature) XXX_DiscardUnknown added in v1.3.0

func (m *Signature) XXX_DiscardUnknown()

func (*Signature) XXX_Marshal added in v1.3.0

func (m *Signature) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Signature) XXX_Merge added in v1.3.0

func (m *Signature) XXX_Merge(src proto.Message)

func (*Signature) XXX_Size added in v1.3.0

func (m *Signature) XXX_Size() int

func (*Signature) XXX_Unmarshal added in v1.3.0

func (m *Signature) XXX_Unmarshal(b []byte) error

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL