-
Notifications
You must be signed in to change notification settings - Fork 24
/
credrequest.go
76 lines (59 loc) · 2.06 KB
/
credrequest.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
/*
Copyright IBM Corp. All Rights Reserved.
SPDX-License-Identifier: Apache-2.0
*/
package aries
import (
"fmt"
"github.com/IBM/idemix/bccsp/types"
math "github.com/IBM/mathlib"
"github.com/golang/protobuf/proto"
"github.com/pkg/errors"
)
type CredRequest struct {
Curve *math.Curve
}
// Sign creates a new Credential Request, the first message of the interactive credential issuance protocol
// (from user to issuer)
func (c *CredRequest) Blind(sk *math.Zr, key types.IssuerPublicKey, nonce []byte) ([]byte, []byte, error) {
ipk, ok := key.(*IssuerPublicKey)
if !ok {
return nil, nil, errors.Errorf("invalid issuer public key, expected *IssuerPublicKey, got [%T]", ipk)
}
zrs := make([]*math.Zr, ipk.N+1)
zrs[UserSecretKeyIndex] = sk
blindedMsg, err := BlindMessagesZr(zrs, ipk.PK, 1, nonce, c.Curve)
if err != nil {
return nil, nil, fmt.Errorf("BlindMessagesZr failed [%w]", err)
}
return blindedMsg.Bytes(), blindedMsg.S.Bytes(), nil
}
// Verify verifies the credential request
func (c *CredRequest) BlindVerify(credRequest []byte, key types.IssuerPublicKey, nonce []byte) error {
ipk, ok := key.(*IssuerPublicKey)
if !ok {
return errors.Errorf("invalid issuer public key, expected *IssuerPublicKey, got [%T]", ipk)
}
bitmap := make([]bool, ipk.N+1)
bitmap[UserSecretKeyIndex] = true
blindedMsg, err := ParseBlindedMessages(credRequest, c.Curve)
if err != nil {
return fmt.Errorf("ParseBlindedMessages failed [%w]", err)
}
return VerifyBlinding(bitmap, blindedMsg.C, blindedMsg.PoK, ipk.PK, nonce, c.Curve)
}
// Unblind takes a blinded signature and a blinding and produces a standard signature
func (c *CredRequest) Unblind(signature, blinding []byte) ([]byte, error) {
S := c.Curve.NewZrFromBytes(blinding)
credential := &Credential{}
err := proto.Unmarshal(signature, credential)
if err != nil {
return nil, fmt.Errorf("proto.Unmarshal failed [%w]", err)
}
sig, err := UnblindSign(credential.Cred, S, c.Curve)
if err != nil {
return nil, fmt.Errorf("bls.UnblindSign failed [%w]", err)
}
credential.Cred = sig
return proto.Marshal(credential)
}