-
Notifications
You must be signed in to change notification settings - Fork 0
/
credential.go
118 lines (103 loc) · 3.9 KB
/
credential.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
/*
Copyright IBM Corp. All Rights Reserved.
SPDX-License-Identifier: Apache-2.0
*/
package bridge
import (
"bytes"
"github.com/golang/protobuf/proto"
"github.com/hyperledger/fabric-amcl/amcl"
"github.com/hyperledger/fabric-amcl/amcl/FP256BN"
"github.com/hyperledger/fabric/bccsp"
"github.com/hyperledger/fabric/bccsp/idemix/handlers"
cryptolib "github.com/hyperledger/fabric/idemix"
"github.com/pkg/errors"
)
// Credential encapsulates the idemix algorithms to produce (sign) a credential
// and verify it. Recall that a credential is produced by the Issuer upon a credential request,
// and it is verified by the requester.
type Credential struct {
NewRand func() *amcl.RAND
}
// Sign produces an idemix credential. It takes in input the issuer secret key,
// a serialised credential request, and a list of attribute values.
// Notice that attributes should not contain attributes whose type is IdemixHiddenAttribute
// cause the credential needs to carry all the attribute values.
func (c *Credential) Sign(key handlers.IssuerSecretKey, credentialRequest []byte, attributes []bccsp.IdemixAttribute) (res []byte, err error) {
defer func() {
if r := recover(); r != nil {
res = nil
err = errors.Errorf("failure [%s]", r)
}
}()
iisk, ok := key.(*IssuerSecretKey)
if !ok {
return nil, errors.Errorf("invalid issuer secret key, expected *Big, got [%T]", key)
}
cr := &cryptolib.CredRequest{}
err = proto.Unmarshal(credentialRequest, cr)
if err != nil {
return nil, errors.Wrap(err, "failed unmarshalling credential request")
}
attrValues := make([]*FP256BN.BIG, len(attributes))
for i := 0; i < len(attributes); i++ {
switch attributes[i].Type {
case bccsp.IdemixBytesAttribute:
attrValues[i] = cryptolib.HashModOrder(attributes[i].Value.([]byte))
case bccsp.IdemixIntAttribute:
attrValues[i] = FP256BN.NewBIGint(attributes[i].Value.(int))
default:
return nil, errors.Errorf("attribute type not allowed or supported [%v] at position [%d]", attributes[i].Type, i)
}
}
cred, err := cryptolib.NewCredential(iisk.SK, cr, attrValues, c.NewRand())
if err != nil {
return nil, errors.WithMessage(err, "failed creating new credential")
}
return proto.Marshal(cred)
}
// Verify checks that an idemix credential is cryptographically correct. It takes
// in input the user secret key (sk), the issuer public key (ipk), the serialised credential (credential),
// and a list of attributes. The list of attributes is optional, in case it is specified, Verify
// checks that the credential carries the specified attributes.
func (*Credential) Verify(sk handlers.Big, ipk handlers.IssuerPublicKey, credential []byte, attributes []bccsp.IdemixAttribute) (err error) {
defer func() {
if r := recover(); r != nil {
err = errors.Errorf("failure [%s]", r)
}
}()
isk, ok := sk.(*Big)
if !ok {
return errors.Errorf("invalid user secret key, expected *Big, got [%T]", sk)
}
iipk, ok := ipk.(*IssuerPublicKey)
if !ok {
return errors.Errorf("invalid issuer public key, expected *IssuerPublicKey, got [%T]", sk)
}
cred := &cryptolib.Credential{}
err = proto.Unmarshal(credential, cred)
if err != nil {
return err
}
for i := 0; i < len(attributes); i++ {
switch attributes[i].Type {
case bccsp.IdemixBytesAttribute:
if !bytes.Equal(
cryptolib.BigToBytes(cryptolib.HashModOrder(attributes[i].Value.([]byte))),
cred.Attrs[i]) {
return errors.Errorf("credential does not contain the correct attribute value at position [%d]", i)
}
case bccsp.IdemixIntAttribute:
if !bytes.Equal(
cryptolib.BigToBytes(FP256BN.NewBIGint(attributes[i].Value.(int))),
cred.Attrs[i]) {
return errors.Errorf("credential does not contain the correct attribute value at position [%d]", i)
}
case bccsp.IdemixHiddenAttribute:
continue
default:
return errors.Errorf("attribute type not allowed or supported [%v] at position [%d]", attributes[i].Type, i)
}
}
return cred.Ver(isk.E, iipk.PK)
}