README
¶
Gabi
gabi is a Go implementation of the IRMA approach to the Idemix attribute based credential system. Check out the Privacy by Design Foundation website to learn more on this great alternative to traditional identity management.
gabi is the authoritative IRMA Idemix implementation, but it is still largely compatible with the now deprecated Java implementation.
gabi serves as the cryptographic core of irmago, which implements the IRMA server, IRMA app core, shared functionality between the two, and more. Most projects wanting to use IRMA or Idemix will want to use irmago instead of depending on gabi directly.
Install
To install:
go get github.com/AVecsi/pq-gabi
Test
To run tests:
go test -v ./...
History
gabi was originally created and developed by Maarten Everts in 2015 and 2016. Since 2017, the Privacy by Design Foundation and SIDN maintain and develop gabi.
Documentation
¶
Overview ¶
Package gabi is an implementation of the IRMA (https://irma.app) approach to attribute based credentials. For now, see gabi_test.go on how to use the library.
Index ¶
- Constants
- Variables
- func BuildMerkleTree(attributes []*Attribute) (*merkletree.MerkleTree, error)
- func GenerateNonce() (*big.Int, error)
- func GenerateSecretAttribute() (*big.Int, error)
- func HashStrategy() hash.Hash
- func SampleInBall(h *poseidon.Poseidon) *algebra.Poly
- func Test()
- type Attribute
- type Credential
- type CredentialDisclosure
- type DisclosureProof
- type Issuer
- type RandomCommitment
- type SignatureProof
- type ZkDilSignature
Constants ¶
const BETA = 80 //TAU * ETA
const COMMITMENT_LENGTH = 12
const CSIZE = 12 // number of field elements to use for c tilde
const MUSIZE = 24
const NONCE_LENGTH = 12
const NumOfIterations = 100
const POS_CYCLE_LEN = 8
const POS_RATE = 24
const POS_RF = 21 // full rounds of Poseidon
const POS_T = 35
const TAU = 40
Variables ¶
var Logger *logrus.Logger
Functions ¶
func BuildMerkleTree ¶
func BuildMerkleTree(attributes []*Attribute) (*merkletree.MerkleTree, error)
func GenerateNonce ¶
GenerateNonce generates a nonce for use in proofs
func GenerateSecretAttribute ¶
GenerateSecretAttribute generates secret attribute used prove ownership and links between credentials from the same user.
func HashStrategy ¶
Types ¶
type Attribute ¶
Attribute implements the Content interface provided by merkletree and represents the content stored in the tree.
func NewAttribute ¶
func (Attribute) CalculateHash ¶
CalculateHash hashes the values of a Attribute
type Credential ¶
type Credential struct {
Signature *ZkDilSignature `json:"signature"`
Attributes []*Attribute `json:"attributes"`
UserAttrCount int `json:"userAttrCount"`
AttrHash []byte `json:"attrHash"`
}
type CredentialDisclosure ¶
type CredentialDisclosure struct {
DisclosedAttributes []*Attribute
DisclosedAttributeIndices []int
NumOfAllAttributes int
NumOfUserAttributes int
SignatureProof *SignatureProof
}
func CreateCredentialDisclosure ¶
func CreateCredentialDisclosure(credential *Credential, disclosedAttributeIndices []int) *CredentialDisclosure
type DisclosureProof ¶
type DisclosureProof struct {
AttrProof []byte
CredentialDisclosures []*CredentialDisclosure
}
func CreateDisclosureProof ¶
func CreateDisclosureProof(credentials []*Credential, credentialDisclosures []*CredentialDisclosure) (*DisclosureProof, error)
func (*DisclosureProof) Verify ¶
func (proof *DisclosureProof) Verify() bool
func (*DisclosureProof) VerifyWithoutSignature ¶
func (proof *DisclosureProof) VerifyWithoutSignature() bool
type Issuer ¶
Issuer holds the key material for a credential issuer.
func (*Issuer) IssueSignature ¶
func (i *Issuer) IssueSignature(U *big.Int, attributes []*Attribute) (*ZkDilSignature, []byte, error)
IssueSignature produces an IssueSignatureMessage for the attributes based on the IssueCommitmentMessage provided. Note that this function DOES NOT check the proofs containted in the IssueCommitmentMessage! That needs to be done at a higher level!
type RandomCommitment ¶
func NewRandomCommitment ¶
func NewRandomCommitment(fieldElements []int, nonce []int) (*RandomCommitment, error)
type SignatureProof ¶
type SignatureProof struct {
Proof []byte
AttrHashCommitment *RandomCommitment
}
func (*SignatureProof) Verify ¶
func (proof *SignatureProof) Verify() bool
type ZkDilSignature ¶
type ZkDilSignature struct {
Pk *gabikeys.PublicKey `json:"pk"`
CTilde []int `json:"ctilde"`
Z *algebra.Vec `json:"z"`
}
func Sign ¶
func Sign(pubK *gabikeys.PublicKey, privK *gabikeys.PrivateKey, msg []byte) ZkDilSignature
func (*ZkDilSignature) Verify ¶
func (sig *ZkDilSignature) Verify(msg []byte) bool
Source Files
¶
Directories
¶
| Path | Synopsis |
|---|---|
|
Package big contains a mostly API-compatible "math/big".Int that JSON-marshals to and from Base64.
|
Package big contains a mostly API-compatible "math/big".Int that JSON-marshals to and from Base64. |
|
internal
|
|
|
In the literature the agent that is able to revoke (using a PrivateKey) is usually called the "revocation authority", which generally need not be the same agent as the issuer.
|
In the literature the agent that is able to revoke (using a PrivateKey) is usually called the "revocation authority", which generally need not be the same agent as the issuer. |
|
Package safeprime computes safe primes, i.e.
|
Package safeprime computes safe primes, i.e. |
|
Package signed contains (1) convenience functions for ECDSA private and public key handling, and for signing and verifying byte slices with ECDSA; (2) functions for marshaling structs to signed bytes, and verifying and unmarshaling signed bytes back to structs.
|
Package signed contains (1) convenience functions for ECDSA private and public key handling, and for signing and verifying byte slices with ECDSA; (2) functions for marshaling structs to signed bytes, and verifying and unmarshaling signed bytes back to structs. |