cl

package
v0.0.0-...-2c216b4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 3, 2019 License: Apache-2.0 Imports: 23 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetDefaultParamSizes 

func GetDefaultParamSizes() *pb.Params

TODO: add method to load params from file or blockchain or wherever they will be stored.

func ReadGob 

func ReadGob(filePath string, object interface{}) error

func WriteGob 

func WriteGob(filePath string, object interface{}) error

TODO: where should we put WriteGob and ReadGob?

Types

type Attr 

type Attr struct {
	Known  bool
	ValSet bool
	Val    *big.Int

	Index int
	// contains filtered or unexported fields
}

Attr is part of a credential (RawCredential). In the case of digital identity credential, attributes could be for example name, Gender, Date of Birth. In the case of a credential allowing access to some internet service (like electronic newspaper), attributes could be Type (for example only news related to politics) of the service and Date of Expiration.

func (*Attr) Name 

func (a *Attr) Name() string

func (*Attr) String 

func (a *Attr) String() string

type AttrCond 

type AttrCond int

func (AttrCond) String 

func (c AttrCond) String() string

type AttrCount 

type AttrCount struct {
	Known     int
	Committed int
	Hidden    int
}

AttrCount holds the number of Known, Committed and Hidden parameters.

func NewAttrCount 

func NewAttrCount(known, committed, hidden int) *AttrCount

func (*AttrCount) String 

func (c *AttrCount) String() string

type AttrDataFetcher 

type AttrDataFetcher interface {
	FetchAttrData() (map[string]interface{}, error)
}

type Attrs 

type Attrs struct {
	// attributes that are Known to the credential receiver and issuer
	Known []*big.Int
	// attributes which are Known only to the credential receiver
	Hidden []*big.Int
	// attributes for which the issuer knows only commitment
	Committed []*big.Int
}

func NewAttrs 

func NewAttrs(known, committed, hidden []*big.Int) *Attrs

type Client 

type Client struct {
	pb.AnonCredsClient // TODO fix my name
}

func NewClient 

func NewClient(conn *grpc.ClientConn) *Client

func (*Client) GetAcceptableCreds 

func (c *Client) GetAcceptableCreds() (map[string][]string, error)

func (*Client) GetPublicParams 

func (c *Client) GetPublicParams() (*PubParams, error)

func (*Client) IssueCredential 

func (c *Client) IssueCredential(cm *CredManager, regKey string) (*Cred,
	error)

func (*Client) ProveCredential 

func (c *Client) ProveCredential(cm *CredManager, cred *Cred,
	revealedAttrs []string) (*string, error)

ProveCred proves the possession of a valid credential and reveals only the attributes the user desires to reveal. Which knownAttrs and commitmentsOfAttrs are to be revealed are given by revealedKnownAttrsIndices and revealedCommitmentsOfAttrsIndices parameters. All knownAttrs and commitmentsOfAttrs should be passed into ProveCred - only those which are revealed are then passed to the server.

func (*Client) UpdateCredential 

func (c *Client) UpdateCredential(cm *CredManager, rawCred *RawCred) (*Cred,
	error)

type Cred 

type Cred struct {
	A   *big.Int
	E   *big.Int
	V11 *big.Int
}

Cred represents anonymous credentials.

func NewCred 

func NewCred(A, e, v11 *big.Int) *Cred

type CredAttr 

type CredAttr interface {
	UpdateValue(interface{}) error

	Name() string
	String() string

	Validatable
	// contains filtered or unexported methods
}

CredAttr represents an attribute for the CL scheme.

type CredManager 

type CredManager struct {
	Params  *clpb.Params
	PubKey  *PubKey
	RawCred *RawCred

	Nym *big.Int

	Attrs              *Attrs
	CommitmentsOfAttrs []*big.Int // commitments of committedAttrs
	// V1 is a random element in credential - it is generated in GetCredRequest and needed when
	// proving the possesion of a credential - this is why it is stored in User and not in UserCredentialReceiver
	V1 *big.Int // v1 is random element in U; U = S^v1 * R_i^m_i where m_i are Hidden attributes

	CredReqNonce *big.Int
	// contains filtered or unexported fields
}

CredManager manages a single instance of anonymous credential.

An instance of this struct should be created by a user before she wants a new credential to be issued, or an existing one to be updated or proved.

When a user needs a new credential under a new nym, she also needs a new instance of CredManager.

func NewCredManager 

func NewCredManager(params *clpb.Params, pubKey *PubKey,
	masterSecret *big.Int, rawCred *RawCred) (*CredManager, error)

func RestoreCredManager 

func RestoreCredManager(ctx *CredManagerCtx, secret *big.Int,
	rc *RawCred) (*CredManager, error)

func (*CredManager) BuildProof 

func (m *CredManager) BuildProof(cred *Cred, revealedKnownAttrsIndices,
	revealedCommitmentsOfAttrsIndices []int, nonceOrg *big.Int) (*Cred,
	*qr.RepresentationProof, error)

BuildProof builds a proof of knowledge for the given credential.

func (*CredManager) FilterAttributes 

func (m *CredManager) FilterAttributes(revealedKnownAttrsIndices,
	revealedCommitmentsOfAttrsIndices []int) ([]*big.Int, []*big.Int)

FilterAttributes returns only attributes to be revealed to the verifier.

func (*CredManager) GetContext 

func (m *CredManager) GetContext() *CredManagerCtx

func (*CredManager) GetCredRequest 

func (m *CredManager) GetCredRequest(nonceOrg *big.Int) (*CredRequest, error)

GetCredRequest computes U and returns CredRequest which contains: - proof data for proving that nym was properly generated, - U and proof data that U was properly generated, - proof data for proving the knowledge of opening for commitments of attributes (for those attributes for which the Committed value is Known).

func (*CredManager) GetProofChallenge 

func (m *CredManager) GetProofChallenge(credProofRandomData, nonceOrg *big.Int) *big.Int

func (*CredManager) Update 

func (m *CredManager) Update(c *RawCred)

Update updates credential.

func (*CredManager) Verify 

func (m *CredManager) Verify(cred *Cred, AProof *qr.RepresentationProof) (bool, error)

Verify verifies anonymous credential cred, returning a boolean indicating success or failure of credential verification. When verification process fails due to misconfiguration, error is returned.

type CredManagerCtx 

type CredManagerCtx struct {
	Nym                *big.Int
	V1                 *big.Int
	CredReqNonce       *big.Int
	PubKey             *PubKey
	Params             *clpb.Params
	CommitmentsOfAttrs []*big.Int
}

type CredRequest 

type CredRequest struct {
	Nym                      *big.Int
	KnownAttrs               []*big.Int
	CommitmentsOfAttrs       []*big.Int
	NymProof                 *schnorr.Proof
	U                        *big.Int
	UProof                   *qr.RepresentationProof
	CommitmentsOfAttrsProofs []*df.OpeningProof
	Nonce                    *big.Int
}

func NewCredRequest 

func NewCredRequest(nym *big.Int, knownAttrs, commitmentsOfAttrs []*big.Int, nymProof *schnorr.Proof,
	U *big.Int, UProof *qr.RepresentationProof,
	commitmentsOfAttrsProofs []*df.OpeningProof, nonce *big.Int) *CredRequest

type CredResult 

type CredResult struct {
	Cred   *Cred
	AProof *qr.RepresentationProof
	Record *ReceiverRecord
}

type Int64Attr 

type Int64Attr struct {
	Val int64
	*Attr
}

func NewEmptyInt64Attr 

func NewEmptyInt64Attr(name string, known bool) *Int64Attr

func NewInt64Attr 

func NewInt64Attr(name string, val int64, known bool) (*Int64Attr,
	error)

func (*Int64Attr) String 

func (a *Int64Attr) String() string

func (*Int64Attr) UpdateValue 

func (a *Int64Attr) UpdateValue(n interface{}) error

func (*Int64Attr) ValidateAgainst 

func (a *Int64Attr) ValidateAgainst(v interface{}) (bool, error)

type KeyPair 

type KeyPair struct {
	Sec *SecKey
	Pub *PubKey
}

TODO probably doesn't make much sense if sec is unexported, remove

func GenerateKeyPair 

func GenerateKeyPair(p *pb.Params, attrs *AttrCount) (*KeyPair, error)

GenerateKeyPair takes and constructs a keypair containing public and secret key for the CL scheme.

type MockRecordManager 

type MockRecordManager struct {
	// contains filtered or unexported fields
}

MockRecordManager is a mock implementation of the ReceiverRecordManager interface. It stores key-value pairs of nyms and corresponding receiver records in a map.

func NewMockRecordManager 

func NewMockRecordManager() *MockRecordManager

NewMockRecordManager initializes the map that will hold the data.

func (*MockRecordManager) Load 

func (rm *MockRecordManager) Load(nym *big.Int) (*ReceiverRecord, error)

func (*MockRecordManager) Store 

func (rm *MockRecordManager) Store(nym *big.Int, r *ReceiverRecord) error

type Org 

type Org struct {
	Params *pb.Params
	Group  *qr.RSASpecial // in this group attributes will be used as exponents (basis is PubKey.Rs...)

	U         *big.Int
	UVerifier *qr.RepresentationVerifier
	Keys      *KeyPair
	// contains filtered or unexported fields
}

func LoadOrg 

func LoadOrg(pubKeyPath, secKeyPath string) (*Org, error)

FIXME

func NewOrg 

func NewOrg(params *pb.Params, attrCount *AttrCount) (*Org, error)

func NewOrgFromParams 

func NewOrgFromParams(params *pb.Params, keys *KeyPair) (*Org, error)

FIXME

func (*Org) GenNonce 

func (o *Org) GenNonce() *big.Int

func (*Org) GetCredIssueNonce 

func (o *Org) GetCredIssueNonce() *big.Int

func (*Org) GetProveCredNonce 

func (o *Org) GetProveCredNonce() *big.Int

func (*Org) IssueCred 

func (o *Org) IssueCred(cr *CredRequest) (*CredResult, error)

func (*Org) ProveCred 

func (o *Org) ProveCred(A *big.Int, proof *qr.RepresentationProof,
	revealedKnownAttrsIndices, revealedCommitmentsOfAttrsIndices []int,
	revealedKnownAttrs, revealedCommitmentsOfAttrs []*big.Int,
	attrs []CredAttr, actual map[string]interface{}) (bool,
	error)

ProveCred proves the possession of a valid credential and reveals only the attributes the user desires to reveal. Which knownAttrs and commitmentsOfAttrs are to be revealed are given by revealedKnownAttrsIndices and revealedCommitmentsOfAttrsIndices parameters. Parameters knownAttrs and commitmentsOfAttrs must contain only Known attributes and commitments of attributes (of attributes for which only commitment is Known) which are to be revealed to the organization.

func (*Org) UpdateCred 

func (o *Org) UpdateCred(nym *big.Int, rec *ReceiverRecord, nonceUser *big.Int, newKnownAttrs []*big.Int) (*CredResult, error)

type PubKey 

type PubKey struct {
	N              *big.Int
	S              *big.Int
	Z              *big.Int
	RsKnown        []*big.Int // one R corresponds to one attribute - these attributes are Known to both - receiver and issuer
	RsCommitted    []*big.Int // issuer knows only commitments of these attributes
	RsHidden       []*big.Int // only receiver knows these attributes
	PedersenParams *pedersen.Params
	// the fields below are for commitments of the (Committed) attributes
	N1 *big.Int
	G  *big.Int
	H  *big.Int
}

PubKey is a public key for the CL scheme.

func NewPubKey 

func NewPubKey(g *qr.RSASpecial, p *pb.Params,
	attrs *AttrCount, recv *df.Receiver) (*PubKey,
	error)

NewPubKey accepts group g, parameters p and commitment receiver recv, and returns a public key for the CL scheme.

func (*PubKey) GenerateUserMasterSecret 

func (k *PubKey) GenerateUserMasterSecret() *big.Int

GenerateUserMasterSecret generates a secret key that needs to be encoded into every user's credential as a sharing prevention mechanism.

func (*PubKey) GetContext 

func (k *PubKey) GetContext() *big.Int

GetContext concatenates public parameters and returns a corresponding number.

type PubParams 

type PubParams struct {
	PubKey  *PubKey
	RawCred *RawCred // contains credential structure
	Config  *pb.Params
}

PubParams keeps all the public parameters for the scheme. These can be propagated from the server to the client.

type RawCred 

type RawCred struct {
	Attrs       map[int]CredAttr
	AttrIndices map[string]int
	AttrCount   *AttrCount
}

RawCred represents a credential to be used by application that executes the scheme to prove possesion of an anonymous credential.

func NewRawCred 

func NewRawCred(c *AttrCount) *RawCred

func (*RawCred) GetAttr 

func (c *RawCred) GetAttr(name string) (CredAttr, error)

func (*RawCred) GetAttrs 

func (c *RawCred) GetAttrs() map[int]CredAttr

func (*RawCred) GetCommittedVals 

func (c *RawCred) GetCommittedVals() []*big.Int

GetCommittedVals returns *big.Int values of Committed attributes. The returned elements are ordered by attribute's Index.

func (*RawCred) GetKnownVals 

func (c *RawCred) GetKnownVals() []*big.Int

GetKnownVals returns *big.Int values of Known attributes. The returned elements are ordered by attribute's Index.

func (*RawCred) String 

func (c *RawCred) String() string

func (*RawCred) UpdateAttr 

func (c *RawCred) UpdateAttr(name string, val interface{}) error

type ReceiverRecord 

type ReceiverRecord struct {
	KnownAttrs         []*big.Int
	CommitmentsOfAttrs []*big.Int
	Q                  *big.Int
	V11                *big.Int
	Context            *big.Int
}

func NewReceiverRecord 

func NewReceiverRecord(knownAttrs, commitmentsOfAttrs []*big.Int, Q, v11, context *big.Int) *ReceiverRecord

Returns ReceiverRecord which contains user data needed when updating the credential for this user.

func (*ReceiverRecord) MarshalBinary 

func (r *ReceiverRecord) MarshalBinary() ([]byte, error)

func (*ReceiverRecord) UnmarshalBinary 

func (r *ReceiverRecord) UnmarshalBinary(data []byte) error

type ReceiverRecordManager 

type ReceiverRecordManager interface {
	// Store stores the nym and the corresponding ReceiverRecord,
	// returning error in case the data was not successfully stored.
	Store(*big.Int, *ReceiverRecord) error

	// Load loads the ReceiverRecord associated with the given
	// nym, returning an error in case no record was found, or
	// in case of error in the interaction with the
	// storage backend.
	Load(*big.Int) (*ReceiverRecord, error)
}

ReceiverRecordManager manages receiver records tied to particular nyms.

type RedisClient 

type RedisClient struct {
	*redis.Client
}

RedisClient wraps a redis client in order to interact with the redis database for management of receiver records.

func NewRedisClient 

func NewRedisClient(c *redis.Client) *RedisClient

NewRedisClient accepts an instance of redis.Client and returns an instance of RedisClient.

func (*RedisClient) Load 

func (m *RedisClient) Load(nym *big.Int) (*ReceiverRecord, error)

func (*RedisClient) Store 

func (m *RedisClient) Store(nym *big.Int, r *ReceiverRecord) error

type RedisDataFetcher 

type RedisDataFetcher struct {
	*redis.Client
}

func NewRedisDataFetcher 

func NewRedisDataFetcher(c *redis.Client) *RedisDataFetcher

func (*RedisDataFetcher) FetchAttrData 

func (f *RedisDataFetcher) FetchAttrData() (map[string]interface{}, error)

type SecKey 

type SecKey struct {
	RsaPrimes                  *qr.RSASpecialPrimes
	AttributesSpecialRSAPrimes *qr.RSASpecialPrimes
}

SecKey is a secret key for the CL scheme.

func NewSecKey 

func NewSecKey(g *qr.RSASpecial, cr *df.Receiver) *SecKey

NewSecKey accepts group g and commitment receiver cr, and returns new secret key for the CL scheme.

type Server 

type Server struct {
	ReceiverRecordManager
	*Org

	SessMgr     anauth.SessManager
	SessStorer  anauth.SessStorer
	RegMgr      anauth.RegManager
	DataFetcher AttrDataFetcher
	// contains filtered or unexported fields
}

func NewServer 

func NewServer(recMgr ReceiverRecordManager, keys *KeyPair,
	v *viper.Viper) (*Server, error)

func (*Server) GetAcceptableCreds 

func (s *Server) GetAcceptableCreds(ctx context.Context,
	msg *pb.Empty) (*pb.AcceptableCreds, error)

func (*Server) GetPublicParams 

func (s *Server) GetPublicParams(ctx context.Context,
	msg *pb.Empty) (*pb.PublicParams, error)

func (*Server) Issue 

func (s *Server) Issue(stream pb.AnonCreds_IssueServer) error

func (*Server) Prove 

func (s *Server) Prove(stream pb.AnonCreds_ProveServer) error

func (*Server) RegisterTo 

func (s *Server) RegisterTo(grpcSrv *grpc.Server)

func (*Server) Update 

func (s *Server) Update(ctx context.Context, req *pb.CredUpdateRequest) (*pb.IssuedCred, error)

type StrAttr 

type StrAttr struct {
	Val string
	*Attr
}

func NewEmptyStrAttr 

func NewEmptyStrAttr(name string, known bool) *StrAttr

func NewStrAttr 

func NewStrAttr(name, val string, known bool) (*StrAttr,
	error)

func (*StrAttr) String 

func (a *StrAttr) String() string

func (*StrAttr) UpdateValue 

func (a *StrAttr) UpdateValue(s interface{}) error

func (*StrAttr) ValidateAgainst 

func (a *StrAttr) ValidateAgainst(v interface{}) (bool, error)

type Validatable 

type Validatable interface {
	ValidateAgainst(interface{}) (bool, error)
}

Validatable validates against a credential attribute.

Source Files

View all Source files

Directories

Path Synopsis
Package clpb is a generated protocol buffer package.
 Package clpb is a generated protocol buffer package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.