public static void MyClassInitialize(TestContext testContext)
{
//
// generate issuer parameters
//
IssuerSetupParameters isp = new IssuerSetupParameters(maxNumberOfAttributes);
isp.UidP = new byte[] { (byte)0 };
//isp.NumberOfAttributes = 1;
isp.E = new byte[] { (byte)0 }; // encode xid directly has an
IssuerKeyAndParameters ikap = isp.Generate();
ip = ikap.IssuerParameters;
//
// issue a token
//
xid = ip.Gq.FieldZq.GetRandomElement(false);
IssuerProtocolParameters ipp = new IssuerProtocolParameters(ikap);
ProverProtocolParameters ppp = new ProverProtocolParameters(ip);
attributes = new byte[][] { xid.ToByteArray() };
ipp.Attributes = ppp.Attributes = attributes;
ipp.NumberOfTokens = ppp.NumberOfTokens = 1;
Issuer issuer = ipp.CreateIssuer();
Prover prover = ppp.CreateProver();
upkt = prover.GenerateTokens(issuer.GenerateThirdMessage(prover.GenerateSecondMessage(issuer.GenerateFirstMessage())))[0];
}
public static bool Verify(UProveKeyAndToken ukat, object obj)
{
if (obj == null)
{
return(false);
}
if (Object.ReferenceEquals(obj, ukat))
{
return(true);
}
UProveKeyAndToken upkt_obj = obj as UProveKeyAndToken;
if (upkt_obj == null)
{
return(false);
}
if (upkt_obj.PrivateKey.Equals(ukat.PrivateKey) == false)
{
return(false);
}
if (Verify(ukat.Token, upkt_obj.Token) == false)
{
return(false);
}
return(true);
}
/// <summary>
/// first method to call - Initializes the ProverProof by generating the PresentationProof
/// </summary>
/// <param name="ip">IssuerParameter from the Issuer of the given token</param>
/// <param name="attributes">Attributes which are included in the given token</param>
/// <param name="proofRequirements">Necessary informations for creating the proofs (e.g. disclosedAttributes)</param>
/// <param name="tokenWithKey">Token for which the proof will be done</param>
/// <param name="supportedDateAttributes">If there is a RangeProof done, all date attributes where treated and formated especially</param>
/// <param name="devicePresentationContext">If there was a device involved during the token generation, the context from the device is needed to generate the
/// PresentationProof as well</param>
/// <returns>returns the proof for the given token as json object or an error</returns>
public string Init(IssuerParameters ip, List <BasicClaim> attributes, ProofRequirements proofRequirements,
UProveKeyAndToken tokenWithKey, List <string> supportedDateAttributes,
IDevicePresentationContext devicePresentationContext)
{
try
{
LogService.Log(LogService.LogType.Info, "ProverProof - init called");
this.ip = ip;
this.proofRequirements = proofRequirements;
ci.CreateBase64ForAttributeList(attributes, supportedDateAttributes, out rangeProofProperties);
attributesToInclude = ci.ConvertAttributeListToBase64ByteArray(attributes);
pppp = new ProverPresentationProtocolParameters(this.ip, proofRequirements.disclosedAttributes,
proofRequirements.message, tokenWithKey, attributesToInclude);
pppp.Committed = proofRequirements.committedAttributes;
//// TODO
//// if a scope is defined, we use the first attribute to derive a scope exclusive pseudonym
//pppp.PseudonymAttributeIndex = (proofRequirements.scope == null ? 0 : 1);
//pppp.PseudonymScope = proofRequirements.scope;
// add device presentation context to the provers presentation context
if (this.ip.IsDeviceSupported && devicePresentationContext != null)
{
pppp.SetDeviceData(proofRequirements.deviceMessage, devicePresentationContext);
}
// generate proof
PresentationProof pProof = PresentationProof.Generate(pppp, out cpv);
LogService.Log(LogService.LogType.Info, "ProverProof - init presentation proof generated");
proof = parser.ParseJsonToObject <Proof>(this.ip.Serialize <PresentationProof>(pProof));
proof.requirements = proofRequirements;
string proofJson = parser.ParseObjectToJson(proof);
LogService.Log(LogService.LogType.Info, "ProverProof - proof created: " + proofJson);
return(proofJson);
}
catch (Exception e)
{
LogService.Log(LogService.LogType.FatalError, "ProverProof - Error during prover setup.", e);
throw new CommunicationException("ProverProof - Error during ProverProof init; " + e);
}
}
public PresentationProofComposite proveToken(string[] attributesParam, int[] disclosedIndices, int[] committedIndices, string messageParam, string verifierScopeParam, IssuerParametersComposite ipc, UProveTokenComposite tokenComposite, byte[] tokenPrivateKeyParam, string sessionID)
{
/*
* token presentation
*/
cOut.write("Presenting a U-Prove token");
VerifySessionId(sessionID);
try
{
// specify the attribute values agreed to by the Issuer and Prover
int numberOfAttributes = attributesParam.Length;
byte[][] attributes = new byte[numberOfAttributes][];
for (int i = 0; i < numberOfAttributes; i++)
{
attributes[i] = encoding.GetBytes(attributesParam[i]);
}
IssuerParameters ip = ConvertUtils.convertIssuerParametersComposite(ipc, sessionDB[sessionID]);
// the application-specific message that the prover will sign. Typically this is a nonce combined
// with any application-specific transaction data to be signed.
byte[] message = encoding.GetBytes(messageParam);
// the application-specific verifier scope from which a scope-exclusive pseudonym will be created
// (if null, then a pseudonym will not be presented)
byte[] scope = null;
if (verifierScopeParam != null && verifierScopeParam != "null")
{
scope = encoding.GetBytes(verifierScopeParam);
}
// generate the presentation proof
UProveToken uProveToken = ConvertUtils.convertUProveTokenComposite(ip, tokenComposite);
byte[] bigInt = tokenPrivateKeyParam;
DeviceManager dManager = sessionDB[sessionID].deviceManager;
UProveKeyAndToken keyAndToken = new UProveKeyAndToken();
keyAndToken.PrivateKey = new BigInteger(1, bigInt);
keyAndToken.Token = uProveToken;
byte[] proofSession = null;
if (!dManager.IsVirtualDevice)
{
SmartCardDevice smartDevice = (SmartCardDevice)dManager.GetDevice();
smartDevice.ProofSession = smartDevice.Device.BeginCommitment(1);
byte[] proofSessionRaw = smartDevice.ProofSession;
proofSession = new byte[1 + proofSessionRaw.Length];
proofSession[0] = 1;
Buffer.BlockCopy(proofSessionRaw, 0, proofSession, 1, proofSessionRaw.Length);
}
BigInteger[] commitmentValues;
PresentationProof p =
PresentationProof.Generate(ip,
disclosedIndices,
committedIndices,
scope != null ? DevicePseudonymIndex : 0,
scope,
message,
proofSession,
dManager.GetDevice().GetPresentationContext(),
keyAndToken,
attributes,
out commitmentValues);
#if DEBUG
dManager.pDebug = p;
#endif
return(ConvertUtils.convertPresentationProof(p, commitmentValues, ProtocolHelper.ComputeTokenID(ip, uProveToken), proofSession));
}
catch (Exception e)
{
cOut.write(e.ToString());
DebugUtils.DebugPrint(e.StackTrace.ToString());
}
return(null);
}
private static CommitmentPrivateValues PresentUProveToken(IssuerParameters ip, UProveKeyAndToken upkt, byte[][] attributes, int[] disclosed, int[] committed, byte[] message, byte[] scope, IDevice device, byte[] deviceMessage)
{
WriteLine("Presenting one token");
// the returned commitment randomizer (to be used by an external proof module)
CommitmentPrivateValues cpv;
// generate the presentation proof
string token = ip.Serialize <UProveToken>(upkt.Token);
ProverPresentationProtocolParameters pppp = new ProverPresentationProtocolParameters(ip, disclosed, message, upkt, attributes);
pppp.Committed = committed;
// if a scope is defined, we use the first attribute to derive a scope exclusive pseudonym
pppp.PseudonymAttributeIndex = (scope == null ? 0 : 1);
pppp.PseudonymScope = scope;
if (device != null)
{
pppp.SetDeviceData(deviceMessage, device.GetPresentationContext());
}
pppp.KeyAndToken = upkt;
pppp.Attributes = attributes;
string proof = ip.Serialize <PresentationProof>(PresentationProof.Generate(pppp, out cpv));
// verify the presentation proof
VerifierPresentationProtocolParameters vppp = new VerifierPresentationProtocolParameters(ip, disclosed, message, ip.Deserialize <UProveToken>(token));
vppp.Committed = committed;
// if a scope is defined, we use the first attribute to derive a scope exclusive pseudonym
vppp.PseudonymAttributeIndex = (scope == null ? 0 : 1);
vppp.PseudonymScope = scope;
vppp.DeviceMessage = deviceMessage;
ip.Deserialize <PresentationProof>(proof).Verify(vppp);
return(cpv);
}
public void TestSerialization()
{
// Create IssuerSetupParameters
System.Text.UTF8Encoding encoding = new System.Text.UTF8Encoding();
for (int i = 0; i <= 1; i++)
{
for (int j = 0; j <= 1; j++)
{
bool useCustomGroup = (i == 0);
bool useSubgroupConstruction = (j == 0);
IssuerSetupParameters isp = new IssuerSetupParameters();
if (useSubgroupConstruction)
{
isp.GroupConstruction = GroupType.Subgroup;
if (useCustomGroup)
{
byte[] p = HexToBytes("d21ae8d66e6c6b3ced0eb3df1a26c91bdeed013c17d849d30ec309813e4d3799f26db0d494e82ec61ea9fdc70bb5cbcaf2e5f18a836494f58e67c6d616480c37a7f2306101fc9f0f4768f9c9793c2be176b0b7c979b4065d3e835686a3f0b8420c6834cb17930386dedab2b07dd473449a48baab316286b421052475d134cd3b");
byte[] q = HexToBytes("fff80ae19daebc61f46356af0935dc0e81148eb1");
byte[] g = HexToBytes("abcec972e9a9dd8d133270cfeac26f726e567d964757630d6bd43460d0923a46aec0ace255ebf3ddd4b1c4264f53e68b361afb777a13cf0067dae364a34d55a0965a6cccf78852782923813cf8708834d91f6557d783ec75b5f37cd9185f027b042c1c72e121b1266a408be0bb7270d65917b69083633e1f3cd60624612fc8c1");
isp.Gq = SubgroupGroup.CreateSubgroupGroup(
p,
q,
g,
null,
null);
isp.UidH = "SHA1";
}
}
else
{
isp.GroupConstruction = GroupType.ECC;
if (useCustomGroup)
{
continue;
}
}
isp.UidP = encoding.GetBytes("http://issuer/uprove/issuerparams/software");
isp.E = IssuerSetupParameters.GetDefaultEValues(3);
isp.S = encoding.GetBytes("application-specific specification");
// Generate IssuerKeyAndParameters
IssuerKeyAndParameters ikap = isp.Generate();
// Create an IssuerParameters
IssuerParameters ip = ikap.IssuerParameters;
VerifySerialization(useCustomGroup, useSubgroupConstruction, ip, ikap);
VerifySerialization(useCustomGroup, useSubgroupConstruction, ip, ikap.IssuerParameters);
// specify the attribute values
byte[][] attributes = new byte[][] {
encoding.GetBytes("first attribute value"),
encoding.GetBytes("second attribute value"),
encoding.GetBytes("third attribute value")
};
// specify the special field values
byte[] tokenInformation = encoding.GetBytes("token information value");
byte[] proverInformation = encoding.GetBytes("prover information value");
// specify the number of tokens to issue
int numberOfTokens = 5;
// setup the issuer and generate the first issuance message
IssuerProtocolParameters ipp = new IssuerProtocolParameters(ikap);
ipp.Attributes = attributes;
ipp.NumberOfTokens = numberOfTokens;
ipp.TokenInformation = tokenInformation;
Issuer issuer = ipp.CreateIssuer();
FirstIssuanceMessage firstMessage = issuer.GenerateFirstMessage();
VerifySerialization(useCustomGroup, useSubgroupConstruction, ip, firstMessage);
// setup the prover and generate the second issuance message
Prover prover = new Prover(ip, numberOfTokens, attributes, tokenInformation, proverInformation, null);
SecondIssuanceMessage secondMessage = prover.GenerateSecondMessage(firstMessage);
VerifySerialization(useCustomGroup, useSubgroupConstruction, ip, secondMessage);
// generate the third issuance message
ThirdIssuanceMessage thirdMessage = issuer.GenerateThirdMessage(secondMessage);
VerifySerialization(useCustomGroup, useSubgroupConstruction, ip, thirdMessage);
// generate the tokens
UProveKeyAndToken[] upkt = prover.GenerateTokens(thirdMessage);
for (int k = 0; k < upkt.Length; k++)
{
string json = ip.Serialize(upkt[k]);
UProveKeyAndToken upkt_fromJson = ip.Deserialize <UProveKeyAndToken>(json);
Assert.IsTrue(Verify(upkt[k], upkt_fromJson));
}
VerifySerialization(useCustomGroup, useSubgroupConstruction, ip, upkt[0].Token);
/*
* token presentation
*/
// the indices of disclosed attributes
int[] disclosed = new int[] { 2 };
// the indices of committed attributes
int[] committed = new int[] { 3 };
// the returned commitment randomizers, to be used by an external proof module
FieldZqElement[] tildeO;
// the application-specific message that the prover will sign. Typically this is a nonce combined
// with any application-specific transaction data to be signed.
byte[] message = encoding.GetBytes("message");
// the application-specific verifier scope from which a scope-exclusive pseudonym will be created
// (if null, then a pseudonym will not be presented)
byte[] scope = encoding.GetBytes("verifier scope");
// generate the presentation proof
PresentationProof proof = PresentationProof.Generate(ip, disclosed, committed, 1, scope, message, null, null, upkt[0], attributes, out tildeO);
VerifySerialization(useCustomGroup, useSubgroupConstruction, ip, proof);
// verify the presentation proof
proof.Verify(ip, disclosed, committed, 1, scope, message, null, upkt[0].Token);
}
}
}
public void TestSerializationReference()
{
// Create IssuerSetupParameters
System.Text.UTF8Encoding encoding = new System.Text.UTF8Encoding();
foreach (string fileName in Directory.GetFiles("SerializationReference"))
{
FileStream f = File.OpenRead(fileName);
BinaryFormatter bf = new BinaryFormatter();
object[] parameters = (object[])bf.Deserialize(f);
f.Close();
bool useCustomGroup = (bool)parameters[0];
bool useSubgroupConstruction = (bool)parameters[1];
string typeName = (string)parameters[2];
string json = (string)parameters[3];
IssuerSetupParameters isp = new IssuerSetupParameters();
if (useSubgroupConstruction)
{
isp.GroupConstruction = GroupType.Subgroup;
if (useCustomGroup)
{
byte[] p = HexToBytes("d21ae8d66e6c6b3ced0eb3df1a26c91bdeed013c17d849d30ec309813e4d3799f26db0d494e82ec61ea9fdc70bb5cbcaf2e5f18a836494f58e67c6d616480c37a7f2306101fc9f0f4768f9c9793c2be176b0b7c979b4065d3e835686a3f0b8420c6834cb17930386dedab2b07dd473449a48baab316286b421052475d134cd3b");
byte[] q = HexToBytes("fff80ae19daebc61f46356af0935dc0e81148eb1");
byte[] g = HexToBytes("abcec972e9a9dd8d133270cfeac26f726e567d964757630d6bd43460d0923a46aec0ace255ebf3ddd4b1c4264f53e68b361afb777a13cf0067dae364a34d55a0965a6cccf78852782923813cf8708834d91f6557d783ec75b5f37cd9185f027b042c1c72e121b1266a408be0bb7270d65917b69083633e1f3cd60624612fc8c1");
isp.Gq = SubgroupGroup.CreateSubgroupGroup(
p,
q,
g,
null,
null);
isp.UidH = "SHA1";
}
}
else
{
isp.GroupConstruction = GroupType.ECC;
if (useCustomGroup)
{
continue;
}
}
isp.UidP = encoding.GetBytes("http://issuer/uprove/issuerparams/software");
isp.E = IssuerSetupParameters.GetDefaultEValues(3);
isp.S = encoding.GetBytes("application-specific specification");
// Generate IssuerKeyAndParameters
IssuerKeyAndParameters ikap = isp.Generate();
// Create an IssuerParameters
IssuerParameters ip = ikap.IssuerParameters;
// check that we didn't send any null fields
Assert.IsFalse(json.Contains(":null"));
string roundTrip = "";
if (typeName == "UProveCrypto.IssuerParameters")
{
IssuerParameters obj = ip.Deserialize <IssuerParameters>(json);
roundTrip = ip.Serialize <IssuerParameters>(obj);
}
else if (typeName == "UProveCrypto.IssuerKeyAndParameters")
{
IssuerKeyAndParameters obj = ip.Deserialize <IssuerKeyAndParameters>(json);
roundTrip = ip.Serialize <IssuerKeyAndParameters>(obj);
}
else if (typeName == "UProveCrypto.FirstIssuanceMessage")
{
FirstIssuanceMessage obj = ip.Deserialize <FirstIssuanceMessage>(json);
roundTrip = ip.Serialize <FirstIssuanceMessage>(obj);
}
else if (typeName == "UProveCrypto.SecondIssuanceMessage")
{
SecondIssuanceMessage obj = ip.Deserialize <SecondIssuanceMessage>(json);
roundTrip = ip.Serialize <SecondIssuanceMessage>(obj);
}
else if (typeName == "UProveCrypto.ThirdIssuanceMessage")
{
ThirdIssuanceMessage obj = ip.Deserialize <ThirdIssuanceMessage>(json);
roundTrip = ip.Serialize <ThirdIssuanceMessage>(obj);
}
else if (typeName == "UProveCrypto.UProveKeyAndToken")
{
UProveKeyAndToken obj = ip.Deserialize <UProveKeyAndToken>(json);
roundTrip = ip.Serialize <UProveKeyAndToken>(obj);
}
else if (typeName == "UProveCrypto.UProveToken")
{
UProveToken obj = ip.Deserialize <UProveToken>(json);
roundTrip = ip.Serialize <UProveToken>(obj);
}
else if (typeName == "UProveCrypto.PresentationProof")
{
PresentationProof obj = ip.Deserialize <PresentationProof>(json);
roundTrip = ip.Serialize <PresentationProof>(obj);
}
else
{
Assert.Fail("Unrecognized type " + typeName + " in SerializationReference files");
}
Assert.AreEqual(json, roundTrip);
}
}