public static void GenerateTestIssuanceParameters(string uidp, string spec, int numberOfAttributes, bool useRecommendedParameters, int numberOfTokens, out IssuerKeyAndParameters ikap, out IssuerProtocolParameters ipp, out ProverProtocolParameters ppp)
        {
            IssuerSetupParameters isp = new IssuerSetupParameters(maxNumberOfAttributes);

            isp.UidP = (uidp == null ? null : encoding.GetBytes(uidp));
            isp.E    = IssuerSetupParameters.GetDefaultEValues(numberOfAttributes);
            isp.UseRecommendedParameterSet = useRecommendedParameters;
            isp.S = (spec == null ? null : encoding.GetBytes(spec));
            ikap  = isp.Generate();
            IssuerParameters ip = ikap.IssuerParameters;

            // Issuance
            byte[][] attributes = new byte[numberOfAttributes][];
            for (int i = 0; i < numberOfAttributes; i++)
            {
                attributes[i] = encoding.GetBytes("attribute value " + (i + 1));
            }
            byte[] tokenInformation  = encoding.GetBytes("token information field");
            byte[] proverInformation = encoding.GetBytes("prover information field");

            ipp                  = new IssuerProtocolParameters(ikap);
            ipp.Attributes       = attributes;
            ipp.NumberOfTokens   = numberOfTokens;
            ipp.TokenInformation = tokenInformation;

            ppp                   = new ProverProtocolParameters(ip);
            ppp.Attributes        = attributes;
            ppp.NumberOfTokens    = numberOfTokens;
            ppp.TokenInformation  = tokenInformation;
            ppp.ProverInformation = proverInformation;
        }
        public IssuerKeyAndParameters CreateIssuerSetupParameters(IssuerSetupParametersSpec spec)
        {
            IssuerSetupParameters isp = new IssuerSetupParameters();

            isp.GroupConstruction = spec.GroupConstruction ?? GroupType.Subgroup;
            isp.UidP = ExtensionMethods.ToByteArray(spec.IssuerID);
            isp.E    = spec.AttributeEncoding != null ? spec.AttributeEncoding : IssuerSetupParameters.GetDefaultEValues(spec.NumberOfAttributes);
            isp.UseRecommendedParameterSet = spec.UseRecommendedParameterSet ?? true;

            if (issuerStore.HasValue(spec.IssuerID) && spec.StoreOnServer)
            {
                ApiArgumentFault fault = new ApiArgumentFault();
                fault.Details       = "Issuer with unique ID was found";
                fault.Argument      = "IssuerSetupParametersSpec.ID";
                fault.ArgumentValue = spec.ParameterSetName;
                throw new FaultException <ApiArgumentFault>(fault);
            }

            // look up ParameterSet.
            if (isp.UseRecommendedParameterSet)
            {
                isp.ParameterSet = IssuerSetupParameters.GetDefaultParameterSet(isp.GroupConstruction);
                // XXX add a check here to see if the name of the default parameterset is that same as
                // specified in spec.ParameterSetName and that match with the sha method specified.
            }
            else
            {
                ParameterSet pSet;
                if (ParameterSet.TryGetNamedParameterSet(spec.ParameterSetName, out pSet))
                {
                    isp.ParameterSet = pSet;
                }
                else
                {
                    ApiArgumentFault fault = new ApiArgumentFault();
                    fault.Details       = "Member value vas not found";
                    fault.Argument      = "IssuerSetupParametersSpec.ParameterSetName";
                    fault.ArgumentValue = spec.ParameterSetName;
                    throw new FaultException <ApiArgumentFault>(fault);
                }
            }

            // specification field unused in ABC4Trust
            isp.S = null;

            IssuerKeyAndParameters issuerKeyParam = isp.Generate(true);

            if (spec.StoreOnServer)
            {
                issuerStore.AddValue(spec.IssuerID, issuerKeyParam);
            }
            return(issuerKeyParam);
        }
        public void VerifyIssuerParametersTest()
        {
            IssuerSetupParameters isp = new IssuerSetupParameters();

            isp.UidP = new byte[] { 1, 2, 3, 4, 5 };
            isp.E    = IssuerSetupParameters.GetDefaultEValues(7);
            isp.UseRecommendedParameterSet = false;
            isp.GroupConstruction          = GroupType.Subgroup;
            IssuerKeyAndParameters ikap = isp.Generate();
            IssuerParameters       ip   = ikap.IssuerParameters;

            ProtocolHelper.VerifyIssuerParameters(ip, false);
            byte[] g0Bytes = ip.G[0].GetEncoded();
            g0Bytes[g0Bytes.Length - 1]++;
            ip.G[0] = (SubgroupGroupElement)ip.Gq.CreateGroupElement(g0Bytes);
            try { ProtocolHelper.VerifyIssuerParameters(ip, false); Assert.Fail(); } catch (InvalidUProveArtifactException) { }
        }
        private void RunFuzzedTest(bool useSubgroupConstruction, string hashFunction, int numberOfAttributes, bool supportDevice, int numberOfTokens, int[] dArray, int[] cArray, int pseudonymIndex)
        {
            // Issuer setup
            IssuerSetupParameters isp = new IssuerSetupParameters();

            isp.GroupConstruction = useSubgroupConstruction ? GroupType.Subgroup : GroupType.ECC;
            isp.UidP = GetRandomBytes(MaxByteArrayLength);
            isp.UidH = hashFunction;
            isp.E    = IssuerSetupParameters.GetDefaultEValues(numberOfAttributes);
            isp.S    = GetRandomBytes(MaxByteArrayLength);
            IssuerKeyAndParameters ikap = isp.Generate(supportDevice);
            IssuerParameters       ip   = ikap.IssuerParameters;

            ip.Verify();

            IDevice      device = null;
            GroupElement hd     = null;

            if (supportDevice)
            {
                device = new VirtualDevice(ip);
                hd     = device.GetDevicePublicKey();
            }

            // Issuance
            byte[][] attributes = new byte[numberOfAttributes][];
            for (int index = 0; index < numberOfAttributes; index++)
            {
                attributes[index] = GetRandomBytes(MaxByteArrayLength);
            }
            byte[] tokenInformation  = GetRandomBytes(MaxByteArrayLength);
            byte[] proverInformation = GetRandomBytes(MaxByteArrayLength);

            IssuerProtocolParameters ipp = new IssuerProtocolParameters(ikap);

            ipp.Attributes       = attributes;
            ipp.NumberOfTokens   = numberOfTokens;
            ipp.TokenInformation = tokenInformation;
            ipp.DevicePublicKey  = hd;
            Issuer issuer = ipp.CreateIssuer();

            string msg1 = ip.Serialize(issuer.GenerateFirstMessage());

            ProverProtocolParameters ppp = new ProverProtocolParameters(ip);

            ppp.Attributes        = attributes;
            ppp.NumberOfTokens    = numberOfTokens;
            ppp.TokenInformation  = tokenInformation;
            ppp.ProverInformation = proverInformation;
            ppp.DevicePublicKey   = hd;
            Prover prover = ppp.CreateProver();
            string msg2   = ip.Serialize(prover.GenerateSecondMessage(ip.Deserialize <FirstIssuanceMessage>(msg1)));
            string msg3   = ip.Serialize(issuer.GenerateThirdMessage(ip.Deserialize <SecondIssuanceMessage>(msg2)));

            // issue token
            UProveKeyAndToken[] upkt = prover.GenerateTokens(ip.Deserialize <ThirdIssuanceMessage>(msg3));

            // Presentation
            byte[] message       = GetRandomBytes(MaxByteArrayLength);
            byte[] deviceMessage = null;
            IDevicePresentationContext deviceContext = null;

            if (supportDevice)
            {
                deviceMessage = GetRandomBytes(MaxByteArrayLength);
                deviceContext = device.GetPresentationContext();
            }
            int tokenIndex = random.Next(upkt.Length);

            // generate the presentation proof
            PresentationProof proof = PresentationProof.Generate(ip, dArray, message, deviceMessage, deviceContext, upkt[tokenIndex], attributes);

            // verify the presentation proof
            proof.Verify(ip, dArray, message, deviceMessage, upkt[tokenIndex].Token);
        }
Example #5
0
        public void TestSerialization()
        {
            // Create IssuerSetupParameters
            System.Text.UTF8Encoding encoding = new System.Text.UTF8Encoding();

            for (int i = 0; i <= 1; i++)
            {
                for (int j = 0; j <= 1; j++)
                {
                    bool useCustomGroup          = (i == 0);
                    bool useSubgroupConstruction = (j == 0);

                    IssuerSetupParameters isp = new IssuerSetupParameters();
                    if (useSubgroupConstruction)
                    {
                        isp.GroupConstruction = GroupType.Subgroup;
                        if (useCustomGroup)
                        {
                            byte[] p = HexToBytes("d21ae8d66e6c6b3ced0eb3df1a26c91bdeed013c17d849d30ec309813e4d3799f26db0d494e82ec61ea9fdc70bb5cbcaf2e5f18a836494f58e67c6d616480c37a7f2306101fc9f0f4768f9c9793c2be176b0b7c979b4065d3e835686a3f0b8420c6834cb17930386dedab2b07dd473449a48baab316286b421052475d134cd3b");
                            byte[] q = HexToBytes("fff80ae19daebc61f46356af0935dc0e81148eb1");
                            byte[] g = HexToBytes("abcec972e9a9dd8d133270cfeac26f726e567d964757630d6bd43460d0923a46aec0ace255ebf3ddd4b1c4264f53e68b361afb777a13cf0067dae364a34d55a0965a6cccf78852782923813cf8708834d91f6557d783ec75b5f37cd9185f027b042c1c72e121b1266a408be0bb7270d65917b69083633e1f3cd60624612fc8c1");
                            isp.Gq = SubgroupGroup.CreateSubgroupGroup(
                                p,
                                q,
                                g,
                                null,
                                null);
                            isp.UidH = "SHA1";
                        }
                    }
                    else
                    {
                        isp.GroupConstruction = GroupType.ECC;
                        if (useCustomGroup)
                        {
                            continue;
                        }
                    }

                    isp.UidP = encoding.GetBytes("http://issuer/uprove/issuerparams/software");
                    isp.E    = IssuerSetupParameters.GetDefaultEValues(3);
                    isp.S    = encoding.GetBytes("application-specific specification");

                    // Generate IssuerKeyAndParameters
                    IssuerKeyAndParameters ikap = isp.Generate();

                    // Create an IssuerParameters
                    IssuerParameters ip = ikap.IssuerParameters;

                    VerifySerialization(useCustomGroup, useSubgroupConstruction, ip, ikap);
                    VerifySerialization(useCustomGroup, useSubgroupConstruction, ip, ikap.IssuerParameters);

                    // specify the attribute values
                    byte[][] attributes = new byte[][] {
                        encoding.GetBytes("first attribute value"),
                        encoding.GetBytes("second attribute value"),
                        encoding.GetBytes("third attribute value")
                    };

                    // specify the special field values
                    byte[] tokenInformation  = encoding.GetBytes("token information value");
                    byte[] proverInformation = encoding.GetBytes("prover information value");

                    // specify the number of tokens to issue
                    int numberOfTokens = 5;

                    // setup the issuer and generate the first issuance message
                    IssuerProtocolParameters ipp = new IssuerProtocolParameters(ikap);
                    ipp.Attributes       = attributes;
                    ipp.NumberOfTokens   = numberOfTokens;
                    ipp.TokenInformation = tokenInformation;
                    Issuer issuer = ipp.CreateIssuer();
                    FirstIssuanceMessage firstMessage = issuer.GenerateFirstMessage();
                    VerifySerialization(useCustomGroup, useSubgroupConstruction, ip, firstMessage);

                    // setup the prover and generate the second issuance message
                    Prover prover = new Prover(ip, numberOfTokens, attributes, tokenInformation, proverInformation, null);
                    SecondIssuanceMessage secondMessage = prover.GenerateSecondMessage(firstMessage);
                    VerifySerialization(useCustomGroup, useSubgroupConstruction, ip, secondMessage);

                    // generate the third issuance message
                    ThirdIssuanceMessage thirdMessage = issuer.GenerateThirdMessage(secondMessage);
                    VerifySerialization(useCustomGroup, useSubgroupConstruction, ip, thirdMessage);

                    // generate the tokens
                    UProveKeyAndToken[] upkt = prover.GenerateTokens(thirdMessage);

                    for (int k = 0; k < upkt.Length; k++)
                    {
                        string            json          = ip.Serialize(upkt[k]);
                        UProveKeyAndToken upkt_fromJson = ip.Deserialize <UProveKeyAndToken>(json);
                        Assert.IsTrue(Verify(upkt[k], upkt_fromJson));
                    }

                    VerifySerialization(useCustomGroup, useSubgroupConstruction, ip, upkt[0].Token);

                    /*
                     *  token presentation
                     */
                    // the indices of disclosed attributes
                    int[] disclosed = new int[] { 2 };
                    // the indices of committed attributes
                    int[] committed = new int[] { 3 };
                    // the returned commitment randomizers, to be used by an external proof module
                    FieldZqElement[] tildeO;
                    // the application-specific message that the prover will sign. Typically this is a nonce combined
                    // with any application-specific transaction data to be signed.
                    byte[] message = encoding.GetBytes("message");
                    // the application-specific verifier scope from which a scope-exclusive pseudonym will be created
                    // (if null, then a pseudonym will not be presented)
                    byte[] scope = encoding.GetBytes("verifier scope");
                    // generate the presentation proof
                    PresentationProof proof = PresentationProof.Generate(ip, disclosed, committed, 1, scope, message, null, null, upkt[0], attributes, out tildeO);
                    VerifySerialization(useCustomGroup, useSubgroupConstruction, ip, proof);

                    // verify the presentation proof
                    proof.Verify(ip, disclosed, committed, 1, scope, message, null, upkt[0].Token);
                }
            }
        }
Example #6
0
        public void TestSerializationReference()
        {
            // Create IssuerSetupParameters
            System.Text.UTF8Encoding encoding = new System.Text.UTF8Encoding();
            foreach (string fileName in Directory.GetFiles("SerializationReference"))
            {
                FileStream      f          = File.OpenRead(fileName);
                BinaryFormatter bf         = new BinaryFormatter();
                object[]        parameters = (object[])bf.Deserialize(f);
                f.Close();

                bool   useCustomGroup          = (bool)parameters[0];
                bool   useSubgroupConstruction = (bool)parameters[1];
                string typeName = (string)parameters[2];
                string json     = (string)parameters[3];

                IssuerSetupParameters isp = new IssuerSetupParameters();
                if (useSubgroupConstruction)
                {
                    isp.GroupConstruction = GroupType.Subgroup;
                    if (useCustomGroup)
                    {
                        byte[] p = HexToBytes("d21ae8d66e6c6b3ced0eb3df1a26c91bdeed013c17d849d30ec309813e4d3799f26db0d494e82ec61ea9fdc70bb5cbcaf2e5f18a836494f58e67c6d616480c37a7f2306101fc9f0f4768f9c9793c2be176b0b7c979b4065d3e835686a3f0b8420c6834cb17930386dedab2b07dd473449a48baab316286b421052475d134cd3b");
                        byte[] q = HexToBytes("fff80ae19daebc61f46356af0935dc0e81148eb1");
                        byte[] g = HexToBytes("abcec972e9a9dd8d133270cfeac26f726e567d964757630d6bd43460d0923a46aec0ace255ebf3ddd4b1c4264f53e68b361afb777a13cf0067dae364a34d55a0965a6cccf78852782923813cf8708834d91f6557d783ec75b5f37cd9185f027b042c1c72e121b1266a408be0bb7270d65917b69083633e1f3cd60624612fc8c1");
                        isp.Gq = SubgroupGroup.CreateSubgroupGroup(
                            p,
                            q,
                            g,
                            null,
                            null);
                        isp.UidH = "SHA1";
                    }
                }
                else
                {
                    isp.GroupConstruction = GroupType.ECC;
                    if (useCustomGroup)
                    {
                        continue;
                    }
                }

                isp.UidP = encoding.GetBytes("http://issuer/uprove/issuerparams/software");
                isp.E    = IssuerSetupParameters.GetDefaultEValues(3);
                isp.S    = encoding.GetBytes("application-specific specification");

                // Generate IssuerKeyAndParameters
                IssuerKeyAndParameters ikap = isp.Generate();

                // Create an IssuerParameters
                IssuerParameters ip = ikap.IssuerParameters;

                // check that we didn't send any null fields
                Assert.IsFalse(json.Contains(":null"));

                string roundTrip = "";
                if (typeName == "UProveCrypto.IssuerParameters")
                {
                    IssuerParameters obj = ip.Deserialize <IssuerParameters>(json);
                    roundTrip = ip.Serialize <IssuerParameters>(obj);
                }
                else if (typeName == "UProveCrypto.IssuerKeyAndParameters")
                {
                    IssuerKeyAndParameters obj = ip.Deserialize <IssuerKeyAndParameters>(json);
                    roundTrip = ip.Serialize <IssuerKeyAndParameters>(obj);
                }
                else if (typeName == "UProveCrypto.FirstIssuanceMessage")
                {
                    FirstIssuanceMessage obj = ip.Deserialize <FirstIssuanceMessage>(json);
                    roundTrip = ip.Serialize <FirstIssuanceMessage>(obj);
                }
                else if (typeName == "UProveCrypto.SecondIssuanceMessage")
                {
                    SecondIssuanceMessage obj = ip.Deserialize <SecondIssuanceMessage>(json);
                    roundTrip = ip.Serialize <SecondIssuanceMessage>(obj);
                }
                else if (typeName == "UProveCrypto.ThirdIssuanceMessage")
                {
                    ThirdIssuanceMessage obj = ip.Deserialize <ThirdIssuanceMessage>(json);
                    roundTrip = ip.Serialize <ThirdIssuanceMessage>(obj);
                }
                else if (typeName == "UProveCrypto.UProveKeyAndToken")
                {
                    UProveKeyAndToken obj = ip.Deserialize <UProveKeyAndToken>(json);
                    roundTrip = ip.Serialize <UProveKeyAndToken>(obj);
                }
                else if (typeName == "UProveCrypto.UProveToken")
                {
                    UProveToken obj = ip.Deserialize <UProveToken>(json);
                    roundTrip = ip.Serialize <UProveToken>(obj);
                }
                else if (typeName == "UProveCrypto.PresentationProof")
                {
                    PresentationProof obj = ip.Deserialize <PresentationProof>(json);
                    roundTrip = ip.Serialize <PresentationProof>(obj);
                }
                else
                {
                    Assert.Fail("Unrecognized type " + typeName + " in SerializationReference files");
                }

                Assert.AreEqual(json, roundTrip);
            }
        }