public void EQTwoTokenEqualityTest()
{
// Both tokens will not hash attributes
// but example also works if hashAttributes=true
bool hashAttributes = true;
// Setting up IssuerParameters for token1
byte[] uidP1 = new byte[] { 1, 1, 2, 3, 5, 7 };
byte[] tokenInformation1 = new byte[] { 1, 2, 3, 4, 5, 6, 7 };
byte[][] attributes1 = new byte[][]
{
_encoding.GetBytes("Attribute 1"),
_encoding.GetBytes("Attribute 2"),
_encoding.GetBytes("Target Attribute"), // this is the attribute we'll compare
_encoding.GetBytes("Attribute 4")
};
// Setting up IssuerParameters for token2
byte[] tokenInformation2 = new byte[] { 12, 13, 14, 15, 0, 10 };
byte[] uidP2 = new byte[] { 3, 1, 4, 1, 5 };
byte[][] attributes2 = new byte[][]
{
_encoding.GetBytes("Target Attribute"), // this is the attribute we'll compare
_encoding.GetBytes("Attribute 6"),
_encoding.GetBytes("Attribute 7"),
_encoding.GetBytes("Attribute 8")
};
// generate tokens
ProverPresentationProtocolParameters prover1, prover2;
VerifierPresentationProtocolParameters verifier1, verifier2;
StaticHelperClass.GetUProveParameters(hashAttributes, out prover1, out verifier1, tokenInformation1, attributes1, null, uidP1);
StaticHelperClass.GetUProveParameters(hashAttributes, out prover2, out verifier2, tokenInformation2, attributes2, null, uidP2);
// Create equality proof
EqualityProof eqProof = new EqualityProof(
prover1, // token1
3, // target attribute in token1
prover2, // token2
1); // target attribute in token2
// ....
// Send data to verifier, including eqProof
// ....
// Verify tokens
// ...
// Verify equality proof
bool success = eqProof.Verify(
verifier1,
3,
verifier2,
1);
Assert.IsTrue(success, "Could not verify proof.");
}
public void EQTokenAndDLTest()
{
// In this example, the token hashes the attribute
// but example also works if hashAttributes=false
bool hashAttributes = true;
// Setting up attributes for token
byte[][] attributes = new byte[][]
{
_encoding.GetBytes("Attribute 1"),
_encoding.GetBytes("Attribute 2"),
_encoding.GetBytes("Teaching Assistant"), // this is the attribute we'll compare
_encoding.GetBytes("Attribute 4")
};
// generate token
ProverPresentationProtocolParameters prover;
VerifierPresentationProtocolParameters verifier;
StaticHelperClass.GetUProveParameters(hashAttributes, out prover, out verifier, null, attributes);
OpenUProveToken token = new OpenUProveToken(prover);
Assert.IsTrue(token.Validate(null), "validate token.");
// generate pedersen commitment to Teaching Assistant
PedersenCommitment ped = new PedersenCommitment(prover.IP, 3, _encoding.GetBytes("Teaching Assistant"));
// Verify they are equal
Assert.AreEqual(token.AttributeXI(3), ped.CommittedValue, "Token and PedersenCommitment different.");
// Create a proof that the 3rd attribute in token is equal to the committed value in ped.
ProverEqualityParameters eqProver = new ProverEqualityParameters(
token, // token
3, // 3rd attribute is the 3rd exponent
ped, // pedersen commitment
0, // committed value is the 0th exponent
new CryptoParameters(prover.IP));
EqualityProof proof = new EqualityProof(eqProver);
// Verify proof
ClosedUProveToken closedToken = new ClosedUProveToken(verifier);
Assert.IsTrue(closedToken.AreBasesEqual(token), "token bases.");
IStatement closedPed = ped.GetStatement();
Assert.IsTrue(closedPed.AreBasesEqual(ped), "token bases.");
VerifierEqualityParameters eqVerifier = new VerifierEqualityParameters(
closedToken, // verifier token information
3, // 3rd attribute is the 3nd exponent
closedPed, // verifier information about ped
0, // committed value is the 0th exponent
new CryptoParameters(prover.IP));
Assert.IsTrue(proof.Verify(eqVerifier));
}
public void InequalityUProveIntegrationTestUKV()
{
// Both tokens will hash attributes
// but example also works if hashAttributes=false
bool hashAttributes = true;
// Setting up IssuerParameters for token1
byte[] uidP1 = new byte[] { 1, 1, 2, 3, 5, 8 };
byte[] tokenInformation1 = new byte[] { 1, 2, 3, 4, 5, 6, 7 };
byte[][] attributes1 = new byte[][]
{
_encoding.GetBytes("Attribute 1"),
_encoding.GetBytes("Attribute 2"),
_encoding.GetBytes("Teaching Assistant"), // this is the attribute we'll compare
_encoding.GetBytes("Attribute 4")
};
// Setting up IssuerParameters for token2
byte[] tokenInformation2 = new byte[] { 12, 13, 14, 15, 0, 10 };
byte[] uidP2 = new byte[] { 3, 1, 4, 1, 5 };
byte[][] attributes2 = new byte[][]
{
_encoding.GetBytes("Student"), // this is the attribute we'll compare
_encoding.GetBytes("Attribute 2"),
_encoding.GetBytes("Attribute 3"),
_encoding.GetBytes("Attribute 4")
};
// generate tokens
ProverPresentationProtocolParameters prover1, prover2;
VerifierPresentationProtocolParameters verifier1, verifier2;
StaticHelperClass.GetUProveParameters(hashAttributes, out prover1, out verifier1, tokenInformation1, attributes1, null, uidP1);
StaticHelperClass.GetUProveParameters(hashAttributes, out prover2, out verifier2, tokenInformation2, attributes2, null, uidP2);
// Create Inequality Proof
InequalityProof ieqProof = new InequalityProof(
prover1,
3,
prover2,
1);
// .... Send inequality proof to Verifier ....
// Verify proof
bool success = ieqProof.Verify(
verifier1,
3,
verifier2,
1);
Assert.IsTrue(success, "Could not verify proof.");
}
public void SMUProveIntegrationTestWithSMRandom()
{
// In this example, the token hashes the attribute
// but example also works if hashAttributes=false
bool hashAttributes = true;
// Setting up attributes for token
byte[][] tokenAttributes = new byte[][]
{
_encoding.GetBytes("Attribute 1"),
_encoding.GetBytes("Attribute 2"),
_encoding.GetBytes("Teaching Assistant"), // this is the attribute we'll compare
_encoding.GetBytes("Attribute 4")
};
// We will prove that the target token attribute is in this set
byte[][] setValues = new byte[][]
{
_encoding.GetBytes("Teaching Assistant"),
_encoding.GetBytes("Student"),
_encoding.GetBytes("Professor"), // this is the attribute we'll compare
_encoding.GetBytes("Dean")
};
// generate token
ProverPresentationProtocolParameters prover;
VerifierPresentationProtocolParameters verifier;
StaticHelperClass.GetUProveParameters(hashAttributes, out prover, out verifier, null, tokenAttributes);
// Get random data from revocation proof
CryptoParameters crypto = new CryptoParameters(prover.IP);
SetMembershipProofGenerationRandomData randomData = SetMembershipProofGenerationRandomData.Generate(crypto.FieldZq, setValues.Length - 1);
// Create set membership proof
SetMembershipProof setProof = new SetMembershipProof(
prover, // token
3, // target attribute in token
setValues, // claim: target attribute is in this set
randomData);
// ...
// Send token and set membership proof to verifier
// ...
bool success = setProof.Verify(
verifier, // verifier token description
3, // target attribute index
setValues); // check target attribute is in this set
Assert.IsTrue(success, "Could not verify proof.");
}
public void TokenConstructorTest()
{
// generate prover parameters using recommended parameters.
ProverPresentationProtocolParameters proverParams;
VerifierPresentationProtocolParameters verifierParams;
StaticHelperClass.GetUProveParameters(false, out proverParams, out verifierParams);
// create token
OpenUProveToken token = new OpenUProveToken(proverParams);
// get expected public key
Assert.AreEqual(proverParams.KeyAndToken.Token.H, token.PublicKey, "check public key");
Assert.IsTrue(token.Validate(null), "validate token.");
}
public static void Init(TestContext context)
{
// create parameter sets
_parameters = new CryptoParameters[6];
_parameters[0] = new CryptoParameters(ECParameterSets.ParamSet_EC_P256_V1, null);
_parameters[1] = new CryptoParameters(ECParameterSets.ParamSet_EC_P384_V1, null);
_parameters[2] = new CryptoParameters(ECParameterSets.ParamSet_EC_P521_V1, null);
_parameters[3] = new CryptoParameters(SubgroupParameterSets.ParamSetL1024N160V1, null);
_parameters[4] = new CryptoParameters(SubgroupParameterSets.ParamSetL2048N256V1, null);
_parameters[5] = new CryptoParameters(SubgroupParameterSets.ParamSetL3072N256V1, null);
// _parameters[6] = new CryptoParameters(ECParameterSets.ParamSet_EC_BN254_V1, null);
// generate prover parameters using recommended parameters.
StaticHelperClass.GetUProveParameters(true, out _proverParams, out _verifierParams);
}
public void CryptoUProveConstructorTest()
{
ProverPresentationProtocolParameters prover;
VerifierPresentationProtocolParameters verifier;
StaticHelperClass.GetUProveParameters(false, out prover, out verifier);
CryptoParameters crypto = new CryptoParameters(prover.IP);
Assert.AreEqual(prover.IP.Gq, crypto.Group);
Assert.AreEqual(prover.IP.UidH, crypto.HashFunctionName);
Assert.AreEqual(prover.IP.Gq.G, crypto.G);
Assert.AreEqual(prover.IP.G[1], crypto.H);
Assert.AreEqual(prover.IP.Zq.One, crypto.FieldZq.One);
Assert.IsTrue(crypto.Verify(), "Verify should pass.");
}
public void TokenSerializationTest()
{
// generate prover parameters using recommended parameters.
ProverPresentationProtocolParameters proverParams;
VerifierPresentationProtocolParameters verifierParams;
StaticHelperClass.GetUProveParameters(false, out proverParams, out verifierParams);
// create token
OpenUProveToken token = new OpenUProveToken(proverParams);
// Serialize token
string serialized = CryptoSerializer.Serialize <OpenUProveToken>(token);
OpenUProveToken newToken = CryptoSerializer.Deserialize <OpenUProveToken>(serialized, null, token.G);
Assert.AreEqual(token, newToken, "token");
}
public void InequalityUProveIntegrationTestKV()
{
// In this example, the token hashes the attribute
// but example also works if hashAttributes=false
bool hashAttributes = true;
// Setting up attributes for token
byte[][] attributes = new byte[][]
{
_encoding.GetBytes("Attribute 1"),
_encoding.GetBytes("Attribute 2"),
_encoding.GetBytes("Teaching Assistant"), // this is the attribute we'll compare
_encoding.GetBytes("Attribute 4")
};
// generate token
ProverPresentationProtocolParameters prover;
VerifierPresentationProtocolParameters verifier;
StaticHelperClass.GetUProveParameters(hashAttributes, out prover, out verifier, null, attributes);
// Create inequality proof
InequalityProof ieqProof = new InequalityProof(
prover, // token
3, // target attribute index
_encoding.GetBytes("Professor")); // bad attribute value
// ...
// Send token and inequality proof to verifier
// ...
bool success = ieqProof.Verify(
verifier, // verifier token description
3, // target attribute index
_encoding.GetBytes("Professor")); // bad attribute value
Assert.IsTrue(success, "Could not verify proof.");
}
public void InequalityTokenIntegration2Test()
{
// In this example, the token hashes the attribute
// but example also works if hashAttributes=false
bool hashAttributes = true;
// Setting up attributes for token
byte[][] attributes = new byte[][]
{
_encoding.GetBytes("Attribute 1"),
_encoding.GetBytes("Attribute 2"),
_encoding.GetBytes("Teaching Assistant"), // this is the attribute we'll compare
_encoding.GetBytes("Attribute 4")
};
// generate token
ProverPresentationProtocolParameters prover;
VerifierPresentationProtocolParameters verifier;
StaticHelperClass.GetUProveParameters(hashAttributes, out prover, out verifier, null, attributes);
CommitmentPrivateValues cpv;
PresentationProof proof = PresentationProof.Generate(prover, out cpv);
// computing target constant - "Student"
byte[] targetAttribute = _encoding.GetBytes("Student");
int targetAttributeIndex = 3 - 1; // We will compare "Student" to the third token attribute.
FieldZqElement targetValue = ProtocolHelper.ComputeXi(prover.IP, targetAttributeIndex, targetAttribute); // this is what "Student" would be encoded as if it was the third token attribute
// Create PedersenCommitments
// The prover and verifier have a map Committed that contains the relationship between
// token attributes and CommitmentPrivateValues.
int commitmentIndex = ClosedPedersenCommitment.GetCommitmentIndex(prover.Committed, 3); // attribute 3 from prover1
PedersenCommitment ped = new PedersenCommitment(prover, proof, cpv, commitmentIndex);
Assert.AreNotEqual(targetValue, ped.CommittedValue, "Committed value is not Student.");
// Check that "Teaching Assistant" is the commited value of the pedesen commitment.
FieldZqElement expectedCommittedValue = ProtocolHelper.ComputeXi(prover.IP, targetAttributeIndex, _encoding.GetBytes("Teaching Assistant"));
Assert.AreEqual(expectedCommittedValue, ped.CommittedValue, "Committed value is Teaching Assistant.");
// Create InequalityProof
CryptoParameters crypto = new CryptoParameters(prover.IP); // Can use prover2.IP
ProverInequalityProofParameters inequalityProver = new ProverInequalityProofParameters(ped, targetValue, crypto); // compares committed values in ped1 and ped2
InequalityProof ineQproof = new InequalityProof(inequalityProver);
// Verify InequalityProof
commitmentIndex = ClosedPedersenCommitment.GetCommitmentIndex(verifier.Committed, 3); // attribute 3 from prover
ClosedPedersenCommitment closedPed = new ClosedPedersenCommitment(verifier.IP, proof, commitmentIndex);
VerifierInequalityProofParameters inequalityVerifier = new VerifierInequalityProofParameters(closedPed.Value, targetValue, crypto);
Assert.IsTrue(ineQproof.Verify(inequalityVerifier));
// test U-Prove wrapper
InequalityProof ineQProof2 = InequalityProof.GenerateUProveInequalityProof(
new EQProofUProveProverData(prover, cpv, proof, 3), targetAttribute);
InequalityProof.VerifyUProveEqualityProof(
new EQProofUProveVerifierData(verifier, proof, 3), targetAttribute, ineQProof2);
}
public void InequalityTokenIntegrationTest()
{
// Both tokens will hash attributes
// but example also works if hashAttributes=false
bool hashAttributes = true;
// Setting up IssuerParameters for token1
byte[] uidP1 = new byte[] { 1, 1, 2, 3, 5, 8 };
byte[] tokenInformation1 = new byte[] { 1, 2, 3, 4, 5, 6, 7 };
byte[][] attributes1 = new byte[][]
{
_encoding.GetBytes("Attribute 1"),
_encoding.GetBytes("Attribute 2"),
_encoding.GetBytes("Teaching Assistant"), // this is the attribute we'll compare
_encoding.GetBytes("Attribute 4")
};
// Setting up IssuerParameters for token2
byte[] tokenInformation2 = new byte[] { 12, 13, 14, 15, 0, 10 };
byte[] uidP2 = new byte[] { 3, 1, 4, 1, 5 };
byte[][] attributes2 = new byte[][]
{
_encoding.GetBytes("Student"), // this is the attribute we'll compare
_encoding.GetBytes("Attribute 2"),
_encoding.GetBytes("Attribute 3"),
_encoding.GetBytes("Attribute 4")
};
// generate tokens
ProverPresentationProtocolParameters prover1, prover2;
VerifierPresentationProtocolParameters verifier1, verifier2;
StaticHelperClass.GetUProveParameters(hashAttributes, out prover1, out verifier1, tokenInformation1, attributes1, null, uidP1);
StaticHelperClass.GetUProveParameters(hashAttributes, out prover2, out verifier2, tokenInformation2, attributes2, null, uidP2);
CommitmentPrivateValues cpv1, cpv2;
PresentationProof proof1 = PresentationProof.Generate(prover1, out cpv1);
PresentationProof proof2 = PresentationProof.Generate(prover2, out cpv2);
// Create PedersenCommitments
// The prover and verifier have a map Committed that contains the relationship between
// token attributes and CommitmentPrivateValues.
int commitmentIndex1 = ClosedPedersenCommitment.GetCommitmentIndex(prover1.Committed, 3); // attribute 3 from prover1
PedersenCommitment ped1 = new PedersenCommitment(prover1, proof1, cpv1, commitmentIndex1);
int commitmentIndex2 = ClosedPedersenCommitment.GetCommitmentIndex(prover2.Committed, 1); // attribute 1 from prover2
PedersenCommitment ped2 = new PedersenCommitment(prover2, proof2, cpv2, commitmentIndex2);
// Create InequalityProof
CryptoParameters crypto = new CryptoParameters(prover1.IP); // Can use prover2.IP
ProverInequalityProofParameters inequalityProver = new ProverInequalityProofParameters(ped1, ped2, crypto); // compares committed values in ped1 and ped2
InequalityProof ineQProof = new InequalityProof(inequalityProver);
// Verify InequalityProof
commitmentIndex1 = ClosedPedersenCommitment.GetCommitmentIndex(verifier1.Committed, 3); // attribute 3 from prover1
commitmentIndex2 = ClosedPedersenCommitment.GetCommitmentIndex(verifier2.Committed, 1); // attribute 1 from prover2
ClosedPedersenCommitment closedPed1 = new ClosedPedersenCommitment(verifier1.IP, proof1, commitmentIndex1);
ClosedPedersenCommitment closedPed2 = new ClosedPedersenCommitment(verifier2.IP, proof2, commitmentIndex2);
VerifierInequalityProofParameters inequalityVerifier = new VerifierInequalityProofParameters(closedPed1.Value, closedPed2.Value, crypto);
Assert.IsTrue(ineQProof.Verify(inequalityVerifier));
// test U-Prove wrapper
InequalityProof ineQProof2 = InequalityProof.GenerateUProveInequalityProof(
new EQProofUProveProverData(prover1, cpv1, proof1, 3),
new EQProofUProveProverData(prover2, cpv2, proof2, 1));
InequalityProof.VerifyUProveEqualityProof(
new EQProofUProveVerifierData(verifier1, proof1, 3),
new EQProofUProveVerifierData(verifier2, proof2, 1),
ineQProof2);
}
