Example #1
0
        internal static FieldZqElement GenerateChallenge(IssuerParameters ip, UProveToken upt, byte[] a, int pseudonymIndex, byte[] ap, GroupElement Ps, byte[] m, byte[] md, int[] disclosed, FieldZqElement[] disclosedX, int[] committed, CommitmentValues[] commitments, out byte[] mdPrime)
        {
            bool hasCommitments = (committed != null && committed.Length > 0);

            if (hasCommitments)
            {
                if (committed.Length != commitments.Length)
                {
                    throw new ArgumentException("Inconsistent committed indices and commitment values");
                }
            }

            HashFunction hash = ip.HashFunction;

            hash.Hash(ComputeTokenID(ip, upt));
            hash.Hash(a);
            hash.Hash(disclosed);
            hash.Hash(disclosedX);
            if (!hasCommitments)
            {
                hash.HashNull(); // C
                hash.HashNull(); // < {tildeC} >
                hash.HashNull(); // < {tildeA} >
            }
            else
            {
                hash.Hash(committed);
                hash.Hash(commitments.Length); // length of < {tildeC} >
                for (int i = 0; i < commitments.Length; i++)
                {
                    hash.Hash(commitments[i].TildeC);
                }
                hash.Hash(commitments.Length); // length of < {tildeA} >
                for (int i = 0; i < commitments.Length; i++)
                {
                    hash.Hash(commitments[i].TildeA);
                }
            }
            hash.Hash(pseudonymIndex == PresentationProof.DeviceAttributeIndex ? 0 : pseudonymIndex);
            hash.Hash(ap);
            hash.Hash(Ps);
            hash.Hash(m);
            mdPrime = hash.Digest;
            if (upt.IsDeviceProtected)
            {
                hash = ip.HashFunction;
                hash.Hash(md);
                hash.Hash(mdPrime);
                return(ip.Zq.GetElementFromDigest(hash.Digest));
            }
            else
            {
                return(ip.Zq.GetElementFromDigest(mdPrime));
            }
        }
Example #2
0
        public void HashFormattingTest()
        {
            HashFunction hash;

            // byte
            hash = new HashFunction(TestVectorData.HashVectors.UIDh);
            byte b = 0x01;
            hash.Hash(b);
            Assert.IsTrue(HexToBytes(TestVectorData.HashVectors.hash_byte).SequenceEqual(hash.Digest), "hash_byte");

            // octet string
            hash = new HashFunction(TestVectorData.HashVectors.UIDh);
            byte[] octetString = new byte[] { 0x01, 0x02, 0x03, 0x04, 0x05 };
            hash.Hash(octetString);
            Assert.IsTrue(HexToBytes(TestVectorData.HashVectors.hash_octetstring).SequenceEqual(hash.Digest), "hash_octetstring");

            // null
            hash = new HashFunction(TestVectorData.HashVectors.UIDh);
            hash.HashNull();
            Assert.IsTrue(HexToBytes(TestVectorData.HashVectors.hash_null).SequenceEqual(hash.Digest), "hash_null");

            // list
            hash = new HashFunction(TestVectorData.HashVectors.UIDh);
            hash.Hash(3); // list length
            hash.Hash(b);
            hash.Hash(octetString);
            hash.HashNull();
            Assert.IsTrue(HexToBytes(TestVectorData.HashVectors.hash_list).SequenceEqual(hash.Digest), "hash_list");

            // subgroup 1.3.6.1.4.1.311.75.1.1.1
            hash = new HashFunction(TestVectorData.HashVectors.UIDh);
            hash.Hash(SubgroupParameterSets.ParamSetL2048N256V1.Group);
            Assert.IsTrue(HexToBytes(TestVectorData.HashVectors.hash_subgroup).SequenceEqual(hash.Digest), "hash_subgroup");

            // ec group 1.3.6.1.4.1.311.75.1.2.1
            hash = new HashFunction(TestVectorData.HashVectors.UIDh);
            hash.Hash(ECParameterSets.ParamSet_EC_P256_V1.Group);
            Assert.IsTrue(HexToBytes(TestVectorData.HashVectors.hash_ecgroup).SequenceEqual(hash.Digest), "hash_ecgroup");
        }