Exemple #1
0
        /// <summary>
        /// Initialise the system for a given token by the prover
        /// </summary>
        /// <param name="ipJson">Json string of the issuer parameters which has issued the given token</param>
        /// <param name="proofJson">Json string that includes the proof to the given token and later proofs -
        /// created by the prover itself</param>
        /// <param name="tokenJson">Json of the token - created by issuer and prover</param>
        /// <param name="trustedIssuerJson">List of trusted issuers; in IP format, could be more than one Issuer
        /// in a anonymus Json-Object; { "IP..</param>
        public void Init(string ipJson, string proofJson, string tokenJson, string trustedIssuerJson)
        {
            LogService.Log(LogService.LogType.Info, "IssuingVerifier - init called");

            proofAccepted = false;
            tokenAccepted = false;
            isInitialized = false;

            // create issuer parameters
            IP = new IssuerParameters(ipJson);
            IP.Verify();

            this.trustedIssuerJson = trustedIssuerJson;
            CheckTrustedIssuer();

            Proof proof = parser.ParseJsonToObject <Proof>(proofJson);

            proofRequirements = proof.requirements;

            PresentationProof pProof = IP.Deserialize <PresentationProof>(proofJson);

            this.tokenJson = tokenJson;
            this.proofJson = IP.Serialize(pProof);

            isInitialized = true;
            LogService.Log(LogService.LogType.Info, "IssuingVerifier - successfully initialized");

            VerifyProof();
        }
Exemple #2
0
        public void ProofRequirementsJsonToObject()
        {
            ProofRequirements expected = GetProofRequirementsObject();
            ProofRequirements result   = parser.ParseJsonToObject <ProofRequirements>(GetProofRequirementsJson());

            helper.CompareArray <int>(expected.committedAttributes, result.committedAttributes);
            helper.CompareArray <byte>(expected.deviceMessage, result.deviceMessage);
            helper.CompareArray <int>(expected.disclosedAttributes, result.disclosedAttributes);
            helper.CompareArray <byte>(expected.message, result.message);
            helper.CompareArray <byte>(expected.scope, result.scope);
        }
Exemple #3
0
        /// <summary>
        /// first method to call - Initializes the ProverProof by generating the PresentationProof
        /// </summary>
        /// <param name="ip">IssuerParameter from the Issuer of the given token</param>
        /// <param name="attributes">Attributes which are included in the given token</param>
        /// <param name="proofRequirements">Necessary informations for creating the proofs (e.g. disclosedAttributes)</param>
        /// <param name="tokenWithKey">Token for which the proof will be done</param>
        /// <param name="supportedDateAttributes">If there is a RangeProof done, all date attributes where treated and formated especially</param>
        /// <param name="devicePresentationContext">If there was a device involved during the token generation, the context from the device is needed to generate the
        /// PresentationProof as well</param>
        /// <returns>returns the proof for the given token as json object or an error</returns>
        public string Init(IssuerParameters ip, List <BasicClaim> attributes, ProofRequirements proofRequirements,
                           UProveKeyAndToken tokenWithKey, List <string> supportedDateAttributes,
                           IDevicePresentationContext devicePresentationContext)
        {
            try
            {
                LogService.Log(LogService.LogType.Info, "ProverProof - init called");
                this.ip = ip;
                this.proofRequirements = proofRequirements;
                ci.CreateBase64ForAttributeList(attributes, supportedDateAttributes, out rangeProofProperties);
                attributesToInclude = ci.ConvertAttributeListToBase64ByteArray(attributes);

                pppp = new ProverPresentationProtocolParameters(this.ip, proofRequirements.disclosedAttributes,
                                                                proofRequirements.message, tokenWithKey, attributesToInclude);
                pppp.Committed = proofRequirements.committedAttributes;

                //// TODO
                //// if a scope is defined, we use the first attribute to derive a scope exclusive pseudonym
                //pppp.PseudonymAttributeIndex = (proofRequirements.scope == null ? 0 : 1);
                //pppp.PseudonymScope = proofRequirements.scope;

                // add device presentation context to the provers presentation context
                if (this.ip.IsDeviceSupported && devicePresentationContext != null)
                {
                    pppp.SetDeviceData(proofRequirements.deviceMessage, devicePresentationContext);
                }

                // generate proof
                PresentationProof pProof = PresentationProof.Generate(pppp, out cpv);
                LogService.Log(LogService.LogType.Info, "ProverProof - init presentation proof generated");

                proof = parser.ParseJsonToObject <Proof>(this.ip.Serialize <PresentationProof>(pProof));
                proof.requirements = proofRequirements;

                string proofJson = parser.ParseObjectToJson(proof);
                LogService.Log(LogService.LogType.Info, "ProverProof - proof created: " + proofJson);

                return(proofJson);
            }
            catch (Exception e)
            {
                LogService.Log(LogService.LogType.FatalError, "ProverProof - Error during prover setup.", e);
                throw new CommunicationException("ProverProof - Error during ProverProof init; " + e);
            }
        }
        public void MessagesTest()
        {
            CommenIssuing ci = new CommenIssuing();

            List <BasicClaim> attributeWithKey = new List <BasicClaim>();

            attributeWithKey.Add(new BasicClaim()
            {
                name = "surname", values = new List <string>()
                {
                    "Mustermann"
                }, qualitylevel = "loa2"
            });
            attributeWithKey.Add(new BasicClaim()
            {
                name = "givenName", values = new List <string>()
                {
                    "Max"
                }, qualitylevel = "loa2"
            });
            attributeWithKey.Add(new BasicClaim()
            {
                name = "swissEduPersonHomeOrganization", values = new List <string>()
                {
                    "BFH"
                }, qualitylevel = "loa3"
            });
            attributeWithKey.Add(new BasicClaim()
            {
                name = "swissEduPersonDateOfBirth", values = new List <string>()
                {
                    "15.03.2003"
                }, qualitylevel = "loa2"
            });

            List <string> rangeProofAttributes = new List <string>()
            {
                "swissEduPersonDateOfBirth"
            };
            List <string> supportedDateAttributes = new List <string>()
            {
                "swissEduPersonDateOfBirth"
            };                                                                                          // defines all range proof attributes which has a date as value

            int numberOfTokens = 2;

            byte[] ti = encoding.GetBytes("tiMessage");
            byte[] devicePublicKey = null;

            byte[] pi = encoding.GetBytes("piMessage");

            IssuerParameterWithPK expectedIP = parser.ParseJsonToObject <IssuerParameterWithPK>(helper.ReadFile("IssuerParameterWithPK"));
            // create issuer
            IssuingIssuer ii = new IssuingIssuer(parser.ParseObjectToJson(expectedIP.ip), expectedIP.privateKey);

            ii.Init(attributeWithKey, rangeProofAttributes, supportedDateAttributes);

            // check issuer parameters
            string ipJson = ii.GetIssuerParameters();
            IP     ip     = parser.ParseJsonToObject <IP>(ipJson);

            CheckIP(expectedIP.ip, ip);

            // Issuer create first message
            string firstMessageJson = ii.GenerateFirstMessage(numberOfTokens, ti, devicePublicKey);

            // create prover + second message
            IssuingProver isp = new IssuingProver();

            isp.Init(firstMessageJson, pi, attributeWithKey, numberOfTokens, ti, ipJson, supportedDateAttributes);

            string secondMessageJson = isp.GenerateSecondMessage(devicePublicKey);

            // issuer creates third message
            string thirdMessageJson = ii.GenerateThirdMessage(secondMessageJson);

            // prover creates token(s)
            isp.GenerateTokens(thirdMessageJson);
            UProveKeyAndToken[] ukats = isp.KeyAndToken;

            Assert.IsTrue(ukats.Length == numberOfTokens);

            // prover creates setmembership and range proof with the first token

            // setmembership requirements
            int commitmentIndexForSetMembershipProof = 5;
            List <VerifierMembers> verifiersMembers  = new List <VerifierMembers>()
            {
                new VerifierMembers()
                {
                    Members = new List <string>()
                    {
                        "BFH", "ETH", "UniBern"
                    },
                    verifiersSetMembershipProofId = 0,
                    MemberAttribute = "swissEduPersonHomeOrganization"
                }
            };


            // rangeproof requirements
            int commitmentIndexForRangeProof = 7;

            int[] commitmentIndexesForRangeProof = new int[] { commitmentIndexForRangeProof, commitmentIndexForRangeProof };

            ProofRequirements proofRequirements = new ProofRequirements()
            {
                committedAttributes = new int[]
                {
                    commitmentIndexForSetMembershipProof    // contains the value BFH (for setmembership proof)
                    , commitmentIndexForRangeProof
                },
                disclosedAttributes = new int[] { 6, 8 },      // contains the values swissEduPersonHomeOrganization and swissEduPersonDateOfBirth
                message             = encoding.GetBytes("messageMessage")
            };

            ProverProof pp = new ProverProof();
            // init the prover proof -> creates the initial proof
            string        proofJson = pp.Init(isp.IP, attributeWithKey, proofRequirements, ukats[0], supportedDateAttributes, null);
            List <string> setMembershipProofJsons = pp.GenerateSetMembershipProofs(new int[] { commitmentIndexForSetMembershipProof }, verifiersMembers);

            // verifier verifys setmembership proof
            string          trustedIssuersJson = helper.ReadFile("TrustedIssuerList");
            IssuingVerifier isv = new IssuingVerifier();

            isv.Init(ipJson, proofJson, parser.ParseObjectToJson(ukats[0].Token), trustedIssuersJson);
            bool isSetMembershipProof = isv.VerifySetMembershipProofs(setMembershipProofJsons, verifiersMembers);

            Assert.IsTrue(isSetMembershipProof);

            // create range proof
            List <VerifierRanges> vrs = new List <VerifierRanges>()   // given by verifier
            {
                new VerifierRanges()
                {
                    verifiersRangeProofId = 0,
                    rangeProofAttribute   = "swissEduPersonDateOfBirth",
                    number         = 14,
                    sibling        = 1,
                    rangeProofType = RangeProofType.LESS_THAN_OR_EQUAL_TO.Value
                },
                new VerifierRanges()
                {
                    verifiersRangeProofId = 1,
                    rangeProofAttribute   = "swissEduPersonDateOfBirth",
                    number         = 18,
                    sibling        = 0,
                    rangeProofType = RangeProofType.GREATER_THAN.Value
                }
            };

            List <VerifierRanges> verifierRangeProofToCommitmentIndexes = new List <VerifierRanges>();

            verifierRangeProofToCommitmentIndexes.Add(vrs[0]);
            verifierRangeProofToCommitmentIndexes.Add(vrs[1]);

            // prover generates range proofs
            List <string> rangeProofsJson = pp.GenerateRangeProofs(commitmentIndexesForRangeProof, verifierRangeProofToCommitmentIndexes);
            // verifier verifys the generated range proofs
            bool isRangeProof = isv.VerifyRangeProofs(rangeProofsJson, vrs);

            Assert.IsTrue(isRangeProof);
        }