/// <summary>
/// Initialise the system for a given token by the prover
/// </summary>
/// <param name="ipJson">Json string of the issuer parameters which has issued the given token</param>
/// <param name="proofJson">Json string that includes the proof to the given token and later proofs -
/// created by the prover itself</param>
/// <param name="tokenJson">Json of the token - created by issuer and prover</param>
/// <param name="trustedIssuerJson">List of trusted issuers; in IP format, could be more than one Issuer
/// in a anonymus Json-Object; { "IP..</param>
public void Init(string ipJson, string proofJson, string tokenJson, string trustedIssuerJson)
{
LogService.Log(LogService.LogType.Info, "IssuingVerifier - init called");
proofAccepted = false;
tokenAccepted = false;
isInitialized = false;
// create issuer parameters
IP = new IssuerParameters(ipJson);
IP.Verify();
this.trustedIssuerJson = trustedIssuerJson;
CheckTrustedIssuer();
Proof proof = parser.ParseJsonToObject <Proof>(proofJson);
proofRequirements = proof.requirements;
PresentationProof pProof = IP.Deserialize <PresentationProof>(proofJson);
this.tokenJson = tokenJson;
this.proofJson = IP.Serialize(pProof);
isInitialized = true;
LogService.Log(LogService.LogType.Info, "IssuingVerifier - successfully initialized");
VerifyProof();
}
public void ProofRequirementsJsonToObject()
{
ProofRequirements expected = GetProofRequirementsObject();
ProofRequirements result = parser.ParseJsonToObject <ProofRequirements>(GetProofRequirementsJson());
helper.CompareArray <int>(expected.committedAttributes, result.committedAttributes);
helper.CompareArray <byte>(expected.deviceMessage, result.deviceMessage);
helper.CompareArray <int>(expected.disclosedAttributes, result.disclosedAttributes);
helper.CompareArray <byte>(expected.message, result.message);
helper.CompareArray <byte>(expected.scope, result.scope);
}
/// <summary>
/// first method to call - Initializes the ProverProof by generating the PresentationProof
/// </summary>
/// <param name="ip">IssuerParameter from the Issuer of the given token</param>
/// <param name="attributes">Attributes which are included in the given token</param>
/// <param name="proofRequirements">Necessary informations for creating the proofs (e.g. disclosedAttributes)</param>
/// <param name="tokenWithKey">Token for which the proof will be done</param>
/// <param name="supportedDateAttributes">If there is a RangeProof done, all date attributes where treated and formated especially</param>
/// <param name="devicePresentationContext">If there was a device involved during the token generation, the context from the device is needed to generate the
/// PresentationProof as well</param>
/// <returns>returns the proof for the given token as json object or an error</returns>
public string Init(IssuerParameters ip, List <BasicClaim> attributes, ProofRequirements proofRequirements,
UProveKeyAndToken tokenWithKey, List <string> supportedDateAttributes,
IDevicePresentationContext devicePresentationContext)
{
try
{
LogService.Log(LogService.LogType.Info, "ProverProof - init called");
this.ip = ip;
this.proofRequirements = proofRequirements;
ci.CreateBase64ForAttributeList(attributes, supportedDateAttributes, out rangeProofProperties);
attributesToInclude = ci.ConvertAttributeListToBase64ByteArray(attributes);
pppp = new ProverPresentationProtocolParameters(this.ip, proofRequirements.disclosedAttributes,
proofRequirements.message, tokenWithKey, attributesToInclude);
pppp.Committed = proofRequirements.committedAttributes;
//// TODO
//// if a scope is defined, we use the first attribute to derive a scope exclusive pseudonym
//pppp.PseudonymAttributeIndex = (proofRequirements.scope == null ? 0 : 1);
//pppp.PseudonymScope = proofRequirements.scope;
// add device presentation context to the provers presentation context
if (this.ip.IsDeviceSupported && devicePresentationContext != null)
{
pppp.SetDeviceData(proofRequirements.deviceMessage, devicePresentationContext);
}
// generate proof
PresentationProof pProof = PresentationProof.Generate(pppp, out cpv);
LogService.Log(LogService.LogType.Info, "ProverProof - init presentation proof generated");
proof = parser.ParseJsonToObject <Proof>(this.ip.Serialize <PresentationProof>(pProof));
proof.requirements = proofRequirements;
string proofJson = parser.ParseObjectToJson(proof);
LogService.Log(LogService.LogType.Info, "ProverProof - proof created: " + proofJson);
return(proofJson);
}
catch (Exception e)
{
LogService.Log(LogService.LogType.FatalError, "ProverProof - Error during prover setup.", e);
throw new CommunicationException("ProverProof - Error during ProverProof init; " + e);
}
}
public void MessagesTest()
{
CommenIssuing ci = new CommenIssuing();
List <BasicClaim> attributeWithKey = new List <BasicClaim>();
attributeWithKey.Add(new BasicClaim()
{
name = "surname", values = new List <string>()
{
"Mustermann"
}, qualitylevel = "loa2"
});
attributeWithKey.Add(new BasicClaim()
{
name = "givenName", values = new List <string>()
{
"Max"
}, qualitylevel = "loa2"
});
attributeWithKey.Add(new BasicClaim()
{
name = "swissEduPersonHomeOrganization", values = new List <string>()
{
"BFH"
}, qualitylevel = "loa3"
});
attributeWithKey.Add(new BasicClaim()
{
name = "swissEduPersonDateOfBirth", values = new List <string>()
{
"15.03.2003"
}, qualitylevel = "loa2"
});
List <string> rangeProofAttributes = new List <string>()
{
"swissEduPersonDateOfBirth"
};
List <string> supportedDateAttributes = new List <string>()
{
"swissEduPersonDateOfBirth"
}; // defines all range proof attributes which has a date as value
int numberOfTokens = 2;
byte[] ti = encoding.GetBytes("tiMessage");
byte[] devicePublicKey = null;
byte[] pi = encoding.GetBytes("piMessage");
IssuerParameterWithPK expectedIP = parser.ParseJsonToObject <IssuerParameterWithPK>(helper.ReadFile("IssuerParameterWithPK"));
// create issuer
IssuingIssuer ii = new IssuingIssuer(parser.ParseObjectToJson(expectedIP.ip), expectedIP.privateKey);
ii.Init(attributeWithKey, rangeProofAttributes, supportedDateAttributes);
// check issuer parameters
string ipJson = ii.GetIssuerParameters();
IP ip = parser.ParseJsonToObject <IP>(ipJson);
CheckIP(expectedIP.ip, ip);
// Issuer create first message
string firstMessageJson = ii.GenerateFirstMessage(numberOfTokens, ti, devicePublicKey);
// create prover + second message
IssuingProver isp = new IssuingProver();
isp.Init(firstMessageJson, pi, attributeWithKey, numberOfTokens, ti, ipJson, supportedDateAttributes);
string secondMessageJson = isp.GenerateSecondMessage(devicePublicKey);
// issuer creates third message
string thirdMessageJson = ii.GenerateThirdMessage(secondMessageJson);
// prover creates token(s)
isp.GenerateTokens(thirdMessageJson);
UProveKeyAndToken[] ukats = isp.KeyAndToken;
Assert.IsTrue(ukats.Length == numberOfTokens);
// prover creates setmembership and range proof with the first token
// setmembership requirements
int commitmentIndexForSetMembershipProof = 5;
List <VerifierMembers> verifiersMembers = new List <VerifierMembers>()
{
new VerifierMembers()
{
Members = new List <string>()
{
"BFH", "ETH", "UniBern"
},
verifiersSetMembershipProofId = 0,
MemberAttribute = "swissEduPersonHomeOrganization"
}
};
// rangeproof requirements
int commitmentIndexForRangeProof = 7;
int[] commitmentIndexesForRangeProof = new int[] { commitmentIndexForRangeProof, commitmentIndexForRangeProof };
ProofRequirements proofRequirements = new ProofRequirements()
{
committedAttributes = new int[]
{
commitmentIndexForSetMembershipProof // contains the value BFH (for setmembership proof)
, commitmentIndexForRangeProof
},
disclosedAttributes = new int[] { 6, 8 }, // contains the values swissEduPersonHomeOrganization and swissEduPersonDateOfBirth
message = encoding.GetBytes("messageMessage")
};
ProverProof pp = new ProverProof();
// init the prover proof -> creates the initial proof
string proofJson = pp.Init(isp.IP, attributeWithKey, proofRequirements, ukats[0], supportedDateAttributes, null);
List <string> setMembershipProofJsons = pp.GenerateSetMembershipProofs(new int[] { commitmentIndexForSetMembershipProof }, verifiersMembers);
// verifier verifys setmembership proof
string trustedIssuersJson = helper.ReadFile("TrustedIssuerList");
IssuingVerifier isv = new IssuingVerifier();
isv.Init(ipJson, proofJson, parser.ParseObjectToJson(ukats[0].Token), trustedIssuersJson);
bool isSetMembershipProof = isv.VerifySetMembershipProofs(setMembershipProofJsons, verifiersMembers);
Assert.IsTrue(isSetMembershipProof);
// create range proof
List <VerifierRanges> vrs = new List <VerifierRanges>() // given by verifier
{
new VerifierRanges()
{
verifiersRangeProofId = 0,
rangeProofAttribute = "swissEduPersonDateOfBirth",
number = 14,
sibling = 1,
rangeProofType = RangeProofType.LESS_THAN_OR_EQUAL_TO.Value
},
new VerifierRanges()
{
verifiersRangeProofId = 1,
rangeProofAttribute = "swissEduPersonDateOfBirth",
number = 18,
sibling = 0,
rangeProofType = RangeProofType.GREATER_THAN.Value
}
};
List <VerifierRanges> verifierRangeProofToCommitmentIndexes = new List <VerifierRanges>();
verifierRangeProofToCommitmentIndexes.Add(vrs[0]);
verifierRangeProofToCommitmentIndexes.Add(vrs[1]);
// prover generates range proofs
List <string> rangeProofsJson = pp.GenerateRangeProofs(commitmentIndexesForRangeProof, verifierRangeProofToCommitmentIndexes);
// verifier verifys the generated range proofs
bool isRangeProof = isv.VerifyRangeProofs(rangeProofsJson, vrs);
Assert.IsTrue(isRangeProof);
}