public bool verifyTokenProof(PresentationProofComposite proof, int[] disclosedIndices, int[] committedIndices, string messageParam, string verifierScopeParam, IssuerParametersComposite ipc, UProveTokenComposite token, string sessionID)
{
/*
* token verification
*/
cOut.write("Verifying a U-Prove token");
VerifySessionId(sessionID);
IssuerParameters ip = ConvertUtils.convertIssuerParametersComposite(ipc, sessionDB[sessionID]);
// the application-specific message that the prover will sign. Typically this is a nonce combined
// with any application-specific transaction data to be signed.
byte[] message = encoding.GetBytes(messageParam);
// the application-specific verifier scope from which a scope-exclusive pseudonym will be created
// (if null, then a pseudonym will not be presented)
byte[] scope = null;
if (verifierScopeParam != "null")
{
scope = encoding.GetBytes(verifierScopeParam);
}
// verify the presentation proof
try
{
byte[] tokenId;
byte[] proofSession;
UProveToken t = ConvertUtils.convertUProveTokenComposite(ip, token);
PresentationProof p = ConvertUtils.convertPresentationProofComposite(ip, proof, out tokenId, out proofSession);
p.Verify(ip,
disclosedIndices,
committedIndices,
scope != null ? DevicePseudonymIndex : 0,
scope,
message,
proofSession,
t);
if (proof.TokenID != null && !ProtocolHelper.ComputeTokenID(ip, t).SequenceEqual(proof.TokenID))
{
cOut.write("Invalid Token ID");
return(false);
}
return(true);
}
catch (Exception e)
{
cOut.write("Exception caught: " + e.Message);
DebugUtils.DebugPrint(e.StackTrace.ToString());
return(false);
}
}
public static PresentationProofComposite convertPresentationProof(PresentationProof p, BigInteger[] commitmentValues, byte[] tokenId, byte[] proofSession)
{
PresentationProofComposite pc = new PresentationProofComposite();
pc.A = p.A;
pc.Ap = (p.Ap == null ? null : p.Ap);
pc.DisclosedAttributes = p.DisclosedAttributes;
pc.Ps = (p.Ps == null ? null : p.Ps.GetEncoded());
byte[][] byteArray = new byte[p.R.Length][];
for (int i = 0; i < byteArray.Length; i++)
{
byteArray[i] = p.R[i].ToByteArray();
}
pc.R = byteArray;
if (p.Commitments != null)
{
pc.TildeValues = new byte[3 * p.Commitments.Length][];
for (int i = 0; i < p.Commitments.Length; i++)
{
pc.TildeValues[(i * 3)] = p.Commitments[i].TildeC.GetEncoded();
pc.TildeValues[(i * 3) + 1] = p.Commitments[i].TildeA;
pc.TildeValues[(i * 3) + 2] = p.Commitments[i].TildeR.ToByteArray();
}
}
if (commitmentValues != null)
{
if (commitmentValues.Length != p.Commitments.Length)
{
throw new ArgumentException("inconsistent commitment values");
}
pc.TildeO = new byte[commitmentValues.Length][];
for (int i = 0; i < commitmentValues.Length; i++)
{
pc.TildeO[i] = commitmentValues[i].ToByteArray();
}
}
pc.TokenID = tokenId;
pc.MessageD = (proofSession == null ? null : proofSession);
return(pc);
}
public static PresentationProof convertPresentationProofComposite(IssuerParameters ip, PresentationProofComposite pc, out byte[] tokenID, out byte[] proofSession)
{
PresentationProof p = new PresentationProof();
p.A = (pc.A == null ? null : pc.A);
p.Ap = (pc.Ap == null ? null : pc.Ap);
p.DisclosedAttributes = pc.DisclosedAttributes;
p.Ps = (pc.Ps == null ? null : ip.Gq.CreateGroupElement(pc.Ps));
BigInteger[] biArray = new BigInteger[pc.R.Length];
for (int i = 0; i < biArray.Length; i++)
{
biArray[i] = new BigInteger(1, pc.R[i]);
}
p.R = biArray;
if (pc.TildeValues != null)
{
int numCommitments = pc.TildeValues.Length / 3;
p.Commitments = new CommitmentValues[numCommitments];
for (int i = 0; i < numCommitments; i++)
{
p.Commitments[i] = new CommitmentValues(
ip.Gq.CreateGroupElement(pc.TildeValues[(i * 3)]), // tildeC
pc.TildeValues[(i * 3) + 1], // tildaA
new BigInteger(1, pc.TildeValues[(i * 3) + 2]) // tildeR
);
}
// we ignore the tildeO values. This method is called by the verifier, and
// the tildeO values should never be sent to the verifier.
}
tokenID = pc.TokenID;
proofSession = (pc.MessageD == null ? null : pc.MessageD);
return(p);
}
public bool verifyTokenProof(PresentationProofComposite proof, int[] disclosedIndices, int[] committedIndices, string messageParam, string verifierScopeParam, IssuerParametersComposite ipc, UProveTokenComposite token, string sessionID)
{
/*
* token verification
*/
cOut.write("Verifying a U-Prove token");
VerifySessionId(sessionID);
IssuerParameters ip = ConvertUtils.convertIssuerParametersComposite(ipc, sessionDB[sessionID]);
// the application-specific message that the prover will sign. Typically this is a nonce combined
// with any application-specific transaction data to be signed.
byte[] message = encoding.GetBytes(messageParam);
// the application-specific verifier scope from which a scope-exclusive pseudonym will be created
// (if null, then a pseudonym will not be presented)
byte[] scope = null;
if (verifierScopeParam != "null")
{
scope = encoding.GetBytes(verifierScopeParam);
}
// verify the presentation proof
try
{
byte[] tokenId;
byte[] proofSession;
UProveToken t = ConvertUtils.convertUProveTokenComposite(ip, token);
PresentationProof p = ConvertUtils.convertPresentationProofComposite(ip, proof, out tokenId, out proofSession);
p.Verify(ip,
disclosedIndices,
committedIndices,
scope != null ? DevicePseudonymIndex : 0,
scope,
message,
proofSession,
t);
if (proof.TokenID != null && !ProtocolHelper.ComputeTokenID(ip, t).SequenceEqual(proof.TokenID))
{
cOut.write("Invalid Token ID");
return false;
}
return true;
}
catch (Exception e)
{
cOut.write("Exception caught: " + e.Message);
DebugUtils.DebugPrint(e.StackTrace.ToString());
return false;
}
}
public static PresentationProofComposite convertPresentationProof(PresentationProof p, BigInteger[] commitmentValues, byte[] tokenId, byte[] proofSession)
{
PresentationProofComposite pc = new PresentationProofComposite();
pc.A = p.A;
pc.Ap = (p.Ap == null ? null : p.Ap);
pc.DisclosedAttributes = p.DisclosedAttributes;
pc.Ps = (p.Ps == null ? null : p.Ps.GetEncoded());
byte[][] byteArray = new byte[p.R.Length][];
for (int i = 0; i < byteArray.Length; i++)
{
byteArray[i] = p.R[i].ToByteArray();
}
pc.R = byteArray;
if (p.Commitments != null)
{
pc.TildeValues = new byte[3 * p.Commitments.Length][];
for (int i = 0; i < p.Commitments.Length; i++)
{
pc.TildeValues[(i * 3)] = p.Commitments[i].TildeC.GetEncoded();
pc.TildeValues[(i * 3) + 1] = p.Commitments[i].TildeA;
pc.TildeValues[(i * 3) + 2] = p.Commitments[i].TildeR.ToByteArray();
}
}
if (commitmentValues != null)
{
if (commitmentValues.Length != p.Commitments.Length)
{
throw new ArgumentException("inconsistent commitment values");
}
pc.TildeO = new byte[commitmentValues.Length][];
for (int i = 0; i < commitmentValues.Length; i++)
{
pc.TildeO[i] = commitmentValues[i].ToByteArray();
}
}
pc.TokenID = tokenId;
pc.MessageD = (proofSession == null ? null : proofSession);
return pc;
}
public static PresentationProof convertPresentationProofComposite(IssuerParameters ip, PresentationProofComposite pc, out byte[] tokenID, out byte[] proofSession)
{
PresentationProof p = new PresentationProof();
p.A = (pc.A == null ? null : pc.A);
p.Ap = (pc.Ap == null ? null : pc.Ap);
p.DisclosedAttributes = pc.DisclosedAttributes;
p.Ps = (pc.Ps == null ? null : ip.Gq.CreateGroupElement(pc.Ps));
BigInteger[] biArray = new BigInteger[pc.R.Length];
for (int i = 0; i < biArray.Length; i++)
{
biArray[i] = new BigInteger(1, pc.R[i]);
}
p.R = biArray;
if (pc.TildeValues != null)
{
int numCommitments = pc.TildeValues.Length / 3;
p.Commitments = new CommitmentValues[numCommitments];
for (int i = 0; i < numCommitments; i++)
{
p.Commitments[i] = new CommitmentValues(
ip.Gq.CreateGroupElement(pc.TildeValues[(i * 3)]), // tildeC
pc.TildeValues[(i * 3) + 1], // tildaA
new BigInteger(1, pc.TildeValues[(i * 3) + 2]) // tildeR
);
}
// we ignore the tildeO values. This method is called by the verifier, and
// the tildeO values should never be sent to the verifier.
}
tokenID = pc.TokenID;
proofSession = (pc.MessageD == null ? null : pc.MessageD);
return p;
}
