public static UProveToken convertUProveTokenComposite(IssuerParameters ip, UProveTokenComposite utc)
{
UProveToken up = new UProveToken();
up.H = ip.Gq.CreateGroupElement(utc.H);
up.IsDeviceProtected = utc.IsDeviceProtected;
up.PI = utc.PI;
up.SigmaCPrime = new BigInteger(1, utc.SigmaCPrime);
up.SigmaRPrime = new BigInteger(1, utc.SigmaRPrime);
up.SigmaZPrime = ip.Gq.CreateGroupElement(utc.SigmaZPrime);
up.TI = utc.TI;
up.Uidp = utc.Uidp;
return(up);
}
public static UProveTokenComposite convertUProveToken(UProveToken up)
{
UProveTokenComposite utc = new UProveTokenComposite();
utc.H = up.H.GetEncoded();
utc.IsDeviceProtected = up.IsDeviceProtected;
utc.PI = up.PI;
utc.SigmaCPrime = up.SigmaCPrime.ToByteArray();
utc.SigmaRPrime = up.SigmaRPrime.ToByteArray();
utc.SigmaZPrime = up.SigmaZPrime.GetEncoded();
utc.TI = up.TI;
utc.Uidp = up.Uidp;
return(utc);
}
public bool verifyTokenProof(PresentationProofComposite proof, int[] disclosedIndices, int[] committedIndices, string messageParam, string verifierScopeParam, IssuerParametersComposite ipc, UProveTokenComposite token, string sessionID)
{
/*
* token verification
*/
cOut.write("Verifying a U-Prove token");
VerifySessionId(sessionID);
IssuerParameters ip = ConvertUtils.convertIssuerParametersComposite(ipc, sessionDB[sessionID]);
// the application-specific message that the prover will sign. Typically this is a nonce combined
// with any application-specific transaction data to be signed.
byte[] message = encoding.GetBytes(messageParam);
// the application-specific verifier scope from which a scope-exclusive pseudonym will be created
// (if null, then a pseudonym will not be presented)
byte[] scope = null;
if (verifierScopeParam != "null")
{
scope = encoding.GetBytes(verifierScopeParam);
}
// verify the presentation proof
try
{
byte[] tokenId;
byte[] proofSession;
UProveToken t = ConvertUtils.convertUProveTokenComposite(ip, token);
PresentationProof p = ConvertUtils.convertPresentationProofComposite(ip, proof, out tokenId, out proofSession);
p.Verify(ip,
disclosedIndices,
committedIndices,
scope != null ? DevicePseudonymIndex : 0,
scope,
message,
proofSession,
t);
if (proof.TokenID != null && !ProtocolHelper.ComputeTokenID(ip, t).SequenceEqual(proof.TokenID))
{
cOut.write("Invalid Token ID");
return(false);
}
return(true);
}
catch (Exception e)
{
cOut.write("Exception caught: " + e.Message);
DebugUtils.DebugPrint(e.StackTrace.ToString());
return(false);
}
}
public PresentationProofComposite proveToken(string[] attributesParam, int[] disclosedIndices, int[] committedIndices, string messageParam, string verifierScopeParam, IssuerParametersComposite ipc, UProveTokenComposite tokenComposite, byte[] tokenPrivateKeyParam, string sessionID)
{
/*
* token presentation
*/
cOut.write("Presenting a U-Prove token");
VerifySessionId(sessionID);
try
{
// specify the attribute values agreed to by the Issuer and Prover
int numberOfAttributes = attributesParam.Length;
byte[][] attributes = new byte[numberOfAttributes][];
for (int i = 0; i < numberOfAttributes; i++)
{
attributes[i] = encoding.GetBytes(attributesParam[i]);
}
IssuerParameters ip = ConvertUtils.convertIssuerParametersComposite(ipc, sessionDB[sessionID]);
// the application-specific message that the prover will sign. Typically this is a nonce combined
// with any application-specific transaction data to be signed.
byte[] message = encoding.GetBytes(messageParam);
// the application-specific verifier scope from which a scope-exclusive pseudonym will be created
// (if null, then a pseudonym will not be presented)
byte[] scope = null;
if (verifierScopeParam != null && verifierScopeParam != "null")
{
scope = encoding.GetBytes(verifierScopeParam);
}
// generate the presentation proof
UProveToken uProveToken = ConvertUtils.convertUProveTokenComposite(ip, tokenComposite);
byte[] bigInt = tokenPrivateKeyParam;
DeviceManager dManager = sessionDB[sessionID].deviceManager;
UProveKeyAndToken keyAndToken = new UProveKeyAndToken();
keyAndToken.PrivateKey = new BigInteger(1, bigInt);
keyAndToken.Token = uProveToken;
byte[] proofSession = null;
if (!dManager.IsVirtualDevice)
{
SmartCardDevice smartDevice = (SmartCardDevice)dManager.GetDevice();
smartDevice.ProofSession = smartDevice.Device.BeginCommitment(1);
byte[] proofSessionRaw = smartDevice.ProofSession;
proofSession = new byte[1 + proofSessionRaw.Length];
proofSession[0] = 1;
Buffer.BlockCopy(proofSessionRaw, 0, proofSession, 1, proofSessionRaw.Length);
}
BigInteger[] commitmentValues;
PresentationProof p =
PresentationProof.Generate(ip,
disclosedIndices,
committedIndices,
scope != null ? DevicePseudonymIndex : 0,
scope,
message,
proofSession,
dManager.GetDevice().GetPresentationContext(),
keyAndToken,
attributes,
out commitmentValues);
#if DEBUG
dManager.pDebug = p;
#endif
return(ConvertUtils.convertPresentationProof(p, commitmentValues, ProtocolHelper.ComputeTokenID(ip, uProveToken), proofSession));
}
catch (Exception e)
{
cOut.write(e.ToString());
DebugUtils.DebugPrint(e.StackTrace.ToString());
}
return(null);
}
public bool verifyTokenProof(PresentationProofComposite proof, int[] disclosedIndices, int[] committedIndices, string messageParam, string verifierScopeParam, IssuerParametersComposite ipc, UProveTokenComposite token, string sessionID)
{
/*
* token verification
*/
cOut.write("Verifying a U-Prove token");
VerifySessionId(sessionID);
IssuerParameters ip = ConvertUtils.convertIssuerParametersComposite(ipc, sessionDB[sessionID]);
// the application-specific message that the prover will sign. Typically this is a nonce combined
// with any application-specific transaction data to be signed.
byte[] message = encoding.GetBytes(messageParam);
// the application-specific verifier scope from which a scope-exclusive pseudonym will be created
// (if null, then a pseudonym will not be presented)
byte[] scope = null;
if (verifierScopeParam != "null")
{
scope = encoding.GetBytes(verifierScopeParam);
}
// verify the presentation proof
try
{
byte[] tokenId;
byte[] proofSession;
UProveToken t = ConvertUtils.convertUProveTokenComposite(ip, token);
PresentationProof p = ConvertUtils.convertPresentationProofComposite(ip, proof, out tokenId, out proofSession);
p.Verify(ip,
disclosedIndices,
committedIndices,
scope != null ? DevicePseudonymIndex : 0,
scope,
message,
proofSession,
t);
if (proof.TokenID != null && !ProtocolHelper.ComputeTokenID(ip, t).SequenceEqual(proof.TokenID))
{
cOut.write("Invalid Token ID");
return false;
}
return true;
}
catch (Exception e)
{
cOut.write("Exception caught: " + e.Message);
DebugUtils.DebugPrint(e.StackTrace.ToString());
return false;
}
}
public PresentationProofComposite proveToken(string[] attributesParam, int[] disclosedIndices, int[] committedIndices, string messageParam, string verifierScopeParam, IssuerParametersComposite ipc, UProveTokenComposite tokenComposite, byte[] tokenPrivateKeyParam, string sessionID)
{
/*
* token presentation
*/
cOut.write("Presenting a U-Prove token");
VerifySessionId(sessionID);
try
{
// specify the attribute values agreed to by the Issuer and Prover
int numberOfAttributes = attributesParam.Length;
byte[][] attributes = new byte[numberOfAttributes][];
for (int i = 0; i < numberOfAttributes; i++)
{
attributes[i] = encoding.GetBytes(attributesParam[i]);
}
IssuerParameters ip = ConvertUtils.convertIssuerParametersComposite(ipc, sessionDB[sessionID]);
// the application-specific message that the prover will sign. Typically this is a nonce combined
// with any application-specific transaction data to be signed.
byte[] message = encoding.GetBytes(messageParam);
// the application-specific verifier scope from which a scope-exclusive pseudonym will be created
// (if null, then a pseudonym will not be presented)
byte[] scope = null;
if (verifierScopeParam != null && verifierScopeParam != "null")
{
scope = encoding.GetBytes(verifierScopeParam);
}
// generate the presentation proof
UProveToken uProveToken = ConvertUtils.convertUProveTokenComposite(ip, tokenComposite);
byte[] bigInt = tokenPrivateKeyParam;
DeviceManager dManager = sessionDB[sessionID].deviceManager;
UProveKeyAndToken keyAndToken = new UProveKeyAndToken();
keyAndToken.PrivateKey = new BigInteger(1, bigInt);
keyAndToken.Token = uProveToken;
byte[] proofSession = null;
if (!dManager.IsVirtualDevice)
{
SmartCardDevice smartDevice = (SmartCardDevice)dManager.GetDevice();
smartDevice.ProofSession = smartDevice.Device.BeginCommitment(1);
byte[] proofSessionRaw = smartDevice.ProofSession;
proofSession = new byte[1 + proofSessionRaw.Length];
proofSession[0] = 1;
Buffer.BlockCopy(proofSessionRaw, 0, proofSession, 1, proofSessionRaw.Length);
}
BigInteger[] commitmentValues;
PresentationProof p =
PresentationProof.Generate(ip,
disclosedIndices,
committedIndices,
scope != null ? DevicePseudonymIndex : 0,
scope,
message,
proofSession,
dManager.GetDevice().GetPresentationContext(),
keyAndToken,
attributes,
out commitmentValues);
#if DEBUG
dManager.pDebug = p;
#endif
return ConvertUtils.convertPresentationProof(p, commitmentValues, ProtocolHelper.ComputeTokenID(ip, uProveToken), proofSession);
}
catch (Exception e)
{
cOut.write(e.ToString());
DebugUtils.DebugPrint(e.StackTrace.ToString());
}
return null;
}
public static UProveToken convertUProveTokenComposite(IssuerParameters ip, UProveTokenComposite utc)
{
UProveToken up = new UProveToken();
up.H = ip.Gq.CreateGroupElement(utc.H);
up.IsDeviceProtected = utc.IsDeviceProtected;
up.PI = utc.PI;
up.SigmaCPrime = new BigInteger(1, utc.SigmaCPrime);
up.SigmaRPrime = new BigInteger(1, utc.SigmaRPrime);
up.SigmaZPrime = ip.Gq.CreateGroupElement(utc.SigmaZPrime);
up.TI = utc.TI;
up.Uidp = utc.Uidp;
return up;
}
public static UProveTokenComposite convertUProveToken(UProveToken up)
{
UProveTokenComposite utc = new UProveTokenComposite();
utc.H = up.H.GetEncoded();
utc.IsDeviceProtected = up.IsDeviceProtected;
utc.PI = up.PI;
utc.SigmaCPrime = up.SigmaCPrime.ToByteArray();
utc.SigmaRPrime = up.SigmaRPrime.ToByteArray();
utc.SigmaZPrime = up.SigmaZPrime.GetEncoded();
utc.TI = up.TI;
utc.Uidp = up.Uidp;
return utc;
}
