internal static FieldZqElement GenerateChallenge(IssuerParameters ip, UProveToken upt, byte[] a, int pseudonymIndex, byte[] ap, GroupElement Ps, byte[] m, byte[] md, int[] disclosed, FieldZqElement[] disclosedX, int[] committed, CommitmentValues[] commitments, out byte[] mdPrime) { bool hasCommitments = (committed != null && committed.Length > 0); if (hasCommitments) { if (committed.Length != commitments.Length) { throw new ArgumentException("Inconsistent committed indices and commitment values"); } } HashFunction hash = ip.HashFunction; hash.Hash(ComputeTokenID(ip, upt)); hash.Hash(a); hash.Hash(disclosed); hash.Hash(disclosedX); if (!hasCommitments) { hash.HashNull(); // C hash.HashNull(); // < {tildeC} > hash.HashNull(); // < {tildeA} > } else { hash.Hash(committed); hash.Hash(commitments.Length); // length of < {tildeC} > for (int i = 0; i < commitments.Length; i++) { hash.Hash(commitments[i].TildeC); } hash.Hash(commitments.Length); // length of < {tildeA} > for (int i = 0; i < commitments.Length; i++) { hash.Hash(commitments[i].TildeA); } } hash.Hash(pseudonymIndex == PresentationProof.DeviceAttributeIndex ? 0 : pseudonymIndex); hash.Hash(ap); hash.Hash(Ps); hash.Hash(m); mdPrime = hash.Digest; if (upt.IsDeviceProtected) { hash = ip.HashFunction; hash.Hash(md); hash.Hash(mdPrime); return(ip.Zq.GetElementFromDigest(hash.Digest)); } else { return(ip.Zq.GetElementFromDigest(mdPrime)); } }
public void HashFormattingTest() { HashFunction hash; // byte hash = new HashFunction(TestVectorData.HashVectors.UIDh); byte b = 0x01; hash.Hash(b); Assert.IsTrue(HexToBytes(TestVectorData.HashVectors.hash_byte).SequenceEqual(hash.Digest), "hash_byte"); // octet string hash = new HashFunction(TestVectorData.HashVectors.UIDh); byte[] octetString = new byte[] { 0x01, 0x02, 0x03, 0x04, 0x05 }; hash.Hash(octetString); Assert.IsTrue(HexToBytes(TestVectorData.HashVectors.hash_octetstring).SequenceEqual(hash.Digest), "hash_octetstring"); // null hash = new HashFunction(TestVectorData.HashVectors.UIDh); hash.HashNull(); Assert.IsTrue(HexToBytes(TestVectorData.HashVectors.hash_null).SequenceEqual(hash.Digest), "hash_null"); // list hash = new HashFunction(TestVectorData.HashVectors.UIDh); hash.Hash(3); // list length hash.Hash(b); hash.Hash(octetString); hash.HashNull(); Assert.IsTrue(HexToBytes(TestVectorData.HashVectors.hash_list).SequenceEqual(hash.Digest), "hash_list"); // subgroup 1.3.6.1.4.1.311.75.1.1.1 hash = new HashFunction(TestVectorData.HashVectors.UIDh); hash.Hash(SubgroupParameterSets.ParamSetL2048N256V1.Group); Assert.IsTrue(HexToBytes(TestVectorData.HashVectors.hash_subgroup).SequenceEqual(hash.Digest), "hash_subgroup"); // ec group 1.3.6.1.4.1.311.75.1.2.1 hash = new HashFunction(TestVectorData.HashVectors.UIDh); hash.Hash(ECParameterSets.ParamSet_EC_P256_V1.Group); Assert.IsTrue(HexToBytes(TestVectorData.HashVectors.hash_ecgroup).SequenceEqual(hash.Digest), "hash_ecgroup"); }