/** * Creates a Credential Revocation Information object * * @param key Private key * @param unrevokedHandles Array of unrevoked revocation handles * @param epoch The counter (representing a time window) in which this CRI is valid * @param alg Revocation algorithm * @return CredentialRevocationInformation object */ public static CredentialRevocationInformation CreateCRI(KeyPair key, BIG[] unrevokedHandles, int epoch, RevocationAlgorithm alg) { CredentialRevocationInformation cr = new CredentialRevocationInformation(); cr.RevocationAlg = (int)alg; cr.Epoch = epoch; // Create epoch key WeakBB.KeyPair keyPair = WeakBB.WeakBBKeyGen(); if (alg == RevocationAlgorithm.ALG_NO_REVOCATION) { // Dummy PK in the proto cr.EpochPk = IdemixUtils.GenG2.ToProto(); } else { // Real PK only if we are going to use it cr.EpochPk = keyPair.Pk.ToProto(); } // Sign epoch + epoch key with the long term key byte[] signed; try { signed = key.Sign(cr.ToByteArray(), "SHA256withECDSA"); cr.EpochPkSig = ByteString.CopyFrom(signed); } catch (Exception e) { throw new CryptoException("Error processing the signature: ", e); } if (alg == RevocationAlgorithm.ALG_NO_REVOCATION) { // build and return the credential information object return(cr); } // If alg not supported, return null throw new ArgumentException("Algorithm " + alg.ToString() + " not supported"); }