/// <summary> /// Creates a bit decomposition of prover.OpenIntegerA and prover.OpenIntegerB, /// and proofs that they are valid. Sets member fields /// A, B, ProofBitDecompositionOfA and ProofBitDecompositionOfB. /// </summary> /// <param name="prover">Prover range proof parameters</param> /// <param name="bitProverA">outputs parameters for bit decomposition proof for A</param> /// <param name="bitProverB">outputs parameters for bit decomposition proof for B</param> /// <returns>Array AdivB with the bit decomposition of A divided by the bit decomposition of B.</returns> private DLRepOfGroupElement [] CreateBitDecompositionProofs(ProverRangeProofParameters prover) { int decompositionLength = RangeProof.ComputeDecompositionLength(prover); // create proof for A ProverBitDecompositionParameters bitProverA = new ProverBitDecompositionParameters(prover.RangeNormalizedOpenIntegerA, decompositionLength, prover); this.ProofBitDecompositionOfA = new BitDecompositionProof(bitProverA); this.A = bitProverA.ClosedBitDecomposition(); // create proof for B if it is unknown. ProverBitDecompositionParameters bitProverB = new ProverBitDecompositionParameters(prover.RangeNormalizedOpenIntegerB, decompositionLength, prover); if (prover.IntegerBIsKnown) { this.ProofBitDecompositionOfB = null; this.B = null; DLRepOfGroupElement[] defaultB = DefaultOpenDecompositionOfIntegerB(prover); return(ComputeOpenAdivB(prover, bitProverA.OpenBitDecomposition(), defaultB)); } this.ProofBitDecompositionOfB = new BitDecompositionProof(bitProverB); this.B = bitProverB.ClosedBitDecomposition(); return(ComputeOpenAdivB(prover, bitProverA.OpenBitDecomposition(), bitProverB.OpenBitDecomposition())); }
///// <summary> ///// Init must be called first ///// Checks if the given setmembership proofs were correct - compare with the given setmembership proof settings from the verifier ///// <returns>true --> all membership proof were successfull; exception -> something went wrong</returns> ///// </summary> //public bool VerifySetMembershipProofs(string setMembershipProofJson, VerifierMembers memberList) //{ // try // { // LogService.Log(LogService.LogType.Info, "IssuingVerifier - VerifySetMembershipProofs called"); // proofVerification.IsMemberOf = memberList.Members; // VerifyProof(); // if (!isInitialized || !proofAccepted || !tokenAccepted) // throw new Exception("SetMembershipProof could not be proved; isInitialized:" + isInitialized // + ", Proof verifierd:" + proofAccepted + ", Token verified:" + tokenAccepted); // LogService.Log(LogService.LogType.Info, "IssuingVerifier - SetMembershipProof given: " + setMembershipProofJson); // bool canContinue = false; // Proof proof = parser.ParseJsonToObject<Proof>(proofJson); // // check if the disclosed attribute is from the expected type (name) and disclosed -1 = committedAttribute // for (int i = 0; i < proof.D.Count; i++) // { // // check if the name of the attribute is like the given member attribute name // if (memberList.MemberAttribute == // parser.ParseJsonToObject<BasicClaim>(encoding.GetString(Convert.FromBase64String(proof.D[i]))).name) // { // if (proofRequirements.committedAttributes.Contains(proofRequirements.disclosedAttributes[i] - 1)) // { // canContinue = true; // LogService.Log(LogService.LogType.Info, "IssuingVerifier - Given SetMembership attribute name matches defined attribute name"); // break; // } // } // } // if (!canContinue) // throw new Exception("Given SetMembership attribute name does not matches the expected attribute name '" + memberList.MemberAttribute + "'. "); // byte[][] setValues = parser.ParseJsonToObject<uprove_json.Proofs.SetMembershipProof>(setMembershipProofJson).setValues; // int commitmentIndex = parser.ParseJsonToObject<uprove_json.Proofs.SetMembershipProof>(setMembershipProofJson).commitmentIndex; // UProveCrypto.PolyProof.SetMembershipProof setProof = IP.Deserialize<UProveCrypto.PolyProof.SetMembershipProof>(setMembershipProofJson); // if (!UProveCrypto.PolyProof.SetMembershipProof.Verify(vppp, pProof, setProof, commitmentIndex, setValues)) // throw new Exception("SetMembership Proof failed."); // else // // check if it is a member of the allowed universities // return CheckIfMemberOfAllowedMembers(setValues); // } // catch (Exception e) // { // LogService.Log(LogService.LogType.FatalError, "IssuingVerifier - VerifySetMembershipProof failed.", e); // throw new CommunicationException("IssuingVerifier - VerifySetMembershipProof failed.", e); // } //} #endregion VerifySetMembershipProofs #region VerifyRangeProofs /// <summary> /// Init must called first /// Checks if the given range proofs were correct - compare with the given range proof settings from the verifier /// </summary> /// <param name="rangeProofJsons">list of range proofs to check and verify</param> /// <param name="verifierRanges">list of range proofs settings - given by the verifier /// e.g. rangeProofJsons[x] must include settings from verifierRanges[x]</param> /// <returns>true -> all range proofs were successfull, exception -> something went wrong</returns> public bool VerifyRangeProofs(List <string> rangeProofJsons, List <VerifierRanges> verifierRanges) { try { LogService.Log(LogService.LogType.Info, "IssuingVerifier - VerifyRangeProofs called"); if (!isInitialized || !proofAccepted || !tokenAccepted) { throw new Exception("VerifyRangeProofs could not be proved; isInitialized:" + isInitialized + ", Proof verifierd:" + proofAccepted + ", Token verified:" + tokenAccepted); } int[] rangeProofAttributeMatch = new int[2]; List <int> committedAttributes = proofRequirements.committedAttributes.Select(id => id).ToList <int>(); List <int> disclosedAttributes = proofRequirements.disclosedAttributes.Select(id => id).ToList <int>(); // check if the disclosed attribute is from the expected type (name) and disclosed -1 = committedAttribute Proof proof = parser.ParseJsonToObject <Proof>(proofJson); if (rangeProofAttributeMatch[0] != rangeProofAttributeMatch[1]) { throw new Exception("Given range proof attribute name does not matches the expected attribute name '" + "todo display range proof attributes" + "'. "); } uprove_json.Proofs.RangeProof rp; VerifierRanges vr; List <VerifierRanges> testedVRs = new List <VerifierRanges>(); foreach (string oneRangeProofJson in rangeProofJsons) { LogService.Log(LogService.LogType.Info, "IssuingVerifier - RangeProof given: " + oneRangeProofJson); rp = parser.ParseJsonToObject <uprove_json.Proofs.RangeProof>(oneRangeProofJson); vr = verifierRanges.Where(x => x.verifiersRangeProofId == rp.verifiersRangeProofId).FirstOrDefault <VerifierRanges>(); // check if there was a verifier ranges object found if (vr == null) { throw new Exception("No such proof given"); } // set this proof as tested -> check later if sibling got tested too testedVRs.Add(vr); // attribute == commitment attribute if (parser.ParseJsonToObject <BasicClaim>(encoding.GetString(Convert.FromBase64String(proof.D[rp.commitmentIndex]))).name != vr.rangeProofAttribute) { throw new Exception("Attribute commitment is not matching attribute from verifiers range proof properties"); } // rangeProofType == rangeProofType if (rp.rangeProofType != vr.rangeProofType) { throw new Exception("Proof type is not matching proof tpye from verifiers range proof properties"); } // check if target date is correct set and then check if the proof is correct if (!(DateTime.Compare(Convert.ToDateTime(rp.targetDate), DateTime.Now.AddYears(-vr.number)) <= 0)) { throw new Exception("TargetDate is in the wrong format (to small or large)."); } // check range proof UProveCrypto.PolyProof.RangeProof vRangeProof = IP.Deserialize <UProveCrypto.PolyProof.RangeProof>(oneRangeProofJson); // and verify the range proof if (!vRangeProof.Verify( RangeProofParameterFactory.GetDateTimeVerifierParameters( new CryptoParameters(IP), new ClosedPedersenCommitment(IP, pProof, rp.commitmentIndex).Value, //(VerifierRangeProofParameters.ProofType) RangeProofType.GetType(rp.rangeProofType).ProofType, Convert.ToDateTime(rp.targetDate), rp.minBirthYear, rp.maxBirthYear))) { throw new Exception("RangeProof failed"); } LogService.Log(LogService.LogType.Info, "IssuingVerifier - RangeProof passed tests"); } // check siblings CheckSiblings(testedVRs); return(true); } catch (Exception e) { LogService.Log(LogService.LogType.FatalError, "IssuingVerifier - Verifing range proof failed.", e); throw new CommunicationException("IssuingVerifier - Verifing range proof failed.", e); } }