예제 #1
0
        PreIssuanceData PreIssuance(ProverPreIssuanceParameters ppip, IssuerPreIssuanceParameters ipip)
        {
            byte[] message = encoding.GetBytes("Optional Message");
            UProveCrypto.Math.FieldZqElement beta0;

            ppip.Validate();
            PreIssuanceProof proof = PreIssuanceProof.CreateProof(ppip, out beta0, message);

            if (TEST_SERIALIZATION)
            {
                string _proof = ip.Serialize<PreIssuanceProof>(proof);
                proof = ip.Deserialize<PreIssuanceProof>(_proof);
            }
            GroupElement gamma = null;
            try
            {
                gamma = PreIssuanceProof.VerifyProof(ipip, proof, message);
            }
            catch (InvalidUProveArtifactException e)
            {
                Assert.Fail("Invalid proof: " + e.Message);
            }

            PreIssuanceData pid = new PreIssuanceData();
            pid.Gamma = gamma;
            pid.Beta0 = beta0;
            return pid;
        }
예제 #2
0
        public void CollaborativeIssuanceTestFull()
        {
            byte[][] attributes = new byte[][] { encoding.GetBytes("A1"), encoding.GetBytes("A2") };
            UProveKeyAndToken[] upkt = IssueSourceToken(attributes);

            // carry over one attribute to various positions
            for (int sourceIndex = 0; sourceIndex < attributes.Length; sourceIndex++)
            {
                for (int destinationIndex = 0; destinationIndex < 3; destinationIndex++)
                {
                    // Collaborative Issuance 
                    // First the Prover creates a PreIssuanceProof
                    int[] sourceIndices = new int[] { sourceIndex + 1 };
                    int[] destinationIndices = new int[] { destinationIndex + 1 };
                    ProverPreIssuanceParameters ppip = new ProverPreIssuanceParameters(ip);
                    ppip.Attributes = new byte[3][];
                    ppip.CarryOverAttribute(sourceIndices, destinationIndices, sourceIp, upkt[0], attributes); 
                    ppip.U = new int[] { ((destinationIndex + 1) % 3) + 1 };
                    ppip.K = new int[] { ((destinationIndex + 2) % 3) + 1 };
                    ppip.Attributes[destinationIndex] = attributes[sourceIndex];
                    ppip.Attributes[ppip.U[0] - 1] = encoding.GetBytes("unknown");
                    ppip.Attributes[ppip.K[0] - 1] = encoding.GetBytes("known");
                    byte[] message = encoding.GetBytes("Optional Message");

                    // The verifier will only have the token, not the keyAndToken 
                    IssuerPreIssuanceParameters ipip = new IssuerPreIssuanceParameters(ip);
                    ipip.Attributes = new byte[3][];
                    ipip.CarryOverAttribute(sourceIndices, destinationIndices, sourceIp, upkt[0].Token);
                    ipip.U = ppip.U;
                    ipip.K = ppip.K;
                    ipip.Attributes[destinationIndex] = null; // carried-over
                    ipip.Attributes[ppip.U[0] - 1] = null;
                    ipip.Attributes[ppip.K[0] - 1] = encoding.GetBytes("known");

                    PreIssuanceData pid = PreIssuance(ppip, ipip); 

                    // Issuance (collaborative, using blindedGamma)
                    IssuerProtocolParameters ipp2 = new IssuerProtocolParameters(ikap);
                    ipp2.Gamma = pid.Gamma;
                    Issuer issuer2 = ipp2.CreateIssuer();
                    FirstIssuanceMessage msg1_2 = issuer2.GenerateFirstMessage();

                    ProverProtocolParameters ppp2 = new ProverProtocolParameters(ip);
                    ppp2.SetBlindedGamma(pid.Gamma, pid.Beta0);
                    Prover prover2 = ppp2.CreateProver();
                    SecondIssuanceMessage msg2_2 = prover2.GenerateSecondMessage(msg1_2);
                    ThirdIssuanceMessage msg3_2 = issuer2.GenerateThirdMessage(msg2_2);
                    UProveKeyAndToken[] upkt_2 = prover2.GenerateTokens(msg3_2);

                    // Create a presentation proof for each token, disclosing everything, to make sure the new token works
                    for (int i = 0; i < upkt_2.Length; i++)
                    {
                        int[] disclosed = { 1, 2, 3 };
                        int[] committed = { };
                        PresentationProof P = PresentationProof.Generate(ip, disclosed, message, null, null, upkt_2[i], ppip.Attributes);
                        P.Verify(ip, disclosed, message, null, upkt_2[i].Token);
                        // verify that carried-over attribute was properly set
                        Assert.IsTrue(P.DisclosedAttributes[destinationIndex].SequenceEqual<byte>(attributes[sourceIndex]));
                        Assert.IsTrue(P.DisclosedAttributes[ppip.U[0] - 1].SequenceEqual<byte>(encoding.GetBytes("unknown")));
                        Assert.IsTrue(P.DisclosedAttributes[ppip.K[0] - 1].SequenceEqual<byte>(encoding.GetBytes("known")));
                    }
                }
            }
        }