/// <summary> /// Generates with the given committed indexes in relation to the verifier ranges a range proof <br/> /// verifierRangeProofToCommittedIndexes[0] is used to create a range proof with the committedIndexes[0] etc. /// </summary> /// <param name="committedIndexes">committed attribute index for which the range proof is (same index multiple time - allowed)</param> /// <param name="verifierRangeProofToCommittedIndexes">all range proofs from the verifier which must be used</param> /// <returns>for all committedIndexes a range proof</returns> public List <string> GenerateRangeProofs(int[] committedIndexes, List <VerifierRanges> verifierRangeProofToCommittedIndexes) { try { LogService.Log(LogService.LogType.Info, "ProverProof - GenerateRangeProofs called"); if (committedIndexes.Length != verifierRangeProofToCommittedIndexes.Count) { throw new Exception("RangeProofTypes and committedIndexes must have the same size."); } foreach (RangeProofProperties p in rangeProofProperties) { if (ip.E[p.Index - 1] != 0) // rangeProofIndex - 1 => where the value of the date is stored { throw new Exception("DOB attribute must be encoded directly in order to create a range proof"); } } List <string> rangeProofs = new List <string>(); int minYear = 0; int maxYear = 0; int commitmentIndex; for (int i = 0; i < committedIndexes.Length; i++) { RangeProofProperties p = rangeProofProperties .Where(x => x.AttributeName == parser.ParseJsonToObject <BasicClaim>(encoding.GetString( attributesToInclude[committedIndexes[i]])).name) .First <RangeProofProperties>(); minYear = p.MinYear; maxYear = p.MaxYear; commitmentIndex = Array.FindIndex <int>(pppp.Committed, x => x == p.Index); // check if range proof attributes is the same as in the properties if (verifierRangeProofToCommittedIndexes[i].rangeProofAttribute != parser.ParseJsonToObject <BasicClaim>(encoding.GetString(Convert.FromBase64String(proof.D[commitmentIndex]))).name) { throw new Exception("Attribute name in defined VerifierRanges is not the same as in the presentation proof"); } // create range proof now DateTime dateToVerify = DateTime.Today.AddYears(-verifierRangeProofToCommittedIndexes[i].number); string rangeProofJson = GenerateRangeProof(commitmentIndex, RangeProofType.GetType(verifierRangeProofToCommittedIndexes[i].rangeProofType), dateToVerify, minYear, maxYear, verifierRangeProofToCommittedIndexes[i].verifiersRangeProofId); LogService.Log(LogService.LogType.Info, "ProverProof - range proof for verifiersRange [" + verifierRangeProofToCommittedIndexes[i].verifiersRangeProofId + "], created: " + rangeProofJson); rangeProofs.Add(rangeProofJson); } LogService.Log(LogService.LogType.Info, "ProverProof - all range proofs are generated"); return(rangeProofs); } catch (Exception e) { LogService.Log(LogService.LogType.Error, "ProverProof - Error in GenerateRangeProofs", e); throw new CommunicationException("ProverProof - Error in GererateRangeProofs", e); } }
///// <summary> ///// Init must be called first ///// Checks if the given setmembership proofs were correct - compare with the given setmembership proof settings from the verifier ///// <returns>true --> all membership proof were successfull; exception -> something went wrong</returns> ///// </summary> //public bool VerifySetMembershipProofs(string setMembershipProofJson, VerifierMembers memberList) //{ // try // { // LogService.Log(LogService.LogType.Info, "IssuingVerifier - VerifySetMembershipProofs called"); // proofVerification.IsMemberOf = memberList.Members; // VerifyProof(); // if (!isInitialized || !proofAccepted || !tokenAccepted) // throw new Exception("SetMembershipProof could not be proved; isInitialized:" + isInitialized // + ", Proof verifierd:" + proofAccepted + ", Token verified:" + tokenAccepted); // LogService.Log(LogService.LogType.Info, "IssuingVerifier - SetMembershipProof given: " + setMembershipProofJson); // bool canContinue = false; // Proof proof = parser.ParseJsonToObject<Proof>(proofJson); // // check if the disclosed attribute is from the expected type (name) and disclosed -1 = committedAttribute // for (int i = 0; i < proof.D.Count; i++) // { // // check if the name of the attribute is like the given member attribute name // if (memberList.MemberAttribute == // parser.ParseJsonToObject<BasicClaim>(encoding.GetString(Convert.FromBase64String(proof.D[i]))).name) // { // if (proofRequirements.committedAttributes.Contains(proofRequirements.disclosedAttributes[i] - 1)) // { // canContinue = true; // LogService.Log(LogService.LogType.Info, "IssuingVerifier - Given SetMembership attribute name matches defined attribute name"); // break; // } // } // } // if (!canContinue) // throw new Exception("Given SetMembership attribute name does not matches the expected attribute name '" + memberList.MemberAttribute + "'. "); // byte[][] setValues = parser.ParseJsonToObject<uprove_json.Proofs.SetMembershipProof>(setMembershipProofJson).setValues; // int commitmentIndex = parser.ParseJsonToObject<uprove_json.Proofs.SetMembershipProof>(setMembershipProofJson).commitmentIndex; // UProveCrypto.PolyProof.SetMembershipProof setProof = IP.Deserialize<UProveCrypto.PolyProof.SetMembershipProof>(setMembershipProofJson); // if (!UProveCrypto.PolyProof.SetMembershipProof.Verify(vppp, pProof, setProof, commitmentIndex, setValues)) // throw new Exception("SetMembership Proof failed."); // else // // check if it is a member of the allowed universities // return CheckIfMemberOfAllowedMembers(setValues); // } // catch (Exception e) // { // LogService.Log(LogService.LogType.FatalError, "IssuingVerifier - VerifySetMembershipProof failed.", e); // throw new CommunicationException("IssuingVerifier - VerifySetMembershipProof failed.", e); // } //} #endregion VerifySetMembershipProofs #region VerifyRangeProofs /// <summary> /// Init must called first /// Checks if the given range proofs were correct - compare with the given range proof settings from the verifier /// </summary> /// <param name="rangeProofJsons">list of range proofs to check and verify</param> /// <param name="verifierRanges">list of range proofs settings - given by the verifier /// e.g. rangeProofJsons[x] must include settings from verifierRanges[x]</param> /// <returns>true -> all range proofs were successfull, exception -> something went wrong</returns> public bool VerifyRangeProofs(List <string> rangeProofJsons, List <VerifierRanges> verifierRanges) { try { LogService.Log(LogService.LogType.Info, "IssuingVerifier - VerifyRangeProofs called"); if (!isInitialized || !proofAccepted || !tokenAccepted) { throw new Exception("VerifyRangeProofs could not be proved; isInitialized:" + isInitialized + ", Proof verifierd:" + proofAccepted + ", Token verified:" + tokenAccepted); } int[] rangeProofAttributeMatch = new int[2]; List <int> committedAttributes = proofRequirements.committedAttributes.Select(id => id).ToList <int>(); List <int> disclosedAttributes = proofRequirements.disclosedAttributes.Select(id => id).ToList <int>(); // check if the disclosed attribute is from the expected type (name) and disclosed -1 = committedAttribute Proof proof = parser.ParseJsonToObject <Proof>(proofJson); if (rangeProofAttributeMatch[0] != rangeProofAttributeMatch[1]) { throw new Exception("Given range proof attribute name does not matches the expected attribute name '" + "todo display range proof attributes" + "'. "); } uprove_json.Proofs.RangeProof rp; VerifierRanges vr; List <VerifierRanges> testedVRs = new List <VerifierRanges>(); foreach (string oneRangeProofJson in rangeProofJsons) { LogService.Log(LogService.LogType.Info, "IssuingVerifier - RangeProof given: " + oneRangeProofJson); rp = parser.ParseJsonToObject <uprove_json.Proofs.RangeProof>(oneRangeProofJson); vr = verifierRanges.Where(x => x.verifiersRangeProofId == rp.verifiersRangeProofId).FirstOrDefault <VerifierRanges>(); // check if there was a verifier ranges object found if (vr == null) { throw new Exception("No such proof given"); } // set this proof as tested -> check later if sibling got tested too testedVRs.Add(vr); // attribute == commitment attribute if (parser.ParseJsonToObject <BasicClaim>(encoding.GetString(Convert.FromBase64String(proof.D[rp.commitmentIndex]))).name != vr.rangeProofAttribute) { throw new Exception("Attribute commitment is not matching attribute from verifiers range proof properties"); } // rangeProofType == rangeProofType if (rp.rangeProofType != vr.rangeProofType) { throw new Exception("Proof type is not matching proof tpye from verifiers range proof properties"); } // check if target date is correct set and then check if the proof is correct if (!(DateTime.Compare(Convert.ToDateTime(rp.targetDate), DateTime.Now.AddYears(-vr.number)) <= 0)) { throw new Exception("TargetDate is in the wrong format (to small or large)."); } // check range proof UProveCrypto.PolyProof.RangeProof vRangeProof = IP.Deserialize <UProveCrypto.PolyProof.RangeProof>(oneRangeProofJson); // and verify the range proof if (!vRangeProof.Verify( RangeProofParameterFactory.GetDateTimeVerifierParameters( new CryptoParameters(IP), new ClosedPedersenCommitment(IP, pProof, rp.commitmentIndex).Value, //(VerifierRangeProofParameters.ProofType) RangeProofType.GetType(rp.rangeProofType).ProofType, Convert.ToDateTime(rp.targetDate), rp.minBirthYear, rp.maxBirthYear))) { throw new Exception("RangeProof failed"); } LogService.Log(LogService.LogType.Info, "IssuingVerifier - RangeProof passed tests"); } // check siblings CheckSiblings(testedVRs); return(true); } catch (Exception e) { LogService.Log(LogService.LogType.FatalError, "IssuingVerifier - Verifing range proof failed.", e); throw new CommunicationException("IssuingVerifier - Verifing range proof failed.", e); } }