credentials

package
v0.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 23, 2020 License: BSD-4-Clause Imports: 15 Imported by: 1

Documentation

Index

Constants

View Source 
const MagicByte = byte(0xFF)

MagicByte is used to prevent a big.Int to truncate leading zeros.

View Source 
const Separator = "."

Separator is used to separate JSON keys from each other.

Variables

This section is empty.

Functions

func RequestCombinedPresentation 

func RequestCombinedPresentation(sysParams *gabi.SystemParameters,
	partialRequests []PartialPresentationRequest) (*CombinedVerifierSession, *CombinedPresentationRequest)

RequestCombinedPresentation request the disclosure of multiple different credentials from a user.

func RequestPresentation 

func RequestPresentation(sysParams *gabi.SystemParameters, discloseAttributes []string,
	requestNonRevProof bool, updateAfter time.Time) (*VerifierSession, *PresentationRequest)

RequestPresentation builds a message which request the specified attributes from a claimer. It returns a VerifierSession which is used to check the claimers response and RequestDiscloseAttributes which represents the message which should be sent to the claimer

Types

type AttestedClaim 

type AttestedClaim struct {
	Credential    *gabi.Credential `json:"credential"`
	UpdateCounter uint64           `json:"updateCounter"`
	Claim         Claim            `json:"claim"`
}

AttestedClaim contains the Claim and the gabi.Credential. It can be used to disclose specific attributes to the verifier.

func NewAttestedClaim 

func NewAttestedClaim(cb *gabi.CredentialBuilder, attributes []*Attribute, signature *gabi.IssueSignatureMessage) (*AttestedClaim, error)

NewAttestedClaim instantiates a new AttestedClaim.

func (*AttestedClaim) Update 

func (attestedClaim *AttestedClaim) Update(attesterPubK *gabi.PublicKey, update *revocation.Update) error

Update updates the non revocation witness using the provided update.

func (*AttestedClaim) UpdateAll 

func (attestedClaim *AttestedClaim) UpdateAll(attesterPubK *gabi.PublicKey,
	updates []*revocation.Update) error

UpdateAll updates the non revocation witness using all the provided updates.

type AttestedClaimRequest 

type AttestedClaimRequest struct {
	CommitMsg *gabi.IssueCommitmentMessage `json:"commitMsg"`
	Claim     Claim                        `json:"claim"`
}

AttestedClaimRequest is send from the claimer to the attester as a response to the StartSessionMsg. It contains the values which should get attested.

type Attester 

type Attester struct {
	PrivateKey *gabi.PrivateKey `json:"PrivateKey"`
	PublicKey  *gabi.PublicKey  `json:"PublicKey"`
}

Attester can attest claims.

func NewAttester 

func NewAttester(sysParams *gabi.SystemParameters, attributeCount int, periodOfValidity int64) (*Attester, error)

NewAttester creates a new key pair for an attester

func (*Attester) AttestClaim 

func (attester *Attester) AttestClaim(reqCred *AttestedClaimRequest, session *AttesterSession, update *revocation.Update) (*gabi.IssueSignatureMessage, *revocation.Witness, error)

AttestClaim issues an attestation for the given claim. It takes the RequestAttestedClaim which was send by the claimer and an AttesterSession. It returns an gabi.IssueSignatureMessage which should be sent to the claimer.

func (*Attester) CreateAccumulator 

func (attester *Attester) CreateAccumulator() (*revocation.Update, error)

CreateAccumulator creates a new accumulator which can be used to revoke attestations

func (*Attester) InitiateAttestation 

func (attester *Attester) InitiateAttestation() (*AttesterSession, *StartSessionMsg, error)

InitiateAttestation starts the attestation process. It returns an AttesterSession, which contains information the attester needs for creating the attestation and StartSessionMsg which represents the message for the claimer

func (*Attester) RevokeAttestation 

func (attester *Attester) RevokeAttestation(update *revocation.Update, witnesses []*revocation.Witness) (*revocation.Update, error)

RevokeAttestation removes the attestation witness from the given accumulator.

type AttesterSession 

type AttesterSession struct {
	Context *big.Int `json:"context"`
	Nonce   *big.Int `json:"nonce"`
}

AttesterSession contains information needed by the attester to create an attestation

type Attribute 

type Attribute struct {
	Name     string `json:"name"`
	Typename string `json:"typename"`
	Value    []byte `json:"value"`
}

Attribute describes an attribute. It specifies the name and the type of the attribute. It should not contain the specific value of the attribute since this struct will be send to the verifier.

func BigIntsToAttributes 

func BigIntsToAttributes(encodedAttributes []*big.Int) ([]*Attribute, error)

BigIntsToAttributes takes an array of big ints and unmarshals them into an array of attributes.

func (Attribute) MarshalBinary 

func (p Attribute) MarshalBinary() ([]byte, error)

MarshalBinary writes the attributes into a byte array

func (*Attribute) UnmarshalBinary 

func (p *Attribute) UnmarshalBinary(data []byte) error

UnmarshalBinary parse a byte array into an attributes

type Claim 

type Claim map[string]interface{}

Claim contains the attributes the claimer claims to possess. Contents should be structures according to the specified ctype.

A claim represents any valid json data. Claims are represented using a map[string]interface{}. In order to build a credential from a claim, the claim needs to be transformed into an array of attributes. This is done using the following scheme:

  1. go through the claim (map[string]interface{}) for each simple time or array: transform the value into bytes and store it together with type and path (inside the json "tree"). We receive a list of attributes
  2. transform each of these attributes into a big.Int big.Int := bytes(Len(Name)|Name|len(Type)|type|len(value)|value)

func VerifyCombinedPresentation 

func VerifyCombinedPresentation(attesterPubKeys []*gabi.PublicKey,
	latestAccs []*revocation.SignedAccumulator, combinedPresentation *CombinedPresentationResponse,
	session *CombinedVerifierSession) (bool, []Claim, error)

VerifyCombinedPresentation verifies the response of a claimer and returns the presentations provided by the user.

func VerifyPresentation 

func VerifyPresentation(issuerPubK *gabi.PublicKey, latestAcc *revocation.SignedAccumulator,
	signedAttributes *PresentationResponse, session *VerifierSession) (bool, Claim, error)

VerifyPresentation verifies the response of a claimer and returns the disclosed attributes.

func (Claim) ToAttributes 

func (claim Claim) ToAttributes() []*Attribute

ToAttributes transforms a claim struct to a list of attributes. The returned list is sorted by name.

type Claimer 

type Claimer struct {
	MasterSecret *big.Int `json:"MasterSecret"`
}

Claimer contains information about the claimer.

func NewClaimer 

func NewClaimer(sysParams *gabi.SystemParameters) (*Claimer, error)

NewClaimer generates a new secret and returns a Claimer

func NewClaimerFromSecret added in v0.2.1 

func NewClaimerFromSecret(sysParams *gabi.SystemParameters, seed []byte) (*Claimer, error)

NewClaimerFromSecret derives a secret from a given seed

func (*Claimer) BuildCombinedPresentation 

func (user *Claimer) BuildCombinedPresentation(pubKs []*gabi.PublicKey, credentials []*AttestedClaim,
	reqAttributes *CombinedPresentationRequest) (*CombinedPresentationResponse, error)

BuildCombinedPresentation combines multiple credentials and builds a combined proof for all credentials. Only credentials which contain the same secret can be combined.

func (*Claimer) BuildCredential 

func (user *Claimer) BuildCredential(signature *gabi.IssueSignatureMessage, session *UserIssuanceSession) (*AttestedClaim, error)

BuildCredential uses the signature provided by the attester to build a new credential.

func (*Claimer) BuildPresentation 

func (user *Claimer) BuildPresentation(pk *gabi.PublicKey, attestedClaim *AttestedClaim, reqAttributes *PresentationRequest) (*PresentationResponse, error)

BuildPresentation reveals the attributes which are requested by the verifier.

func (*Claimer) RequestAttestationForClaim 

func (user *Claimer) RequestAttestationForClaim(attesterPubK *gabi.PublicKey, startMsg *StartSessionMsg, claim Claim) (*UserIssuanceSession, *AttestedClaimRequest, error)

RequestAttestationForClaim creates a RequestAttestedClaim and a UserIssuanceSession. The request should be sent to the attester.

type CombinedPresentationRequest 

type CombinedPresentationRequest struct {
	PartialRequests []PartialPresentationRequest `json:"partialPresentationRequests"`
	Context         *big.Int                     `json:"context"`
	Nonce           *big.Int                     `json:"nonce"`
}

CombinedPresentationRequest request multiple credentials from a claimer

type CombinedPresentationResponse 

type CombinedPresentationResponse struct {
	Proof gabi.ProofList `json:"prooflist"`
}

CombinedPresentationResponse contains a list of proofs. It can be used to reconstruct multiple claims.

type CombinedVerifierSession 

type CombinedVerifierSession struct {
	Context         *big.Int                     `json:"context"`
	Nonce           *big.Int                     `json:"nonce"`
	PartialRequests []PartialPresentationRequest `json:"partialRequests"`
}

CombinedVerifierSession stores the information for a combined presentation session.

type PartialPresentationRequest 

type PartialPresentationRequest struct {
	RequestedAttributes   []string  `json:"requestedAttributes"`
	ReqNonRevocationProof bool      `json:"reqNonRevocationProof"`
	ReqUpdatedAfter       time.Time `json:"reqUpdatedAfter"`
}

PartialPresentationRequest contains partial information for a combined disclosure request

type PresentationRequest 

type PresentationRequest struct {
	PartialPresentationRequest *PartialPresentationRequest `json:"partialPresentationRequest"`
	Context                    *big.Int                    `json:"context"`
	Nonce                      *big.Int                    `json:"nonce"`
}

PresentationRequest is send from the verifier to the claimer. The verifier request specific attributes from the claimer.

type PresentationResponse 

type PresentationResponse struct {
	Proof gabi.ProofD `json:"proof"`
}

PresentationResponse represents the message that is send from the claimer to the verifier in order to disclose attributes. All disclosed attributes are inside the Proof. There should be no attributes elsewhere.

type StartSessionMsg 

type StartSessionMsg struct {
	Nonce   *big.Int `json:"nonce"`
	Context *big.Int `json:"context"`
}

StartSessionMsg is send from the attester to the claimer to start the attestation session

type UserIssuanceSession 

type UserIssuanceSession struct {
	Cb    *gabi.CredentialBuilder `json:"cb"`
	Claim Claim                   `json:"claim"`
}

UserIssuanceSession stores information which are used only by the user during the attestation of claims

type VerifierSession 

type VerifierSession struct {
	Context               *big.Int  `json:"context"`
	Nonce                 *big.Int  `json:"nonce"`
	ReqNonRevocationProof bool      `json:"reqNonRevocationProof"`
	ReqUpdatedAfter       time.Time `json:"reqUpdatedAfter"`
}

VerifierSession stores information which is needed to verify the response of the claimer

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.