Documentation ¶
Overview ¶
Package idemix is a generated protocol buffer package.
It is generated from these files:
idemix/idemix.proto
It has these top-level messages:
ECP ECP2 IssuerPublicKey IssuerKey Credential CredRequest Signature NymSignature
Index ¶
- Variables
- func BigToBytes(big *amcl.BIG) []byte
- func Ecp2FromProto(p *ECP2) *amcl.ECP2
- func EcpFromProto(p *ECP) *amcl.ECP
- func GetRand() (*amcl.RAND, error)
- func HashModOrder(data []byte) *amcl.BIG
- func MakeNym(sk *amcl.BIG, IPk *IssuerPublicKey, rng *amcl.RAND) (*amcl.ECP, *amcl.BIG)
- func RandModOrder(rng *amcl.RAND) *amcl.BIG
- type CredRequest
- func (m *CredRequest) Check(ipk *IssuerPublicKey) error
- func (*CredRequest) Descriptor() ([]byte, []int)
- func (m *CredRequest) GetIssuerNonce() []byte
- func (m *CredRequest) GetNym() *ECP
- func (m *CredRequest) GetProofC() []byte
- func (m *CredRequest) GetProofS1() []byte
- func (m *CredRequest) GetProofS2() []byte
- func (*CredRequest) ProtoMessage()
- func (m *CredRequest) Reset()
- func (m *CredRequest) String() string
- type Credential
- func (cred *Credential) Complete(credS1 *amcl.BIG)
- func (*Credential) Descriptor() ([]byte, []int)
- func (m *Credential) GetA() *ECP
- func (m *Credential) GetAttrs() [][]byte
- func (m *Credential) GetB() *ECP
- func (m *Credential) GetE() []byte
- func (m *Credential) GetS() []byte
- func (*Credential) ProtoMessage()
- func (m *Credential) Reset()
- func (m *Credential) String() string
- func (cred *Credential) Ver(sk *amcl.BIG, ipk *IssuerPublicKey) error
- type ECP
- type ECP2
- type IssuerKey
- type IssuerPublicKey
- func (IPk *IssuerPublicKey) Check() error
- func (*IssuerPublicKey) Descriptor() ([]byte, []int)
- func (m *IssuerPublicKey) GetAttributeNames() []string
- func (m *IssuerPublicKey) GetBarG1() *ECP
- func (m *IssuerPublicKey) GetBarG2() *ECP
- func (m *IssuerPublicKey) GetHAttrs() []*ECP
- func (m *IssuerPublicKey) GetHRand() *ECP
- func (m *IssuerPublicKey) GetHSk() *ECP
- func (m *IssuerPublicKey) GetHash() []byte
- func (m *IssuerPublicKey) GetProofC() []byte
- func (m *IssuerPublicKey) GetProofS() []byte
- func (m *IssuerPublicKey) GetW() *ECP2
- func (*IssuerPublicKey) ProtoMessage()
- func (m *IssuerPublicKey) Reset()
- func (IPk *IssuerPublicKey) SetHash() error
- func (m *IssuerPublicKey) String() string
- type NymSignature
- func (*NymSignature) Descriptor() ([]byte, []int)
- func (m *NymSignature) GetNonce() []byte
- func (m *NymSignature) GetProofC() []byte
- func (m *NymSignature) GetProofSRNym() []byte
- func (m *NymSignature) GetProofSSk() []byte
- func (*NymSignature) ProtoMessage()
- func (m *NymSignature) Reset()
- func (m *NymSignature) String() string
- func (sig *NymSignature) Ver(nym *amcl.ECP, ipk *IssuerPublicKey, msg []byte) error
- type Signature
- func (*Signature) Descriptor() ([]byte, []int)
- func (m *Signature) GetABar() *ECP
- func (m *Signature) GetAPrime() *ECP
- func (m *Signature) GetBPrime() *ECP
- func (m *Signature) GetNonce() []byte
- func (m *Signature) GetNym() *ECP
- func (m *Signature) GetProofC() []byte
- func (m *Signature) GetProofSAttrs() [][]byte
- func (m *Signature) GetProofSE() []byte
- func (m *Signature) GetProofSR2() []byte
- func (m *Signature) GetProofSR3() []byte
- func (m *Signature) GetProofSRNym() []byte
- func (m *Signature) GetProofSSPrime() []byte
- func (m *Signature) GetProofSSk() []byte
- func (*Signature) ProtoMessage()
- func (m *Signature) Reset()
- func (m *Signature) String() string
- func (sig *Signature) Ver(Disclosure []byte, ipk *IssuerPublicKey, msg []byte, ...) error
Constants ¶
This section is empty.
Variables ¶
var FieldBytes = int(amcl.MODBYTES)
FieldBytes is the bytelength of the group order
var GenG1 = amcl.NewECPbigs( amcl.NewBIGints(amcl.CURVE_Gx), amcl.NewBIGints(amcl.CURVE_Gy))
GenG1 is a generator of Group G1
var GenG2 = amcl.NewECP2fp2s( amcl.NewFP2bigs(amcl.NewBIGints(amcl.CURVE_Pxa), amcl.NewBIGints(amcl.CURVE_Pxb)), amcl.NewFP2bigs(amcl.NewBIGints(amcl.CURVE_Pya), amcl.NewBIGints(amcl.CURVE_Pyb)))
GenG2 is a generator of Group G2
var GroupOrder = amcl.NewBIGints(amcl.CURVE_Order)
GroupOrder is the order of the groups
Functions ¶
func BigToBytes ¶
BigToBytes takes an *amcl.BIG and returns a []byte representation
func Ecp2FromProto ¶
Ecp2FromProto converts a proto struct *ECP2 into an *amcl.ECP2
func EcpFromProto ¶
EcpFromProto converts a proto struct *ECP into an *amcl.ECP
func HashModOrder ¶
HashModOrder hashes data into 0, ..., GroupOrder-1
Types ¶
type CredRequest ¶
type CredRequest struct { Nym *ECP `protobuf:"bytes,1,opt,name=Nym" json:"Nym,omitempty"` IssuerNonce []byte `protobuf:"bytes,2,opt,name=IssuerNonce,proto3" json:"IssuerNonce,omitempty"` ProofC []byte `protobuf:"bytes,3,opt,name=ProofC,proto3" json:"ProofC,omitempty"` ProofS1 []byte `protobuf:"bytes,4,opt,name=ProofS1,proto3" json:"ProofS1,omitempty"` ProofS2 []byte `protobuf:"bytes,5,opt,name=ProofS2,proto3" json:"ProofS2,omitempty"` }
CredRequest specifies a credential request object that consists of Nym - a pseudonym, which is a commitment to the user secret IssuerNonce - a random nonce provided by the issuer ProofC, ProofS1, ProofS2 - a zero-knowledge proof of knowledge of the user secret inside Nym
func NewCredRequest ¶
func NewCredRequest(sk *amcl.BIG, credS1 *amcl.BIG, IssuerNonce *amcl.BIG, ipk *IssuerPublicKey, rng *amcl.RAND) *CredRequest
NewCredRequest creates a new Credential Request, the first message of the interactive credential issuance protocol (from user to issuer)
func (*CredRequest) Check ¶
func (m *CredRequest) Check(ipk *IssuerPublicKey) error
Check cryptographically verifies the credential request
func (*CredRequest) Descriptor ¶
func (*CredRequest) Descriptor() ([]byte, []int)
func (*CredRequest) GetIssuerNonce ¶
func (m *CredRequest) GetIssuerNonce() []byte
func (*CredRequest) GetNym ¶
func (m *CredRequest) GetNym() *ECP
func (*CredRequest) GetProofC ¶
func (m *CredRequest) GetProofC() []byte
func (*CredRequest) GetProofS1 ¶
func (m *CredRequest) GetProofS1() []byte
func (*CredRequest) GetProofS2 ¶
func (m *CredRequest) GetProofS2() []byte
func (*CredRequest) ProtoMessage ¶
func (*CredRequest) ProtoMessage()
func (*CredRequest) Reset ¶
func (m *CredRequest) Reset()
func (*CredRequest) String ¶
func (m *CredRequest) String() string
type Credential ¶
type Credential struct { A *ECP `protobuf:"bytes,1,opt,name=A" json:"A,omitempty"` B *ECP `protobuf:"bytes,2,opt,name=B" json:"B,omitempty"` E []byte `protobuf:"bytes,3,opt,name=E,proto3" json:"E,omitempty"` S []byte `protobuf:"bytes,4,opt,name=S,proto3" json:"S,omitempty"` Attrs [][]byte `protobuf:"bytes,5,rep,name=Attrs,proto3" json:"Attrs,omitempty"` }
Credential specifies a credential object that consists of A, B, E, S - signature value Attrs - attribute values
func NewCredential ¶
func NewCredential(key *IssuerKey, m *CredRequest, attrs []*amcl.BIG, rng *amcl.RAND) (*Credential, error)
NewCredential issues a new credential, which is the last step of the interactive issuance protocol All attribute values are added by the issuer at this step and then signed together with a commitment to the user's secret key from a credential request
func (*Credential) Complete ¶
func (cred *Credential) Complete(credS1 *amcl.BIG)
Complete completes the credential by updating it with the randomness used to generate CredRequest
func (*Credential) Descriptor ¶
func (*Credential) Descriptor() ([]byte, []int)
func (*Credential) GetA ¶
func (m *Credential) GetA() *ECP
func (*Credential) GetAttrs ¶
func (m *Credential) GetAttrs() [][]byte
func (*Credential) GetB ¶
func (m *Credential) GetB() *ECP
func (*Credential) GetE ¶
func (m *Credential) GetE() []byte
func (*Credential) GetS ¶
func (m *Credential) GetS() []byte
func (*Credential) ProtoMessage ¶
func (*Credential) ProtoMessage()
func (*Credential) Reset ¶
func (m *Credential) Reset()
func (*Credential) String ¶
func (m *Credential) String() string
func (*Credential) Ver ¶
func (cred *Credential) Ver(sk *amcl.BIG, ipk *IssuerPublicKey) error
Ver cryptographically verifies the credential by verifying the signature on the attribute values and user's secret key
type ECP ¶
type ECP struct { X []byte `protobuf:"bytes,1,opt,name=X,proto3" json:"X,omitempty"` Y []byte `protobuf:"bytes,2,opt,name=Y,proto3" json:"Y,omitempty"` }
ECP is an elliptic curve point specified by its coordinates ECP corresponds to an element of the first group (G1)
func EcpToProto ¶
EcpToProto converts a *amcl.ECP into the proto struct *ECP
func (*ECP) Descriptor ¶
func (*ECP) ProtoMessage ¶
func (*ECP) ProtoMessage()
type ECP2 ¶
type ECP2 struct { XA []byte `protobuf:"bytes,1,opt,name=XA,proto3" json:"XA,omitempty"` XB []byte `protobuf:"bytes,2,opt,name=XB,proto3" json:"XB,omitempty"` YA []byte `protobuf:"bytes,3,opt,name=YA,proto3" json:"YA,omitempty"` YB []byte `protobuf:"bytes,4,opt,name=YB,proto3" json:"YB,omitempty"` }
ECP2 is an elliptic curve point specified by its coordinates ECP2 corresponds to an element of the second group (G2)
func Ecp2ToProto ¶
Ecp2ToProto converts a *amcl.ECP2 into the proto struct *ECP2
func (*ECP2) Descriptor ¶
func (*ECP2) ProtoMessage ¶
func (*ECP2) ProtoMessage()
type IssuerKey ¶
type IssuerKey struct { ISk []byte `protobuf:"bytes,1,opt,name=ISk,proto3" json:"ISk,omitempty"` IPk *IssuerPublicKey `protobuf:"bytes,2,opt,name=IPk" json:"IPk,omitempty"` }
IssuerKey specifies an issuer key pair that consists of ISk - the issuer secret key and IssuerPublicKey - the issuer public key
func NewIssuerKey ¶
NewIssuerKey creates a new issuer key pair taking an array of attribute names that will be contained in credentials certified by this issuer (a credential specification)
func (*IssuerKey) Descriptor ¶
func (*IssuerKey) GetIPk ¶
func (m *IssuerKey) GetIPk() *IssuerPublicKey
func (*IssuerKey) ProtoMessage ¶
func (*IssuerKey) ProtoMessage()
type IssuerPublicKey ¶
type IssuerPublicKey struct { AttributeNames []string `protobuf:"bytes,1,rep,name=AttributeNames" json:"AttributeNames,omitempty"` HSk *ECP `protobuf:"bytes,2,opt,name=HSk" json:"HSk,omitempty"` HRand *ECP `protobuf:"bytes,3,opt,name=HRand" json:"HRand,omitempty"` HAttrs []*ECP `protobuf:"bytes,4,rep,name=HAttrs" json:"HAttrs,omitempty"` W *ECP2 `protobuf:"bytes,5,opt,name=W" json:"W,omitempty"` BarG1 *ECP `protobuf:"bytes,6,opt,name=BarG1" json:"BarG1,omitempty"` BarG2 *ECP `protobuf:"bytes,7,opt,name=BarG2" json:"BarG2,omitempty"` ProofC []byte `protobuf:"bytes,8,opt,name=ProofC,proto3" json:"ProofC,omitempty"` ProofS []byte `protobuf:"bytes,9,opt,name=ProofS,proto3" json:"ProofS,omitempty"` Hash []byte `protobuf:"bytes,10,opt,name=Hash,proto3" json:"Hash,omitempty"` }
IssuerPublicKey specifies an issuer public key that consists of AttributeNames - a list of the attribute names of a credential issued by the issuer HSk, HRand, HAttrs, W, BarG1, BarG2 - group elements corresponding to the signing key, randomness, and attributes ProofC, ProofS compose a zero-knowledge proof of knowledge of the secret key Hash is a hash of the public key appended to it
func (*IssuerPublicKey) Check ¶
func (IPk *IssuerPublicKey) Check() error
Check checks that this issuer public key is valid, i.e. that all components are present and a ZK proofs verifies
func (*IssuerPublicKey) Descriptor ¶
func (*IssuerPublicKey) Descriptor() ([]byte, []int)
func (*IssuerPublicKey) GetAttributeNames ¶
func (m *IssuerPublicKey) GetAttributeNames() []string
func (*IssuerPublicKey) GetBarG1 ¶
func (m *IssuerPublicKey) GetBarG1() *ECP
func (*IssuerPublicKey) GetBarG2 ¶
func (m *IssuerPublicKey) GetBarG2() *ECP
func (*IssuerPublicKey) GetHAttrs ¶
func (m *IssuerPublicKey) GetHAttrs() []*ECP
func (*IssuerPublicKey) GetHRand ¶
func (m *IssuerPublicKey) GetHRand() *ECP
func (*IssuerPublicKey) GetHSk ¶
func (m *IssuerPublicKey) GetHSk() *ECP
func (*IssuerPublicKey) GetHash ¶
func (m *IssuerPublicKey) GetHash() []byte
func (*IssuerPublicKey) GetProofC ¶
func (m *IssuerPublicKey) GetProofC() []byte
func (*IssuerPublicKey) GetProofS ¶
func (m *IssuerPublicKey) GetProofS() []byte
func (*IssuerPublicKey) GetW ¶
func (m *IssuerPublicKey) GetW() *ECP2
func (*IssuerPublicKey) ProtoMessage ¶
func (*IssuerPublicKey) ProtoMessage()
func (*IssuerPublicKey) Reset ¶
func (m *IssuerPublicKey) Reset()
func (*IssuerPublicKey) SetHash ¶
func (IPk *IssuerPublicKey) SetHash() error
SetHash appends a hash of a serialized public key
func (*IssuerPublicKey) String ¶
func (m *IssuerPublicKey) String() string
type NymSignature ¶
type NymSignature struct { // ProofC is the Fiat-Shamir challenge of the ZKP ProofC []byte `protobuf:"bytes,1,opt,name=ProofC,proto3" json:"ProofC,omitempty"` // ProofSSK is the s-value proving knowledge of the user secret key ProofSSk []byte `protobuf:"bytes,2,opt,name=ProofSSk,proto3" json:"ProofSSk,omitempty"` // ProofSRNym is the s-value proving knowledge of the pseudonym secret ProofSRNym []byte `protobuf:"bytes,3,opt,name=ProofSRNym,proto3" json:"ProofSRNym,omitempty"` // Nonce is a fresh nonce used for the signature Nonce []byte `protobuf:"bytes,4,opt,name=Nonce,proto3" json:"Nonce,omitempty"` }
NymSignature specifies a signature object that signs a message with respect to a pseudonym. It differs from the standard idemix.signature in the fact that the standard signature object also proves that the pseudonym is based on a secret certified by a CA (issuer), whereas NymSignature only proves that the the owner of the pseudonym signed the message
func NewNymSignature ¶
func NewNymSignature(sk *amcl.BIG, Nym *amcl.ECP, RNym *amcl.BIG, ipk *IssuerPublicKey, msg []byte, rng *amcl.RAND) (*NymSignature, error)
NewSignature creates a new idemix pseudonym signature
func (*NymSignature) Descriptor ¶
func (*NymSignature) Descriptor() ([]byte, []int)
func (*NymSignature) GetNonce ¶
func (m *NymSignature) GetNonce() []byte
func (*NymSignature) GetProofC ¶
func (m *NymSignature) GetProofC() []byte
func (*NymSignature) GetProofSRNym ¶
func (m *NymSignature) GetProofSRNym() []byte
func (*NymSignature) GetProofSSk ¶
func (m *NymSignature) GetProofSSk() []byte
func (*NymSignature) ProtoMessage ¶
func (*NymSignature) ProtoMessage()
func (*NymSignature) Reset ¶
func (m *NymSignature) Reset()
func (*NymSignature) String ¶
func (m *NymSignature) String() string
func (*NymSignature) Ver ¶
func (sig *NymSignature) Ver(nym *amcl.ECP, ipk *IssuerPublicKey, msg []byte) error
Ver verifies an idemix NymSignature
type Signature ¶
type Signature struct { APrime *ECP `protobuf:"bytes,1,opt,name=APrime" json:"APrime,omitempty"` ABar *ECP `protobuf:"bytes,2,opt,name=ABar" json:"ABar,omitempty"` BPrime *ECP `protobuf:"bytes,3,opt,name=BPrime" json:"BPrime,omitempty"` ProofC []byte `protobuf:"bytes,4,opt,name=ProofC,proto3" json:"ProofC,omitempty"` ProofSSk []byte `protobuf:"bytes,5,opt,name=ProofSSk,proto3" json:"ProofSSk,omitempty"` ProofSE []byte `protobuf:"bytes,6,opt,name=ProofSE,proto3" json:"ProofSE,omitempty"` ProofSR2 []byte `protobuf:"bytes,7,opt,name=ProofSR2,proto3" json:"ProofSR2,omitempty"` ProofSR3 []byte `protobuf:"bytes,8,opt,name=ProofSR3,proto3" json:"ProofSR3,omitempty"` ProofSSPrime []byte `protobuf:"bytes,9,opt,name=ProofSSPrime,proto3" json:"ProofSSPrime,omitempty"` ProofSAttrs [][]byte `protobuf:"bytes,10,rep,name=ProofSAttrs,proto3" json:"ProofSAttrs,omitempty"` Nonce []byte `protobuf:"bytes,11,opt,name=Nonce,proto3" json:"Nonce,omitempty"` Nym *ECP `protobuf:"bytes,12,opt,name=Nym" json:"Nym,omitempty"` ProofSRNym []byte `protobuf:"bytes,13,opt,name=ProofSRNym,proto3" json:"ProofSRNym,omitempty"` }
Signature specifies a signature object that consists of APrime, ABar, BPrime, Proof* - randomized credential signature values and a zero-knowledge proof of knowledge of a credential and the corresponding user secret together with the attribute values Nonce - a fresh nonce used for the signature Nym - a fresh pseudonym (a commitment to to the user secert) ProofSRNym - a zero-knowledge proof of knowledge of the user secret inside Nym
func NewSignature ¶
func NewSignature(cred *Credential, sk *amcl.BIG, Nym *amcl.ECP, RNym *amcl.BIG, ipk *IssuerPublicKey, Disclosure []byte, msg []byte, rng *amcl.RAND) (*Signature, error)
NewSignature creates a new idemix signature (Schnorr-type signature) The []byte Disclosure steers which attributes are disclosed: if Disclosure[i] == 0 then attribute i remains hidden and otherwise it is disclosed. We use the zero-knowledge proof by http://eprint.iacr.org/2016/663.pdf to prove knowledge of a BBS+ signature
func (*Signature) Descriptor ¶
func (*Signature) GetProofSAttrs ¶
func (*Signature) GetProofSE ¶
func (*Signature) GetProofSR2 ¶
func (*Signature) GetProofSR3 ¶
func (*Signature) GetProofSRNym ¶
func (*Signature) GetProofSSPrime ¶
func (*Signature) GetProofSSk ¶
func (*Signature) ProtoMessage ¶
func (*Signature) ProtoMessage()
func (*Signature) Ver ¶
func (sig *Signature) Ver(Disclosure []byte, ipk *IssuerPublicKey, msg []byte, attributeValues []*amcl.BIG) error
Ver verifies an idemix signature Disclosure steers which attributes it expects to be disclosed attributeValues[i] contains the desired attribute value for the i-th undisclosed attribute in Disclosure