Skip to content
This repository has been archived by the owner on Apr 27, 2023. It is now read-only.

Commit

Permalink
Wrapper processing a credential signature as well as verification of …
Browse files Browse the repository at this point in the history
…a credential signature. Includes some "FromJSON" method clean up. (#28)

Signed-off-by: Phil Feairheller <[email protected]>
  • Loading branch information
pfeairheller authored Dec 15, 2020
1 parent dbda9c8 commit ef25d0d
Show file tree
Hide file tree
Showing 8 changed files with 310 additions and 47 deletions.
3 changes: 2 additions & 1 deletion pkg/libursa/ursa/credential_definition_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -120,7 +120,8 @@ func createValues(t *testing.T, values map[string]interface{}) *CredentialValues
assert.NoError(t, err)

for k, v := range values {
err = builder.AddDecKnown(k, EncodeValue(v))
_, enc := EncodeValue(v)
err = builder.AddDecKnown(k, enc)
assert.NoError(t, err)
}

Expand Down
2 changes: 1 addition & 1 deletion pkg/libursa/ursa/proof_builder_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ func TestProofBuilder(t *testing.T) {
pb, err := NewProofBuilder()
assert.NoError(t, err)

err = pb.AddCommonAttribute("first_name")
err = pb.AddCommonAttribute("attr1")
assert.NoError(t, err)

subProofBuilder, err := NewSubProofRequestBuilder()
Expand Down
52 changes: 37 additions & 15 deletions pkg/libursa/ursa/ursa.go
Original file line number Diff line number Diff line change
Expand Up @@ -67,73 +67,73 @@ func (r *Nonce) Free() error {
}

// BlindedCredentialSecretsCorrectnessProofFromJSON creates and returns blinded credential secrets correctness proof json.
func BlindedCredentialSecretsCorrectnessProofFromJSON(jsn string) (unsafe.Pointer, error) {
func BlindedCredentialSecretsCorrectnessProofFromJSON(jsn []byte) (*BlindedCredentialSecretsCorrectnessProof, error) {
var handle unsafe.Pointer
cjson := C.CString(jsn)
cjson := C.CString(string(jsn))
defer C.free(unsafe.Pointer(cjson))

result := C.ursa_cl_blinded_credential_secrets_correctness_proof_from_json(cjson, &handle)
if result.code != 0 {
return nil, ursaError(C.GoString(result.message))
}

return handle, nil
return &BlindedCredentialSecretsCorrectnessProof{handle}, nil
}

//CredentialKeyCorrectnessProofFromJSON creates and returns credential key correctness proof from json
func CredentialKeyCorrectnessProofFromJSON(jsn string) (unsafe.Pointer, error) {
func CredentialKeyCorrectnessProofFromJSON(jsn []byte) (*CredentialDefKeyCorrectnessProof, error) {
var handle unsafe.Pointer
cjson := C.CString(jsn)
cjson := C.CString(string(jsn))
defer C.free(unsafe.Pointer(cjson))

result := C.ursa_cl_credential_key_correctness_proof_from_json(cjson, &handle)
if result.code != 0 {
return nil, ursaError(C.GoString(result.message))
}

return handle, nil
return &CredentialDefKeyCorrectnessProof{handle}, nil
}

//BlindedCredentialSecretsFromJSON creates and returns blinded credential secrets from json
func BlindedCredentialSecretsFromJSON(jsn string) (unsafe.Pointer, error) {
func BlindedCredentialSecretsFromJSON(jsn []byte) (*BlindedCredentialSecretsHandle, error) {
var handle unsafe.Pointer
cjson := C.CString(jsn)
cjson := C.CString(string(jsn))
defer C.free(unsafe.Pointer(cjson))

result := C.ursa_cl_blinded_credential_secrets_from_json(cjson, &handle)
if result.code != 0 {
return nil, ursaError(C.GoString(result.message))
}

return handle, nil
return &BlindedCredentialSecretsHandle{handle}, nil
}

//CredentialPrivateKeyFromJSON creates and returns credential private key from json
func CredentialPrivateKeyFromJSON(jsn string) (unsafe.Pointer, error) {
func CredentialPrivateKeyFromJSON(jsn []byte) (*CredentialDefPrivKey, error) {
var handle unsafe.Pointer
cjson := C.CString(jsn)
cjson := C.CString(string(jsn))
defer C.free(unsafe.Pointer(cjson))

result := C.ursa_cl_credential_private_key_from_json(cjson, &handle)
if result.code != 0 {
return nil, ursaError(C.GoString(result.message))
}

return handle, nil
return &CredentialDefPrivKey{handle}, nil
}

//CredentialPublicKeyFromJSON creates and returns credential public key from json
func CredentialPublicKeyFromJSON(jsn string) (unsafe.Pointer, error) {
func CredentialPublicKeyFromJSON(jsn []byte) (*CredentialDefPubKey, error) {
var handle unsafe.Pointer
cjson := C.CString(jsn)
cjson := C.CString(string(jsn))
defer C.free(unsafe.Pointer(cjson))

result := C.ursa_cl_credential_public_key_from_json(cjson, &handle)
if result.code != 0 {
return nil, ursaError(C.GoString(result.message))
}

return handle, nil
return &CredentialDefPubKey{handle}, nil
}

type NonCredentialSchemaBuilder Handle
Expand Down Expand Up @@ -406,6 +406,28 @@ func (r *SignatureParams) SignCredential() (*CredentialSignature, *CredentialSig
return &CredentialSignature{credSignature}, &CredentialSignatureCorrectnessProof{credSignatureCorrectnessProof}, nil
}

// ProcessCredentialSignature updates the credential signature by a credential secrets blinding factors.
func (r *CredentialSignature) ProcessCredentialSignature(values *CredentialValues, sigKP *CredentialSignatureCorrectnessProof,
credentialSecretsBF *CredentialSecretsBlindingFactors, credPubKey *CredentialDefPubKey, issuanceNonce *Nonce) error {

result := C.ursa_cl_prover_process_credential_signature(
r.ptr,
values.ptr,
sigKP.ptr,
credentialSecretsBF.ptr,
credPubKey.ptr,
issuanceNonce.ptr,
nil, /* rev_key_pub */
nil, /* rev_reg */
nil, /* witness */
)

if result.code != 0 {
return ursaError(C.GoString(result.message))
}
return nil
}

func (r *CredentialSignature) Free() error {
result := C.ursa_cl_credential_signature_free(r.ptr)
if result.code != 0 {
Expand Down
68 changes: 68 additions & 0 deletions pkg/libursa/ursa/ursa_cl.h
Original file line number Diff line number Diff line change
Expand Up @@ -793,3 +793,71 @@ struct ExternError ursa_cl_master_secret_from_json(const char *master_secret_jso
struct ExternError ursa_cl_master_secret_to_json(const void *master_secret,
const char **master_secret_json_p);

/**
* Creates and returns proof verifier.
*
* Note that proof verifier deallocation must be performed by
* calling ursa_cl_proof_verifier_finalize.
*
* # Arguments
* * `proof_verifier_p` - Reference that will contain proof verifier instance pointer.
*/
struct ExternError ursa_cl_verifier_new_proof_verifier(const void **proof_verifier_p);


/**
* Verifies proof and deallocates proof verifier.
*
* # Arguments
* * `proof_verifier` - Reference that contain proof verifier instance pointer.
* * `proof` - Reference that contain proof instance pointer.
* * `nonce` - Reference that contain nonce instance pointer.
* * `valid_p` - Reference that will be filled with true - if proof valid or false otherwise.
*/
struct ExternError ursa_cl_proof_verifier_verify(const void *proof_verifier,
const void *proof,
const void *nonce,
bool *valid_p);

/**
* Add a common attribute to the proof verifier
*
* # Arguments
* * `proof_builder` - Reference that contain proof verifier instance pointer.
* * `attribute_name` - Common attribute's name
*/
struct ExternError ursa_cl_proof_verifier_add_common_attribute(const void *proof_verifier,
const char *attribute_name);

struct ExternError ursa_cl_proof_verifier_add_sub_proof_request(const void *proof_verifier,
const void *sub_proof_request,
const void *credential_schema,
const void *non_credential_schema,
const void *credential_pub_key,
const void *rev_key_pub,
const void *rev_reg);

/**
* Updates the credential signature by a credential secrets blinding factors.
*
* # Arguments
* * `credential_signature` - Credential signature instance pointer generated by Issuer.
* * `credential_values` - Credential values instance pointer.
* * `signature_correctness_proof` - Credential signature correctness proof instance pointer.
* * `credential_secrets_blinding_factors` - Credential secrets blinding factors instance pointer.
* * `credential_pub_key` - Credential public key instance pointer.
* * `nonce` - Nonce instance pointer was used by Issuer for the creation of signature_correctness_proof.
* * `rev_key_pub` - (Optional) Revocation registry public key instance pointer.
* * `rev_reg` - (Optional) Revocation registry instance pointer.
* * `witness` - (Optional) Witness instance pointer.
*/
struct ExternError ursa_cl_prover_process_credential_signature(const void *credential_signature,
const void *credential_values,
const void *signature_correctness_proof,
const void *credential_secrets_blinding_factors,
const void *credential_pub_key,
const void *credential_issuance_nonce,
const void *rev_key_pub,
const void *rev_reg,
const void *witness);

24 changes: 7 additions & 17 deletions pkg/libursa/ursa/ursa_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ func TestNewNonce(t *testing.T) {

func TestNonceFromJSON(t *testing.T) {
t.Run("NonceFromJSON", func(t *testing.T) {
n, err := NonceFromJSON("123456")
n, err := NonceFromJSON("\"123456\"")
assert.NoError(t, err)

jsn, err := n.ToJSON()
Expand All @@ -49,45 +49,35 @@ func TestNonceFromJSON(t *testing.T) {
assert.NotEmpty(t, err)
})

t.Run("Pass NonceToJson", func(t *testing.T) {
n, err := NewNonce()
assert.Empty(t, err)
assert.NotEmpty(t, n)


noncePtr, err := NonceFromJson(n)
assert.Empty(t, err)
assert.NotEmpty(t, noncePtr)
})
}

func TestCredentialKeyCorrectnessProofFromJSON(t *testing.T) {
t.Run("CredentialKeyCorrectnessProofFromJSON", func(t *testing.T) {
correctnessProof, err := CredentialKeyCorrectnessProofFromJSON("bad string")
correctnessProof, err := CredentialKeyCorrectnessProofFromJSON([]byte("bad string"))
assert.NotEmpty(t, err)
assert.Empty(t, correctnessProof)
})
}

func TestBlindedCredentialSecretsCorrectnessProofFromJSON(t *testing.T) {
t.Run("BlindedCredentialSecretsCorrectnessProofFromJSON", func(t *testing.T) {
correctnessProof, err := BlindedCredentialSecretsCorrectnessProofFromJSON("should error")
correctnessProof, err := BlindedCredentialSecretsCorrectnessProofFromJSON([]byte("should error"))
assert.NotEmpty(t, err)
assert.Empty(t, correctnessProof)
})
}

func TestBlindedCredentialSecretsFromJSON(t *testing.T) {
t.Run("BlindedCredentialSecretsFromJSON", func(t *testing.T) {
credentialSecrets, err := BlindedCredentialSecretsFromJSON("should error")
credentialSecrets, err := BlindedCredentialSecretsFromJSON([]byte("should error"))
assert.NotEmpty(t, err)
assert.Empty(t, credentialSecrets)
})
}

func TestCredentialPrivateKeyFromJSON(t *testing.T) {
t.Run("CredentialPrivateKeyFromJSON", func(t *testing.T) {
credPK, err := CredentialPrivateKeyFromJSON("should error")
credPK, err := CredentialPrivateKeyFromJSON([]byte("should error"))
assert.NotEmpty(t, err)
assert.Empty(t, credPK)
})
Expand All @@ -96,7 +86,7 @@ func TestCredentialPrivateKeyFromJSON(t *testing.T) {

func TestCredentialPublicKeyFromJSON(t *testing.T) {
t.Run("CredentialPublicKeyFromJSON", func(t *testing.T) {
credPubKey, err := CredentialPublicKeyFromJSON("should error")
credPubKey, err := CredentialPublicKeyFromJSON([]byte("should error"))
assert.NotEmpty(t, err)
assert.Empty(t, credPubKey)
})
Expand All @@ -117,7 +107,7 @@ func TestCredentialPublicKeyFromJSON(t *testing.T) {
"z": "100575037796435700243943691767872077762220112870934582186886823285537691795467980464322681869583831432429347665667669133975628879262197248692545502086905748743995423632304369059689360454495382116638924389628546799896130668008079968423260749200925480431816778140444021097581135874096358823480704937431566913834271434378080880035702614465478985394549003527450740078010127638438842673809610113073564005959985169980061587662978274329234309998049948570801136494284842377726062084047642911007177430311933493884504451650733829453945961303725494919989506887915817649687007832321207466673596927594919855686300600431103249988571"
}}`

credPubKey, err := CredentialPublicKeyFromJSON(pk)
credPubKey, err := CredentialPublicKeyFromJSON([]byte(pk))
assert.Empty(t, err)
assert.NotEmpty(t, credPubKey)
})
Expand Down
38 changes: 25 additions & 13 deletions pkg/libursa/ursa/value_builder.go
Original file line number Diff line number Diff line change
Expand Up @@ -100,13 +100,15 @@ func (r *CredentialValues) Free() error {
return nil
}

func EncodeValue(raw interface{}) string {
var enc string
func EncodeValue(val interface{}) (string, string) {
var raw, enc string

switch v := raw.(type) {
switch v := val.(type) {
case nil:
enc = ToEncodedNumber("None")
raw = "None"
enc = ToEncodedNumber(raw)
case string:
raw = v
i, err := strconv.Atoi(v)
if err == nil && (i <= math.MaxInt32 && i >= math.MinInt32) {
enc = v
Expand All @@ -115,36 +117,46 @@ func EncodeValue(raw interface{}) string {
}
case bool:
if v {
raw = "True"
enc = "1"
} else {
raw = "Fase"
enc = "0"
}
case int32:
enc = strconv.Itoa(int(v))
raw = strconv.Itoa(int(v))
enc = raw
case int64:
if v <= math.MaxInt32 && v >= math.MinInt32 {
enc = strconv.Itoa(int(v))
raw = strconv.Itoa(int(v))
enc = raw
} else {
enc = ToEncodedNumber(strconv.Itoa(int(v)))
raw = strconv.Itoa(int(v))
enc = ToEncodedNumber(raw)
}
case int:
if v <= math.MaxInt32 && v >= math.MinInt32 {
enc = strconv.Itoa(v)
raw = strconv.Itoa(v)
enc = raw
} else {
enc = ToEncodedNumber(strconv.Itoa(v))
raw = strconv.Itoa(v)
enc = ToEncodedNumber(raw)
}
case float64:
if v == 0 {
enc = ToEncodedNumber("0.0")
raw = "0.0"
enc = ToEncodedNumber(raw)
} else {
enc = ToEncodedNumber(fmt.Sprintf("%f", v))
raw = fmt.Sprintf("%f", v)
enc = ToEncodedNumber(raw)
}
default:
//Not sure what to do with Go and unknown types... this works for now
enc = ToEncodedNumber(fmt.Sprintf("%v", v))
raw = fmt.Sprintf("%v", v)
enc = ToEncodedNumber(raw)
}

return enc
return raw, enc
}

func ToEncodedNumber(raw string) string {
Expand Down
Loading

0 comments on commit ef25d0d

Please sign in to comment.