-
Notifications
You must be signed in to change notification settings - Fork 707
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[FAB-8924] add non-revocation proof to idemix
This commit extends idemix signatures with proofs of non-revocation suporting different revocation algorithms. Currently, only a "NO_REVOCATION" algorithm is included, but future CRs will extend this with meaningful revocation algorithms. Change-Id: I4ba46b36adb59b1f00ccf3b33c041d367066dfe3 Signed-off-by: Manu Drijvers <mdr@zurich.ibm.com>
- Loading branch information
Manu Drijvers
authored and
Saad Karim
committed
Sep 4, 2018
1 parent
be173ba
commit 68faf09
Showing
10 changed files
with
658 additions
and
52 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
66 changes: 66 additions & 0 deletions
66
src/main/java/org/hyperledger/fabric/sdk/idemix/NonRevocationProver.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
/* | ||
* | ||
* Copyright 2017, 2018 IBM Corp. All Rights Reserved. | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
* | ||
*/ | ||
package org.hyperledger.fabric.sdk.idemix; | ||
|
||
import org.apache.milagro.amcl.FP256BN.BIG; | ||
import org.hyperledger.fabric.protos.idemix.Idemix; | ||
|
||
/** | ||
* A NonRevocationProver is a prover that can prove that an identity mixer credential is not revoked. | ||
* For every RevocationAlgorithm, there will be an instantiation of NonRevocationProver. | ||
*/ | ||
interface NonRevocationProver { | ||
|
||
/** | ||
* This method provides a concrete non-revocation for a given Revocation algorithm | ||
* | ||
* @param algorithm Revocation mechanism to use | ||
* @return A concrete NonRevocationProver for the given revocation mechanism | ||
*/ | ||
static NonRevocationProver getNonRevocationProver(RevocationAlgorithm algorithm) { | ||
if (algorithm == null) { | ||
throw new IllegalArgumentException("Revocation algorithm cannot be null"); | ||
} | ||
switch (algorithm) { | ||
case ALG_NO_REVOCATION: | ||
return new NopNonRevocationProver(); | ||
default: | ||
// Revocation algorithm not supported | ||
throw new IllegalArgumentException("Revocation algorithm " + algorithm.name() + " not supported"); | ||
} | ||
} | ||
|
||
/** | ||
* getFSContribution performs the first round of a two-round zero-knowledge proof, | ||
* proving that a credential with some revocation handle is not revoked. | ||
* | ||
* @param rh Revocation handle | ||
* @param rRh r-value used in proving knowledge of rh | ||
* @param cri Credential revocation information | ||
* @return proof | ||
*/ | ||
byte[] getFSContribution(BIG rh, BIG rRh, Idemix.CredentialRevocationInformation cri); | ||
|
||
/** | ||
* getNonRevocationProof performs the second round of a two-round zero-knowledge proof, | ||
* proving that a credential with some revocation handle is not revoked. | ||
* | ||
* @param challenge Fiat-Shamir challenge of the zero-knowledge proof | ||
* @return proof | ||
*/ | ||
Idemix.NonRevocationProof getNonRevocationProof(BIG challenge); | ||
|
||
} |
Oops, something went wrong.