update

pkg/bbs/bbs.go

@@ -280,6 +280,10 @@ type ProofNonce struct {
 	fr *bls12381.Fr
 }
 
+func NewProofNonce() *ProofNonce {
+	return &ProofNonce{createRandSignatureFr()}
+}
+
 // ParseProofNonce creates a new ProofNonce from bytes.
 func ParseProofNonce(proofNonceBytes []byte) *ProofNonce {
 	return &ProofNonce{

pkg/bbs/blind_signature.go

@@ -7,7 +7,16 @@ import (
 	"github.com/suutaku/bls12381"
 )
 
-type SignatureBliding bls12381.Fr
+type SignatureBliding struct {
+	*bls12381.Fr
+}
+
+func NewSignatureBliding() *SignatureBliding {
+	return &SignatureBliding{Fr: createRandSignatureFr()}
+}
+func (sb *SignatureBliding) ToFr() *bls12381.Fr {
+	return sb.Fr
+}
 
 type BlindSignature struct {
 	A *bls12381.PointG1
@@ -83,6 +92,6 @@ func (bs *BlindSignature) ToUnblinded(blinder *SignatureBliding) *Signature {
 		E: bs.E,
 		S: bls12381.NewFr(),
 	}
-	ret.S.Add(bs.S, (*bls12381.Fr)(blinder))
+	ret.S.Add(bs.S, blinder.ToFr())
 	return ret
 }

pkg/bbs/blind_signature_context.go

@@ -12,20 +12,19 @@ type BlindSignatureContext struct {
 	proofs     *ProofG1
 }
 
-func NewBlindSignatureContext(msgs map[int][]byte, generators *PublicKeyWithGenerators, nonce []byte) (*BlindSignatureContext, *bls12381.Fr, error) {
+func NewBlindSignatureContext(msgs map[int][]byte, generators *PublicKeyWithGenerators, nonce *ProofNonce) (*BlindSignatureContext, *SignatureBliding, error) {
 
-	nonceFr := frFromOKM(nonce)
-	blindFactory := createRandSignatureFr()
+	blindFactory := NewSignatureBliding()
 	builder := newCommitmentBuilder(len(msgs) + 1)
 
 	// h0^blinding_factor*hi^mi.....
-	builder.add(generators.h0, blindFactory)
+	builder.add(generators.h0, blindFactory.ToFr())
 
 	committing := NewProverCommittingG1()
 	committing.Commit(generators.h0)
 
 	secrets := make([]*bls12381.Fr, 0)
-	secrets = append(secrets, blindFactory)
+	secrets = append(secrets, blindFactory.ToFr())
 
 	for i := 0; i < generators.messagesCount; i++ {
 		if _, contains := msgs[i]; contains {
@@ -44,7 +43,7 @@ func NewBlindSignatureContext(msgs map[int][]byte, generators *PublicKeyWithGene
 
 	extra := make([]byte, 0)
 	extra = append(extra, g1.ToUncompressed(commitment)...)
-	extra = append(extra, nonceFr.ToBytes()...)
+	extra = append(extra, nonce.ToBytes()...)
 	challenge := frFromOKM(extra)
 	proofs := committed.GenerateProof(challenge, secrets)
 
@@ -85,8 +84,7 @@ func (bsc *BlindSignatureContext) FromBytes(input []byte) error {
 	return err
 }
 
-func (bsc *BlindSignatureContext) Verify(revealedMsg map[int]*SignatureMessage, generators *PublicKeyWithGenerators, nonce []byte) error {
-	nonceFr := frFromOKM(nonce)
+func (bsc *BlindSignatureContext) Verify(revealedMsg map[int]*SignatureMessage, generators *PublicKeyWithGenerators, nonce *ProofNonce) error {
 	bases := make([]*bls12381.PointG1, 0)
 	bases = append(bases, generators.h0)
 
@@ -103,7 +101,7 @@ func (bsc *BlindSignatureContext) Verify(revealedMsg map[int]*SignatureMessage,
 
 	challengeBytes := make([]byte, 0)
 	challengeBytes = append(challengeBytes, g1.ToUncompressed(bsc.commitment)...)
-	challengeBytes = append(challengeBytes, nonceFr.ToBytes()...)
+	challengeBytes = append(challengeBytes, nonce.ToBytes()...)
 	challenge := frFromOKM(challengeBytes)
 	challenge.Sub(challenge, bsc.challenge)
 	g1.Sub(commitment, commitment, bsc.proofs.commitment)
@@ -113,7 +111,7 @@ func (bsc *BlindSignatureContext) Verify(revealedMsg map[int]*SignatureMessage,
 	return fmt.Errorf("invlaid proof")
 }
 
-func (bsc *BlindSignatureContext) ToBlindSignature(msgs map[int][]byte, privKey *PrivateKey, generators *PublicKeyWithGenerators, nonce []byte) (*BlindSignature, error) {
+func (bsc *BlindSignatureContext) ToBlindSignature(msgs map[int][]byte, privKey *PrivateKey, generators *PublicKeyWithGenerators, nonce *ProofNonce) (*BlindSignature, error) {
 	if msgs == nil {
 		return nil, fmt.Errorf("messages was empty")
 	}

pkg/bbs/blind_signature_context_test.go

@@ -8,24 +8,22 @@ import (
 )
 
 func TestBlindSignatureContext(t *testing.T) {
-	privBytes, _ := hex.DecodeString("4b47459199b0c2210de9d28c1412551c28c57caae60872aa677bc9af2038d22b")
-	pubBytes, _ := hex.DecodeString("ac4fd7ede2ba8a253f9ca8b8c8015334045252e2cd7290fa52fcb91ebebac64309e20823c03d0e3672a16fa783d614050485729c5aeee9d3000853657a2c691933113377843069e419e9a90886aa244e363c42ed342e9b7bd360b874dc9fd738")
-	nonce := []byte("nonce")
-	priv, err := UnmarshalPrivateKey(privBytes)
+	issuerPrivateKeyBytes, err := hex.DecodeString("4b47459199b0c2210de9d28c1412551c28c57caae60872aa677bc9af2038d22b")
 	require.NoError(t, err)
-	pub, err := UnmarshalPublicKey([]byte(pubBytes))
+
+	issuerPrivateKey, err := UnmarshalPrivateKey(issuerPrivateKeyBytes)
 	require.NoError(t, err)
 
-	generators, err := pub.ToPublicKeyWithGenerators(5)
+	issuerGenerators, err := issuerPrivateKey.PublicKey().ToPublicKeyWithGenerators(25)
 	require.NoError(t, err)
 
+	nonce := NewProofNonce()
+
 	// holder pre blind secret
 	secretMsgs := make(map[int][]byte, 0)
-	secretMsgs[0] = []byte("identity")
-	secretMsgs[2] = []byte("password")
-	secretMsgs[4] = []byte("phone number")
+	secretMsgs[17] = []byte(`<https://issuer.oidp.uscis.gov/credentials/83627465> <http://schema.org/identifier> "83627465" .`)
 
-	ctx, blinding, err := NewBlindSignatureContext(secretMsgs, generators, nonce)
+	ctx, blinding, err := NewBlindSignatureContext(secretMsgs, issuerGenerators, nonce)
 	require.NoError(t, err)
 	require.NotNil(t, blinding)
 	require.False(t, blinding.IsZero())
@@ -47,10 +45,32 @@ func TestBlindSignatureContext(t *testing.T) {
 
 	// signer use known message with index to create blinding signature
 	revealedMsg := make(map[int][]byte, 0)
-	revealedMsg[1] = []byte("firstname")
-	revealedMsg[3] = []byte("age")
+	revealedMsg[0] = []byte(`_:c14n0 <http://purl.org/dc/terms/created> "2019-12-03T12:19:52Z"^^<http://www.w3.org/2001/XMLSchema#dateTime> .`)
+	revealedMsg[1] = []byte(`_:c14n0 <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://w3id.org/security#BbsBlsSignature2020> .`)
+	revealedMsg[2] = []byte(`_:c14n0 <https://w3id.org/security#proofPurpose> <https://w3id.org/security#assertionMethod> .`)
+	revealedMsg[3] = []byte(`_:c14n0 <https://w3id.org/security#verificationMethod> <did:example:123456#key1> .`)
+	revealedMsg[4] = []byte(`<did:example:b34ca6cd37bbf23> <http://schema.org/birthDate> "1958-07-17"^^<http://www.w3.org/2001/XMLSchema#dateTime> .`)
+	revealedMsg[5] = []byte(`<did:example:b34ca6cd37bbf23> <http://schema.org/familyName> "SMITH" .`)
+	revealedMsg[6] = []byte(`<did:example:b34ca6cd37bbf23> <http://schema.org/gender> "Male" .`)
+	revealedMsg[7] = []byte(`<did:example:b34ca6cd37bbf23> <http://schema.org/givenName> "JOHN" .`)
+	revealedMsg[8] = []byte(`<did:example:b34ca6cd37bbf23> <http://schema.org/image> <data:image/png;base64,iVBORw0KGgokJggg==> .`)
+	revealedMsg[9] = []byte(`<did:example:b34ca6cd37bbf23> <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <http://schema.org/Person> .`)
+	revealedMsg[10] = []byte(`<did:example:b34ca6cd37bbf23> <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://w3id.org/citizenship#PermanentResident> .`)
+	revealedMsg[11] = []byte(`<did:example:b34ca6cd37bbf23> <https://w3id.org/citizenship#birthCountry> "Bahamas" .`)
+	revealedMsg[12] = []byte(`<did:example:b34ca6cd37bbf23> <https://w3id.org/citizenship#commuterClassification> "C1" .`)
+	revealedMsg[13] = []byte(`<did:example:b34ca6cd37bbf23> <https://w3id.org/citizenship#lprCategory> "C09" .`)
+	revealedMsg[14] = []byte(`<did:example:b34ca6cd37bbf23> <https://w3id.org/citizenship#lprNumber> "999-999-999" .`)
+	revealedMsg[15] = []byte(`<did:example:b34ca6cd37bbf23> <https://w3id.org/citizenship#residentSince> "2015-01-01"^^<http://www.w3.org/2001/XMLSchema#dateTime> .`)
+	revealedMsg[16] = []byte(`<https://issuer.oidp.uscis.gov/credentials/83627465> <http://schema.org/description> "Government of Example Permanent Resident Card." .`)
+	revealedMsg[18] = []byte(`<https://issuer.oidp.uscis.gov/credentials/83627465> <http://schema.org/name> "Permanent Resident Card" .`)
+	revealedMsg[19] = []byte(`<https://issuer.oidp.uscis.gov/credentials/83627465> <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://w3id.org/citizenship#PermanentResidentCard> .`)
+	revealedMsg[20] = []byte(`<https://issuer.oidp.uscis.gov/credentials/83627465> <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://www.w3.org/2018/credentials#VerifiableCredential> .`)
+	revealedMsg[21] = []byte(`<https://issuer.oidp.uscis.gov/credentials/83627465> <https://www.w3.org/2018/credentials#credentialSubject> <did:example:b34ca6cd37bbf23> .`)
+	revealedMsg[22] = []byte(`<https://issuer.oidp.uscis.gov/credentials/83627465> <https://www.w3.org/2018/credentials#expirationDate> "2029-12-03T12:19:52Z"^^<http://www.w3.org/2001/XMLSchema#dateTime> .`)
+	revealedMsg[23] = []byte(`<https://issuer.oidp.uscis.gov/credentials/83627465> <https://www.w3.org/2018/credentials#issuanceDate> "2019-12-03T12:19:52Z"^^<http://www.w3.org/2001/XMLSchema#dateTime> .`)
+	revealedMsg[24] = []byte(`<https://issuer.oidp.uscis.gov/credentials/83627465> <https://www.w3.org/2018/credentials#issuer> <did:example:489398593> .`)
 
-	blindSig, err := ctx.ToBlindSignature(revealedMsg, priv, generators, nonce)
+	blindSig, err := ctx.ToBlindSignature(revealedMsg, issuerPrivateKey, issuerGenerators, nonce)
 	require.NoError(t, err)
 	require.NotNil(t, blindSig)
 
@@ -59,13 +79,38 @@ func TestBlindSignatureContext(t *testing.T) {
 	require.NotNil(t, sig)
 
 	// verifier verify signature
-	allMsg := make([]*SignatureMessage, 5)
-	allMsg[0] = ParseSignatureMessage([]byte("identity"))
-	allMsg[1] = ParseSignatureMessage([]byte("firstname"))
-	allMsg[2] = ParseSignatureMessage([]byte("password"))
-	allMsg[3] = ParseSignatureMessage([]byte("age"))
-	allMsg[4] = ParseSignatureMessage([]byte("phone number"))
+	allMsg := make([]*SignatureMessage, 25)
+	// allMsg[0] = ParseSignatureMessage([]byte("identity"))
+	// allMsg[1] = ParseSignatureMessage([]byte("firstname"))
+	// allMsg[2] = ParseSignatureMessage([]byte("password"))
+	// allMsg[3] = ParseSignatureMessage([]byte("age"))
+	// allMsg[4] = ParseSignatureMessage([]byte("phone number"))
+	allMsg[0] = ParseSignatureMessage([]byte(`_:c14n0 <http://purl.org/dc/terms/created> "2019-12-03T12:19:52Z"^^<http://www.w3.org/2001/XMLSchema#dateTime> .`))
+	allMsg[1] = ParseSignatureMessage([]byte(`_:c14n0 <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://w3id.org/security#BbsBlsSignature2020> .`))
+	allMsg[2] = ParseSignatureMessage([]byte(`_:c14n0 <https://w3id.org/security#proofPurpose> <https://w3id.org/security#assertionMethod> .`))
+	allMsg[3] = ParseSignatureMessage([]byte(`_:c14n0 <https://w3id.org/security#verificationMethod> <did:example:123456#key1> .`))
+	allMsg[4] = ParseSignatureMessage([]byte(`<did:example:b34ca6cd37bbf23> <http://schema.org/birthDate> "1958-07-17"^^<http://www.w3.org/2001/XMLSchema#dateTime> .`))
+	allMsg[5] = ParseSignatureMessage([]byte(`<did:example:b34ca6cd37bbf23> <http://schema.org/familyName> "SMITH" .`))
+	allMsg[6] = ParseSignatureMessage([]byte(`<did:example:b34ca6cd37bbf23> <http://schema.org/gender> "Male" .`))
+	allMsg[7] = ParseSignatureMessage([]byte(`<did:example:b34ca6cd37bbf23> <http://schema.org/givenName> "JOHN" .`))
+	allMsg[8] = ParseSignatureMessage([]byte(`<did:example:b34ca6cd37bbf23> <http://schema.org/image> <data:image/png;base64,iVBORw0KGgokJggg==> .`))
+	allMsg[9] = ParseSignatureMessage([]byte(`<did:example:b34ca6cd37bbf23> <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <http://schema.org/Person> .`))
+	allMsg[10] = ParseSignatureMessage([]byte(`<did:example:b34ca6cd37bbf23> <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://w3id.org/citizenship#PermanentResident> .`))
+	allMsg[11] = ParseSignatureMessage([]byte(`<did:example:b34ca6cd37bbf23> <https://w3id.org/citizenship#birthCountry> "Bahamas" .`))
+	allMsg[12] = ParseSignatureMessage([]byte(`<did:example:b34ca6cd37bbf23> <https://w3id.org/citizenship#commuterClassification> "C1" .`))
+	allMsg[13] = ParseSignatureMessage([]byte(`<did:example:b34ca6cd37bbf23> <https://w3id.org/citizenship#lprCategory> "C09" .`))
+	allMsg[14] = ParseSignatureMessage([]byte(`<did:example:b34ca6cd37bbf23> <https://w3id.org/citizenship#lprNumber> "999-999-999" .`))
+	allMsg[15] = ParseSignatureMessage([]byte(`<did:example:b34ca6cd37bbf23> <https://w3id.org/citizenship#residentSince> "2015-01-01"^^<http://www.w3.org/2001/XMLSchema#dateTime> .`))
+	allMsg[16] = ParseSignatureMessage([]byte(`<https://issuer.oidp.uscis.gov/credentials/83627465> <http://schema.org/description> "Government of Example Permanent Resident Card." .`))
+	allMsg[17] = ParseSignatureMessage([]byte(`<https://issuer.oidp.uscis.gov/credentials/83627465> <http://schema.org/identifier> "83627465" .`))
+	allMsg[18] = ParseSignatureMessage([]byte(`<https://issuer.oidp.uscis.gov/credentials/83627465> <http://schema.org/name> "Permanent Resident Card" .`))
+	allMsg[19] = ParseSignatureMessage([]byte(`<https://issuer.oidp.uscis.gov/credentials/83627465> <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://w3id.org/citizenship#PermanentResidentCard> .`))
+	allMsg[20] = ParseSignatureMessage([]byte(`<https://issuer.oidp.uscis.gov/credentials/83627465> <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://www.w3.org/2018/credentials#VerifiableCredential> .`))
+	allMsg[21] = ParseSignatureMessage([]byte(`<https://issuer.oidp.uscis.gov/credentials/83627465> <https://www.w3.org/2018/credentials#credentialSubject> <did:example:b34ca6cd37bbf23> .`))
+	allMsg[22] = ParseSignatureMessage([]byte(`<https://issuer.oidp.uscis.gov/credentials/83627465> <https://www.w3.org/2018/credentials#expirationDate> "2029-12-03T12:19:52Z"^^<http://www.w3.org/2001/XMLSchema#dateTime> .`))
+	allMsg[23] = ParseSignatureMessage([]byte(`<https://issuer.oidp.uscis.gov/credentials/83627465> <https://www.w3.org/2018/credentials#issuanceDate> "2019-12-03T12:19:52Z"^^<http://www.w3.org/2001/XMLSchema#dateTime> .`))
+	allMsg[24] = ParseSignatureMessage([]byte(`<https://issuer.oidp.uscis.gov/credentials/83627465> <https://www.w3.org/2018/credentials#issuer> <did:example:489398593> .`))
 
-	err = sig.Verify(allMsg, generators)
+	err = sig.Verify(allMsg, issuerGenerators)
 	require.NoError(t, err)
 }

pkg/bbs/blind_signature_test.go

@@ -12,12 +12,12 @@ func TestBlindSign(t *testing.T) {
 	require.NoError(t, err)
 	generators, err := pub.ToPublicKeyWithGenerators(5)
 	require.NoError(t, err)
-	blindFactory := createRandSignatureFr()
+	blindFactory := NewSignatureBliding()
 
 	msg := ParseSignatureMessage([]byte("message_0"))
 
 	builder := newCommitmentBuilder(0)
-	builder.add(generators.h0, blindFactory)
+	builder.add(generators.h0, blindFactory.ToFr())
 	builder.add(generators.h[0], msg.FR)
 
 	commitment := builder.build()
@@ -31,7 +31,7 @@ func TestBlindSign(t *testing.T) {
 
 	blindSig := NewBlindSignature(commitment, reveMsg, priv, generators)
 	require.NotNil(t, blindSig)
-	sig := blindSig.ToUnblinded((*SignatureBliding)(blindFactory))
+	sig := blindSig.ToUnblinded(blindFactory)
 	require.NotNil(t, sig)
 	reveMsg[0] = msg
 	allMsgs := []*SignatureMessage{