indy_crypto::cl::issuer

Struct Issuer

Source 
pub struct Issuer {}
Expand description

Trust source that provides credentials to prover.

Implementations§

Source§

impl Issuer

Source

pub fn new_credential_schema_builder() -> IndyCryptoResult<CredentialSchemaBuilder>

Creates and returns credential schema entity builder.

The purpose of credential schema builder is building of credential schema entity that represents credential schema attributes set.

§Example
use indy_crypto::cl::issuer::Issuer;

let mut credential_schema_builder = Issuer::new_credential_schema_builder().unwrap();
credential_schema_builder.add_attr("sex").unwrap();
credential_schema_builder.add_attr("name").unwrap();
let _credential_schema = credential_schema_builder.finalize().unwrap();
Source

pub fn new_non_credential_schema_builder() -> IndyCryptoResult<NonCredentialSchemaBuilder>

Source

pub fn new_credential_def( credential_schema: &CredentialSchema, non_credential_schema: &NonCredentialSchema, support_revocation: bool, ) -> IndyCryptoResult<(CredentialPublicKey, CredentialPrivateKey, CredentialKeyCorrectnessProof)>

Creates and returns credential definition (public and private keys, correctness proof) entities.

§Arguments
  • credential_schema - Credential schema entity.
  • support_revocation - If true non revocation part of keys will be generated.
§Example
use indy_crypto::cl::issuer::Issuer;

let mut credential_schema_builder = Issuer::new_credential_schema_builder().unwrap();
credential_schema_builder.add_attr("name").unwrap();
credential_schema_builder.add_attr("sex").unwrap();
let credential_schema = credential_schema_builder.finalize().unwrap();

let mut non_credential_schema_builder = Issuer::new_non_credential_schema_builder().unwrap();
non_credential_schema_builder.add_attr("master_secret").unwrap();
let non_credential_schema = non_credential_schema_builder.finalize().unwrap();

let (_cred_pub_key, _cred_priv_key, _cred_key_correctness_proof) = Issuer::new_credential_def(&credential_schema, &non_credential_schema, true).unwrap();
Source

pub fn new_revocation_registry_def( credential_pub_key: &CredentialPublicKey, max_cred_num: u32, issuance_by_default: bool, ) -> IndyCryptoResult<(RevocationKeyPublic, RevocationKeyPrivate, RevocationRegistry, RevocationTailsGenerator)>

Creates and returns revocation registry definition (public and private keys, accumulator and tails generator) entities.

§Arguments
  • credential_pub_key - Credential public key entity.
  • max_cred_num - Max credential number in generated registry.
  • issuance_by_default - Type of issuance. If true all indices are assumed to be issued and initial accumulator is calculated over all indices If false nothing is issued initially accumulator is 1
§Example
use indy_crypto::cl::issuer::Issuer;

let mut credential_schema_builder = Issuer::new_credential_schema_builder().unwrap();
credential_schema_builder.add_attr("name").unwrap();
credential_schema_builder.add_attr("sex").unwrap();
let credential_schema = credential_schema_builder.finalize().unwrap();

let mut non_credential_schema_builder = Issuer::new_non_credential_schema_builder().unwrap();
non_credential_schema_builder.add_attr("master_secret").unwrap();
let non_credential_schema = non_credential_schema_builder.finalize().unwrap();

let (_cred_pub_key, _cred_priv_key, _cred_key_correctness_proof) = Issuer::new_credential_def(&credential_schema, &non_credential_schema, true).unwrap();

let (_rev_key_pub, _rev_key_priv, _rev_reg, _rev_tails_generator) = Issuer::new_revocation_registry_def(&_cred_pub_key, 5, false).unwrap();
Source

pub fn new_credential_values_builder() -> IndyCryptoResult<CredentialValuesBuilder>

Creates and returns credential values entity builder.

The purpose of credential values builder is building of credential values entity that represents credential attributes values map.

§Example
use indy_crypto::cl::issuer::Issuer;

let mut credential_values_builder = Issuer::new_credential_values_builder().unwrap();
credential_values_builder.add_dec_known("sex", "5944657099558967239210949258394887428692050081607692519917050011144233115103").unwrap();
credential_values_builder.add_dec_known("name", "1139481716457488690172217916278103335").unwrap();
let _credential_values = credential_values_builder.finalize().unwrap();
Source

pub fn sign_credential( prover_id: &str, blinded_credential_secrets: &BlindedCredentialSecrets, blinded_credential_secrets_correctness_proof: &BlindedCredentialSecretsCorrectnessProof, credential_nonce: &Nonce, credential_issuance_nonce: &Nonce, credential_values: &CredentialValues, credential_pub_key: &CredentialPublicKey, credential_priv_key: &CredentialPrivateKey, ) -> IndyCryptoResult<(CredentialSignature, SignatureCorrectnessProof)>

Signs credential values with primary keys only.

§Arguments
  • prover_id - Prover identifier.
  • blinded_credential_secrets - Blinded credential secrets generated by Prover.
  • blinded_credential_secrets_correctness_proof - Blinded credential secrets correctness proof.
  • credential_nonce - Nonce used for verification of blinded_credential_secrets_correctness_proof.
  • credential_issuance_nonce - Nonce used for creation of signature_correctness_proof.
  • credential_values - Credential values to be signed.
  • credential_pub_key - Credential public key.
  • credential_priv_key - Credential private key.
§Example
use indy_crypto::cl::new_nonce;
use indy_crypto::cl::issuer::Issuer;
use indy_crypto::cl::prover::Prover;

let mut credential_schema_builder = Issuer::new_credential_schema_builder().unwrap();
credential_schema_builder.add_attr("sex").unwrap();
let credential_schema = credential_schema_builder.finalize().unwrap();

let mut non_credential_schema_builder = Issuer::new_non_credential_schema_builder().unwrap();
non_credential_schema_builder.add_attr("master_secret").unwrap();
let non_credential_schema = non_credential_schema_builder.finalize().unwrap();

let (credential_pub_key, credential_priv_key, cred_key_correctness_proof) = Issuer::new_credential_def(&credential_schema, &non_credential_schema, false).unwrap();

let master_secret = Prover::new_master_secret().unwrap();

let mut credential_values_builder = Issuer::new_credential_values_builder().unwrap();
credential_values_builder.add_value_hidden("master_secret", &master_secret.value().unwrap());
credential_values_builder.add_dec_known("sex", "5944657099558967239210949258394887428692050081607692519917050011144233115103").unwrap();
let credential_values = credential_values_builder.finalize().unwrap();

let credential_nonce = new_nonce().unwrap();
let (blinded_credential_secrets, _, blinded_credential_secrets_correctness_proof) =
     Prover::blind_credential_secrets(&credential_pub_key, &cred_key_correctness_proof, &credential_values, &credential_nonce).unwrap();

let credential_issuance_nonce = new_nonce().unwrap();

let (_credential_signature, _signature_correctness_proof) =
    Issuer::sign_credential("CnEDk9HrMnmiHXEV1WFgbVCRteYnPqsJwrTdcZaNhFVW",
                            &blinded_credential_secrets,
                            &blinded_credential_secrets_correctness_proof,
                            &credential_nonce,
                            &credential_issuance_nonce,
                            &credential_values,
                            &credential_pub_key,
                            &credential_priv_key).unwrap();
Source

pub fn sign_credential_with_revoc<RTA>( prover_id: &str, blinded_credential_secrets: &BlindedCredentialSecrets, blinded_credential_secrets_correctness_proof: &BlindedCredentialSecretsCorrectnessProof, credential_nonce: &Nonce, credential_issuance_nonce: &Nonce, credential_values: &CredentialValues, credential_pub_key: &CredentialPublicKey, credential_priv_key: &CredentialPrivateKey, rev_idx: u32, max_cred_num: u32, issuance_by_default: bool, rev_reg: &mut RevocationRegistry, rev_key_priv: &RevocationKeyPrivate, rev_tails_accessor: &RTA, ) -> IndyCryptoResult<(CredentialSignature, SignatureCorrectnessProof, Option<RevocationRegistryDelta>)>
where RTA: RevocationTailsAccessor,

Signs credential values with both primary and revocation keys.

§Arguments
  • prover_id - Prover identifier.
  • blinded_credential_secrets - Blinded credential secrets generated by Prover.
  • blinded_credential_secrets_correctness_proof - Blinded credential secrets correctness proof.
  • credential_nonce - Nonce used for verification of blinded_credential_secrets_correctness_proof.
  • credential_issuance_nonce - Nonce used for creation of signature_correctness_proof.
  • credential_values - Credential values to be signed.
  • credential_pub_key - Credential public key.
  • credential_priv_key - Credential private key.
  • rev_idx - User index in revocation accumulator. Required for non-revocation credential_signature part generation.
  • max_cred_num - Max credential number in generated registry.
  • rev_reg - Revocation registry.
  • rev_key_priv - Revocation registry private key.
  • rev_tails_accessor - Revocation registry tails accessor.
§Example
use indy_crypto::cl::{new_nonce, SimpleTailsAccessor};
use indy_crypto::cl::issuer::Issuer;
use indy_crypto::cl::prover::Prover;

let mut credential_schema_builder = Issuer::new_credential_schema_builder().unwrap();
credential_schema_builder.add_attr("name").unwrap();
let credential_schema = credential_schema_builder.finalize().unwrap();

let mut non_credential_schema_builder = Issuer::new_non_credential_schema_builder().unwrap();
non_credential_schema_builder.add_attr("master_secret").unwrap();
let non_credential_schema = non_credential_schema_builder.finalize().unwrap();

let (cred_pub_key, cred_priv_key, cred_key_correctness_proof) = Issuer::new_credential_def(&credential_schema, &non_credential_schema, true).unwrap();

let max_cred_num = 5;
let (_rev_key_pub, rev_key_priv, mut rev_reg, mut rev_tails_generator) = Issuer::new_revocation_registry_def(&cred_pub_key, max_cred_num, false).unwrap();

let simple_tail_accessor = SimpleTailsAccessor::new(&mut rev_tails_generator).unwrap();

let master_secret = Prover::new_master_secret().unwrap();

let mut credential_values_builder = Issuer::new_credential_values_builder().unwrap();
credential_values_builder.add_value_hidden("master_secret", &master_secret.value().unwrap());
credential_values_builder.add_dec_known("name", "1139481716457488690172217916278103335").unwrap();
let cred_values = credential_values_builder.finalize().unwrap();

let credential_nonce = new_nonce().unwrap();

let (blinded_credential_secrets, _credential_secrets_blinding_factors, blinded_credential_secrets_correctness_proof) =
    Prover::blind_credential_secrets(&cred_pub_key, &cred_key_correctness_proof, &cred_values, &credential_nonce).unwrap();

let credential_issuance_nonce = new_nonce().unwrap();

let (_cred_signature, _signature_correctness_proof, _rev_reg_delta) =
    Issuer::sign_credential_with_revoc("CnEDk9HrMnmiHXEV1WFgbVCRteYnPqsJwrTdcZaNhFVW",
                                       &blinded_credential_secrets,
                                       &blinded_credential_secrets_correctness_proof,
                                       &credential_nonce,
                                       &credential_issuance_nonce,
                                       &cred_values,
                                       &cred_pub_key,
                                       &cred_priv_key,
                                       1,
                                       max_cred_num,
                                       false,
                                       &mut rev_reg,
                                       &rev_key_priv,
                                       &simple_tail_accessor).unwrap();
Source

pub fn revoke_credential<RTA>( rev_reg: &mut RevocationRegistry, max_cred_num: u32, rev_idx: u32, rev_tails_accessor: &RTA, ) -> IndyCryptoResult<RevocationRegistryDelta>
where RTA: RevocationTailsAccessor,

Revokes a credential by a rev_idx in a given revocation registry.

§Arguments
  • rev_reg - Revocation registry.
  • max_cred_num - Max credential number in revocation registry.
  • rev_idx` - Index of the user in the revocation registry.
  • rev_tails_accessor - Revocation registry tails accessor.
§Example
use indy_crypto::cl::{new_nonce, SimpleTailsAccessor};
use indy_crypto::cl::issuer::Issuer;
use indy_crypto::cl::prover::Prover;

let mut credential_schema_builder = Issuer::new_credential_schema_builder().unwrap();
credential_schema_builder.add_attr("name").unwrap();
let credential_schema = credential_schema_builder.finalize().unwrap();

let mut non_credential_schema_builder = Issuer::new_non_credential_schema_builder().unwrap();
non_credential_schema_builder.add_attr("master_secret").unwrap();
let non_credential_schema = non_credential_schema_builder.finalize().unwrap();

let (cred_pub_key, cred_priv_key, cred_key_correctness_proof) = Issuer::new_credential_def(&credential_schema, &non_credential_schema, true).unwrap();

let max_cred_num = 5;
let (_rev_key_pub, rev_key_priv, mut rev_reg, mut rev_tails_generator) = Issuer::new_revocation_registry_def(&cred_pub_key, max_cred_num, false).unwrap();

let simple_tail_accessor = SimpleTailsAccessor::new(&mut rev_tails_generator).unwrap();

let master_secret = Prover::new_master_secret().unwrap();

let mut credential_values_builder = Issuer::new_credential_values_builder().unwrap();
credential_values_builder.add_value_hidden("master_secret", &master_secret.value().unwrap());
credential_values_builder.add_dec_known("name", "1139481716457488690172217916278103335").unwrap();
let cred_values = credential_values_builder.finalize().unwrap();

let credential_nonce = new_nonce().unwrap();

let (blinded_credential_secrets, _credential_secrets_blinding_factors, blinded_credential_secrets_correctness_proof) =
    Prover::blind_credential_secrets(&cred_pub_key, &cred_key_correctness_proof, &cred_values, &credential_nonce).unwrap();
let credential_issuance_nonce = new_nonce().unwrap();

let rev_idx = 1;
let (_cred_signature, _signature_correctness_proof, _rev_reg_delta) =
    Issuer::sign_credential_with_revoc("CnEDk9HrMnmiHXEV1WFgbVCRteYnPqsJwrTdcZaNhFVW",
                                       &blinded_credential_secrets,
                                       &blinded_credential_secrets_correctness_proof,
                                       &credential_nonce,
                                       &credential_issuance_nonce,
                                       &cred_values,
                                       &cred_pub_key,
                                       &cred_priv_key,
                                       rev_idx,
                                       max_cred_num,
                                       false,
                                       &mut rev_reg,
                                       &rev_key_priv,
                                        &simple_tail_accessor).unwrap();
Issuer::revoke_credential(&mut rev_reg, max_cred_num, rev_idx, &simple_tail_accessor).unwrap();
Source

pub fn recovery_credential<RTA>( rev_reg: &mut RevocationRegistry, max_cred_num: u32, rev_idx: u32, rev_tails_accessor: &RTA, ) -> IndyCryptoResult<RevocationRegistryDelta>
where RTA: RevocationTailsAccessor,

Recovery a credential by a rev_idx in a given revocation registry

§Arguments
  • rev_reg - Revocation registry.
  • max_cred_num - Max credential number in revocation registry.
  • rev_idx` - Index of the user in the revocation registry.
  • rev_tails_accessor - Revocation registry tails accessor.
§Example
use indy_crypto::cl::{new_nonce, SimpleTailsAccessor};
use indy_crypto::cl::issuer::Issuer;
use indy_crypto::cl::prover::Prover;

let mut credential_schema_builder = Issuer::new_credential_schema_builder().unwrap();
credential_schema_builder.add_attr("name").unwrap();
let credential_schema = credential_schema_builder.finalize().unwrap();

let mut non_credential_schema_builder = Issuer::new_non_credential_schema_builder().unwrap();
non_credential_schema_builder.add_attr("master_secret").unwrap();
let non_credential_schema = non_credential_schema_builder.finalize().unwrap();

let (cred_pub_key, cred_priv_key, cred_key_correctness_proof) = Issuer::new_credential_def(&credential_schema, &non_credential_schema, true).unwrap();

let max_cred_num = 5;
let (_rev_key_pub, rev_key_priv, mut rev_reg, mut rev_tails_generator) = Issuer::new_revocation_registry_def(&cred_pub_key, max_cred_num, false).unwrap();

let simple_tail_accessor = SimpleTailsAccessor::new(&mut rev_tails_generator).unwrap();

let master_secret = Prover::new_master_secret().unwrap();

let mut credential_values_builder = Issuer::new_credential_values_builder().unwrap();
credential_values_builder.add_value_hidden("master_secret", &master_secret.value().unwrap());
credential_values_builder.add_dec_known("name", "1139481716457488690172217916278103335").unwrap();
let cred_values = credential_values_builder.finalize().unwrap();

let credential_nonce = new_nonce().unwrap();

let (blinded_credential_secrets, _credential_secrets_blinding_factors, blinded_credential_secrets_correctness_proof) =
    Prover::blind_credential_secrets(&cred_pub_key, &cred_key_correctness_proof, &cred_values, &credential_nonce).unwrap();

let credential_issuance_nonce = new_nonce().unwrap();

let rev_idx = 1;
let (_cred_signature, _signature_correctness_proof, _rev_reg_delta) =
    Issuer::sign_credential_with_revoc("CnEDk9HrMnmiHXEV1WFgbVCRteYnPqsJwrTdcZaNhFVW",
                                       &blinded_credential_secrets,
                                       &blinded_credential_secrets_correctness_proof,
                                       &credential_nonce,
                                       &credential_issuance_nonce,
                                       &cred_values,
                                       &cred_pub_key,
                                       &cred_priv_key,
                                       rev_idx,
                                       max_cred_num,
                                       false,
                                       &mut rev_reg,
                                       &rev_key_priv,
                                        &simple_tail_accessor).unwrap();
Issuer::revoke_credential(&mut rev_reg, max_cred_num, rev_idx, &simple_tail_accessor).unwrap();
Issuer::recovery_credential(&mut rev_reg, max_cred_num, rev_idx, &simple_tail_accessor).unwrap();

Auto Trait Implementations§

§

impl Freeze for Issuer

§

impl RefUnwindSafe for Issuer

§

impl Send for Issuer

§

impl Sync for Issuer

§

impl Unpin for Issuer

§

impl UnwindSafe for Issuer

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.