org.hyperledger.fabric.sdk.idemix

Class RevocationAuthority

java.lang.Object

org.hyperledger.fabric.sdk.idemix.RevocationAuthority

public class RevocationAuthority
extends Object

Method Summary

Modifier and Type	Method and Description
static org.hyperledger.fabric.protos.idemix.Idemix.CredentialRevocationInformation	createCRI(PrivateKey key, org.apache.milagro.amcl.FP256BN.BIG[] unrevokedHandles, int epoch, RevocationAlgorithm alg) Creates a Credential Revocation Information object
static KeyPair	generateLongTermRevocationKey() Generate a long term ECDSA key pair used for revocation
static int	getProofBytes(RevocationAlgorithm alg) Depending on the selected revocation algorithm, the proof data length will be different.
static boolean	verifyEpochPK(PublicKey pk, org.hyperledger.fabric.protos.idemix.Idemix.ECP2 epochPK, byte[] epochPkSig, long epoch, RevocationAlgorithm alg) Verifies that the revocation PK for a certain epoch is valid, by checking that it was signed with the long term revocation key

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

getProofBytes

public static int getProofBytes(RevocationAlgorithm alg)

Depending on the selected revocation algorithm, the proof data length will be different. This method will give the proof length for any supported revocation algorithm.

Parameters:

alg - The revocation algorithm

Returns:

The proof data length for the given revocation algorithm

generateLongTermRevocationKey

public static KeyPair generateLongTermRevocationKey()

Generate a long term ECDSA key pair used for revocation

Returns:

Freshly generated ECDSA key pair

createCRI

public static org.hyperledger.fabric.protos.idemix.Idemix.CredentialRevocationInformation createCRI(PrivateKey key,
                                                                                                    org.apache.milagro.amcl.FP256BN.BIG[] unrevokedHandles,
                                                                                                    int epoch,
                                                                                                    RevocationAlgorithm alg)
                                                                                             throws CryptoException

Creates a Credential Revocation Information object

Parameters:

key - Private key

unrevokedHandles - Array of unrevoked revocation handles

epoch - The counter (representing a time window) in which this CRI is valid

alg - Revocation algorithm

Returns:

CredentialRevocationInformation object

Throws:

CryptoException

verifyEpochPK

public static boolean verifyEpochPK(PublicKey pk,
                                    org.hyperledger.fabric.protos.idemix.Idemix.ECP2 epochPK,
                                    byte[] epochPkSig,
                                    long epoch,
                                    RevocationAlgorithm alg)
                             throws CryptoException

Verifies that the revocation PK for a certain epoch is valid, by checking that it was signed with the long term revocation key

Parameters:

pk - Public Key

epochPK - Epoch PK

epochPkSig - Epoch PK Signature

epoch - Epoch

alg - Revocation algorithm

Returns:

True if valid

Throws:

CryptoException