Package org.hyperledger.fabric.sdk.idemix

Class RevocationAuthority


  • public class RevocationAuthority
extends java.lang.Object

    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static org.hyperledger.fabric.protos.idemix.Idemix.CredentialRevocationInformation createCRI​(java.security.PrivateKey key, org.apache.milagro.amcl.FP256BN.BIG[] unrevokedHandles, int epoch, RevocationAlgorithm alg)
      Creates a Credential Revocation Information object
      static java.security.KeyPair generateLongTermRevocationKey​()
      Generate a long term ECDSA key pair used for revocation
      static int getProofBytes​(RevocationAlgorithm alg)
      Depending on the selected revocation algorithm, the proof data length will be different.
      static boolean verifyEpochPK​(java.security.PublicKey pk, org.hyperledger.fabric.protos.idemix.Idemix.ECP2 epochPK, byte[] epochPkSig, long epoch, RevocationAlgorithm alg)
      Verifies that the revocation PK for a certain epoch is valid, by checking that it was signed with the long term revocation key

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Method Detail

      • getProofBytes

        public static int getProofBytes​(RevocationAlgorithm alg)
        Depending on the selected revocation algorithm, the proof data length will be different. This method will give the proof length for any supported revocation algorithm.
        Parameters:
        alg - The revocation algorithm
        Returns:
        The proof data length for the given revocation algorithm

      • generateLongTermRevocationKey

        public static java.security.KeyPair generateLongTermRevocationKey​()
        Generate a long term ECDSA key pair used for revocation
        Returns:
        Freshly generated ECDSA key pair

      • createCRI

        public static org.hyperledger.fabric.protos.idemix.Idemix.CredentialRevocationInformation createCRI​(java.security.PrivateKey key,
                                                                                                    org.apache.milagro.amcl.FP256BN.BIG[] unrevokedHandles,
                                                                                                    int epoch,
                                                                                                    RevocationAlgorithm alg)
                                                                                             throws CryptoException
        Creates a Credential Revocation Information object
        Parameters:
        key - Private key
        unrevokedHandles - Array of unrevoked revocation handles
        epoch - The counter (representing a time window) in which this CRI is valid
        alg - Revocation algorithm
        Returns:
        CredentialRevocationInformation object
        Throws:
        CryptoException

      • verifyEpochPK

        public static boolean verifyEpochPK​(java.security.PublicKey pk,
                                    org.hyperledger.fabric.protos.idemix.Idemix.ECP2 epochPK,
                                    byte[] epochPkSig,
                                    long epoch,
                                    RevocationAlgorithm alg)
                             throws CryptoException
        Verifies that the revocation PK for a certain epoch is valid, by checking that it was signed with the long term revocation key
        Parameters:
        pk - Public Key
        epochPK - Epoch PK
        epochPkSig - Epoch PK Signature
        epoch - Epoch
        alg - Revocation algorithm
        Returns:
        True if valid
        Throws:
        CryptoException