github.com/trustbloc/kms-go@v1.1.2/crypto/tinkcrypto/primitive/bbs/bbs.go (about)

     1  /*
     2  Copyright SecureKey Technologies Inc. All Rights Reserved.
     3  
     4  SPDX-License-Identifier: Apache-2.0
     5  */
     6  
     7  // Package bbs provides implementations of BBS+ key management and primitives.
     8  //
     9  // The functionality of BBS+ signatures/proofs is represented as a pair of
    10  // primitives (interfaces):
    11  //
    12  //   - Signer for signing a list of messages with a private key
    13  //
    14  //   - Verifier for verifying a signature against a list of messages, deriving a proof from a signature for a given
    15  //     set of sub messages and verifying such derived proof.
    16  //
    17  // Example:
    18  //
    19  //	 package main
    20  //
    21  //	 import (
    22  //	     "bytes"
    23  //
    24  //	     "github.com/google/tink/go/keyset"
    25  //
    26  //	     "github.com/trustbloc/kms-go/crypto/tinkcrypto/primitive/bbs"
    27  //	 )
    28  //
    29  //	 func main() {
    30  //	     // create signer keyset handle
    31  //	     kh, err := keyset.NewHandle(bbs.BLS12381G2KeyTemplate())
    32  //	     if err != nil {
    33  //	         //handle error
    34  //	     }
    35  //
    36  //	     // extract signer public keyset handle and key for signature verification and proof derivation/verification
    37  //	     verKH, err := kh.Public()
    38  //	     if err != nil {
    39  //	         //handle error
    40  //	     }
    41  //
    42  //			// finally get the BBS+ signing primitive from the private key handle created above
    43  //			s:= bbs.NewSigner(kh)
    44  //
    45  //			// create a message to be signed
    46  //			messages := [][]byte{[]byte("message 1"), []byte("message 2"), []byte("message 3"), []byte("message 4")}
    47  //
    48  //			// and now sign using s
    49  //	     sig, err = s.Sign(messages)
    50  //	     if err != nil {
    51  //	         // handle error
    52  //	     }
    53  //
    54  //			// to verify, get the BBS+ verification primitive from the public key handle created earlier above
    55  //	     v := bbs.NewVerifier(verKH)
    56  //
    57  //			// and verify signature
    58  //	     err = v.Verify(messages, sig)
    59  //	     if err != nil {
    60  //	         // handle error
    61  //	     }
    62  //
    63  //			// to derive a proof from the bbs signature, create the indices of the messages to be revealed by the proof
    64  //			revealedIndexes := []int{0, 2}
    65  //
    66  //			// and a nonce
    67  //			nonce := make([]byte, 10)
    68  //
    69  //			_, err = rand.Read(nonce)
    70  //	     if err != nil {
    71  //	         // handle error
    72  //	     }
    73  //
    74  //			// then derive a proof for messages at index 0 and 2 as follows
    75  //			proof, err := verifier.DeriveProof(messages, sig, nonce, revealedIndexes)
    76  //	     if err != nil {
    77  //	         // handle error
    78  //	     }
    79  //
    80  //			// create a copy of the revealed messages to the party that should only access messages at index 0 and 2
    81  //			revealedMsgs := [][]byte{messages[0], messages[2]}
    82  //
    83  //			// finally to verify the proof's authenticity for revealedMsgs, do the following
    84  //			err = verifier.VerifyProof(revealedMsgs, proof, nonce)
    85  //	     if err != nil {
    86  //	         // handle error
    87  //	     }
    88  //	 }
    89  package bbs
    90  
    91  import (
    92  	"fmt"
    93  
    94  	"github.com/google/tink/go/core/registry"
    95  )
    96  
    97  // TODO - find a better way to setup tink than init.
    98  // nolint: gochecknoinits
    99  func init() {
   100  	// TODO - avoid the tink registry singleton.
   101  	err := registry.RegisterKeyManager(newBBSSignerKeyManager())
   102  	if err != nil {
   103  		panic(fmt.Sprintf("bbs.init() failed: %v", err))
   104  	}
   105  
   106  	err = registry.RegisterKeyManager(newBBSVerifierKeyManager())
   107  	if err != nil {
   108  		panic(fmt.Sprintf("ecdh.init() failed: %v", err))
   109  	}
   110  }