def verify_blind(self, cp, blind_signature):
# Convert to modular integer dictionary
sig = SigConversion.convert_dict_modint(json.loads(blind_signature))
cp_pubk = get_cp_pubkey(cp, self.timestamp, self.policy)
verifier = BlindSignatureVerifier(cp_pubk)
message = Conversion.OS2IP(self.pubk)
return verifier.verify(sig, message)
def user_response():
data = json.loads(request.json)
params = {'policy': data.get('policy'), 'timestamp': data.get('timestamp')}
# Find y in database
user = User.query.get(data.get('y'))
if user is None:
return jsonify({'message': 'Could not find y'}), 500
# TODO: Ideally the keys should have been distributed by some other means
res = requests.get('http://%s:5000/pubkey' % ap_host, params=params)
if res.status_code == 200:
key = res.json()
key = SigConversion.convert_dict_modint(key)
sig = json.loads(data.get('sig'))
sig = SigConversion.convert_dict_modint(sig)
if verify_sig(key, sig, data.get('y')):
return jsonify({'message': 'Success'}), 200
else:
return jsonify({'message': 'Could not verify signature'}), 500
def get_cp_pubkey(cp: int, timestamp: int, policy: int):
"""
Gets the public key from the ledger for a given timestamp and policy.
:param cp: The ID of the CP on the ledger.
:param timestamp: The timestamp at which the proofs are valid.
:param policy: The CP policy the proofs are associated with.
:return:
"""
block = get_block(cp, timestamp, policy)
key_json = block.get('key')
key_str = json.loads(key_json.get('key'))
key = SigConversion.convert_dict_modint(key_str)
return key
def handle_challenge_util(signer_type: str,
signer_id: int,
resp: dict,
policy: int,
message: int = None):
"""
Utility function that takes care of type conversions and ultimately calls the signing function
:param signer_type: Whether a blind signature is being requested from a CP or an AP.
:param signer_id: The CP\\AP's participant ID
:param resp: The CP\\AP response to the challenge request.
:param policy: The policy for which the signature needs to be generated.
:param message: The message that the blind signature needs to be generated on.
:return: e: The challenge response that is used by the CP/AP's to generate the proofs.
"""
pubk = SigConversion.convert_dict_modint(resp.get('public_key'))
challenge = SigConversion.convert_dict_modint(resp.get('challenge'))
timestamp = resp.get('timestamp')
# Generate signer and keymodel
signer = UserBlindSignature(pubk)
key_model = KeyModel(provider_type=signer_type,
p_id=signer_id,
policy=policy,
signer=signer,
interval=timestamp)
if message is None:
message = Conversion.OS2IP(key_model.public_key)
e = SigConversion.convert_dict_strlist(
signer.challenge_response(challenge, message))
e['timestamp'] = timestamp
key_model.signer = signer
key_model.save_to_db()
return e
def gen_proof_handler(e: dict):
key = KeyModel.query.get((current_user.timestamp, current_user.policy))
signer = key.signer
signer.d = current_user.d
signer.u = current_user.u
signer.s1 = current_user.s1
signer.s2 = current_user.s2
# Do the appropriate conversions so that we can serialize
e = SigConversion.convert_dict_modint(e)
proofs = SigConversion.convert_dict_strlist(signer.get_proofs(e))
hash_tmp = SHA256Hash().new(json.dumps(proofs).encode())
hash_proof = Conversion.OS2IP(hash_tmp.digest())
resp = {'proof': proofs, 'hash': hash_proof}
return resp
def generate_blind_signature(self, proof):
signer = self.signer
proof = SigConversion.convert_dict_modint(proof)
return signer.gen_signature(proof)