diff options
| author | Florian Dold <florian@dold.me> | 2022-05-25 13:52:39 +0200 |
|---|---|---|
| committer | Florian Dold <florian@dold.me> | 2022-05-25 13:52:39 +0200 |
| commit | 43d265dde5f76d64e210a6c37c63c89d287adb32 (patch) | |
| tree | c2c841274db3d0dd6c30a5c79effb600ad401a9e /packages/taler-util | |
| parent | 07e1818679b1ec33d506abd50f5659048997a847 (diff) | |
wallet-core: age restriction benchmarking
Diffstat (limited to 'packages/taler-util')
| -rw-r--r-- | packages/taler-util/src/talerCrypto.ts | 47 |
1 files changed, 42 insertions, 5 deletions
diff --git a/packages/taler-util/src/talerCrypto.ts b/packages/taler-util/src/talerCrypto.ts index e27e329a9..ebbfccda5 100644 --- a/packages/taler-util/src/talerCrypto.ts +++ b/packages/taler-util/src/talerCrypto.ts @@ -679,7 +679,8 @@ export function hashDenomPub(pub: DenominationPubKey): Uint8Array { return nacl.hash(uint8ArrayBuf); } else { throw Error( - `unsupported cipher (${(pub as DenominationPubKey).cipher + `unsupported cipher (${ + (pub as DenominationPubKey).cipher }), unable to hash`, ); } @@ -783,7 +784,7 @@ export enum TalerSignaturePurpose { export class SignaturePurposeBuilder { private chunks: Uint8Array[] = []; - constructor(private purposeNum: number) { } + constructor(private purposeNum: number) {} put(bytes: Uint8Array): SignaturePurposeBuilder { this.chunks.push(Uint8Array.from(bytes)); @@ -1031,6 +1032,27 @@ export namespace AgeRestriction { }; } + /** + * Check that c1 = c2*salt + */ + export async function commitCompare( + c1: AgeCommitment, + c2: AgeCommitment, + salt: OpaqueData, + ): Promise<boolean> { + if (c1.publicKeys.length != c2.publicKeys.length) { + return false; + } + for (let i = 0; i < c1.publicKeys.length; i++) { + const k1 = c1.publicKeys[i]; + const k2 = await Edx25519.publicKeyDerive(c2.publicKeys[i], salt); + if (k1 != k2) { + return false; + } + } + return true; + } + export async function commitmentDerive( commitmentProof: AgeCommitmentProof, salt: OpaqueData, @@ -1081,9 +1103,24 @@ export namespace AgeRestriction { } export function commitmentVerify( - commitmentProof: AgeCommitmentProof, + commitment: AgeCommitment, + sig: string, age: number, - ): Edx25519Signature { - throw Error("not implemented"); + ): boolean { + const d = buildSigPS(TalerSignaturePurpose.WALLET_AGE_ATTESTATION) + .put(bufferForUint32(commitment.mask)) + .put(bufferForUint32(age)) + .build(); + const group = getAgeGroupIndex(commitment.mask, age); + if (group === 0) { + // No attestation required. + return true; + } + const pub = commitment.publicKeys[group - 1]; + return nacl.crypto_edx25519_sign_detached_verify( + d, + decodeCrock(sig), + decodeCrock(pub), + ); } } |