@Test public void testReIssuance() throws Exception { int keyLength = 2048; SecretWrapper uproveSecretWrapper = new SecretWrapper(IntegrationTestUtil.getUProveSecret()); UProveUtils uproveUtils = new UProveUtils(); // Get Injectors, Injector revocationInjector = Guice.createInjector( IntegrationModuleFactory.newModule( new Random(1231), CryptoEngine.IDEMIX, uproveUtils.getUserServicePort())); RevocationProxyAuthority revocationProxyAuthority = revocationInjector.getInstance(RevocationProxyAuthority.class); Injector governmentInjector = Guice.createInjector( BridgingModuleFactory.newModule( new Random(1231), IssuerCryptoEngine.UPROVE, uproveUtils.getIssuerServicePort(), revocationProxyAuthority)); Injector fakeInjector = Guice.createInjector( IntegrationModuleFactory.newModule( new Random(1231), CryptoEngine.IDEMIX, uproveUtils.getUserServicePort())); Injector userInjector = Guice.createInjector( BridgingModuleFactory.newModule( new Random(1231), uproveUtils.getUserServicePort(), revocationProxyAuthority)); Injector verifierInjector = Guice.createInjector( BridgingModuleFactory.newModule( new Random(1231), uproveUtils.getVerifierServicePort(), revocationProxyAuthority)); IssuerAbcEngine governmentEngine = governmentInjector.getInstance(IssuerAbcEngine.class); SystemParameters systemParameters = governmentEngine.setupSystemParameters(keyLength, CryptoUriUtil.getUproveMechanism()); IssuerAbcEngine fakeEngine = fakeInjector.getInstance(IssuerAbcEngine.class); SystemParameters ideMixSystemParameters = fakeEngine.setupSystemParameters(keyLength, CryptoUriUtil.getIdemixMechanism()); systemParameters.getAny().addAll(ideMixSystemParameters.getAny()); // Load secret and store it. CredentialManager userCredentialManager = userInjector.getInstance(CredentialManager.class); IssuanceHelper issuanceHelper = new IssuanceHelper(); // Setup key managers. KeyManager issuerKeyManager = governmentInjector.getInstance(KeyManager.class); KeyManager userKeyManager = userInjector.getInstance(KeyManager.class); KeyManager verifierKeyManager = verifierInjector.getInstance(KeyManager.class); KeyManager revocationKeyManager = revocationInjector.getInstance(KeyManager.class); issuerKeyManager.storeSystemParameters(systemParameters); userKeyManager.storeSystemParameters(systemParameters); verifierKeyManager.storeSystemParameters(systemParameters); revocationKeyManager.storeSystemParameters(systemParameters); // Setup issuance policies. IssuancePolicy issuancePolicyIdCard = getObjectFromXML(IntegrationTestUtil.ISSUANCE_POLICY_ID_CARD, true); URI idCardIssuancePolicyUid = issuancePolicyIdCard.getCredentialTemplate().getIssuerParametersUID(); // Load credential specifications. CredentialSpecification credSpecIdCard = getObjectFromXML(IntegrationTestUtil.CREDENTIAL_SPECIFICATION_ID_CARD, true); // Store credential specifications. URI credSpecIdCardUID = credSpecIdCard.getSpecificationUID(); issuerKeyManager.storeCredentialSpecification(credSpecIdCardUID, credSpecIdCard); verifierKeyManager.storeCredentialSpecification(credSpecIdCardUID, credSpecIdCard); // Generate revocation parameters. RevocationAbcEngine revocationEngine = revocationInjector.getInstance(RevocationAbcEngine.class); URI revParamsUid = IntegrationTestUtil.REVOCATION_PARAMETERS_UID; Reference revocationInfoReference = new Reference(); revocationInfoReference.setReferenceType(URI.create("https")); revocationInfoReference.getReferences().add(URI.create("example.org")); Reference nonRevocationEvidenceReference = new Reference(); nonRevocationEvidenceReference.setReferenceType(URI.create("https")); nonRevocationEvidenceReference.getReferences().add(URI.create("example.org")); Reference nonRrevocationUpdateReference = new Reference(); nonRrevocationUpdateReference.setReferenceType(URI.create("https")); nonRrevocationUpdateReference.getReferences().add(URI.create("example.org")); RevocationAuthorityParameters revocationAuthorityParameters = revocationEngine.setupRevocationAuthorityParameters( keyLength, CryptoUriUtil.getIdemixMechanism(), revParamsUid, revocationInfoReference, nonRevocationEvidenceReference, nonRrevocationUpdateReference); // Generate issuer parameters. URI hash = new URI("urn:abc4trust:1.0:hashalgorithm:sha-256"); IssuerParameters issuerParametersGovernment = governmentEngine.setupIssuerParameters( credSpecIdCard, systemParameters, idCardIssuancePolicyUid, hash, CryptoUriUtil.getUproveMechanism(), revParamsUid, null); issuerKeyManager.storeRevocationAuthorityParameters( revParamsUid, revocationAuthorityParameters); userKeyManager.storeRevocationAuthorityParameters(revParamsUid, revocationAuthorityParameters); verifierKeyManager.storeRevocationAuthorityParameters( revParamsUid, revocationAuthorityParameters); issuerKeyManager.storeIssuerParameters(idCardIssuancePolicyUid, issuerParametersGovernment); userKeyManager.storeIssuerParameters(idCardIssuancePolicyUid, issuerParametersGovernment); verifierKeyManager.storeIssuerParameters(idCardIssuancePolicyUid, issuerParametersGovernment); if (uproveSecretWrapper.isSecretOnSmartcard()) { // add smartcard to manager CardStorage cardStorage = userInjector.getInstance(CardStorage.class); cardStorage.addSmartcard( uproveSecretWrapper.getSoftwareSmartcard(), uproveSecretWrapper.getPin()); // sign issuer attributes and add to smartcard uproveSecretWrapper.addIssuerParameters(issuerParametersGovernment); } else { userCredentialManager.storeSecret(uproveSecretWrapper.getSecret()); // URI secretUid = secret.getSecretDescription().getSecretUID(); } // Get identity card. String birthday = "1995-05-05Z"; CredentialDescription cd3 = IntegrationTestUtil.issueAndStoreIdCard( governmentInjector, userInjector, issuanceHelper, birthday); Credential c = userCredentialManager.getCredential(cd3.getCredentialUID()); System.out.println("Printing credential: " + c); System.out.println( "Cred Desc: " + XmlUtils.toXml(of.createCredentialDescription(c.getCredentialDescription()))); System.out.println("CryptoParams size: " + c.getCryptoParams().getAny().size()); System.out.println( "Arraylist size: " + ((ArrayList<?>) c.getCryptoParams().getAny().get(0)).size()); // The verifier needs to retrive the latest revocation information // in order to put in the UID in the presentation policy. RevocationInformation revocationInformation = revocationEngine.updateRevocationInformation(revParamsUid); useOneToken( userInjector, verifierInjector, issuanceHelper, revocationInformation, cd3.getCredentialUID()); useOneToken( userInjector, verifierInjector, issuanceHelper, revocationInformation, cd3.getCredentialUID()); useOneToken( userInjector, verifierInjector, issuanceHelper, revocationInformation, cd3.getCredentialUID()); useOneToken( userInjector, verifierInjector, issuanceHelper, revocationInformation, cd3.getCredentialUID()); useOneToken( userInjector, verifierInjector, issuanceHelper, revocationInformation, cd3.getCredentialUID()); useOneToken( userInjector, verifierInjector, issuanceHelper, revocationInformation, cd3.getCredentialUID()); useOneToken( userInjector, verifierInjector, issuanceHelper, revocationInformation, cd3.getCredentialUID()); useOneToken( userInjector, verifierInjector, issuanceHelper, revocationInformation, cd3.getCredentialUID()); useOneToken( userInjector, verifierInjector, issuanceHelper, revocationInformation, cd3.getCredentialUID()); }
private void doIssuanceProtocol( IssuerAbcEngine issuerEngine, UserAbcEngine userEngine, IssuancePolicy ip, List<Attribute> issuerAtts) throws Exception { // Initialize ABC4Trust Issuance Protocol Issuer side // Returns an IssuancePolicy from CryptoEngineIssuer to be passed to CryptoEngineUser // initialization IssuanceMessageAndBoolean issuerIm = issuerEngine.initIssuanceProtocol(ip, issuerAtts); assertFalse(issuerIm.isLastMessage()); // Initialize ABC4Trust Issuance Protocol Prover side // FIXME: userEngine indirectly calls CryptoEngineUser.createIssuanceToken() with the // IssuancePolicy from the Issuer and returns an IssuanceToken // contained in the IssuanceMessage. This IssuanceToken is simply NOT used for now in the next // step of the UProve Credential Issuance protocol. // However, this seems to be the only proper way for now to initialise CryptoEngineUser to a // working state, despite the createIssuanceToken() step being // an optional step for the advanced Issuance setting not supported by UProve for now. IssuMsgOrCredDesc userIm = userEngine.issuanceProtocolStep(issuerIm.getIssuanceMessage()); // Execute the UProve issuance protocol: // Prover side asks issuer for first message issuerIm = issuerEngine.issuanceProtocolStep(userIm.im); assertFalse(issuerIm.isLastMessage()); // Prover side generates second message based on the first message userIm = userEngine.issuanceProtocolStep(issuerIm.getIssuanceMessage()); // Prover side asks issuer for third message based on the second message assertNotNull(userIm.im); issuerIm = issuerEngine.issuanceProtocolStep(userIm.im); assertNotNull(issuerIm.getIssuanceMessage()); // Prover side generates UProve Tokens based on the third message userIm = userEngine.issuanceProtocolStep(issuerIm.getIssuanceMessage()); boolean userLastMessage = (userIm.cd != null); assertTrue(issuerIm.isLastMessage() == userLastMessage); assertNull(userIm.im); assertNotNull(userIm.cd); // CredentialDescription actualCredDesc = userIm.cd; // ObjectFactory of = new ObjectFactory(); // String actualCredentialDesc = // XmlUtils.toNormalizedXML(of.createCredentialDescription(actualCredDesc)); // System.out.println(actualCredentialDesc); }
@Test() public void test() throws Exception { UProveUtils uproveUtils = new UProveUtils(); Injector issuerInjector = Guice.createInjector( IntegrationModuleFactory.newModule( new Random(1231), uproveUtils.getIssuerServicePort())); Injector userInjector = Guice.createInjector( IntegrationModuleFactory.newModule(new Random(1231), uproveUtils.getUserServicePort())); Injector verifierInjector = Guice.createInjector( IntegrationModuleFactory.newModule( new Random(1231), uproveUtils.getVerifierServicePort())); // Step 1. Load the credit card specification into the keystore. CredentialSpecification creditCardSpec = (CredentialSpecification) XmlUtils.getObjectFromXML( this.getClass() .getResourceAsStream( "/eu/abc4trust/sampleXml/uprove/credentialSpecificationCreditcardVisa.xml"), true); KeyManager keyManager = issuerInjector.getInstance(KeyManager.class); keyManager.storeCredentialSpecification(creditCardSpec.getSpecificationUID(), creditCardSpec); KeyManager userKeyManager = userInjector.getInstance(KeyManager.class); userKeyManager.storeCredentialSpecification( creditCardSpec.getSpecificationUID(), creditCardSpec); // Step 2. Load the issuance policy and attributes. IssuancePolicy ip = (IssuancePolicy) XmlUtils.getObjectFromXML( this.getClass() .getResourceAsStream( "/eu/abc4trust/sampleXml/uprove/issuancePolicyCreditcardVisa.xml"), true); // Populate CreditCard attribute values.. List<Attribute> issuerAtts = new ArrayList<Attribute>(); this.populateAttributes(issuerAtts); // Step 3. Init the issuer IssuerAbcEngine issuerEngine = issuerInjector.getInstance(IssuerAbcEngine.class); ReloadTokensInMemoryCommunicationStrategy reloadTokens = (ReloadTokensInMemoryCommunicationStrategy) userInjector.getInstance(ReloadTokensCommunicationStrategy.class); reloadTokens.setIssuerAbcEngine(issuerEngine); reloadTokens.setIssuancePolicy(ip); int idemixKeyLength = 2048; int uproveKeylength = 2048; URI cryptographicMechanism = CryptoUriUtil.getUproveMechanism(); SystemParameters sysParam = SystemParametersUtil.generatePilotSystemParameters_WithIdemixSpecificKeySize( idemixKeyLength, uproveKeylength); userKeyManager.storeSystemParameters(sysParam); keyManager.storeSystemParameters(sysParam); URI uid = ip.getCredentialTemplate().getIssuerParametersUID(); URI hash = CryptoUriUtil.getHashSha256(); URI revocationId = new URI("issuer-cpr-rev-id"); IssuerParameters issuerParameters = issuerEngine.setupIssuerParameters( creditCardSpec, sysParam, uid, hash, cryptographicMechanism, revocationId, null); // Store received issuer parameters in all keymanagers... keyManager.storeIssuerParameters(issuerParameters.getParametersUID(), issuerParameters); userKeyManager.storeIssuerParameters(issuerParameters.getParametersUID(), issuerParameters); KeyManager verifierKeyManager = verifierInjector.getInstance(KeyManager.class); verifierKeyManager.storeIssuerParameters(issuerParameters.getParametersUID(), issuerParameters); verifierKeyManager.storeSystemParameters(sysParam); // Step 4. Issue a credit card credential. UserAbcEngine userEngine = userInjector.getInstance(UserAbcEngine.class); this.doIssuanceProtocol(issuerEngine, userEngine, ip, issuerAtts); // Step 5. Generate a PresentationToken using a simple HotelBooking Policy with creditcard only // credential PresentationPolicyAlternatives presentationPolicyAlternatives = (PresentationPolicyAlternatives) XmlUtils.getObjectFromXML( this.getClass() .getResourceAsStream( "/eu/abc4trust/sampleXml/uprove/presentationPolicySimpleHotelBookingCreditCardOnly.xml"), true); PresentationToken presentationToken = userEngine.createPresentationToken(presentationPolicyAlternatives); // FIXME: Using createPresentationToken again with the same presentationPolicyAlternatives // causes a crash in MockIdentitySelection // PresentationToken presentationToken1 = // userEngine.createPresentationToken(presentationPolicyAlternatives); PresentationPolicyAlternatives presentationPolicyAlternatives2 = (PresentationPolicyAlternatives) XmlUtils.getObjectFromXML( this.getClass() .getResourceAsStream( "/eu/abc4trust/sampleXml/uprove/presentationPolicySimpleHotelBookingCreditCardOnlyNoPseudonym.xml"), true); PresentationToken presentationToken2 = userEngine.createPresentationToken(presentationPolicyAlternatives2); // We have run out of UProveTokens and must renew credential if (presentationToken2 == null) { this.doIssuanceProtocol(issuerEngine, userEngine, ip, issuerAtts); presentationToken2 = userEngine.createPresentationToken(presentationPolicyAlternatives2); } // Step 6. Verify the generated PresentationToken // Init the Issuer engine VerifierAbcEngine verifierEngine = verifierInjector.getInstance(VerifierAbcEngine.class); boolean verifyOK = true; try { PresentationTokenDescription verifyResult = verifierEngine.verifyTokenAgainstPolicy( presentationPolicyAlternatives, presentationToken, false); assertNotNull(verifyResult); } catch (TokenVerificationException ex) { verifyOK = false; System.out.println("Token Verify FAILED!!"); } assertTrue(verifyOK); try { PresentationTokenDescription verifyResult2 = verifierEngine.verifyTokenAgainstPolicy( presentationPolicyAlternatives2, presentationToken2, false); assertNotNull(verifyResult2); } catch (TokenVerificationException ex) { verifyOK = false; System.out.println("Token Verify FAILED!!"); } assertTrue(verifyOK); // // try to shut down UProve Services... // int exitCode = userInjector.getInstance(UProveBindingManager.class).stop(); // assertEquals("U-Prove exe must have exit code 0", 0, exitCode); // exitCode = issuerInjector.getInstance(UProveBindingManager.class).stop(); // assertEquals("U-Prove exe must have exit code 0", 0, exitCode); // exitCode = verifierInjector.getInstance(UProveBindingManager.class).stop(); // assertEquals("U-Prove exe must have exit code 0", 0, exitCode); }