85 lines
2.5 KiB
Python
85 lines
2.5 KiB
Python
"""Serialize / restore BBS+ member credentials and transport keys."""
|
|
|
|
from __future__ import annotations
|
|
|
|
import base64
|
|
import json
|
|
from pathlib import Path
|
|
from typing import Any
|
|
|
|
import zkac
|
|
|
|
|
|
def save_json(path: Path, obj: Any) -> None:
|
|
path.parent.mkdir(parents=True, exist_ok=True)
|
|
path.write_text(json.dumps(obj, indent=2), encoding="utf-8")
|
|
|
|
|
|
def load_json(path: Path) -> Any:
|
|
return json.loads(path.read_text(encoding="utf-8"))
|
|
|
|
|
|
def member_payload(
|
|
blind_sig: bytes,
|
|
req: zkac.BlindRequest,
|
|
role_id: bytes,
|
|
epoch: int,
|
|
issuer_pk: zkac.BbsPublicKey,
|
|
) -> dict[str, Any]:
|
|
return {
|
|
"role_id_hex": role_id.hex(),
|
|
"epoch": epoch,
|
|
"blind_sig_b64": base64.b64encode(blind_sig).decode(),
|
|
"member_secret_b64": base64.b64encode(req.member_secret()).decode(),
|
|
"prover_blind_b64": base64.b64encode(req.prover_blind()).decode(),
|
|
"issuer_public_key_b64": base64.b64encode(issuer_pk.to_bytes()).decode(),
|
|
}
|
|
|
|
|
|
def load_member_credential(data: dict[str, Any]) -> zkac.Credential:
|
|
pk = zkac.BbsPublicKey.from_bytes(base64.b64decode(data["issuer_public_key_b64"]))
|
|
rid = bytes.fromhex(data["role_id_hex"])
|
|
return zkac.Credential.finalize(
|
|
base64.b64decode(data["blind_sig_b64"]),
|
|
base64.b64decode(data["member_secret_b64"]),
|
|
base64.b64decode(data["prover_blind_b64"]),
|
|
rid,
|
|
int(data["epoch"]),
|
|
pk,
|
|
)
|
|
|
|
|
|
def save_transport_keypair(path: Path, kp: zkac.Keypair) -> None:
|
|
save_json(
|
|
path,
|
|
{
|
|
"secret_key_b64": base64.b64encode(kp.secret_key_bytes()).decode(),
|
|
"public_key_b64": base64.b64encode(kp.public_key().to_bytes()).decode(),
|
|
},
|
|
)
|
|
|
|
|
|
def load_transport_keypair(path: Path) -> zkac.Keypair:
|
|
t = load_json(path)
|
|
return zkac.Keypair.from_secret_key(base64.b64decode(t["secret_key_b64"]))
|
|
|
|
|
|
def save_server_transport(path: Path, kp: zkac.Keypair) -> None:
|
|
save_json(
|
|
path,
|
|
{
|
|
"server_secret_key_b64": base64.b64encode(kp.secret_key_bytes()).decode(),
|
|
"server_public_key_b64": base64.b64encode(kp.public_key().to_bytes()).decode(),
|
|
},
|
|
)
|
|
|
|
|
|
def load_server_public_key(path: Path) -> zkac.PublicKey:
|
|
t = load_json(path)
|
|
return zkac.PublicKey.from_bytes(base64.b64decode(t["server_public_key_b64"]))
|
|
|
|
|
|
def load_server_keypair(path: Path) -> zkac.Keypair:
|
|
t = load_json(path)
|
|
return zkac.Keypair.from_secret_key(base64.b64decode(t["server_secret_key_b64"]))
|