1 // Copyright 2023 Google LLC 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // https://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 #ifndef ANONYMOUS_TOKENS_CPP_CLIENT_ANONYMOUS_TOKENS_RSA_BSSA_CLIENT_H_ 16 #define ANONYMOUS_TOKENS_CPP_CLIENT_ANONYMOUS_TOKENS_RSA_BSSA_CLIENT_H_ 17 18 #include <memory> 19 #include <string> 20 #include <vector> 21 22 #include "absl/container/flat_hash_map.h" 23 #include "absl/status/statusor.h" 24 #include "absl/strings/string_view.h" 25 #include "absl/types/optional.h" 26 #include "anonymous_tokens/cpp/crypto/rsa_blinder.h" 27 #include "anonymous_tokens/proto/anonymous_tokens.pb.h" 28 29 30 namespace anonymous_tokens { 31 32 // This class generates AnonymousTokens RSA blind signatures, 33 // (https://datatracker.ietf.org/doc/draft-irtf-cfrg-rsa-blind-signatures/) 34 // blind message signing request and processes the response. 35 // 36 // Each execution of the Anonymous Tokens RSA blind signatures protocol requires 37 // a new instance of the AnonymousTokensRsaBssaClient. 38 // 39 // This class is not thread-safe. 40 class AnonymousTokensRsaBssaClient { 41 public: 42 // AnonymousTokensRsaBssaClient is neither copyable nor copy assignable. 43 AnonymousTokensRsaBssaClient(const AnonymousTokensRsaBssaClient&) = delete; 44 AnonymousTokensRsaBssaClient& operator=(const AnonymousTokensRsaBssaClient&) = 45 delete; 46 47 // Create client with the specified public key which can be used to send a 48 // sign request and process a response. 49 // 50 // This method is to be used to create a client as its constructor is private. 51 // It takes as input RSABlindSignaturePublicKey which contains the public key 52 // and relevant parameters. 53 static absl::StatusOr<std::unique_ptr<AnonymousTokensRsaBssaClient>> Create( 54 const RSABlindSignaturePublicKey& public_key); 55 56 // Class method that creates the signature requests by taking a vector where 57 // each element in the vector is the plaintext message along with its 58 // respective public metadata (if the metadata exists). 59 // 60 // The library will also fail if the key has expired. 61 // 62 // It only puts the blinded version of the messages in the request. 63 absl::StatusOr<AnonymousTokensSignRequest> CreateRequest( 64 const std::vector<PlaintextMessageWithPublicMetadata>& inputs); 65 66 // Class method that processes the signature response from the server. 67 // 68 // It outputs a vector of a protos where each element contains an input 69 // plaintext message and associated public metadata (if it exists) along with 70 // its final (unblinded) anonymous token resulting from the RSA blind 71 // signatures protocol. 72 absl::StatusOr<std::vector<RSABlindSignatureTokenWithInput>> ProcessResponse( 73 const AnonymousTokensSignResponse& response); 74 75 // Method to verify whether an anonymous token is valid or not. 76 // 77 // Returns OK on a valid token and non-OK otherwise. 78 absl::Status Verify(const RSABlindSignaturePublicKey& public_key, 79 const RSABlindSignatureToken& token, 80 const PlaintextMessageWithPublicMetadata& input); 81 82 private: 83 struct BlindingInfo { 84 PlaintextMessageWithPublicMetadata input; 85 std::string mask; 86 std::unique_ptr<RsaBlinder> rsa_blinder; 87 }; 88 89 explicit AnonymousTokensRsaBssaClient( 90 const RSABlindSignaturePublicKey& public_key); 91 92 const RSABlindSignaturePublicKey public_key_; 93 absl::flat_hash_map<std::string, BlindingInfo> blinding_info_map_; 94 }; 95 96 } // namespace anonymous_tokens 97 98 99 #endif // ANONYMOUS_TOKENS_CPP_CLIENT_ANONYMOUS_TOKENS_RSA_BSSA_CLIENT_H_ 100