1 // Copyright 2023 Google LLC 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // https://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 #ifndef ANONYMOUS_TOKENS_CPP_CLIENT_ANONYMOUS_TOKENS_RSA_BSSA_CLIENT_H_ 16 #define ANONYMOUS_TOKENS_CPP_CLIENT_ANONYMOUS_TOKENS_RSA_BSSA_CLIENT_H_ 17 18 #include <memory> 19 #include <string> 20 #include <vector> 21 22 #include "absl/container/flat_hash_map.h" 23 #include "absl/status/statusor.h" 24 #include "absl/strings/string_view.h" 25 #include "absl/types/optional.h" 26 #include "anonymous_tokens/cpp/crypto/rsa_blinder.h" 27 #include "anonymous_tokens/proto/anonymous_tokens.pb.h" 28 29 namespace anonymous_tokens { 30 31 // This class generates AnonymousTokens RSA blind signatures, 32 // (https://datatracker.ietf.org/doc/draft-irtf-cfrg-rsa-blind-signatures/) 33 // blind message signing request and processes the response. 34 // 35 // Each execution of the Anonymous Tokens RSA blind signatures protocol requires 36 // a new instance of the AnonymousTokensRsaBssaClient. 37 // 38 // This class is not thread-safe. 39 class AnonymousTokensRsaBssaClient { 40 public: 41 // AnonymousTokensRsaBssaClient is neither copyable nor copy assignable. 42 AnonymousTokensRsaBssaClient(const AnonymousTokensRsaBssaClient&) = delete; 43 AnonymousTokensRsaBssaClient& operator=(const AnonymousTokensRsaBssaClient&) = 44 delete; 45 46 // Create client with the specified public key which can be used to send a 47 // sign request and process a response. 48 // 49 // This method is to be used to create a client as its constructor is private. 50 // It takes as input RSABlindSignaturePublicKey which contains the public key 51 // and relevant parameters. 52 static absl::StatusOr<std::unique_ptr<AnonymousTokensRsaBssaClient>> Create( 53 const RSABlindSignaturePublicKey& public_key); 54 55 // Class method that creates the signature requests by taking a vector where 56 // each element in the vector is the plaintext message along with its 57 // respective public metadata (if the metadata exists). 58 // 59 // The library will also fail if the key has expired. 60 // 61 // It only puts the blinded version of the messages in the request. 62 absl::StatusOr<AnonymousTokensSignRequest> CreateRequest( 63 const std::vector<PlaintextMessageWithPublicMetadata>& inputs); 64 65 // Class method that processes the signature response from the server. 66 // 67 // It outputs a vector of a protos where each element contains an input 68 // plaintext message and associated public metadata (if it exists) along with 69 // its final (unblinded) anonymous token resulting from the RSA blind 70 // signatures protocol. 71 absl::StatusOr<std::vector<RSABlindSignatureTokenWithInput>> ProcessResponse( 72 const AnonymousTokensSignResponse& response); 73 74 // Method to verify whether an anonymous token is valid or not. 75 // 76 // Returns OK on a valid token and non-OK otherwise. 77 absl::Status Verify(const RSABlindSignaturePublicKey& public_key, 78 const RSABlindSignatureToken& token, 79 const PlaintextMessageWithPublicMetadata& input); 80 81 private: 82 struct BlindingInfo { 83 PlaintextMessageWithPublicMetadata input; 84 std::string mask; 85 std::unique_ptr<RsaBlinder> rsa_blinder; 86 }; 87 88 explicit AnonymousTokensRsaBssaClient( 89 const RSABlindSignaturePublicKey& public_key); 90 91 const RSABlindSignaturePublicKey public_key_; 92 absl::flat_hash_map<std::string, BlindingInfo> blinding_info_map_; 93 }; 94 95 } // namespace anonymous_tokens 96 97 #endif // ANONYMOUS_TOKENS_CPP_CLIENT_ANONYMOUS_TOKENS_RSA_BSSA_CLIENT_H_ 98