Class BBDT16Mac

Proof of knowledge of BBDT16 MAC protocol

Hierarchy (view full)

Constructors

constructor

Properties

value maxEncodedLength textDecoder textEncoder

Accessors

bytes hex length

Methods

verify verifyMessageObject encodeMessageForSigning encodeMessageForSigningConstantTime encodePositiveNumberForSigning fromBytes fromHex generate getSignedMessageObjectWithProof reversibleDecodeStringForSigning reversibleEncodeStringForSigning signMessageObject

Constructors

constructor

Properties

value

value: Uint8Array

Static ReadonlymaxEncodedLength

maxEncodedLength = 32

The field element size is 32 bytes so the maximum byte size of encoded message must be 32.

Static ReadonlytextDecoder

textDecoder: TextDecoder = ...

Static ReadonlytextEncoder

textEncoder: TextEncoder = ...

Accessors

bytes

  • get bytes(): Uint8Array

  • Return the wrapped bytearray

    Returns Uint8Array

hex

  • get hex(): string

  • Return the hex representation of the wrapped bytearray

    Returns string

length

  • get length(): number

  • Return the length of the wrapped bytearray

    Returns number

Methods

verify

  • verify(messages, secretKey, params, encodeMessages): VerifyResult

  • Verify the MAC

    Parameters

    • messages: Uint8Array[]

      Ordered list of messages. Order and contents should be kept same for both signer and verifier

    • secretKey: BBDT16MacSecretKey
    • params: BBDT16MacParams
    • encodeMessages: boolean

      If true, the messages are encoded as field elements otherwise they are assumed to be already encoded.

    Returns VerifyResult

verifyMessageObject

  • verifyMessageObject(messages, secretKey, labelOrParams, encoder, useConstantTimeEncoding?): VerifyResult

  • Verifies the MAC on the given messages. Takes the messages as a JS object, flattens it, encodes the values similar to signing and then verifies the MAC.

    Parameters

    Returns VerifyResult

StaticencodeMessageForSigning

  • encodeMessageForSigning(message): Uint8Array

  • This is an irreversible encoding as a hash function is used to convert a message of arbitrary length to a fixed length encoding.

    Parameters

    • message: Uint8Array

    Returns Uint8Array

StaticencodeMessageForSigningConstantTime

  • encodeMessageForSigningConstantTime(message): Uint8Array

  • This is an irreversible encoding as a hash function is used to convert a message of arbitrary length to a fixed length encoding.

    Parameters

    • message: Uint8Array

    Returns Uint8Array

StaticencodePositiveNumberForSigning

StaticfromBytes

StaticfromHex

Staticgenerate

  • generate(messages, secretKey, params, encodeMessages): BBDT16Mac

  • Signer creates a new MAC

    Parameters

    • messages: Uint8Array[]

      Ordered list of messages. Order and contents should be kept same for both signer and verifier

    • secretKey: BBDT16MacSecretKey
    • params: BBDT16MacParams
    • encodeMessages: boolean

      If true, the messages are encoded as field elements otherwise they are assumed to be already encoded.

    Returns BBDT16Mac

StaticgetSignedMessageObjectWithProof

StaticreversibleDecodeStringForSigning

  • reversibleDecodeStringForSigning(message, decompress?): string

  • Decode the given representation. This should only be used when the encoding was done using this.reversibleEncodeStringMessageForSigning. Also, this function trims any characters from the first occurrence of a null characters (UTF-16 code unit 0) so if the encoded (using this.reversibleEncodeStringMessageForSigning) string also had a null then the decoded string will be different from it.

    Parameters

    • message: Uint8Array
    • decompress: boolean = false

      whether to decompress the bytes before converting to a string

    Returns string

StaticreversibleEncodeStringForSigning

  • reversibleEncodeStringForSigning(message, compress?): Uint8Array

  • Encode the given string to bytes and create a field element by considering the bytes in little-endian format. Use this way of encoding only if the input string's UTF-8 representation is <= 32 bytes else this will throw an error. Also adds trailing 0s to the bytes to make the size 32 bytes so use this function carefully. The only place this is currently useful is verifiable encryption as in some cases the prover might not be willing/available at the time of decryption and thus the decryptor must be able to decrypt it independently. This is different from selective disclosure where the verifier can check that the revealed message is same as the encoded one before even verifying the proof.

    Parameters

    • message: string

      utf-8 string of at most 32 bytes

    • compress: boolean = false

      whether to compress the text before encoding to bytes. Compression might not always help as things like public keys, DIDs, UUIDs, etc. are designed to be random and thus won't be compressed

    Returns Uint8Array

StaticsignMessageObject

Settings

Member Visibility

On This Page

Constructors
Properties
Accessors
Methods