com.concordium.sdk.crypto

Class CryptoJniNative

java.lang.Object

com.concordium.sdk.crypto.CryptoJniNative

public class CryptoJniNative
extends Object

Constructor Summary

Constructors

Constructor and Description
CryptoJniNative()

Method Summary

Modifier and Type	Method and Description
static String	computeCredentialDeploymentSignDigest(String input) Computes the sign digest of a new credential deployment.
static String	createIdentityRecoveryRequest(String input) Creates an identity recovery request that is to be sent to an identity provider when recovering a previously created identity.
static String	createIdentityRequestV1(String input) Creates an identity request that is to be sent to an identity provider when creating a new identity.
static String	createSecToPubTransfer(String input) Creates a transfer from the encrypted amount to a public account payload, using the provided input string.
static String	createUnsignedCredentialV1(String input) Creates an unsigned credential.
static String	createWeb3IdProof(String input) Creates a web3Id presentation for the given statement.
static String	generateBakerKeys() Generates baker keys.
static String	generateConfigureBakerKeysPayload(String input) Generates a configure baker keys payload, using the provided input string.
static String	generateEncryptedTransfer(String input) Generates an encrypted transfer payload, using the provided input string.
static int	generatePublicKey(byte[] secretKey, byte[] buffer) Generates the public key corresponding to the given secret key, and stores it in the provided buffer.
static int	generateSecretKey(byte[] buffer) Generates a new secret key and stores it in the provided buffer.
static String	getAccountPublicKey(String seedAsHex, Network network, int identityProviderIndex, int identityIndex, int credentialCounter) Derives an account public key from the provided seed and network for the given indices.
static String	getAccountSigningKey(String seedAsHex, Network network, int identityProviderIndex, int identityIndex, int credentialCounter) Derives an account signing key from the provided seed and network for the given indices.
static String	getAttributeCommitmentRandomness(String seedAsHex, Network network, int identityProviderIndex, int identityIndex, int credentialCounter, int attribute) Derives the attribute commitment randomness for a specific attribute.
static String	getCredentialId(String seedAsHex, Network network, int identityProviderIndex, int identityIndex, int credentialCounter, String commitmentKey) Gets the credential ID for a specific credential defined by the identity provider index, identity index and the credential counter.
static String	getIdCredSec(String seedAsHex, Network network, int identityProviderIndex, int identityIndex) Derives id cred sec from the provided seed and network for the given indices.
static String	getPrfKey(String seedAsHex, Network network, int identityProviderIndex, int identityIndex) Derives a PRF-key from the provided seed and network for the given indices.
static String	getSignatureBlindingRandomness(String seedAsHex, Network network, int identityProviderIndex, int identityIndex) Derives the signature blinding randomness for a specific identity.
static String	getVerifiableCredentialBackupEncryptionKey(String seedAsHex, Network network) Derives the verifiable credential backup encryption key.
static String	getVerifiableCredentialPublicKey(String seedAsHex, Network network, ContractAddress issuer, int verifiableCredentialIndex) Derives a verifiable credential public key.
static String	getVerifiableCredentialSigningKey(String seedAsHex, Network network, ContractAddress issuer, int verifiableCredentialIndex) Derives a verifiable credential signing key.
static String	isAcceptableAtomicStatement(String input, String rangeTags, String setTags, AcceptableRequest.RawAttributeCheck check) Check that an atomic is acceptable, with the given restrictions
static String	isAcceptableRequest(String input) Check that a request is acceptable
static String	serializeCredentialDeploymentForSubmission(String input) Serializes a credential deployment for submission, i.e.
static String	serializeInitParameter(SchemaParameter parameter, InitName initName, byte[] schemaBytes, SchemaVersion schemaVersion, boolean verboseErrors) Serializes a parameter for an init function using a schema of the module.
static String	serializeReceiveParameter(SchemaParameter parameter, ReceiveName receiveName, byte[] schemaBytes, SchemaVersion schemaVersion, boolean verboseErrors) Serializes a parameter for a receive function using a schema of the module.
static int	sign(byte[] privateKey, byte[] message, byte[] out) Signs a message using the provided private key.
static int	verify(byte[] publicKey, byte[] message, byte[] signature) Verifies a signature for a message using the provided public key.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

CryptoJniNative

public CryptoJniNative()

Method Detail

sign

public static int sign(byte[] privateKey,
                       byte[] message,
                       byte[] out)

Signs a message using the provided private key.

Parameters:

privateKey - The private key to use for signing.

message - The message to sign.

out - The buffer to write the signature to.

Returns:

0 on success, non-zero on error.

verify

public static int verify(byte[] publicKey,
                         byte[] message,
                         byte[] signature)

Verifies a signature for a message using the provided public key.

Parameters:

publicKey - The public key to use for verification.

message - The message to verify the signature for.

signature - The signature to verify.

Returns:

0 if the signature is valid, non-zero on error or if the signature is invalid.

generateSecretKey

public static int generateSecretKey(byte[] buffer)

Generates a new secret key and stores it in the provided buffer.

Parameters:

buffer - The buffer to write the secret key to.

Returns:

0 on success, non-zero on error.

generatePublicKey

public static int generatePublicKey(byte[] secretKey,
                                    byte[] buffer)

Generates the public key corresponding to the given secret key, and stores it in the provided buffer.

Parameters:

secretKey - The secret key to generate the public key for.

buffer - The buffer to write the public key to.

Returns:

0 on success, non-zero on error.

createSecToPubTransfer

public static String createSecToPubTransfer(String input)

Creates a transfer from the encrypted amount to a public account payload, using the provided input string.

Parameters:

input - The input string to use for creating the transfer.

Returns:

The transfer data as a JSON string.

generateEncryptedTransfer

public static String generateEncryptedTransfer(String input)

Generates an encrypted transfer payload, using the provided input string.

Parameters:

input - The input string to use for generating the encrypted transfer.

Returns:

The encrypted transfer data as a JSON string.

generateBakerKeys

public static String generateBakerKeys()

Generates baker keys.

Returns:

The baker keys data as a JSON string.

generateConfigureBakerKeysPayload

public static String generateConfigureBakerKeysPayload(String input)

Generates a configure baker keys payload, using the provided input string.

Parameters:

input - The input string to use for generating the configure baker keys payload.

Returns:

The configure baker keys data as a JSON string.

serializeReceiveParameter

public static String serializeReceiveParameter(SchemaParameter parameter,
                                               ReceiveName receiveName,
                                               byte[] schemaBytes,
                                               SchemaVersion schemaVersion,
                                               boolean verboseErrors)

Serializes a parameter for a receive function using a schema of the module.

Parameters:

parameter - the parameter.

receiveName - the name of the contract and the method.

schemaBytes - schema of the contract.

schemaVersion - version of the schema.

verboseErrors - whether errors are returned in verbose format or not, can be useful when debugging why serialization fails.

Returns:

JSON representing SerializeParameterResult. If the serialization was successful, the field 'serializedParameter' contains the serialized parameter as hex encoded bytes. If not successful, the 'err' field contains a JNIError detailing what went wrong.

serializeInitParameter

public static String serializeInitParameter(SchemaParameter parameter,
                                            InitName initName,
                                            byte[] schemaBytes,
                                            SchemaVersion schemaVersion,
                                            boolean verboseErrors)

Serializes a parameter for an init function using a schema of the module.

Parameters:

parameter - the parameter.

initName - name of the contract.

schemaBytes - schema of the contract.

schemaVersion - version of the schema.

verboseErrors - whether errors are returned in verbose format or not, can be useful when debugging why serialization fails.

Returns:

JSON representing SerializeParameterResult. If the serialization was successful, the field 'serializedParameter' contains the serialized parameter as hex encoded bytes. If not successful, the 'err' field contains a JNIError detailing what went wrong.

getAccountSigningKey

public static String getAccountSigningKey(String seedAsHex,
                                          Network network,
                                          int identityProviderIndex,
                                          int identityIndex,
                                          int credentialCounter)

Derives an account signing key from the provided seed and network for the given indices.

Parameters:

seedAsHex - the seed derived from a seed phrase as a hex string

network - the network that the derived key is for

identityProviderIndex - the index of the identity provider that the account is associated with interpreted as a u32.

identityIndex - the index of the identity that the account is associated with interpreted as a u32.

credentialCounter - the number of the credential interpreted as a u32.

Returns:

JSON representing StringResult. If successful the field 'result' contains the hex encoded account signing key. If not successful, the 'err' field contains a JNIError detailing what went wrong.

getAccountPublicKey

public static String getAccountPublicKey(String seedAsHex,
                                         Network network,
                                         int identityProviderIndex,
                                         int identityIndex,
                                         int credentialCounter)

Derives an account public key from the provided seed and network for the given indices.

Parameters:

seedAsHex - the seed derived from a seed phrase as a hex string

network - the network that the derived key is for

identityProviderIndex - the index of the identity provider that the account is associated with interpreted as a u32.

identityIndex - the index of the identity that the account is associated with interpreted as a u32.

credentialCounter - the number of the credential interpreted as a u32.

Returns:

JSON representing StringResult. If successful the field 'result' contains the hex encoded account public key. If not successful, the 'err' field contains a JNIError detailing what went wrong.

getIdCredSec

public static String getIdCredSec(String seedAsHex,
                                  Network network,
                                  int identityProviderIndex,
                                  int identityIndex)

Derives id cred sec from the provided seed and network for the given indices.

Parameters:

seedAsHex - the seed derived from a seed phrase as a hex string

network - the network that the derived key is for

identityProviderIndex - the index of the identity provider that the account is associated with interpreted as a u32.

identityIndex - the index of the identity that the account is associated with interpreted as a u32.

Returns:

JSON representing StringResult. If successful the field 'result' contains the hex id cred sec. If not successful, the 'err' field contains a JNIError detailing what went wrong.

getPrfKey

public static String getPrfKey(String seedAsHex,
                               Network network,
                               int identityProviderIndex,
                               int identityIndex)

Derives a PRF-key from the provided seed and network for the given indices.

Parameters:

seedAsHex - the seed derived from a seed phrase as a hex string

network - the network that the derived key is for

identityProviderIndex - the index of the identity provider that the account is associated with interpreted as a u32.

identityIndex - the index of the identity that the account is associated with interpreted as a u32.

Returns:

JSON representing StringResult. If successful the field 'result' contains the hex encoded PRF-key. If not successful, the 'err' field contains a JNIError detailing what went wrong.

getCredentialId

public static String getCredentialId(String seedAsHex,
                                     Network network,
                                     int identityProviderIndex,
                                     int identityIndex,
                                     int credentialCounter,
                                     String commitmentKey)

Gets the credential ID for a specific credential defined by the identity provider index, identity index and the credential counter.

Parameters:

seedAsHex - the seed derived from a seed phrase as a hex string

network - the network that the derived key is for

identityProviderIndex - the index of the identity provider that the account is associated with interpreted as a u32.

identityIndex - the index of the identity that the account is associated with interpreted as a u32.

credentialCounter - the credential number of the credential to get the id for interpreted as a u8.

commitmentKey - the on chain commitment key. This value can be retrieved from a node through its gRPC interface.

Returns:

JSON representing StringResult. If successful the field 'result' contains the hex encoded credential id. If not successful, the 'err' field contains a JNIError detailing what went wrong.

getSignatureBlindingRandomness

public static String getSignatureBlindingRandomness(String seedAsHex,
                                                    Network network,
                                                    int identityProviderIndex,
                                                    int identityIndex)

Derives the signature blinding randomness for a specific identity.

Parameters:

seedAsHex - the seed derived from a seed phrase as a hex string

network - the network that the derived randomness is for

identityProviderIndex - the index of the identity provider interpreted as a u32.

identityIndex - the index of the identity interpreted as a u32.

Returns:

JSON representing StringResult. If successful the field 'result' contains the hex encoded signature blinding randomness. If not successful, the 'err' field contains a JNIError detailing what went wrong.

getAttributeCommitmentRandomness

public static String getAttributeCommitmentRandomness(String seedAsHex,
                                                      Network network,
                                                      int identityProviderIndex,
                                                      int identityIndex,
                                                      int credentialCounter,
                                                      int attribute)

Derives the attribute commitment randomness for a specific attribute.

Parameters:

seedAsHex - the seed derived from a seed phrase as a hex string

network - the network that the derived randomness is for

identityProviderIndex - the index of the identity provider interpreted as a u32.

identityIndex - the index of the identity interpreted as a u32.

credentialCounter - the credential number that the attribute is randomness is for interpreted as a u32.

attribute - the attribute key index interpreted as a u8.

Returns:

JSON representing StringResult. If successful the field 'result' contains the hex encoded attribute commitment randomness. If not successful, the 'err' field contains a JNIError detailing what went wrong.

getVerifiableCredentialSigningKey

public static String getVerifiableCredentialSigningKey(String seedAsHex,
                                                       Network network,
                                                       ContractAddress issuer,
                                                       int verifiableCredentialIndex)

Derives a verifiable credential signing key.

Parameters:

seedAsHex - the seed derived from a seed phrase as a hex string

network - the network that the derived randomness is for

issuer - the verifiable credential issuer contract

verifiableCredentialIndex - the index of the verifiable credential to derive a signing key for interpreted as a u32

Returns:

JSON representing StringResult. If successful the field 'result' contains the hex encoded verifiable credential signing key. If not successful, the 'err' field contains a JNIError detailing what went wrong.

getVerifiableCredentialPublicKey

public static String getVerifiableCredentialPublicKey(String seedAsHex,
                                                      Network network,
                                                      ContractAddress issuer,
                                                      int verifiableCredentialIndex)

Derives a verifiable credential public key.

Parameters:

seedAsHex - the seed derived from a seed phrase as a hex string

network - the network that the derived randomness is for

issuer - the verifiable credential issuer contract

verifiableCredentialIndex - the index of the verifiable credential to derive a public key for interpreted as a u32

Returns:

JSON representing StringResult. If successful the field 'result' contains the hex encoded verifiable credential public key. If not successful, the 'err' field contains a JNIError detailing what went wrong.

getVerifiableCredentialBackupEncryptionKey

public static String getVerifiableCredentialBackupEncryptionKey(String seedAsHex,
                                                                Network network)

Derives the verifiable credential backup encryption key. This key should be used to encrypt the backup file of verifiable credentials. The key is derived from the seed phrase so that a user can access the backup file when only holding the seed phrase.

Returns:

JSON representing StringResult. If successful the field 'result' contains the hex encoded verifiable credential backup encryption key. If not successful, the 'err' field contains a JNIError detailing what went wrong.

createIdentityRequestV1

public static String createIdentityRequestV1(String input)

Creates an identity request that is to be sent to an identity provider when creating a new identity.

Parameters:

input - IdentityRequestInput serialized as JSON

Returns:

JSON representing StringResult. If successful the field 'result' contains the identity request as JSON. If not successful, the 'err' field contains a JNIError detailing what went wrong.

createIdentityRecoveryRequest

public static String createIdentityRecoveryRequest(String input)

Creates an identity recovery request that is to be sent to an identity provider when recovering a previously created identity.

Parameters:

input - IdentityRecoveryRequestInput serialized as JSON

Returns:

JSON representing StringResult. If successful the field 'result' contains the identity recovery request as JSON. If not successful, the 'err' field contains a JNIError detailing what went wrong.

createUnsignedCredentialV1

public static String createUnsignedCredentialV1(String input)

Creates an unsigned credential.

Parameters:

input - UnsignedCredentialInput serialized as JSON.

Returns:

JSON representing StringResult. If successful the field 'result' contains the unsigned credential as JSON. If not successful, the 'err' field contains a JNIError detailing what went wrong.

computeCredentialDeploymentSignDigest

public static String computeCredentialDeploymentSignDigest(String input)

Computes the sign digest of a new credential deployment. This digest is the one that needs to be signed to be able to submit the transaction.

Parameters:

input - CredentialDeploymentDetails serialized as JSON.

Returns:

JSON representing StringResult. If successful the field 'result' contains the sign digest of CredentialDeploymentDetails as a hex encoded string. If not successful, the 'err' field contains a JNIError detailing what went wrong.

serializeCredentialDeploymentForSubmission

public static String serializeCredentialDeploymentForSubmission(String input)

Serializes a credential deployment for submission, i.e. it includes the signatures.

Parameters:

input - CredentialDeploymentSerializationContext serialized as JSON.

Returns:

JSON representing StringResult. If successful the field 'result' contains the serialization of CredentialDeploymentSerializationContext as a hex encoded string. If not successful, the 'err' field contains a JNIError detailing what went wrong.

createWeb3IdProof

public static String createWeb3IdProof(String input)

Creates a web3Id presentation for the given statement.

Parameters:

input - Web3IdProofInput serialized as JSON.

Returns:

JSON representing StringResult. If successful the field 'result' contains the Web3IdProof as JSON.

isAcceptableRequest

public static String isAcceptableRequest(String input)

Check that a request is acceptable

Parameters:

input - Request serialized as JSON.

Returns:

JSON representing VoidResult. If successful the field 'result' is empty, but if not acceptable the reason will be contained in the error.

isAcceptableAtomicStatement

public static String isAcceptableAtomicStatement(String input,
                                                 String rangeTags,
                                                 String setTags,
                                                 AcceptableRequest.RawAttributeCheck check)

Check that an atomic is acceptable, with the given restrictions

Parameters:

input - Request serialized as JSON.

rangeTags - the list of tags, which may be used for range statements, serialized as JSON.

setTags - the list of tags, which may be used for membership statements, serialized as JSON.

check - provides the function to check whether the statement value is acceptable.

Returns:

JSON representing VoidResult. If successful the field 'result' is empty, but if not acceptable the reason will be contained in the error.