switch to Vec<u8> and ciphersuite endianess

2022-11-23 12:44:10 -03:00 · 2022-11-23 12:44:10 -03:00 · 530b5eef45
parent f44421cf63
commit 530b5eef45
4 changed files with 27 additions and 9 deletions
--- a/frost-core/src/error.rs
+++ b/frost-core/src/error.rs
@ -55,8 +55,9 @@ pub enum Error {
    #[error("Invalid signature share.")]
    InvalidSignatureShare {
        /// The identifier of the signer whose share validation failed,
-        /// encoded as a little-endian byte string in hex format.
-        signer: String,
+        /// encoded as a byte vector with ciphersuite-dependent endianness
+        /// (can be decoded with [`Identifier::deserialize`]).
+        signer: Vec<u8>,
    },
    /// Secret share verification failed.
    #[error("Invalid secret share.")]
--- a/frost-core/src/frost/identifier.rs
+++ b/frost-core/src/frost/identifier.rs
@ -19,10 +19,23 @@ impl<C> Identifier<C>
 where
    C: Ciphersuite,
 {
-    // Serialize the underlying scalar.
-    pub(crate) fn serialize(&self) -> <<C::Group as Group>::Field as Field>::Serialization {
+    /// Serialize the identifier using the ciphersuite encoding.
+    pub fn serialize(&self) -> <<C::Group as Group>::Field as Field>::Serialization {
        <<C::Group as Group>::Field>::serialize(&self.0)
    }
+
+    /// Deserialize an Identifier from a serialized buffer.
+    /// Returns an error if it attempts to deserialize zero.
+    pub fn deserialize(
+        buf: &<<C::Group as Group>::Field as Field>::Serialization,
+    ) -> Result<Self, Error> {
+        let scalar = <<C::Group as Group>::Field>::deserialize(buf)?;
+        if scalar == <<C::Group as Group>::Field>::zero() {
+            Err(Error::InvalidZeroScalar)
+        } else {
+            Ok(Self(scalar))
+        }
+    }
 }

 impl<C> Display for Identifier<C>
--- a/frost-core/src/frost/round2.rs
+++ b/frost-core/src/frost/round2.rs
@ -91,7 +91,7 @@ where
            != (group_commitment_share.0 + (public_key.0 * challenge.0 * lambda_i))
        {
            return Err(Error::InvalidSignatureShare {
-                signer: self.identifier.to_string(),
+                signer: self.identifier.serialize().as_ref().to_vec(),
            });
        }

--- a/frost-core/src/tests.rs
+++ b/frost-core/src/tests.rs
@ -1,7 +1,11 @@
 //! Ciphersuite-generic test functions.
 use std::{collections::HashMap, convert::TryFrom};

-use crate::{frost, Error, Field, Group};
+use crate::{
+    frost::{self, Identifier},
+    Error, Field, Group,
+};
+use debugless_unwrap::DebuglessUnwrap;
 use rand_core::{CryptoRng, RngCore};

 use crate::Ciphersuite;
@ -84,9 +88,9 @@ fn check_corrupted_share<C: Ciphersuite + PartialEq, R: RngCore + CryptoRng>(
    match group_signature_res {
        Ok(_) => panic!("should fail"),
        Err(Error::InvalidSignatureShare { signer }) => {
-            // starts_with is used instead of equality so that this works even with larger scalar fields
-            assert!(signer
-                .starts_with("0100000000000000000000000000000000000000000000000000000000000000"));
+            let decoded_identifier =
+                Identifier::deserialize(&signer.try_into().debugless_unwrap()).unwrap();
+            assert_eq!(identifier_one, decoded_identifier);
        }
        Err(_) => panic!("should fail with InvalidSignatureShare"),
    }