ccs08: verify challenge
This commit is contained in:
parent
bc2138c3cd
commit
70afaf2c56
40
src/ccs08.rs
40
src/ccs08.rs
|
@ -131,7 +131,11 @@ impl<E: Engine> ParamsUL<E> {
|
||||||
|
|
||||||
let C = self.com.commit(rng, modx, Some(r));
|
let C = self.com.commit(rng, modx, Some(r));
|
||||||
// Fiat-Shamir heuristic
|
// Fiat-Shamir heuristic
|
||||||
let c = hash::<E>(proofStates.clone(), D.clone());
|
let mut a = Vec::<E::Fqk>::with_capacity(self.l as usize);
|
||||||
|
for state in proofStates.clone() {
|
||||||
|
a.push(state.a);
|
||||||
|
}
|
||||||
|
let c = hash::<E>(a, D.clone());
|
||||||
|
|
||||||
let mut zr = m.clone();
|
let mut zr = m.clone();
|
||||||
let mut rc = r.clone();
|
let mut rc = r.clone();
|
||||||
|
@ -140,7 +144,7 @@ impl<E: Engine> ParamsUL<E> {
|
||||||
for i in 0..self.l as usize {
|
for i in 0..self.l as usize {
|
||||||
let mut dx = E::Fr::from_str(&decx[i].to_string()).unwrap();
|
let mut dx = E::Fr::from_str(&decx[i].to_string()).unwrap();
|
||||||
|
|
||||||
let proof = self.kp.prove_response(&proofStates[i].clone(), c, &mut vec!{dx});
|
let proof = self.kp.prove_response(&proofStates[i].clone(), c, &mut vec! {dx});
|
||||||
|
|
||||||
sigProofs.push(proof);
|
sigProofs.push(proof);
|
||||||
}
|
}
|
||||||
|
@ -153,9 +157,19 @@ impl<E: Engine> ParamsUL<E> {
|
||||||
*/
|
*/
|
||||||
pub fn verify_ul(&self, proof: &ProofUL<E>) -> bool {
|
pub fn verify_ul(&self, proof: &ProofUL<E>) -> bool {
|
||||||
// D == C^c.h^ zr.g^zsig ?
|
// D == C^c.h^ zr.g^zsig ?
|
||||||
|
let r = self.verify_challenge(&proof);
|
||||||
let r1 = self.verify_part1(&proof);
|
let r1 = self.verify_part1(&proof);
|
||||||
let r2 = self.verify_part2(&proof);
|
let r2 = self.verify_part2(&proof);
|
||||||
return r1 && r2;
|
r && r1 && r2
|
||||||
|
}
|
||||||
|
|
||||||
|
fn verify_challenge(&self, proof: &ProofUL<E>) -> bool {
|
||||||
|
let mut a = Vec::<E::Fqk>::with_capacity(self.l as usize);
|
||||||
|
for sigProof in proof.sigProofs.clone() {
|
||||||
|
a.push(sigProof.a);
|
||||||
|
}
|
||||||
|
let c = hash::<E>(a, proof.D.clone());
|
||||||
|
proof.ch == c
|
||||||
}
|
}
|
||||||
|
|
||||||
fn verify_part2(&self, proof: &ProofUL<E>) -> bool {
|
fn verify_part2(&self, proof: &ProofUL<E>) -> bool {
|
||||||
|
@ -185,27 +199,22 @@ impl<E: Engine> ParamsUL<E> {
|
||||||
}
|
}
|
||||||
D.add_assign(&aux);
|
D.add_assign(&aux);
|
||||||
}
|
}
|
||||||
return D == proof.D;
|
D == proof.D
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
fn hash<E: Engine>(a: Vec<ProofState<E>>, D: E::G2) -> E::Fr {
|
fn hash<E: Engine>(a: Vec<E::Fqk>, D: E::G2) -> E::Fr {
|
||||||
// create a Sha256 object
|
// create a Sha256 object
|
||||||
let mut a_vec: Vec<u8> = Vec::new();
|
let mut a_vec: Vec<u8> = Vec::new();
|
||||||
for a_el in a {
|
for a_el in a {
|
||||||
a_vec.extend(format!("{}", a_el.a).bytes());
|
a_vec.extend(format!("{}", a_el).bytes());
|
||||||
}
|
}
|
||||||
|
|
||||||
let mut x_vec: Vec<u8> = Vec::new();
|
let mut x_vec: Vec<u8> = Vec::new();
|
||||||
x_vec.extend(format!("{}", D).bytes());
|
x_vec.extend(format!("{}", D).bytes());
|
||||||
a_vec.extend(x_vec);
|
a_vec.extend(x_vec);
|
||||||
let sha2_digest = sha512::hash(a_vec.as_slice());
|
|
||||||
|
|
||||||
let mut hash_buf: [u8; 64] = [0; 64];
|
util::hash_to_fr::<E>(a_vec)
|
||||||
hash_buf.copy_from_slice(&sha2_digest[0..64]);
|
|
||||||
let hexresult = fmt_bytes_to_int(hash_buf);
|
|
||||||
let result = E::Fr::from_str(&hexresult);
|
|
||||||
return result.unwrap();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -286,6 +295,7 @@ mod tests {
|
||||||
use time::PreciseTime;
|
use time::PreciseTime;
|
||||||
use std::ops::Add;
|
use std::ops::Add;
|
||||||
use core::mem;
|
use core::mem;
|
||||||
|
use rand::rngs::ThreadRng;
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn setup_ul_works() {
|
fn setup_ul_works() {
|
||||||
|
@ -454,7 +464,7 @@ mod tests {
|
||||||
let rng = &mut rand::thread_rng();
|
let rng = &mut rand::thread_rng();
|
||||||
let D = G2::rand(rng);
|
let D = G2::rand(rng);
|
||||||
let D2 = G2::rand(rng);
|
let D2 = G2::rand(rng);
|
||||||
let params = setup(rng);
|
let params = setup::<ThreadRng, Bls12>(rng);
|
||||||
let kp = BlindKeyPair::generate(rng, ¶ms, 2);
|
let kp = BlindKeyPair::generate(rng, ¶ms, 2);
|
||||||
let m1 = Fr::rand(rng);
|
let m1 = Fr::rand(rng);
|
||||||
let m2 = Fr::rand(rng);
|
let m2 = Fr::rand(rng);
|
||||||
|
@ -464,8 +474,8 @@ mod tests {
|
||||||
let state2 = kp.prove_commitment(rng, ¶ms, &sig);
|
let state2 = kp.prove_commitment(rng, ¶ms, &sig);
|
||||||
let state3 = kp.prove_commitment(rng, ¶ms, &sig);
|
let state3 = kp.prove_commitment(rng, ¶ms, &sig);
|
||||||
let state4 = kp.prove_commitment(rng, ¶ms, &sig);
|
let state4 = kp.prove_commitment(rng, ¶ms, &sig);
|
||||||
let a = vec! {state, state1, state2};
|
let a = vec! {state.a, state1.a, state2.a};
|
||||||
let a2 = vec! {state3, state4};
|
let a2 = vec! {state3.a, state4.a};
|
||||||
assert_eq!(hash::<Bls12>(a.clone(), D.clone()).is_zero(), false);
|
assert_eq!(hash::<Bls12>(a.clone(), D.clone()).is_zero(), false);
|
||||||
assert_ne!(hash::<Bls12>(a2.clone(), D.clone()), hash::<Bls12>(a.clone(), D.clone()));
|
assert_ne!(hash::<Bls12>(a2.clone(), D.clone()), hash::<Bls12>(a.clone(), D.clone()));
|
||||||
assert_ne!(hash::<Bls12>(a.clone(), D2.clone()), hash::<Bls12>(a.clone(), D.clone()));
|
assert_ne!(hash::<Bls12>(a.clone(), D2.clone()), hash::<Bls12>(a.clone(), D.clone()));
|
||||||
|
|
26
src/util.rs
26
src/util.rs
|
@ -5,11 +5,7 @@ use ff::PrimeField;
|
||||||
pub fn hash_g2_to_fr<E: Engine>(x: &E::G2) -> E::Fr {
|
pub fn hash_g2_to_fr<E: Engine>(x: &E::G2) -> E::Fr {
|
||||||
let mut x_vec: Vec<u8> = Vec::new();
|
let mut x_vec: Vec<u8> = Vec::new();
|
||||||
x_vec.extend(format!("{}", x).bytes());
|
x_vec.extend(format!("{}", x).bytes());
|
||||||
let sha2_digest = sha512::hash(x_vec.as_slice());
|
hash_to_fr::<E>(x_vec)
|
||||||
|
|
||||||
let mut hash_buf: [u8; 64] = [0; 64];
|
|
||||||
hash_buf.copy_from_slice(&sha2_digest[0..64]);
|
|
||||||
return E::Fr::from_str(&fmt_bytes_to_int(hash_buf)).unwrap();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn fmt_bytes_to_int(bytearray: [u8; 64]) -> String {
|
pub fn fmt_bytes_to_int(bytearray: [u8; 64]) -> String {
|
||||||
|
@ -23,6 +19,15 @@ pub fn fmt_bytes_to_int(bytearray: [u8; 64]) -> String {
|
||||||
result.to_string()
|
result.to_string()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub fn hash_to_fr<E: Engine>(mut byteVec: Vec<u8>) -> E::Fr {
|
||||||
|
let sha2_digest = sha512::hash(byteVec.as_slice());
|
||||||
|
let mut hash_buf: [u8; 64] = [0; 64];
|
||||||
|
hash_buf.copy_from_slice(&sha2_digest[0..64]);
|
||||||
|
let hexresult = fmt_bytes_to_int(hash_buf);
|
||||||
|
let result = E::Fr::from_str(&hexresult);
|
||||||
|
return result.unwrap();
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
#[cfg(test)]
|
#[cfg(test)]
|
||||||
mod tests {
|
mod tests {
|
||||||
|
@ -35,11 +40,20 @@ mod tests {
|
||||||
fn hash_g2_to_fr_works() {
|
fn hash_g2_to_fr_works() {
|
||||||
let mut two = G2::one();
|
let mut two = G2::one();
|
||||||
two.double();
|
two.double();
|
||||||
print!("{}\n", hash_g2_to_fr::<Bls12>(&two));
|
|
||||||
assert_eq!(format!("{}", hash_g2_to_fr::<Bls12>(&two).into_repr()),
|
assert_eq!(format!("{}", hash_g2_to_fr::<Bls12>(&two).into_repr()),
|
||||||
"0x27cd26f702a777dbf782534ae6bf2ec4aa6cb4617c8366f10f59bef13beb8c56");
|
"0x27cd26f702a777dbf782534ae6bf2ec4aa6cb4617c8366f10f59bef13beb8c56");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[test]
|
||||||
|
fn hash_to_fr_works() {
|
||||||
|
let mut two = G2::one();
|
||||||
|
two.double();
|
||||||
|
let mut x_vec: Vec<u8> = Vec::new();
|
||||||
|
x_vec.extend(format!("{}", two).bytes());
|
||||||
|
assert_eq!(format!("{}", hash_to_fr::<Bls12>(x_vec).into_repr()),
|
||||||
|
"0x27cd26f702a777dbf782534ae6bf2ec4aa6cb4617c8366f10f59bef13beb8c56");
|
||||||
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn fmt_byte_to_int_works() {
|
fn fmt_byte_to_int_works() {
|
||||||
assert_eq!(fmt_bytes_to_int([12, 235, 23, 123, 13, 43, 12, 235, 23, 123, 13, 43, 12, 235, 23, 123, 13, 43, 12, 235, 23, 123, 13, 43, 12, 235, 23, 123, 13, 43, 12, 235, 23, 123, 13, 43, 12, 235, 23, 123, 13, 43, 12, 235, 23, 123, 13, 43, 12, 235, 23, 123, 13, 43, 12, 235, 23, 123, 13, 43, 12, 235, 23, 123]),
|
assert_eq!(fmt_bytes_to_int([12, 235, 23, 123, 13, 43, 12, 235, 23, 123, 13, 43, 12, 235, 23, 123, 13, 43, 12, 235, 23, 123, 13, 43, 12, 235, 23, 123, 13, 43, 12, 235, 23, 123, 13, 43, 12, 235, 23, 123, 13, 43, 12, 235, 23, 123, 13, 43, 12, 235, 23, 123, 13, 43, 12, 235, 23, 123, 13, 43, 12, 235, 23, 123]),
|
||||||
|
|
Loading…
Reference in New Issue