zecfoundation
/
redjubjub
mirror of https://github.com/ZcashFoundation/redjubjub.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Implement signing.

This commit is contained in:
Henry de Valence 2019-12-03 19:19:36 -08:00
parent 710ac6fba9
commit 2b37c71b57
3 changed files with 44 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/hash.rs
View File

@ -18,9 +18,10 @@ impl Default for HStar {
} }
impl HStar { impl HStar {
/// Add `data` to the hash. /// Add `data` to the hash, and return `Self` for chaining.
pub fn update(&mut self, data: &[u8]) { pub fn update(mut self, data: &[u8]) -> Self {
self.state.update(data); self.state.update(data);
self
} }
/// Consume `self` to compute the hash output. /// Consume `self` to compute the hash output.

44
src/secret_key.rs
View File

@ -49,22 +49,36 @@ impl<T: SigType> SecretKey<T> {
pub fn randomize(&self, randomizer: Randomizer) -> PublicKey<T> { pub fn randomize(&self, randomizer: Randomizer) -> PublicKey<T> {
unimplemented!(); unimplemented!();
} }
}
impl SecretKey<Binding> { /// Create a signature of type `T` on `msg` using this `SecretKey`.
/// Create a Zcash `BindingSig` on `msg` using this `SecretKey`.
// Similar to signature::Signer but without boxed errors. // Similar to signature::Signer but without boxed errors.
pub fn sign(&self, msg: &[u8]) -> Signature<Binding> { pub fn sign<R: RngCore + CryptoRng>(&self, mut rng: R, msg: &[u8]) -> Signature<T> {
// could use sign_inner use crate::HStar;
unimplemented!();
} // Choose a byte sequence uniformly at random of length
} // (\ell_H + 128)/8 bytes. For RedJubjub this is (512 + 128)/8 = 80.
let random_bytes = {
impl SecretKey<SpendAuth> { let mut bytes = [0; 80];
/// Create a Zcash `SpendAuthSig` on `msg` using this `SecretKey`. rng.fill_bytes(&mut bytes);
// Similar to signature::Signer but without boxed errors. bytes
pub fn sign(&self, msg: &[u8]) -> Signature<SpendAuth> { };
// could use sign_inner
unimplemented!(); let nonce = HStar::default()
.update(&random_bytes[..])
.update(&self.pk.bytes.bytes[..]) // XXX ugly
.update(msg)
.finalize();
let r_bytes = jubjub::AffinePoint::from(&T::basepoint() * &nonce).to_bytes();
let c = HStar::default()
.update(&r_bytes[..])
.update(&self.pk.bytes.bytes[..]) // XXX ugly
.update(msg)
.finalize();
let s_bytes = (&nonce + &(&c * &self.sk)).to_bytes();
Signature::from_parts(r_bytes, s_bytes)
} }
} }

12
src/signature.rs
View File

@ -23,6 +23,18 @@ impl<T: SigType> From<Signature<T>> for [u8; 64] {
} }
} }
impl<T: SigType> Signature<T> {
pub(crate) fn from_parts(r_bytes: [u8; 32], s_bytes: [u8; 32]) -> Self {
let mut bytes = [0; 64];
bytes[0..32].copy_from_slice(&r_bytes[..]);
bytes[32..64].copy_from_slice(&s_bytes[..]);
Self {
bytes,
_marker: PhantomData,
}
}
}
// These impls all only exist because of array length restrictions. // These impls all only exist because of array length restrictions.
// XXX print the type variable // XXX print the type variable