Added basic public-key cryptography example.
This commit is contained in:
parent
29498c4d89
commit
824eef95ae
|
@ -28,3 +28,4 @@ tiny-keccak = "1.4"
|
|||
|
||||
[dev-dependencies]
|
||||
bincode = "1.0.0"
|
||||
serde_derive = "1.0.55"
|
||||
|
|
|
@ -1,5 +1,11 @@
|
|||
# Examples
|
||||
|
||||
- [`Public-Key Cryptography`](basic_pkc.rs) - Demonstrates how to generate a
|
||||
random secret-key and corresponding public-key, sign some bytes using a
|
||||
secret-key, validate the signature for some bytes using a public-key, encrypt
|
||||
some bytes using a public-key, and how to decrypt a ciphertext using a
|
||||
secret-key.
|
||||
|
||||
- [`Threshold Encryption`](threshold_enc.rs) - Demonstrates how to encrypt a
|
||||
message to a group of actors with a master public-key, where the number of
|
||||
actors collaborating in the decryption process must exceed a given threshold
|
||||
|
|
|
@ -0,0 +1,61 @@
|
|||
extern crate bincode;
|
||||
#[macro_use]
|
||||
extern crate serde_derive;
|
||||
extern crate threshold_crypto;
|
||||
|
||||
use bincode::{deserialize, serialize};
|
||||
use threshold_crypto::{PublicKey, SecretKey, Signature};
|
||||
|
||||
#[derive(Deserialize, Serialize)]
|
||||
struct SignedMsg {
|
||||
msg: Vec<u8>,
|
||||
sig: Signature,
|
||||
}
|
||||
|
||||
#[derive(Debug)]
|
||||
struct KeyPair {
|
||||
sk: SecretKey,
|
||||
pk: PublicKey,
|
||||
}
|
||||
|
||||
impl KeyPair {
|
||||
fn random() -> Self {
|
||||
let sk = SecretKey::random();
|
||||
let pk = sk.public_key();
|
||||
KeyPair { sk, pk }
|
||||
}
|
||||
|
||||
fn create_signed_msg(&self, msg: &[u8]) -> SignedMsg {
|
||||
let sig = self.sk.sign(msg);
|
||||
let msg = msg.to_vec();
|
||||
SignedMsg { msg, sig }
|
||||
}
|
||||
}
|
||||
|
||||
fn main() {
|
||||
// Alice and Bob each generate a public/private key-pair.
|
||||
//
|
||||
// Note: it is against best practices to use the same key-pair for both encryption/decryption
|
||||
// and signing. The following example could be interpreted as advocating this, which it is not
|
||||
// meant to. This is just a basic example. In this example, Bob's key-pair is used for signing
|
||||
// where as Alice's is used for encryption/decryption.
|
||||
let alice = KeyPair::random();
|
||||
let bob = KeyPair::random();
|
||||
|
||||
// Bob wants to send Alice a message. He signs the plaintext message with his secret key. He
|
||||
// then encrypts the signed message with Alice's public key.
|
||||
let msg = b"let's get pizza";
|
||||
let signed_msg = bob.create_signed_msg(msg);
|
||||
let serialized = serialize(&signed_msg).expect("Failed to serialize `SignedMsg`");
|
||||
let ciphertext = alice.pk.encrypt(&serialized);
|
||||
|
||||
// Alice receives Bob's encrypted message. She decrypts the message using her secret key. She
|
||||
// then verifies that the signature of the plaintext is valid using Bob's public key.
|
||||
let decrypted = alice.sk.decrypt(&ciphertext).expect("Invalid ciphertext");
|
||||
let deserialized: SignedMsg =
|
||||
deserialize(&decrypted).expect("Failed to deserialize bytes to `SignedMsg`");
|
||||
assert!(bob.pk.verify(&deserialized.sig, &deserialized.msg));
|
||||
|
||||
// We assert that the message that Alice received is the same message that Bob sent.
|
||||
assert_eq!(msg, &deserialized.msg[..]);
|
||||
}
|
Loading…
Reference in New Issue