Fix unused imports

This commit is contained in:
aniampio
2021-10-22 16:50:07 +02:00
parent ed2cf1ced6
commit bd64a29932
9 changed files with 194 additions and 185 deletions
+2 -2
View File
@@ -9,12 +9,12 @@
use url::Url;
use coconut_interface::{
Attribute, Credential, hash_to_scalar, Parameters, PrivateAttribute, PublicAttribute,
Attribute, Credential, Parameters, PrivateAttribute, PublicAttribute,
Signature, VerificationKey,
};
use crate::error::Error;
use crate::utils::{obtain_aggregate_signature, prepare_credential_for_spending, ValidatorInfo};
use crate::utils::{obtain_aggregate_signature, prepare_credential_for_spending};
pub const BANDWIDTH_VALUE: u64 = 10 * 1024 * 1024 * 1024; // 10 GB
+10 -12
View File
@@ -1,14 +1,17 @@
// Copyright 2021 - Nym Technologies SA <contact@nymtech.net>
// SPDX-License-Identifier: Apache-2.0
use crate::error::Error;
use std::borrow::Borrow;
use url::Url;
use coconut_interface::{
aggregate_signature_shares, aggregate_verification_keys, hash_to_scalar, prepare_blind_sign,
prove_credential, Attribute, BlindSignRequestBody, Credential, Parameters, Signature,
aggregate_signature_shares, aggregate_verification_keys, Attribute,
BlindSignRequestBody, Credential, Parameters, prepare_blind_sign, prove_credential, Signature,
SignatureShare, VerificationKey,
};
use std::borrow::Borrow;
use url::Url;
use crate::error::Error;
/// Contacts all provided validators and then aggregate their verification keys.
///
@@ -97,11 +100,6 @@ async fn obtain_partial_credential(
.unwrap())
}
pub struct ValidatorInfo {
url: Url,
verification_key: VerificationKey,
}
pub async fn obtain_aggregate_signature(
params: &Parameters,
public_attributes: &[Attribute],
@@ -125,7 +123,7 @@ pub async fn obtain_aggregate_signature(
&client,
&validator_partial_vk.key,
)
.await?;
.await?;
shares.push(SignatureShare::new(first, 0));
for (id, validator_url) in validators.iter().enumerate().skip(1) {
@@ -138,7 +136,7 @@ pub async fn obtain_aggregate_signature(
&client,
&validator_partial_vk.key,
)
.await?;
.await?;
let share = SignatureShare::new(signature, id as u64);
shares.push(share)
}
+7 -7
View File
@@ -22,20 +22,20 @@ pub use elgamal::PublicKey;
pub use error::CoconutError;
pub use scheme::aggregation::aggregate_signature_shares;
pub use scheme::aggregation::aggregate_verification_keys;
pub use scheme::BlindedSignature;
pub use scheme::issuance::blind_sign;
pub use scheme::issuance::BlindSignRequest;
pub use scheme::issuance::prepare_blind_sign;
pub use scheme::keygen::KeyPair;
pub use scheme::issuance::BlindSignRequest;
pub use scheme::keygen::ttp_keygen;
pub use scheme::keygen::KeyPair;
pub use scheme::keygen::VerificationKey;
pub use scheme::setup::Parameters;
pub use scheme::setup::setup;
pub use scheme::setup::Parameters;
pub use scheme::verification::prove_credential;
pub use scheme::verification::verify_credential;
pub use scheme::verification::Theta;
pub use scheme::BlindedSignature;
pub use scheme::Signature;
pub use scheme::SignatureShare;
pub use scheme::verification::prove_credential;
pub use scheme::verification::Theta;
pub use scheme::verification::verify_credential;
pub use traits::Base58;
pub use utils::hash_to_scalar;
+40 -47
View File
@@ -18,18 +18,18 @@ use std::borrow::Borrow;
use std::convert::TryInto;
use bls12_381::{G1Projective, G2Projective, Scalar};
use digest::Digest;
use digest::generic_array::typenum::Unsigned;
use digest::Digest;
use group::GroupEncoding;
use itertools::izip;
use sha2::Sha256;
use crate::{Attribute, elgamal, ElGamalKeyPair, PublicKey};
use crate::elgamal::Ciphertext;
use crate::error::{CoconutError, Result};
use crate::scheme::{Signature, VerificationKey};
use crate::scheme::setup::Parameters;
use crate::scheme::VerificationKey;
use crate::utils::{hash_g1, try_deserialize_scalar, try_deserialize_scalar_vec};
use crate::{elgamal, Attribute, ElGamalKeyPair};
// as per the reference python implementation
type ChallengeDigest = Sha256;
@@ -51,10 +51,10 @@ pub struct ProofCmCs {
// and as per the bls12-381 library all elements are using big-endian form
/// Generates a Scalar [or Fp] challenge by hashing a number of elliptic curve points.
fn compute_challenge<D, I, B>(iter: I) -> Scalar
where
D: Digest,
I: Iterator<Item=B>,
B: AsRef<[u8]>,
where
D: Digest,
I: Iterator<Item = B>,
B: AsRef<[u8]>,
{
let mut h = D::new();
for point_representation in iter {
@@ -82,8 +82,8 @@ fn produce_response(witness: &Scalar, challenge: &Scalar, secret: &Scalar) -> Sc
// note: it's caller's responsibility to ensure witnesses.len() = secrets.len()
fn produce_responses<S>(witnesses: &[Scalar], challenge: &Scalar, secrets: &[S]) -> Vec<Scalar>
where
S: Borrow<Scalar>,
where
S: Borrow<Scalar>,
{
debug_assert_eq!(witnesses.len(), secrets.len());
@@ -150,10 +150,10 @@ impl ProofCmCs {
// Ccm = (wr * g1) + (wm[0] * hs[0]) + ... + (wm[i] * hs[i])
let commitment_attributes = g1 * witness_commitment_opening
+ witness_attributes
.iter()
.zip(params.gen_hs().iter())
.map(|(wm_i, hs_i)| hs_i * wm_i)
.sum::<G1Projective>();
.iter()
.zip(params.gen_hs().iter())
.map(|(wm_i, hs_i)| hs_i * wm_i)
.sum::<G1Projective>();
let ciphertexts_bytes = priv_attributes_ciphertexts
.iter()
@@ -244,19 +244,19 @@ impl ProofCmCs {
self.response_keys.iter(),
self.response_attributes.iter()
)
.map(|(c2, res_key, res_attr)| c2 * self.challenge + pub_key * res_key + h * res_attr)
.map(|witness| witness.to_bytes())
.collect::<Vec<_>>();
.map(|(c2, res_key, res_attr)| c2 * self.challenge + pub_key * res_key + h * res_attr)
.map(|witness| witness.to_bytes())
.collect::<Vec<_>>();
// Cw = (cm * c) + (rr * g1) + (rm[0] * hs[0]) + ... + (rm[n] * hs[n])
let commitment_attributes = commitment * self.challenge
+ g1 * self.response_opening
+ self
.response_attributes
.iter()
.zip(params.gen_hs().iter())
.map(|(res_attr, hs)| hs * res_attr)
.sum::<G1Projective>();
.response_attributes
.iter()
.zip(params.gen_hs().iter())
.map(|(res_attr, hs)| hs * res_attr)
.sum::<G1Projective>();
let ciphertexts_bytes = attributes_ciphertexts
.iter()
@@ -413,17 +413,18 @@ impl ProofKappaNu {
let commitment_kappa = params.gen2() * witness_blinder
+ verification_key.alpha
+ witness_attributes
.iter()
.zip(verification_key.beta.iter())
.map(|(wm_i, beta_i)| beta_i * wm_i)
.sum::<G2Projective>();
.iter()
.zip(verification_key.beta.iter())
.map(|(wm_i, beta_i)| beta_i * wm_i)
.sum::<G2Projective>();
// zeta is the public value associated with the serial number
let commitment_zeta = params.gen2() * witness_serial_number;
let challenge = compute_challenge::<ChallengeDigest, _, _>(
std::iter::once(params.gen2().to_bytes().as_ref())
.chain(std::iter::once(blinded_message.to_bytes().as_ref())) //kappa
.chain(std::iter::once(blinded_message.to_bytes().as_ref()))
.chain(std::iter::once(blinded_serial_number.to_bytes().as_ref())) //kappa
.chain(std::iter::once(verification_key.alpha.to_bytes().as_ref()))
.chain(beta_bytes.iter().map(|b| b.as_ref()))
.chain(std::iter::once(commitment_kappa.to_bytes().as_ref()))
@@ -469,10 +470,10 @@ impl ProofKappaNu {
+ params.gen2() * self.response_blinder
+ verification_key.alpha * (Scalar::one() - self.challenge)
+ response_attributes
.iter()
.zip(verification_key.beta.iter())
.map(|(priv_attr, beta_i)| beta_i * priv_attr)
.sum::<G2Projective>();
.iter()
.zip(verification_key.beta.iter())
.map(|(priv_attr, beta_i)| beta_i * priv_attr)
.sum::<G2Projective>();
// zeta is the public value associated with the serial number
let commitment_zeta = zeta * self.challenge + params.gen2() * self.response_serial_number;
@@ -480,7 +481,8 @@ impl ProofKappaNu {
// compute the challenge
let challenge = compute_challenge::<ChallengeDigest, _, _>(
std::iter::once(params.gen2().to_bytes().as_ref())
.chain(std::iter::once(kappa.to_bytes().as_ref())) //kappa
.chain(std::iter::once(kappa.to_bytes().as_ref()))
.chain(std::iter::once(zeta.to_bytes().as_ref())) //kappa
.chain(std::iter::once(verification_key.alpha.to_bytes().as_ref()))
.chain(beta_bytes.iter().map(|b| b.as_ref()))
.chain(std::iter::once(commitment_kappa.to_bytes().as_ref()))
@@ -594,20 +596,18 @@ mod tests {
let elgamal_keypair = elgamal::elgamal_keygen(&params);
let private_attributes = params.n_random_scalars(1);
let public_attributes = params.n_random_scalars(0);
// we don't care about 'correctness' of the proof. only whether we can correctly recover it from bytes
let cm = G1Projective::random(&mut rng);
let r = params.random_scalar();
let commitment_hash = compute_commitment_hash(cm);
let (attributes_ciphertexts, ephemeral_keys): (Vec<_>, Vec<_>) =
compute_attribute_encryption(
&params,
private_attributes.as_ref(),
elgamal_keypair.public_key(),
commitment_hash,
);
let (attributes_ciphertexts, _): (Vec<_>, Vec<_>) = compute_attribute_encryption(
&params,
private_attributes.as_ref(),
elgamal_keypair.public_key(),
commitment_hash,
);
let ephemeral_keys = params.n_random_scalars(1);
// 0 public 1 private
@@ -624,9 +624,8 @@ mod tests {
let bytes = pi_s.to_bytes();
assert_eq!(ProofCmCs::from_bytes(&bytes).unwrap(), pi_s);
// 2 public 2 private
// 2 private
let private_attributes = params.n_random_scalars(2);
let public_attributes = params.n_random_scalars(2);
let ephemeral_keys = params.n_random_scalars(2);
let pi_s = ProofCmCs::construct(
@@ -648,11 +647,8 @@ mod tests {
let mut params = setup(1).unwrap();
let keypair = keygen(&mut params);
let r = params.random_scalar();
let s = params.random_scalar();
// we don't care about 'correctness' of the proof. only whether we can correctly recover it from bytes
let signature = Signature(params.gen1() * r, params.gen1() * s);
let serial_number = params.random_scalar();
let binding_number = params.random_scalar();
let private_attributes = vec![serial_number, binding_number];
@@ -678,9 +674,6 @@ mod tests {
// 2 public 2 private
let mut params = setup(4).unwrap();
let keypair = keygen(&mut params);
let private_attributes = params.n_random_scalars(2);
let serial_number = params.random_scalar();
let binding_number = params.random_scalar();
let pi_v = ProofKappaNu::construct(
&mut params,
+7 -6
View File
@@ -260,6 +260,7 @@ mod tests {
// verify credential for good measure
assert!(verify(&params, &aggr_vk_1, &attributes, &aggr_sig1));
assert!(verify(&params, &aggr_vk_2, &attributes, &aggr_sig2));
// aggregating threshold+1 works
let aggr_vk_more = aggregate_verification_keys(&vks[1..], Some(&[2, 3, 4, 5])).unwrap();
@@ -304,7 +305,7 @@ mod tests {
&aggr_vk_bad,
&attributes,
&sigs[2..],
Some(&[42, 123, 100])
Some(&[42, 123, 100]),
)
.is_err());
}
@@ -324,7 +325,7 @@ mod tests {
let attributes = params.n_random_scalars(2);
let keypairs = ttp_keygen(&mut params, 3, 5).unwrap();
let (sks, vks): (Vec<_>, Vec<_>) = keypairs
let (_, vks): (Vec<_>, Vec<_>) = keypairs
.into_iter()
.map(|keypair| (keypair.secret_key(), keypair.verification_key()))
.unzip();
@@ -341,7 +342,7 @@ mod tests {
let mut params = Parameters::new(2).unwrap();
let attributes = params.n_random_scalars(2);
let keypairs = ttp_keygen(&mut params, 3, 5).unwrap();
let (sks, vks): (Vec<_>, Vec<_>) = keypairs
let (_, vks): (Vec<_>, Vec<_>) = keypairs
.into_iter()
.map(|keypair| (keypair.secret_key(), keypair.verification_key()))
.unzip();
@@ -356,7 +357,7 @@ mod tests {
&aggr_vk_all,
&attributes,
&signatures,
Some(&[1, 2])
Some(&[1, 2]),
)
.is_err());
}
@@ -367,7 +368,7 @@ mod tests {
let mut params = Parameters::new(2).unwrap();
let attributes = params.n_random_scalars(2);
let keypairs = ttp_keygen(&mut params, 3, 5).unwrap();
let (sks, vks): (Vec<_>, Vec<_>) = keypairs
let (_, vks): (Vec<_>, Vec<_>) = keypairs
.into_iter()
.map(|keypair| (keypair.secret_key(), keypair.verification_key()))
.unzip();
@@ -378,7 +379,7 @@ mod tests {
&aggr_vk_all,
&attributes,
&signatures,
Some(&[1, 1])
Some(&[1, 1]),
)
.is_err());
}
+14 -14
View File
@@ -18,16 +18,16 @@ use std::convert::TryInto;
use bls12_381::{G1Affine, G1Projective, Scalar};
use group::{Curve, GroupEncoding};
use crate::{Attribute, elgamal, ElGamalKeyPair, VerificationKey};
use crate::elgamal::{Ciphertext, EphemeralKey};
use crate::error::{CoconutError, Result};
use crate::proofs::ProofCmCs;
use crate::scheme::setup::Parameters;
use crate::scheme::BlindedSignature;
use crate::scheme::SecretKey;
use crate::scheme::setup::Parameters;
/// Creates a Coconut Signature under a given secret key on a set of public attributes only.
#[cfg(test)]
use crate::Signature;
use crate::{elgamal, Attribute, ElGamalKeyPair};
// TODO: possibly completely remove those two functions.
// They only exist to have a simpler and smaller code snippets to test
// basic functionalities.
@@ -61,26 +61,26 @@ impl TryFrom<&[u8]> for BlindSignRequest {
}
let mut j = 0;
let COMMITMENT_BYTES_LEN = 48;
let COMMITMENT_HASH_BYTES_LEN = 48;
let commitment_bytes_len = 48;
let commitment_hash_bytes_len = 48;
let cm_bytes = bytes[..j + COMMITMENT_BYTES_LEN].try_into().unwrap();
let cm_bytes = bytes[..j + commitment_bytes_len].try_into().unwrap();
let commitment = try_deserialize_g1_projective(
&cm_bytes,
CoconutError::Deserialization(
"Failed to deserialize compressed commitment".to_string(),
),
)?;
j += COMMITMENT_BYTES_LEN;
j += commitment_bytes_len;
let cm_hash_bytes = bytes[j..j + COMMITMENT_HASH_BYTES_LEN].try_into().unwrap();
let cm_hash_bytes = bytes[j..j + commitment_hash_bytes_len].try_into().unwrap();
let commitment_hash = try_deserialize_g1_projective(
&cm_hash_bytes,
CoconutError::Deserialization(
"Failed to deserialize compressed commitment hash".to_string(),
),
)?;
j += COMMITMENT_HASH_BYTES_LEN;
j += commitment_hash_bytes_len;
let c_len = u64::from_le_bytes(bytes[j..j + 8].try_into().unwrap());
j += 8;
@@ -338,10 +338,10 @@ pub fn sign(
// x + m0 * y0 + m1 * y1 + ... mn * yn
let exponent = secret_key.x
+ public_attributes
.iter()
.zip(secret_key.ys.iter())
.map(|(m_i, y_i)| m_i * y_i)
.sum::<Scalar>();
.iter()
.zip(secret_key.ys.iter())
.map(|(m_i, y_i)| m_i * y_i)
.sum::<Scalar>();
let sig2 = h * exponent;
Ok(Signature(h, sig2))
@@ -364,7 +364,7 @@ mod tests {
&private_attributes,
&public_attributes,
)
.unwrap();
.unwrap();
let bytes = lambda.to_bytes();
println!("{:?}", bytes.len());
@@ -382,7 +382,7 @@ mod tests {
&private_attributes,
&public_attributes,
)
.unwrap();
.unwrap();
let bytes = lambda.to_bytes();
assert_eq!(
+91 -80
View File
@@ -22,14 +22,13 @@ use group::Curve;
pub use keygen::{SecretKey, VerificationKey};
use crate::{Attribute, elgamal};
use crate::elgamal::Ciphertext;
use crate::error::{CoconutError, Result};
use crate::scheme::aggregation::{aggregate_signature_shares, aggregate_signatures};
use crate::scheme::setup::Parameters;
use crate::scheme::verification::check_bilinear_pairing;
use crate::traits::{Base58, Bytable};
use crate::utils::try_deserialize_g1_projective;
use crate::{elgamal, Attribute};
pub mod aggregation;
pub mod issuance;
@@ -238,7 +237,7 @@ impl SignatureShare {
#[cfg(test)]
mod tests {
use crate::scheme::aggregation::aggregate_verification_keys;
use crate::scheme::aggregation::{aggregate_signatures, aggregate_verification_keys};
use crate::scheme::issuance::{blind_sign, prepare_blind_sign, sign};
use crate::scheme::keygen::{keygen, ttp_keygen};
use crate::scheme::verification::{prove_credential, verify, verify_credential};
@@ -266,16 +265,16 @@ mod tests {
&lambda,
&[],
)
.unwrap()
.unblind(
&params,
elgamal_keypair.private_key(),
&keypair1.verification_key(),
&private_attributes,
&[],
&lambda.commitment_hash,
)
.unwrap();
.unwrap()
.unblind(
&params,
elgamal_keypair.private_key(),
&keypair1.verification_key(),
&private_attributes,
&[],
&lambda.commitment_hash,
)
.unwrap();
let sig2 = blind_sign(
&mut params,
@@ -284,16 +283,16 @@ mod tests {
&lambda,
&[],
)
.unwrap()
.unblind(
&params,
elgamal_keypair.private_key(),
&keypair2.verification_key(),
&private_attributes,
&[],
&lambda.commitment_hash,
)
.unwrap();
.unwrap()
.unblind(
&params,
elgamal_keypair.private_key(),
&keypair2.verification_key(),
&private_attributes,
&[],
&lambda.commitment_hash,
)
.unwrap();
let theta1 = prove_credential(
&mut params,
@@ -302,7 +301,7 @@ mod tests {
serial_number,
binding_number,
)
.unwrap();
.unwrap();
let theta2 = prove_credential(
&mut params,
@@ -311,7 +310,7 @@ mod tests {
serial_number,
binding_number,
)
.unwrap();
.unwrap();
assert!(verify_credential(
&params,
@@ -320,19 +319,19 @@ mod tests {
&[],
));
// assert!(verify_credential(
// &params,
// &keypair2.verification_key(),
// &theta2,
// &[],
// ));
//
// assert!(!verify_credential(
// &params,
// &keypair1.verification_key(),
// &theta2,
// &[],
// ));
assert!(verify_credential(
&params,
&keypair2.verification_key(),
&theta2,
&[],
));
assert!(!verify_credential(
&params,
&keypair1.verification_key(),
&theta2,
&[],
));
}
#[test]
@@ -385,7 +384,7 @@ mod tests {
&private_attributes,
&public_attributes,
)
.unwrap();
.unwrap();
let sig1 = blind_sign(
&mut params,
@@ -394,16 +393,16 @@ mod tests {
&lambda,
&public_attributes,
)
.unwrap()
.unblind(
&params,
elgamal_keypair.private_key(),
&keypair1.verification_key(),
&private_attributes,
&public_attributes,
&lambda.commitment_hash,
)
.unwrap();
.unwrap()
.unblind(
&params,
elgamal_keypair.private_key(),
&keypair1.verification_key(),
&private_attributes,
&public_attributes,
&lambda.commitment_hash,
)
.unwrap();
let sig2 = blind_sign(
&mut params,
@@ -412,16 +411,16 @@ mod tests {
&lambda,
&public_attributes,
)
.unwrap()
.unblind(
&params,
elgamal_keypair.private_key(),
&keypair2.verification_key(),
&private_attributes,
&public_attributes,
&lambda.commitment_hash,
)
.unwrap();
.unwrap()
.unblind(
&params,
elgamal_keypair.private_key(),
&keypair2.verification_key(),
&private_attributes,
&public_attributes,
&lambda.commitment_hash,
)
.unwrap();
let theta1 = prove_credential(
&mut params,
@@ -430,7 +429,7 @@ mod tests {
serial_number,
binding_number,
)
.unwrap();
.unwrap();
let theta2 = prove_credential(
&mut params,
@@ -439,7 +438,7 @@ mod tests {
serial_number,
binding_number,
)
.unwrap();
.unwrap();
assert!(verify_credential(
&params,
@@ -480,7 +479,7 @@ mod tests {
&private_attributes,
&public_attributes,
)
.unwrap();
.unwrap();
let sigs = keypairs
.iter()
@@ -492,16 +491,16 @@ mod tests {
&lambda,
&public_attributes,
)
.unwrap()
.unblind(
&params,
elgamal_keypair.private_key(),
&keypair.verification_key(),
&private_attributes,
&public_attributes,
&lambda.commitment_hash,
)
.unwrap()
.unwrap()
.unblind(
&params,
elgamal_keypair.private_key(),
&keypair.verification_key(),
&private_attributes,
&public_attributes,
&lambda.commitment_hash,
)
.unwrap()
})
.collect::<Vec<_>>();
@@ -519,8 +518,14 @@ mod tests {
aggregate_signatures(&params, &aggr_vk, &attributes, &sigs[..2], Some(&[1, 2]))
.unwrap();
let theta =
prove_credential(&mut params, &aggr_vk, &aggr_sig, serial_number, binding_number).unwrap();
let theta = prove_credential(
&mut params,
&aggr_vk,
&aggr_sig,
serial_number,
binding_number,
)
.unwrap();
assert!(verify_credential(
&params,
@@ -535,8 +540,14 @@ mod tests {
aggregate_signatures(&params, &aggr_vk, &attributes, &sigs[1..], Some(&[2, 3]))
.unwrap();
let theta =
prove_credential(&mut params, &aggr_vk, &aggr_sig, serial_number, binding_number).unwrap();
let theta = prove_credential(
&mut params,
&aggr_vk,
&aggr_sig,
serial_number,
binding_number,
)
.unwrap();
assert!(verify_credential(
&params,
@@ -559,7 +570,7 @@ mod tests {
signature.0.to_affine().to_compressed(),
signature.1.to_affine().to_compressed(),
]
.concat();
.concat();
assert_eq!(expected_bytes, bytes);
assert_eq!(signature, Signature::try_from(&bytes[..]).unwrap())
}
@@ -579,10 +590,10 @@ mod tests {
// also make sure it is equivalent to the internal g1 compressed bytes concatenated
let expected_bytes = [
blinded_sig.0.to_affine().to_compressed(),
blinded_sig.1.0.to_affine().to_compressed(),
blinded_sig.1.1.to_affine().to_compressed(),
blinded_sig.1 .0.to_affine().to_compressed(),
blinded_sig.1 .1.to_affine().to_compressed(),
]
.concat();
.concat();
assert_eq!(expected_bytes, bytes);
assert_eq!(blinded_sig, BlindedSignature::try_from(&bytes[..]).unwrap())
}
+13 -13
View File
@@ -16,17 +16,17 @@ use core::ops::Neg;
use std::convert::TryFrom;
use std::convert::TryInto;
use bls12_381::{G1Affine, G1Projective, G2Prepared, G2Projective, multi_miller_loop, Scalar};
use bls12_381::{multi_miller_loop, G1Affine, G2Prepared, G2Projective, Scalar};
use group::{Curve, Group};
use crate::Attribute;
use crate::error::{CoconutError, Result};
use crate::proofs::ProofKappaNu;
use crate::scheme::setup::Parameters;
use crate::scheme::Signature;
use crate::scheme::VerificationKey;
use crate::traits::{Base58, Bytable};
use crate::utils::{try_deserialize_g1_projective, try_deserialize_g2_projective};
use crate::utils::try_deserialize_g2_projective;
use crate::Attribute;
// TODO NAMING: this whole thing
// Theta
@@ -133,10 +133,10 @@ pub fn compute_kappa(
params.gen2() * blinding_factor
+ verification_key.alpha
+ private_attributes
.iter()
.zip(verification_key.beta.iter())
.map(|(priv_attr, beta_i)| beta_i * priv_attr)
.sum::<G2Projective>()
.iter()
.zip(verification_key.beta.iter())
.map(|(priv_attr, beta_i)| beta_i * priv_attr)
.sum::<G2Projective>()
}
pub fn compute_zeta(params: &Parameters, serial_number: Attribute) -> G2Projective {
@@ -258,11 +258,11 @@ pub fn verify(
) -> bool {
let kappa = (verification_key.alpha
+ public_attributes
.iter()
.zip(verification_key.beta.iter())
.map(|(m_i, b_i)| b_i * m_i)
.sum::<G2Projective>())
.to_affine();
.iter()
.zip(verification_key.beta.iter())
.map(|(m_i, b_i)| b_i * m_i)
.sum::<G2Projective>())
.to_affine();
check_bilinear_pairing(
&sig.0.to_affine(),
@@ -298,7 +298,7 @@ mod tests {
serial_number,
binding_number,
)
.unwrap();
.unwrap();
let bytes = theta.to_bytes();
assert_eq!(Theta::try_from(bytes.as_slice()).unwrap(), theta);
+10 -4
View File
@@ -1,7 +1,7 @@
use crate::{
aggregate_signature_shares, aggregate_verification_keys, blind_sign, CoconutError,
elgamal_keygen, prepare_blind_sign, prove_credential, setup, Signature, SignatureShare,
ttp_keygen, VerificationKey, verify_credential,
aggregate_signature_shares, aggregate_verification_keys, blind_sign, elgamal_keygen,
prepare_blind_sign, prove_credential, setup, ttp_keygen, verify_credential, CoconutError,
Signature, SignatureShare, VerificationKey,
};
#[test]
@@ -85,7 +85,13 @@ fn main() -> Result<(), CoconutError> {
// Generate cryptographic material to verify them
let theta = prove_credential(&params, &verification_key, &signature, serial_number, binding_number)?;
let theta = prove_credential(
&params,
&verification_key,
&signature,
serial_number,
binding_number,
)?;
// Verify credentials