Merge pull request #3 from Cybersecurity-LINKS/test

Code Refactoring and Cleanup with Features implementation ("cl03" and "bbsplus")
Cybersecurity-LINKS · Oct 24, 2023 · 9f025da · 9f025da
2 parents d965bc1 + 8804dd8
commit 9f025da
Show file tree

Hide file tree

Showing 37 changed files with 2,414 additions and 2,212 deletions.
diff --git a/.gitignore b/.gitignore
@@ -14,4 +14,7 @@ Cargo.lock
 
 /target
 
-keypair.txt
+keypair.txt
+
+
+.vscode
diff --git a/Cargo.toml b/Cargo.toml
@@ -3,6 +3,8 @@ name = "zkryptium"
 version = "0.1.0"
 edition = "2021"
 license = "Apache-2.0"
+authors = ["LINKS Foundation"]
+description = "Rust crypto library for zero-knowledge proofs"
 rust-version = "1.65"
 
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
@@ -39,12 +41,20 @@ dotenv = "0.15.0"
 [lib]
 name = "zkryptium"
 path = "src/lib.rs"
+features = ["cl03"]
+
 
 [[example]]
 name = "bbsplus"
 path = "examples/bbsplus.rs"
+features = ["bbsplus"]
 
 [[example]]
 name = "cl03"
 path = "examples/cl03.rs"
+features = ["cl03"]
 
+[features]
+cl03 = []
+bbsplus = []
+default = ["cl03", "bbsplus"]
diff --git a/examples/bbsplus.rs b/examples/bbsplus.rs
@@ -16,7 +16,7 @@ use std::env;
 
 use elliptic_curve::hash2curve::ExpandMsg;
 
-use zkryptium::{utils::{message::BBSplusMessage, random::generate_nonce}, keys::pair::KeyPair, bbsplus::{generators::{make_generators, global_generators, signer_specific_generators}, ciphersuites::BbsCiphersuite}, schemes::algorithms::{BBSplus, Scheme, BBS_BLS12381_SHAKE256, BBS_BLS12381_SHA256}, signatures::{commitment::Commitment, blind::BlindSignature, proof::{PoKSignature, ZKPoK}}};
+use zkryptium::{utils::{message::BBSplusMessage, random::generate_nonce}, keys::pair::KeyPair, bbsplus::{generators::{make_generators, signer_specific_generators}, ciphersuites::BbsCiphersuite}, schemes::algorithms::{BBSplus, Scheme, BBS_BLS12381_SHAKE256, BBS_BLS12381_SHA256}, schemes::generics::{Commitment, BlindSignature, PoKSignature, ZKPoK}};
 
 
 

diff --git a/examples/cl03.rs b/examples/cl03.rs
@@ -15,7 +15,7 @@
 use std::env;
 
 use digest::Digest;
-use zkryptium::{schemes::algorithms::{CL03, Scheme, CL03_CL1024_SHA256, Ciphersuite}, signatures::{commitment::Commitment, blind::BlindSignature, proof::{PoKSignature, ZKPoK}}, cl03::{ciphersuites::CLCiphersuite, bases::Bases}, keys::{pair::KeyPair, cl03_key::CL03CommitmentPublicKey}, utils::message::CL03Message};
+use zkryptium::{schemes::algorithms::{CL03, Scheme, CL03_CL1024_SHA256, Ciphersuite}, schemes::generics::{Commitment, BlindSignature, PoKSignature, ZKPoK}, cl03::{ciphersuites::CLCiphersuite, bases::Bases, keys::CL03CommitmentPublicKey}, keys::pair::KeyPair, utils::message::CL03Message};
 
 
 fn cl03_main<S: Scheme>() 
@@ -81,7 +81,9 @@ fn main() {
     let args: Vec<String> = env::args().collect();
 
     if args.len() != 2 {
-        println!("Usage: {} <cipher_suite>", args[0]);
+        println!("Usage: {} <cipher_suite>
+                Ciphersuites:
+                    - CL1024-SHA-256", args[0]);
         return;
     }
 

diff --git a/src/signatures/blind.rs → src/bbsplus/blind.rs b/src/signatures/blind.rs → src/bbsplus/blind.rs
@@ -14,16 +14,13 @@
 
 
 use std::panic;
-
 use bls12_381_plus::{G1Projective, Scalar, G1Affine};
-use digest::Digest;
 use elliptic_curve::{group::Curve, subtle::{CtOption, Choice}, hash2curve::ExpandMsg};
-use rug::{Integer, ops::Pow};
 use serde::{Deserialize, Serialize};
+use crate::{schemes::algorithms::BBSplus, utils::message::BBSplusMessage, bbsplus::{ciphersuites::BbsCiphersuite, generators::{Generators, make_generators, signer_specific_generators}}, utils::util::{calculate_domain, ScalarExt, hash_to_scalar_old}, errors::BlindSignError, schemes::generics::{BlindSignature, Signature, ZKPoK}};
+use super::{commitment::BBSplusCommitment, keys::{BBSplusSecretKey, BBSplusPublicKey}, signature::BBSplusSignature};
 
-use crate::{schemes::algorithms::{Scheme, BBSplus, CL03}, utils::message::{BBSplusMessage, CL03Message}, bbsplus::{ciphersuites::BbsCiphersuite, generators::{Generators, make_generators, signer_specific_generators}}, cl03::{ciphersuites::CLCiphersuite, bases::Bases}, keys::{cl03_key::{CL03PublicKey, CL03SecretKey, CL03CommitmentPublicKey}, bbsplus_key::{BBSplusSecretKey, BBSplusPublicKey}}, utils::{random::{random_prime, random_bits}, util::{calculate_domain, ScalarExt, hash_to_scalar_old}}, errors::BlindSignError};
 
-use super::{commitment::{CL03Commitment, Commitment, BBSplusCommitment}, signature::{CL03Signature, BBSplusSignature, Signature}, proof::ZKPoK};
 
 #[derive(Clone, PartialEq, Eq, Debug, Serialize, Deserialize)]
 pub struct BBSplusBlindSignature {
@@ -33,20 +30,6 @@ pub struct BBSplusBlindSignature {
 }
 
 
-#[derive(Clone, PartialEq, Eq, Debug, Serialize, Deserialize)]
-pub struct CL03BlindSignature {
-    pub(crate) e: Integer,
-    pub(crate) rprime: Integer,
-    pub(crate) v: Integer,
-}
-
-#[derive(Clone, PartialEq, Eq, Debug, Serialize, Deserialize)]
-pub enum BlindSignature<S: Scheme> {
-    BBSplus(BBSplusBlindSignature),
-    CL03(CL03BlindSignature),
-    _Unreachable(std::marker::PhantomData<S>)
-}
-
 impl <CS:BbsCiphersuite> BlindSignature<BBSplus<CS>> {
 
     pub fn blind_sign(revealed_messages: &[BBSplusMessage], commitment: &BBSplusCommitment, zkpok: &ZKPoK<BBSplus<CS>>, sk: &BBSplusSecretKey, pk: &BBSplusPublicKey, generators: Option<&Generators>, revealed_message_indexes: &[usize], unrevealed_message_indexes: &[usize], nonce: &[u8], header: Option<&[u8]>) -> Result<Self, Box<BlindSignError>>
@@ -193,81 +176,4 @@ impl <CS:BbsCiphersuite> BlindSignature<BBSplus<CS>> {
         })
     }
 
-}
-
-impl <CS:CLCiphersuite> BlindSignature<CL03<CS>> {
-
-    pub fn e(&self) -> &Integer {
-        match self {
-            Self::CL03(inner) => &inner.e,
-            _ => panic!("Cannot happen!"),
-        }
-    }
-
-    pub fn rprime(&self) -> &Integer {
-        match self {
-            Self::CL03(inner) => &inner.rprime,
-            _ => panic!("Cannot happen!"),
-        }
-    }
-
-    pub fn v(&self) -> &Integer {
-        match self {
-            Self::CL03(inner) => &inner.v,
-            _ => panic!("Cannot happen!"),
-        }
-    }
-
-    //TODO: ("remove the indexes");
-
-    pub fn blind_sign(pk: &CL03PublicKey, sk: &CL03SecretKey, a_bases: &Bases, zkpok: &ZKPoK<CL03<CS>>, revealed_messages: Option<&[CL03Message]>, C: &CL03Commitment, C_trusted: Option<&CL03Commitment>, commitment_pk: Option<&CL03CommitmentPublicKey>, unrevealed_message_indexes: &[usize], revealed_message_indexes: Option<&[usize]>) -> Self
-    where
-        CS::HashAlg: Digest
-    {
-
-        if !zkpok.verify_proof(C, C_trusted, pk, a_bases, commitment_pk, unrevealed_message_indexes) {
-            panic!("Knowledge of committed secrets not verified");
-        }
-
-        let mut extended_commitment: Commitment<CL03<CS>> = Commitment::CL03(C.clone());
-        if revealed_messages.is_some() && revealed_message_indexes.is_some() { 
-            extended_commitment.extend_commitment_with_pk(revealed_messages.unwrap(), pk, a_bases, revealed_message_indexes);
-        }
-        let mut e = random_prime(CS::le);
-        let phi_n = (&sk.p - Integer::from(1)) * (&sk.q - Integer::from(1));
-        while ((&e > &Integer::from(2).pow(CS::le-1)) && (&e < &Integer::from(2).pow(CS::le)) && (Integer::from(e.gcd_ref(&phi_n)) == 1)) == false {
-            e = random_prime(CS::le);
-        }
-
-        let rprime = random_bits(CS::ls);
-        let e2n = Integer::from(e.invert_ref(&phi_n).unwrap());
-
-        // v = powmod(((Cx) * powmod(pk['b'], rprime, pk['N']) * pk['c']), e2n, pk['N'])
-        let v = Integer::from((extended_commitment.value() * Integer::from(pk.b.pow_mod_ref(&rprime, &pk.N).unwrap()) * &pk.c).pow_mod_ref(&e2n, &pk.N).unwrap());
-        let sig = CL03BlindSignature{e, rprime, v};
-        // sig = { 'e':e, 'rprime':rprime, 'v':v }
-
-        Self::CL03(sig)
-
-    }
-
-    pub fn unblind_sign(&self, commitment: &Commitment<CL03<CS>>) -> Signature<CL03<CS>> {
-        let s = commitment.randomness().clone() + self.rprime();
-        Signature::CL03(CL03Signature { e: self.e().clone(), s, v: self.v().clone()})
-    }
-
-    pub fn update_signature(&self, revealed_messages: Option<&[CL03Message]>, C: &CL03Commitment, sk: &CL03SecretKey, pk: &CL03PublicKey, a_bases: &Bases,  revealed_message_indexes: Option<&[usize]>) -> Self {
-        let mut extended_commitment: Commitment<CL03<CS>> = Commitment::CL03(C.clone());
-        if revealed_messages.is_some() && revealed_message_indexes.is_some() { 
-            extended_commitment.extend_commitment_with_pk(revealed_messages.unwrap(), pk, a_bases, revealed_message_indexes);
-        }
-
-        let phi_N = (&sk.p - Integer::from(1)) * (&sk.q - Integer::from(1));
-        let e2n = Integer::from(self.e().invert_ref(&phi_N).unwrap());
-
-        let v = Integer::from((extended_commitment.value() * Integer::from(pk.b.pow_mod_ref(self.rprime(), &pk.N).unwrap()) * &pk.c).pow_mod_ref(&e2n, &pk.N).unwrap());
-
-        let sig = CL03BlindSignature{e: self.e().clone(), rprime: self.rprime().clone(), v};
-        Self::CL03(sig)
-    }
 }
diff --git a/src/bbsplus/ciphersuites.rs b/src/bbsplus/ciphersuites.rs
@@ -16,7 +16,6 @@ use serde::{Deserialize, Serialize};
 use sha3::Shake256;
 use sha2::Sha256;
 use elliptic_curve::hash2curve::{ExpandMsg, ExpandMsgXof, ExpandMsgXmd};
-
 use crate::schemes::algorithms::Ciphersuite;
 
 

diff --git a/src/bbsplus/commitment.rs b/src/bbsplus/commitment.rs
@@ -0,0 +1,103 @@
+// Copyright 2023 Fondazione LINKS
+
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+use bls12_381_plus::{Scalar, G1Projective};
+use elliptic_curve::hash2curve::ExpandMsg;
+use serde::{Deserialize, Serialize};
+use crate::{utils::message::{Message, BBSplusMessage}, bbsplus::{ciphersuites::BbsCiphersuite, generators::{Generators, make_generators, global_generators}}, schemes::algorithms::BBSplus, utils::util::{calculate_random_scalars, subgroup_check_g1}, schemes::generics::Commitment};
+
+
+
+#[derive(Clone, PartialEq, Eq, Debug, Serialize, Deserialize)]
+pub struct BBSplusCommitment {
+    pub value: G1Projective,
+    pub s_prime: Scalar
+}
+
+
+
+impl <CS: BbsCiphersuite> Commitment<BBSplus<CS>> {
+
+    pub fn commit(messages: &[BBSplusMessage], generators: Option<&Generators>, unrevealed_message_indexes: &[usize]) -> Self
+    where
+        CS::Expander: for<'a> ExpandMsg<'a>,
+    {
+
+        let s_prime = calculate_random_scalars::<CS>(1, None);
+
+        if unrevealed_message_indexes.is_empty() {
+                        panic!("Unrevealed message indexes empty");
+                    }
+
+        let get_generators_fn = make_generators::<CS>;
+
+        let gens: Generators;
+        if generators.is_none() {
+            gens = global_generators(get_generators_fn, unrevealed_message_indexes.iter().max().unwrap()+3).to_owned().clone();
+        }
+        else {
+            gens = generators.unwrap().clone();
+        }
+
+
+        if unrevealed_message_indexes.iter().max().unwrap() >= &gens.message_generators.len() {
+            panic!("Non enought generators!");
+        }
+
+        if subgroup_check_g1(gens.g1_base_point) == false {
+            panic!("Failed subgroup check");
+        }
+
+        for i in unrevealed_message_indexes {
+            if subgroup_check_g1(gens.message_generators[*i]) == false {
+                panic!("Failed subgroup check");
+            }
+        }
+
+        let mut commitment = gens.q1 * s_prime[0];
+
+        // let mut index: usize = 0;
+
+        for i in unrevealed_message_indexes {
+            // commitment = commitment + (gens.message_generators[*i] * Scalar::from_bytes(&messages[index].to_bytes()).unwrap());
+            commitment += gens.message_generators.get(*i).expect("index overflow") * &messages.get(*i).expect("Index overflow").get_value();
+
+            // index = index + 1;
+        }
+
+        Self::BBSplus(BBSplusCommitment{value: commitment, s_prime: s_prime[0]})
+
+    }
+
+    pub fn value(&self) -> &G1Projective {
+        match self {
+            Self::BBSplus(inner) => &inner.value,
+            _ => panic!("Cannot happen!")
+        }
+    }
+
+    pub fn bbsPlusCommitment(&self) -> &BBSplusCommitment {
+        match self {
+            Self::BBSplus(inner) => &inner,
+            _ => panic!("Cannot happen!"),
+        }
+    }
+
+    pub fn s_prime(&self) -> &Scalar {
+        match self {
+            Self::BBSplus(inner) => &inner.s_prime,
+            _ => panic!("Cannot happen!")
+        }
+    }
+}
diff --git a/src/bbsplus/generators.rs b/src/bbsplus/generators.rs
@@ -13,24 +13,25 @@
 // limitations under the License.
 
 use bls12_381_plus::G1Projective;
-
 use elliptic_curve::group::Curve;
 use elliptic_curve::hash2curve::{ExpandMsg, Expander};
 use serde::{Serialize, Deserialize};
 use std::env;
 use std::fs::File;
 use std::io::{BufWriter, Write};
 use serde::ser::{Serializer, SerializeStruct};
-
-use crate::keys::bbsplus_key::BBSplusPublicKey;
+use crate::bbsplus::keys::BBSplusPublicKey;
 use super::ciphersuites::BbsCiphersuite;
 
+
+
+
 #[derive(Clone, PartialEq, Eq, Debug, Deserialize)]
 pub struct Generators {
-    pub(crate) g1_base_point: G1Projective,
-    pub(crate) q1: G1Projective,
-    pub(crate) q2: G1Projective,
-    pub(crate) message_generators: Vec<G1Projective>
+    pub g1_base_point: G1Projective,
+    pub q1: G1Projective,
+    pub q2: G1Projective,
+    pub message_generators: Vec<G1Projective>
 }
 
 impl Serialize for Generators {