You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@milagro.apache.org by km...@apache.org on 2019/06/20 11:55:24 UTC
[incubator-milagro-crypto-c] 01/02: add point addition to BLS
This is an automated email from the ASF dual-hosted git repository.
kmccusker pushed a commit to branch issue11
in repository https://gitbox.apache.org/repos/asf/incubator-milagro-crypto-c.git
commit 4ae35dbf806f7a7a11f944ebfd3e0ff3fe0e873f
Author: Kealan McCusker <ke...@gmail.com>
AuthorDate: Wed Jun 19 15:23:31 2019 +0100
add point addition to BLS
---
README.md | 2 +-
config.mk | 2 +-
examples/testbls_ZZZ.c.in | 182 +++++++++++++++++++++++++++++++++++++++-------
include/bls.h.in | 26 ++++++-
src/bls.c.in | 55 ++++++++++++--
test/test_bls_ZZZ.c.in | 2 +-
6 files changed, 232 insertions(+), 37 deletions(-)
diff --git a/README.md b/README.md
index 6d2baf2..025e7aa 100644
--- a/README.md
+++ b/README.md
@@ -260,5 +260,5 @@ Please add yourself here if you make or have made a contribution.
1. [Check for open issues](https://github.com/apache/incubator-milagro-crypto-c/issues) or start a discussion around a feature idea or a bug by sending a mail to dev@milagro.incubator.apache.org
2. Fork the repository to start making your changes. Please use the "development" branch as a basis.
3. Write a test which shows that the bug was fixed or that the feature works as expected.
-4. Send a pull request with a reference to the issue
+4. Make a pull request with a reference to the issue
diff --git a/config.mk b/config.mk
index 13941ce..f3706a4 100644
--- a/config.mk
+++ b/config.mk
@@ -4,7 +4,7 @@
WORD_SIZE:=64
# Current choice of Elliptic Curve ANSSI C25519 NIST521 BLS24 C41417 NUMS256E BLS381 ED25519 NUMS256W BLS383 FP256BN NUMS384E BLS461 FP512BN NUMS384W BLS48 GOLDILOCKS NUMS512E BN254 HIFIVE NUMS512W BN254CX NIST256 SECP256K1 BRAINPOOL NIST384
-AMCL_CURVE:=ED25519,NIST256,GOLDILOCKS,BLS383
+AMCL_CURVE:=BLS383
# RSA security level: 2048 3072 4096
AMCL_RSA:=2048,3072
diff --git a/examples/testbls_ZZZ.c.in b/examples/testbls_ZZZ.c.in
index f84525e..d249c69 100644
--- a/examples/testbls_ZZZ.c.in
+++ b/examples/testbls_ZZZ.c.in
@@ -16,8 +16,6 @@ specific language governing permissions and limitations
under the License.
*/
-/* test driver and function exerciser for BLS Signature API Functions */
-
/* Build executable after installation:
gcc -O0 -g ./testbls_ZZZ.c $(pkg-config --libs --cflags amcl) -o testbls_ZZZ
@@ -47,30 +45,97 @@ under the License.
#define G2LEN 16*BFS_ZZZ
#endif
-static char message[]="This is a test message";
+static char message[]="test message";
int bls(csprng *RNG)
{
int rc;
- char s[BGS_ZZZ];
- char w[G2LEN];
+
+ char sk1[BGS_ZZZ];
+ octet SK1 = {0,sizeof(sk1),sk1};
+ char pk1[G2LEN];
+ octet PK1 = {0,sizeof(pk1),pk1};
+ char sig1[BFS_ZZZ+1];
+ octet SIG1 = {0,sizeof(sig1),sig1};
+
+ char sk2[BGS_ZZZ];
+ octet SK2 = {0,sizeof(sk2),sk2};
+ char pk2[G2LEN];
+ octet PK2 = {0,sizeof(pk2),pk2};
+ char sig2[BFS_ZZZ+1];
+ octet SIG2 = {0,sizeof(sig2),sig2};
+
+ char sk3[BGS_ZZZ];
+ octet SK3 = {0,sizeof(sk3),sk3};
+ char pk3[G2LEN];
+ octet PK3 = {0,sizeof(pk3),pk3};
+ char sig3[BFS_ZZZ+1];
+ octet SIG3 = {0,sizeof(sig3),sig3};
+
+ // Combined signature and public keys
+ char pk[G2LEN];
+ octet PK = {0,sizeof(pk),pk};
char sig[BFS_ZZZ+1];
- octet S= {0,sizeof(s),s};
- octet W= {0,sizeof(w),w};
- octet SIG= {0,sizeof(sig),sig};
+ octet SIG = {0,sizeof(sig),sig};
+
+ // Generate key pairs
+ BLS_ZZZ_KEY_PAIR_GENERATE(RNG,&SK1,&PK1);
+ BLS_ZZZ_KEY_PAIR_GENERATE(RNG,&SK2,&PK2);
+ BLS_ZZZ_KEY_PAIR_GENERATE(RNG,&SK3,&PK3);
- BLS_ZZZ_KEY_PAIR_GENERATE(RNG,&S,&W);
+ printf("Private key SK1: ");
+ OCT_output(&SK1);
+ printf("Public key PK1: ");
+ OCT_output(&PK1);
+ printf("Private key SK2: ");
+ OCT_output(&SK2);
+ printf("Public key PK2: ");
+ OCT_output(&PK2);
+ printf("Private key SK3: ");
+ OCT_output(&SK2);
+ printf("Public key PK3: ");
+ OCT_output(&PK2);
+ printf("\n");
- printf("Private key: 0x");
- OCT_output(&S);
- printf("Public key: 0x");
- OCT_output(&W);
+ // Sign the message
+ BLS_ZZZ_SIGN(&SIG1,message,&SK1);
+ BLS_ZZZ_SIGN(&SIG2,message,&SK2);
+ BLS_ZZZ_SIGN(&SIG3,message,&SK3);
- BLS_ZZZ_SIGN(&SIG,message,&S);
- printf("Signature: 0x");
- OCT_output(&SIG);
+ printf("SIG1: ");
+ OCT_output(&SIG1);
+ printf("SIG2: ");
+ OCT_output(&SIG2);
+ printf("SIG3: ");
+ OCT_output(&SIG3);
+ printf("\n");
+
+ // Verify signature
+ rc=BLS_ZZZ_VERIFY(&SIG1,message,&PK1);
+ if (rc==BLS_OK)
+ {
+ printf("Success: Signature is valid\n");
+ }
+ else
+ {
+ printf("Error: Invalid Signature\n");
+ return 1;
+ }
+
+ // Verify signature
+ rc=BLS_ZZZ_VERIFY(&SIG2,message,&PK2);
+ if (rc==BLS_OK)
+ {
+ printf("Success: Signature is valid\n");
+ }
+ else
+ {
+ printf("Error: Invalid Signature\n");
+ return 1;
+ }
- rc=BLS_ZZZ_VERIFY(&SIG,message,&W);
+ // Verify signature
+ rc=BLS_ZZZ_VERIFY(&SIG3,message,&PK3);
if (rc==BLS_OK)
{
printf("Success: Signature is valid\n");
@@ -78,38 +143,105 @@ int bls(csprng *RNG)
else
{
printf("Error: Invalid Signature\n");
+ return 1;
+ }
+
+ // Add Public keys
+ rc = BLS_ADD_G2(&PK1,&PK2,&PK);
+ if (rc!=BLS_OK)
+ {
+ printf("ERROR BLS_ADD_G2 errorCode : %d\n", rc);
+ return 1;
+ }
+ rc = BLS_ADD_G2(&PK,&PK3,&PK);
+ if (rc!=BLS_OK)
+ {
+ printf("ERROR BLS_ADD_G2 errorCode : %d\n", rc);
+ return 1;
+ }
+ printf("Public key PK: ");
+ OCT_output(&PK);
+ printf("\n");
+
+ // Add signatures
+ rc = BLS_ADD_G1(&SIG1,&SIG2,&SIG);
+ if (rc!=BLS_OK)
+ {
+ printf("ERROR BLS_ADD_G1 errorCode : %d\n", rc);
+ return 1;
+ }
+
+ // Verify combined signature. This should fail.
+ rc=BLS_ZZZ_VERIFY(&SIG,message,&PK);
+ if (rc==BLS_OK)
+ {
+ printf("Success: Combined signature is valid\n");
+ return 1;
+ }
+ else
+ {
+ printf("Error: Combined signature is invalid\n");
}
+ rc = BLS_ADD_G1(&SIG,&SIG3,&SIG);
+ if (rc!=BLS_OK)
+ {
+ printf("ERROR BLS_ADD_G1 errorCode : %d\n", rc);
+ return 1;
+ }
+ printf("SIG: ");
+ OCT_output(&SIG);
+ printf("\n");
+ // Verify combined signature.
+ rc=BLS_ZZZ_VERIFY(&SIG,message,&PK);
+ if (rc==BLS_OK)
+ {
+ printf("Success: Combined signature is valid\n");
+ }
+ else
+ {
+ printf("Error: Combined signature is invalid\n");
+ return 1;
+ }
+
+
// change the message
message[0]='Z';
printf("message %s\n", message);
- rc=BLS_ZZZ_VERIFY(&SIG,message,&W);
+ rc=BLS_ZZZ_VERIFY(&SIG1,message,&PK1);
if (rc==BLS_OK)
{
printf("Success: Signature is valid\n");
+ return 1;
}
else
{
- printf("Error: Invalid Signature\n");
+ printf("Error: Invalid Signature\n");
}
// Change the signature
- message[0]='T';
- SIG.val[0]=5;
+ message[0]='t';
+ SIG1.val[0]=5;
printf("message %s\n", message);
- printf("Signature: 0x");
- OCT_output(&SIG);
- rc=BLS_ZZZ_VERIFY(&SIG,message,&W);
+ printf("Sig1nature SIG1: ");
+ OCT_output(&SIG1);
+ rc=BLS_ZZZ_VERIFY(&SIG1,message,&PK1);
if (rc==BLS_OK)
{
printf("Success: Signature is valid\n");
+ return 1;
}
else
{
printf("Error: Invalid Signature\n");
}
- return rc;
+ /* clear memory */
+ OCT_clear(&SK1);
+ OCT_clear(&SK2);
+ OCT_clear(&SK3);
+
+ return 0;
}
diff --git a/include/bls.h.in b/include/bls.h.in
index de179c8..ab22d88 100644
--- a/include/bls.h.in
+++ b/include/bls.h.in
@@ -39,8 +39,10 @@ under the License.
#define BGS_ZZZ MODBYTES_XXX /**< BLS Group Size */
#define BFS_ZZZ MODBYTES_XXX /**< BLS Field Size */
-#define BLS_OK 0 /**< Function completed without error */
-#define BLS_FAIL -1 /**< Point is NOT on the curve */
+#define BLS_OK 0 /**< Function completed without error */
+#define BLS_FAIL 41 /**< Invalid signature */
+#define BLS_INVALID_G1 42 /**< Not a valid G1 point on the curve */
+#define BLS_INVALID_G2 43 /**< Not a valid G2 point on the curve */
/* BLS API functions */
@@ -71,5 +73,25 @@ int BLS_ZZZ_SIGN(octet *SIG,char *m,octet *S);
*/
int BLS_ZZZ_VERIFY(octet *SIG,char *m,octet *W);
+
+/** @brief Add two members from the group G1
+ *
+ @param R1 member of G1
+ @param R2 member of G1
+ @param R member of G1. R = R1+R2
+ @return Zero for success or else an error code
+ */
+int BLS_ADD_G1(octet *R1,octet *R2,octet *R);
+
+/** @brief Add two members from the group G2
+ *
+ @param W1 member of G2
+ @param W2 member of G2
+ @param W member of G2. W = W1+W2
+ @return Zero for success or else an error code
+ */
+int BLS_ADD_G2(octet *W1,octet *W2,octet *W);
+
+
#endif
diff --git a/src/bls.c.in b/src/bls.c.in
index 277d3cd..d00cbd0 100644
--- a/src/bls.c.in
+++ b/src/bls.c.in
@@ -26,7 +26,6 @@ under the License.
#include "bls_ZZZ.h"
/* hash a message to an ECP point, using SHA3 */
-
static void BLS_HASHIT(ECP_ZZZ *P,char *m)
{
int i;
@@ -41,7 +40,6 @@ static void BLS_HASHIT(ECP_ZZZ *P,char *m)
}
/* generate key pair, private key S, public key W */
-
int BLS_ZZZ_KEY_PAIR_GENERATE(csprng *RNG,octet* S,octet *W)
{
ECP2_ZZZ G;
@@ -57,7 +55,6 @@ int BLS_ZZZ_KEY_PAIR_GENERATE(csprng *RNG,octet* S,octet *W)
}
/* Sign message m using private key S to produce signature SIG */
-
int BLS_ZZZ_SIGN(octet *SIG,char *m,octet *S)
{
BIG_XXX s;
@@ -70,7 +67,6 @@ int BLS_ZZZ_SIGN(octet *SIG,char *m,octet *S)
}
/* Verify signature of message m, the signature SIG, and the public key W */
-
int BLS_ZZZ_VERIFY(octet *SIG,char *m,octet *W)
{
FP12_YYY v;
@@ -84,10 +80,55 @@ int BLS_ZZZ_VERIFY(octet *SIG,char *m,octet *W)
PAIR_ZZZ_double_ate(&v,&G,&D,&PK,&HM);
-
PAIR_ZZZ_fexp(&v);
- if (FP12_YYY_isunity(&v)) return BLS_OK;
- return BLS_FAIL;
+ if (!FP12_YYY_isunity(&v))
+ {
+ return BLS_FAIL;
+ }
+ return BLS_OK;
+}
+
+/* R=R1+R2 in group G1 */
+int BLS_ADD_G1(octet *R1,octet *R2,octet *R)
+{
+ ECP_ZZZ P;
+ ECP_ZZZ T;
+
+ if (!ECP_ZZZ_fromOctet(&P,R1))
+ {
+ return BLS_INVALID_G1;
+ }
+
+ if (!ECP_ZZZ_fromOctet(&T,R2))
+ {
+ return BLS_INVALID_G1;
+ }
+
+ ECP_ZZZ_add(&P,&T);
+ ECP_ZZZ_toOctet(R,&P,true);
+
+ return BLS_OK;
}
+/* W=W1+W2 in group G2 */
+int BLS_ADD_G2(octet *W1,octet *W2,octet *W)
+{
+ ECP2_ZZZ Q;
+ ECP2_ZZZ T;
+
+ if (!ECP2_ZZZ_fromOctet(&Q,W1))
+ {
+ return BLS_INVALID_G2;
+ }
+
+ if (!ECP2_ZZZ_fromOctet(&T,W2))
+ {
+ return BLS_INVALID_G2;
+ }
+
+ ECP2_ZZZ_add(&Q,&T);
+ ECP2_ZZZ_toOctet(W,&Q);
+
+ return BLS_OK;
+}
diff --git a/test/test_bls_ZZZ.c.in b/test/test_bls_ZZZ.c.in
index c35c75b..47d4642 100644
--- a/test/test_bls_ZZZ.c.in
+++ b/test/test_bls_ZZZ.c.in
@@ -96,7 +96,7 @@ int bls(csprng *RNG)
printf("Signature: 0x");
OCT_output(&SIG);
rc=BLS_ZZZ_VERIFY(&SIG,message,&W);
- if (rc!=BLS_OK)
+ if (rc!=BLS_OK)
{
printf("Test Passed invalid Signature / valid message\n");
}