Skip to content

Commit

Permalink
Fix compilation.
Browse files Browse the repository at this point in the history
  • Loading branch information
@oskin1
oskin1 committed Jun 23, 2023
1 parent 6ebba1d commit 825b45e
Show file tree
Hide file tree
Showing 6 changed files with 120 additions and 167 deletions.
219 changes: 89 additions & 130 deletions spectrum-kes/src/kes.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,13 +10,14 @@
//! * [2017/573]( https://eprint.iacr.org/2017/573.pdf)

use std::ops::Add;
use ecdsa::{RecoveryId, Signature, SigningKey, VerifyingKey};

use ecdsa::hazmat::SignPrimitive;
use ecdsa::signature::{Signer, SignerMut};
use elliptic_curve::{CurveArithmetic, PublicKey, SecretKey};
use ecdsa::{Signature, SigningKey, VerifyingKey};
use elliptic_curve::generic_array::ArrayLength;
use elliptic_curve::point::PointCompression;
use elliptic_curve::sec1::{FromEncodedPoint, ModulusSize, ToEncodedPoint};
use elliptic_curve::{CurveArithmetic, PublicKey, SecretKey};
use k256::ecdsa::signature::Verifier;
use k256::Secp256k1;

Expand All @@ -28,61 +29,60 @@ use crate::utils::{double_the_seed, merge_public_keys};
pub struct Error;

#[derive(Debug)]
pub struct KesSumSecretKey<TCurve: CurveArithmetic>
{
pub struct KesSumSecretKey<TCurve: CurveArithmetic> {
sk_0: SecretKey<TCurve>,
seed_1: Sha2Digest256,
pk_0: PublicKey<TCurve>,
pk_1: PublicKey<TCurve>,

}

pub struct KesSignature<TCurve: CurveArithmetic + ecdsa::PrimeCurve>
{
pub struct KesSignature<TCurve: CurveArithmetic + ecdsa::PrimeCurve> {
sig: Signature<TCurve>,
pk_0: PublicKey<TCurve>,
pk_1: PublicKey<TCurve>,
}

pub fn kes_key_gen<TCurve: CurveArithmetic>(seed: &Sha2Digest256) -> Result<(SecretKey<TCurve>,
PublicKey<TCurve>),
Error>
{
pub fn kes_key_gen<TCurve: CurveArithmetic>(
seed: &Sha2Digest256,
) -> Result<(SecretKey<TCurve>, PublicKey<TCurve>), Error> {
let seed_bytes: [u8; 32] = (*seed).into();
let sk: SecretKey::<TCurve> = SecretKey::<TCurve>::from_slice(&seed_bytes).unwrap();
let pk = PublicKey::<TCurve>::from_secret_scalar(
&sk.to_nonzero_scalar());
let sk: SecretKey<TCurve> = SecretKey::<TCurve>::from_slice(&seed_bytes).unwrap();
let pk = PublicKey::<TCurve>::from_secret_scalar(&sk.to_nonzero_scalar());
Ok((sk, pk))
}

pub fn kes_sk_key_gen<TCurve: CurveArithmetic>(seed: &Sha2Digest256) -> Result<SecretKey<TCurve>,
Error>
{
pub fn kes_sk_key_gen<TCurve: CurveArithmetic>(seed: &Sha2Digest256) -> Result<SecretKey<TCurve>, Error> {
let seed_bytes: [u8; 32] = (*seed).into();
let sk = SecretKey::<TCurve>::from_slice(&seed_bytes).unwrap();
Ok(sk)
}

pub fn kes_sum_key_gen<TCurve: CurveArithmetic + PointCompression>(seed: &Sha2Digest256) ->
Result<(KesSumSecretKey<TCurve>, PublicKey<TCurve>), Error>
where <TCurve as CurveArithmetic>::AffinePoint: FromEncodedPoint<TCurve>,
<TCurve as elliptic_curve::Curve>::FieldBytesSize: ModulusSize,
<TCurve as CurveArithmetic>::AffinePoint: ToEncodedPoint<TCurve>
pub fn kes_sum_key_gen<TCurve: CurveArithmetic + PointCompression>(
seed: &Sha2Digest256,
) -> Result<(KesSumSecretKey<TCurve>, PublicKey<TCurve>), Error>
where
<TCurve as CurveArithmetic>::AffinePoint: FromEncodedPoint<TCurve>,
<TCurve as elliptic_curve::Curve>::FieldBytesSize: ModulusSize,
<TCurve as CurveArithmetic>::AffinePoint: ToEncodedPoint<TCurve>,
{
let (seed_0, seed_1) = double_the_seed(&seed);
let (sk_0, pk_0) = kes_key_gen::<TCurve>(
&seed_0).unwrap();
let (sk_0, pk_0) = kes_key_gen::<TCurve>(&seed_0).unwrap();
let (_, pk_1) = kes_key_gen::<TCurve>(&seed_1).unwrap();
let pk_sum = merge_public_keys(&pk_0, &pk_1);
let sk_sum = KesSumSecretKey { sk_0, seed_1, pk_0, pk_1 };
let sk_sum = KesSumSecretKey {
sk_0,
seed_1,
pk_0,
pk_1,
};
Ok((sk_sum, pk_sum))
}

fn kes_sum_update<TCurve: CurveArithmetic>(kes_sk: &KesSumSecretKey<TCurve>,
current_slot: &i32,
bound_slot: &i32)
-> Result<KesSumSecretKey<TCurve>, Error>
{
fn kes_sum_update<TCurve: CurveArithmetic>(
kes_sk: &KesSumSecretKey<TCurve>,
current_slot: &i32,
bound_slot: &i32,
) -> Result<KesSumSecretKey<TCurve>, Error> {
let sk_new = {
if *current_slot + 1 >= *bound_slot {
kes_sk_key_gen::<TCurve>(&kes_sk.seed_1).unwrap()
Expand All @@ -99,67 +99,64 @@ fn kes_sum_update<TCurve: CurveArithmetic>(kes_sk: &KesSumSecretKey<TCurve>,
})
}

pub fn kes_sum_sign(kes_sk: &KesSumSecretKey<Secp256k1>,
message: &Sha2Digest256)
-> Result<KesSignature<Secp256k1>, Error>

{
pub fn kes_sum_sign(
kes_sk: &KesSumSecretKey<Secp256k1>,
message: &Sha2Digest256,
) -> Result<KesSignature<Secp256k1>, Error> {
{
let signing_key: SigningKey<Secp256k1> = SigningKey::from(kes_sk.sk_0.clone());
let signature: (Signature<Secp256k1>, RecoveryId) = signing_key.sign(message.0.as_slice());
let signature: Signature<Secp256k1> = signing_key.sign(message.as_ref());
Ok(KesSignature {
sig: signature.0,
sig: signature,
pk_0: kes_sk.pk_0,
pk_1: kes_sk.pk_1,
})
}
}

pub fn kes_sum_generic_sign<TCurve: CurveArithmetic +
elliptic_curve::PrimeCurve>(kes_sk:
&KesSumSecretKey<TCurve>,
message: &Sha2Digest256)
-> Result<KesSignature<TCurve>, Error>
where <TCurve as CurveArithmetic>::Scalar: SignPrimitive<TCurve>,
<<TCurve as elliptic_curve::Curve>::FieldBytesSize as Add>::Output: ArrayLength<u8>

pub fn kes_sum_generic_sign<TCurve>(
kes_sk: &KesSumSecretKey<TCurve>,
message: &Sha2Digest256,
) -> Result<KesSignature<TCurve>, Error>
where
TCurve: CurveArithmetic + elliptic_curve::PrimeCurve,
<TCurve as CurveArithmetic>::Scalar: SignPrimitive<TCurve>,
<<TCurve as elliptic_curve::Curve>::FieldBytesSize as Add>::Output: ArrayLength<u8>,
SigningKey<TCurve>: Signer<Signature<TCurve>>,
SigningKey<TCurve>: SignerMut<Signature<TCurve>>,
{
{
let signing_key: SigningKey<TCurve> = SigningKey::<TCurve>::from(&kes_sk.sk_0);
let signature: (Signature<TCurve>, RecoveryId) = signing_key.sign(message.0.as_slice());
let signing_key = SigningKey::from(&kes_sk.sk_0);
let signature = signing_key.sign(message.as_ref());
Ok(KesSignature {
sig: signature.0,
sig: signature,
pk_0: kes_sk.pk_0.clone(),
pk_1: kes_sk.pk_1.clone(),
})
}
}

pub fn kes_sum_verify(signature: &KesSignature<Secp256k1>,
kes_pk: &PublicKey<Secp256k1>,
message: &Sha2Digest256,
bound_slot: &i32,
signing_slot: &i32)
-> Result<bool, Error>
{
pub fn kes_sum_verify(
signature: &KesSignature<Secp256k1>,
kes_pk: &PublicKey<Secp256k1>,
message: &Sha2Digest256,
bound_slot: &i32,
signing_slot: &i32,
) -> Result<bool, Error> {
let actual_pk = merge_public_keys(&signature.pk_0, &signature.pk_1);


let result = {
if actual_pk == *kes_pk {
let ver_key: VerifyingKey<Secp256k1> = {
if *signing_slot < *bound_slot {
VerifyingKey::from(
signature.pk_0.clone())
VerifyingKey::from(signature.pk_0.clone())
} else {
VerifyingKey::from(
signature.pk_1.clone())
VerifyingKey::from(signature.pk_1.clone())
}
};
match ver_key.verify(&message.0, &signature.sig)
{
match ver_key.verify(&message.as_ref(), &signature.sig) {
Ok(_) => true,
Err(_) => false
Err(_) => false,
}
} else {
false
Expand All @@ -168,7 +165,6 @@ pub fn kes_sum_verify(signature: &KesSignature<Secp256k1>,
Ok(result)
}


#[cfg(test)]
mod test {
use elliptic_curve::rand_core::{OsRng, RngCore};
Expand All @@ -183,10 +179,8 @@ mod test {
let seed_00 = sha256_hash(OsRng.next_u64().to_string().as_bytes());
let seed_01 = sha256_hash(OsRng.next_u64().to_string().as_bytes());

let (sk_sum_0, pk_sum_0)
= kes_sum_key_gen::<Secp256k1>(&seed_00).unwrap();
let (_, pk_sum_1)
= kes_sum_key_gen::<Secp256k1>(&seed_01).unwrap();
let (sk_sum_0, pk_sum_0) = kes_sum_key_gen::<Secp256k1>(&seed_00).unwrap();
let (_, pk_sum_1) = kes_sum_key_gen::<Secp256k1>(&seed_01).unwrap();

assert_ne!(sk_sum_0.pk_0, sk_sum_0.pk_1);
assert_ne!(seed_00, sk_sum_0.seed_1);
Expand All @@ -207,24 +201,15 @@ mod test {

let seed = sha256_hash(OsRng.next_u64().to_string().as_bytes());

let (sk_sum, _)
= kes_sum_key_gen::<Secp256k1>(&seed).unwrap();
let (sk_sum, _) = kes_sum_key_gen::<Secp256k1>(&seed).unwrap();

let sk_new_0 = kes_sum_update::<Secp256k1>(&sk_sum,
&current_slot_0,
&bound_slot).unwrap();
let sk_new_0 = kes_sum_update::<Secp256k1>(&sk_sum, &current_slot_0, &bound_slot).unwrap();

let sk_new_1 = kes_sum_update::<Secp256k1>(&sk_new_0,
&current_slot_1,
&bound_slot).unwrap();
let sk_new_1 = kes_sum_update::<Secp256k1>(&sk_new_0, &current_slot_1, &bound_slot).unwrap();

let sk_new_2 = kes_sum_update::<Secp256k1>(&sk_new_1,
&current_slot_2,
&bound_slot).unwrap();
let sk_new_2 = kes_sum_update::<Secp256k1>(&sk_new_1, &current_slot_2, &bound_slot).unwrap();

let sk_new_3 = kes_sum_update::<Secp256k1>(&sk_new_2,
&current_slot_3,
&bound_slot).unwrap();
let sk_new_3 = kes_sum_update::<Secp256k1>(&sk_new_2, &current_slot_3, &bound_slot).unwrap();

assert_eq!(sk_sum.sk_0, sk_new_0.sk_0);
assert_eq!(sk_sum.sk_0, sk_new_1.sk_0);
Expand All @@ -240,28 +225,19 @@ mod test {

let seed = sha256_hash(OsRng.next_u64().to_string().as_bytes());

let (sk_sum, _)
= kes_sum_key_gen::<Secp256k1>(&seed).unwrap();
let (sk_sum, _) = kes_sum_key_gen::<Secp256k1>(&seed).unwrap();

let sk_new_0 = kes_sum_update::<Secp256k1>(&sk_sum,
&current_slot_0,
&bound_slot).unwrap();
let sk_new_0 = kes_sum_update::<Secp256k1>(&sk_sum, &current_slot_0, &bound_slot).unwrap();

let sk_new_1 = kes_sum_update::<Secp256k1>(&sk_new_0,
&current_slot_1,
&bound_slot).unwrap();
let sk_new_1 = kes_sum_update::<Secp256k1>(&sk_new_0, &current_slot_1, &bound_slot).unwrap();

let m_0_hash: Sha2Digest256 = sha256_hash("Hi".as_bytes());
let m_1_hash: Sha2Digest256 = sha256_hash("Buy".as_bytes());

let sign_0 = kes_sum_sign(&sk_new_0,
&m_0_hash).unwrap();
let sign_01 = kes_sum_sign(&sk_new_0,
&m_1_hash).unwrap();
let sign_1 = kes_sum_sign(&sk_new_1,
&m_0_hash).unwrap();
let sign_10 = kes_sum_sign(&sk_new_1,
&m_0_hash).unwrap();
let sign_0 = kes_sum_sign(&sk_new_0, &m_0_hash).unwrap();
let sign_01 = kes_sum_sign(&sk_new_0, &m_1_hash).unwrap();
let sign_1 = kes_sum_sign(&sk_new_1, &m_0_hash).unwrap();
let sign_10 = kes_sum_sign(&sk_new_1, &m_0_hash).unwrap();

assert_eq!(sk_sum.sk_0, sk_new_0.sk_0);
assert_ne!(sk_new_0.sk_0, sk_new_1.sk_0);
Expand All @@ -278,46 +254,31 @@ mod test {

let seed = sha256_hash(OsRng.next_u64().to_string().as_bytes());

let (sk_sum, pk_sum)
= kes_sum_key_gen::<Secp256k1>(&seed).unwrap();
let (sk_sum, pk_sum) = kes_sum_key_gen::<Secp256k1>(&seed).unwrap();

let sk_new_0 = kes_sum_update::<Secp256k1>(&sk_sum,
&current_slot_0,
&bound_slot).unwrap();
let sk_new_0 = kes_sum_update::<Secp256k1>(&sk_sum, &current_slot_0, &bound_slot).unwrap();

let sk_new_1 = kes_sum_update::<Secp256k1>(&sk_new_0,
&current_slot_1,
&bound_slot).unwrap();
let sk_new_1 = kes_sum_update::<Secp256k1>(&sk_new_0, &current_slot_1, &bound_slot).unwrap();

let m_0_hash: Sha2Digest256 = sha256_hash("Hi".as_bytes());
let m_1_hash: Sha2Digest256 = sha256_hash("Buy".as_bytes());

let sign_00 = kes_sum_sign(&sk_new_0,
&m_0_hash).unwrap();
let sign_10 = kes_sum_sign(&sk_new_1,
&m_0_hash).unwrap();

let ver_00_fair = kes_sum_verify(&sign_00, &pk_sum,
&m_0_hash, &bound_slot,
&current_slot_0).unwrap();
let ver_00_mal_message = kes_sum_verify(&sign_00, &pk_sum,
&m_1_hash, &bound_slot,
&current_slot_0).unwrap();
let ver_00_mal_slot = kes_sum_verify(&sign_00, &pk_sum,
&m_1_hash, &bound_slot,
&current_slot_1).unwrap();
let ver_10_fair = kes_sum_verify(&sign_10, &pk_sum,
&m_0_hash, &bound_slot,
&current_slot_1).unwrap();
let sign_00 = kes_sum_sign(&sk_new_0, &m_0_hash).unwrap();
let sign_10 = kes_sum_sign(&sk_new_1, &m_0_hash).unwrap();

let ver_00_fair = kes_sum_verify(&sign_00, &pk_sum, &m_0_hash, &bound_slot, &current_slot_0).unwrap();
let ver_00_mal_message =
kes_sum_verify(&sign_00, &pk_sum, &m_1_hash, &bound_slot, &current_slot_0).unwrap();
let ver_00_mal_slot =
kes_sum_verify(&sign_00, &pk_sum, &m_1_hash, &bound_slot, &current_slot_1).unwrap();
let ver_10_fair = kes_sum_verify(&sign_10, &pk_sum, &m_0_hash, &bound_slot, &current_slot_1).unwrap();

let seed_0 = sha256_hash(OsRng.next_u64().to_string().as_bytes());

let (_, pk_sum_mal)
= kes_sum_key_gen::<Secp256k1>(&seed_0).unwrap();
let (_, pk_sum_mal) = kes_sum_key_gen::<Secp256k1>(&seed_0).unwrap();

let ver_10_mal_pk = kes_sum_verify(&sign_10, &pk_sum_mal,
&m_0_hash, &bound_slot,
&current_slot_1).unwrap();
let ver_10_mal_pk =
kes_sum_verify(&sign_10, &pk_sum_mal, &m_0_hash, &bound_slot, &current_slot_1).unwrap();

assert!(ver_00_fair);
assert!(!!!ver_00_mal_message);
Expand All @@ -326,5 +287,3 @@ mod test {
assert!(!!!ver_10_mal_pk);
}
}


0 comments on commit 825b45e

Please sign in to comment.