diff options
| -rw-r--r-- | vote/vote.go | 89 | ||||
| -rw-r--r-- | vote/vote_test.go | 26 |
2 files changed, 75 insertions, 40 deletions
diff --git a/vote/vote.go b/vote/vote.go index 2ca35a6..a97a66e 100644 --- a/vote/vote.go +++ b/vote/vote.go @@ -16,24 +16,29 @@ var b32 = base32.StdEncoding.WithPadding(base32.NoPadding) // A Schnorr signature to prove knowledge of x for given g^x and i. type Proof struct { - PointV curve.Point - ScalarR curve.Scalar - I uint64 + PV curve.Point + Sr curve.Scalar + I uint64 } type Commitment struct { Index uint64 - PubX curve.Point - PubR curve.Point - ProofX Proof - ProofR Proof + Points struct { + X curve.Point + R curve.Point + } + Proofs struct { + X Proof + R Proof + } } type Vote struct { - bit bool - - privX curve.Scalar - privR curve.Scalar + bit bool + private struct { + X curve.Scalar + R curve.Scalar + } Commitment } @@ -48,7 +53,7 @@ func newPriv(s *curve.Scalar, random io.Reader) error { return e } -func setPub(p *curve.Scalar, P *curve.Point) *curve.Point { +func setPoint(p *curve.Scalar, P *curve.Point) *curve.Point { return P.ScalarBaseMult(p) } @@ -66,12 +71,12 @@ func genProof(pr *Proof, x *curve.Scalar, i uint64) error { if e != nil { return e } - setPub(v, &pr.PointV) + setPoint(v, &pr.PV) gx := new(curve.Point) - setPub(x, gx) + setPoint(x, gx) // Calculate h := H(g, g^v, g^x, i) - h, e := hash(&pr.PointV, gx, i) + h, e := hash(&pr.PV, gx, i) if e != nil { return e @@ -79,7 +84,7 @@ func genProof(pr *Proof, x *curve.Scalar, i uint64) error { // Calculate r := v - x*h xh := new(curve.Scalar).Multiply(x, h) - (&pr.ScalarR).Subtract(v, xh) + (&pr.Sr).Subtract(v, xh) return nil } @@ -97,18 +102,18 @@ func hash(gv, gx *curve.Point, i uint64) (*curve.Scalar, error) { } func (v *Vote) genProofs() (e error) { - e = genProof(&v.ProofX, &v.privX, v.Index) + e = genProof(&v.Proofs.X, &v.private.X, v.Index) if e != nil { return e } - return genProof(&v.ProofR, &v.privR, v.Index) + return genProof(&v.Proofs.R, &v.private.R, v.Index) } // Verifies that g^v == g^r*g^(x*h) func verifyProof(V *curve.Point, r, x *curve.Scalar, i uint64) (ok bool) { // Calculate h = H(g, g^v, g^x, i) gx := new(curve.Point) - setPub(x, gx) + setPoint(x, gx) h, e := hash(V, gx, i) if e != nil { return false @@ -117,14 +122,14 @@ func verifyProof(V *curve.Point, r, x *curve.Scalar, i uint64) (ok bool) { // Calculate g^(x*h) xh := new(curve.Scalar).Multiply(x, h) gxh := new(curve.Point) - setPub(xh, gxh) + setPoint(xh, gxh) // Calculate g^r gr := new(curve.Point) - setPub(r, gr) + setPoint(r, gr) // Calculate g^r*g^(x*h) - // Note that the edwards25519 package uses Addtion as the group operation + // Note that the edwards25519 package uses Addtion as the group grgxh := new(curve.Point).Add(gr, gxh) return V.Equal(grgxh) == 1 @@ -145,8 +150,8 @@ func combineErr(e1, e2 error) error { // Verify checks for both, ProofX and ProofY that // TODO func (v *Vote) VerifyProofs() (ok bool) { - okX := verifyProof(&v.ProofX.PointV, &v.ProofX.ScalarR, &v.privX, v.Index) - okR := verifyProof(&v.ProofR.PointV, &v.ProofR.ScalarR, &v.privR, v.Index) + okX := verifyProof(&v.Proofs.X.PV, &v.Proofs.X.Sr, &v.private.X, v.Index) + okR := verifyProof(&v.Proofs.R.PV, &v.Proofs.R.Sr, &v.private.R, v.Index) return okX && okR } @@ -156,17 +161,17 @@ func newVoteWithRand(bit bool, index uint64, rand io.Reader) (vote *Vote, e erro } vote.Commitment.Index = index - e = newPriv(&vote.privX, rand) + e = newPriv(&vote.private.X, rand) if e != nil { return nil, e } - e = newPriv(&vote.privR, rand) + e = newPriv(&vote.private.R, rand) if e != nil { return nil, e } - setPub(&vote.privX, &vote.Commitment.PubX) - setPub(&vote.privR, &vote.Commitment.PubR) + setPoint(&vote.private.X, &vote.Commitment.Points.X) + setPoint(&vote.private.R, &vote.Commitment.Points.R) e = vote.genProofs() @@ -177,12 +182,36 @@ func NewVote(bit bool, index uint64) (vote *Vote, e error) { return newVoteWithRand(bit, index, nil) } -func pubStr(p *curve.Point) string { +func ptStr(p *curve.Point) string { return b32.EncodeToString(p.Bytes()) } +func scStr(s *curve.Scalar) string { + return b32.EncodeToString(s.Bytes()) +} + func (c *Commitment) String() string { - return fmt.Sprintf(`{"PubX": "%s", "PubR": "%s"}`, pubStr(&c.PubX), pubStr(&c.PubR)) + return fmt.Sprintf(`{ + "Index": %d, + "Points": { + "X": "%s", + "R": "%s" }, + "Proofs": { + "X": { + "PV": "%s", + "Sr": "%s" }, + "Y": { + "PV": "%s", + "Sr": "%s" } + } +}`, + c.Index, + ptStr(&c.Points.X), + ptStr(&c.Points.R), + ptStr(&c.Proofs.X.PV), + scStr(&c.Proofs.X.Sr), + ptStr(&c.Proofs.R.PV), + scStr(&c.Proofs.R.Sr)) } func (c *Commitment) MarshalJSON() ([]byte, error) { diff --git a/vote/vote_test.go b/vote/vote_test.go index 7a00ee3..6ff41b8 100644 --- a/vote/vote_test.go +++ b/vote/vote_test.go @@ -4,16 +4,22 @@ import ( "testing" ) -func TestRound(t *testing.T) { - v, e := newVoteWithRand(false, 0, nil) +func TestVoteGeneration(t *testing.T) { - if e != nil { - t.Fatalf("unexpected error: %v", e) - } - if v.bit { - t.Fatal("expected vote false, but got true") - } - if !v.VerifyProofs() { - t.Fatalf("Proofs not correct! %+v", v) + for i := range 100 { + bit := i%3 == 1 + vote, e := newVoteWithRand(bit, uint64(i), nil) + + if e != nil { + t.Fatalf("unexpected error: %v", e) + } + if vote.bit != bit { + t.Fatalf("expected vote %t, but got %t", bit, vote.bit) + } + if !vote.VerifyProofs() { + t.Fatalf("Proofs not correct! %+v", vote) + } + + t.Logf("Generated %+v\n", vote) } } |